The big picture
PPP is a layer 2 WAN technology that is designed to establish connection between two nodes over a variety of network mediums.
Features
1. It has built-in error detection.
2. Monitoring the quality of the link before sending frames.
3. Capability to encapsulate frames and carry them over various layer2 WAN technologies such as ethernet, frame relay and ATM.
4. Offers authentication using various flavours of authentication techniques such as PAP, CHAP and EAP.
5. Offers optional features such as encryption, compression and link aggregation (aka multilink).
6. Supports synchronous and asynchronous, full or half duplex links.
Reference: http://www.tcpipguide.com/free/t_PPPOverviewHistoryandBenefits-2.htm
Reference: http://www.tcpipguide.com/free/t_PPPOverviewHistoryandBenefits-3.htm
PPP components
Encapsulation method
