Date post: | 27-Jun-2015 |
Category: |
Technology |
Upload: | abdur-rehman-muhammadi |
View: | 144 times |
Download: | 0 times |
1
University of education township campus lahore, Pakistan
Lecture 05
PPP (POINT TO POINT PROTOCOL)
Internet Architecture and Protocols, University of education township campus, lahore
Internet Architecture and Protocols
2Internet Architecture and Protocols, University of education township campus, lahore
Lecture Objectives• WAN Basics
– Three types of WAN Services
• Introduction to Point-to-Point protocol (PPP)
• Basic Components of PPP– Encapsulation, LCP, NCP
• PPP Frame Format• PPP Authentication
– PAP, CHAP
• General Operation of PPP• PPP Services
3Internet Architecture and Protocols, University of education township campus, lahore
WAN Point-to-Point Link
4Internet Architecture and Protocols, University of education township campus, lahore
WAN ServicesTerm Description
Leased lines A dedicated, always on circuit between two end points. The service provider just passes a constant rate bit stream. Generally is more expensive than packet switching today
Circuit switched/dial
Provide dedicated bandwidth between two points, but only for the duration of the call. Typically used as a cheaper alternative to leased lines, particularly when connectivity is not needed all the time. Also useful for backup when a leased line or packet-switched service fails
Packet-switched
Provides virtual circuits between pairs of sites, with contracted traffic rates for each VC. Each site’s physical connectivity consists of a leased line from the site to a device in the provider’s network. Generally cheaper than leased lines.
5Internet Architecture and Protocols, University of education township campus, lahore
WAN Data-Link Protocols for Point-to-Point Links
Leased line
Circuit-switched
Packet-switched
6Internet Architecture and Protocols, University of education township campus, lahore
• A simplified look inside the WAN cloud• The router also uses a WAN central office
An Overview of Wide-Area Services
Central Office(CO)Central Office(CO)
CO
Basic Telephone Service
Basic Telephone Service
Time-Division Multiplexed Circuits(56/64 kbps or T1/E1)
BC
A E
X.25/Frame RelayNetworks
Call SetupCall Setup(SS7 or other)(SS7 or other)
X.25 / Frame RelayX.25 / Frame RelayNetworksNetworks
7Internet Architecture and Protocols, University of education township campus, lahore
PPP over the Internet• Today, million of Internet users who need to
connect their home PCs to the server of an ISP use PPP
• The Internet needs a PPP for a variety of purposes, including router-to-router traffic (leased line) and home-user to ISP (dial-up) traffic.
• Majority users have a traditional modem, DSL modem or a cable modem which connects them to the Internet through a Telephone line or a TV cable connection.
• These lines provide a physical link, but to control and manage the transfer of data, there is a need of PPP
8Internet Architecture and Protocols, University of education township campus, lahore
PPP over the Internet• For both connections, router-to-router (leased line
connections) and home-user to ISP (dial-up connections) some data link protocol is required on the line for:– Framing or encapsulation– Error control and other data link layer functions
• If two devices are directly connected to each other, then they are said to be in point-to-point configuration
• Point-to-point protocol is a data link layer protocol which is used to control the communication over such links
9Internet Architecture and Protocols, University of education township campus, lahore
Definition - PPP• PPP is defined in 1661.• It originally emerged as an encapsulation
protocol for transporting IP traffic over point-to-point links.
• PPP also established a standard for– assigning and managing IP addresses– asynchronous and synchronous encapsulation– network protocol multiplexing– link configuration & link quality testing– error detection, option negotiation
10Internet Architecture and Protocols, University of education township campus, lahore
PPP Components• Main components of PPP include:
– Encapsulation/Framing– Link Control Protocol (LCP)– Network Control Protocol (NCP)
• These components help PPP to define the frame formats to be exchanged, how the 2 devices will negotiate with each other to establish a link and for exchanging the data, how the link is configured and terminated.
11Internet Architecture and Protocols, University of education township campus, lahore
1. Encapsulation• It is a method for encapsulating datagrams
of network layer over serial links
• A framing mechanism defines the boundaries of the start and end of the PPP frame
• It also helps in error detection
12Internet Architecture and Protocols, University of education township campus, lahore
Encapsulation…
13Internet Architecture and Protocols, University of education township campus, lahore
2. Link Control Protocol• LCP is used to establish, configure and test the
data link connections• Its main purpose is:
– to bring the lines up, test them– negotiate options– and bringing them gracefully down again when they are
no longer needed• It supports synchronous and asynchronous circuits
• LCP configuration options include:– Maximum frame size or MTU (maximum transmission
unit)– Authentication protocol specifications (if any)– Options to skip control and address fields of PPP frame
• PPP negotiates configuration parameters at the start of the connection using LCP.
14Internet Architecture and Protocols, University of education township campus, lahore
LCP packet encapsulated in a frame
15Internet Architecture and Protocols, University of education township campus, lahore
LCP Phase: Common options
Option Default
Maximum receive unit 1500
Authentication protocol None
Protocol field compression Off
Address and control field compression
Off
16Internet Architecture and Protocols, University of education township campus, lahore
Link Control Protocol (LCP)
• LCP is responsible for establishing, maintaining, configuring, and terminating links.
• It also provides negotiation mechanisms to set options between the two endpoints. Both endpoints of the link must reach an agreement about the options before the link can be established.
• When PPP is carrying a LCP packet, it is either in establishing or terminating state
• No user data is exchanged during this state• All LCP packets are carried in the data field
of the PPP frame
17Internet Architecture and Protocols, University of education township campus, lahore
Link Control Protocol (LCP)
• LCP frames are categorized into 3 classes– Link establishment frames– Link terminating frames– Link maintenance frames
• Options– There are many options that can be negotiated
between the two endpoints.– Options are inserted in the information field of
the configuration packets
18Internet Architecture and Protocols, University of education township campus, lahore
LCP packets and their codes
Code Packet Type Description
0116 Configure-requestContains the list of proposed options and their values
0216 Configure-ack Accepts all options proposed
0316 Configure-nak Announces that some options are not acceptable
0416 Configure-reject Announces that some options are not recognized
0516 Terminate-request Requests to shut down the line
0616 Terminate-ack Accepts the shut down request
0716 Code-reject Announces an unknown code
0816 Protocol-reject Announces an unknown protocol
0916 Echo-requestA type of hello message to check if the other end is alive
0A16 Echo-reply The response to the echo-request message
0B16 Discard-request A request to discard the packet
19Internet Architecture and Protocols, University of education township campus, lahore
PPP Authentication…
20Internet Architecture and Protocols, University of education township campus, lahore
Authentication Protocols• The term authentication refers to a set
of security functions that help one device ensure that it is communicating with the correct other device
• PPP use two authentication protocols– Password Authentication Protocol (PAP)– Challenge Handshake Authentication Protocol
(CHAP)
21Internet Architecture and Protocols, University of education township campus, lahore
Password Authentication Protocol
• Password Authentication Protocol (PAP)– PAP sends the username and password in clear
text.– The user who wants to access a system sends
username and password– The system checks the validity of the
username and password and either accepts or denies connection.
– For those systems that require greater security, PAP is not enough; a third party with access to the link can easily pick up the password and access the system resources
22Internet Architecture and Protocols, University of education township campus, lahore
Password Authentication Protocol
23Internet Architecture and Protocols, University of education township campus, lahore
Selecting a PPP Authentication Protocol
24Internet Architecture and Protocols, University of education township campus, lahore
Challenge Handshake
Authentication Protocol • Challenge Handshake Authentication
Protocol (CHAP)– It is a three handshaking authentication protocol
that provides greater security that PAP.– In this method the password is kept secret, it is
never sent online.– The system sends to the user a challenge packet
containing a challenge value, usually a few byte.– The user applies a predefined function (Message
Digest-5, one way hash function) that takes the challenge value and the user’s own password and creates a result. The user sends the result in the response packet to the system
25Internet Architecture and Protocols, University of education township campus, lahore
CHAP…• Challenge Handshake Authentication
Protocol (CHAP)…– The system does the same. It applies the same
function to the password of the user (known to the system) and the challenge value to create a result. If the result created the same as the result in the response packet, access is granted; otherwise it is denied
– CHAP is more secure than PAP, especially if the system continuously changes the challenge value. Even if the intruder learns the challenge value and the result, the password is still secret.
– CHAP authentication is difficult to break
26Internet Architecture and Protocols, University of education township campus, lahore
CHAP…
27Internet Architecture and Protocols, University of education township campus, lahore
Selecting a PPP Authentication Protocol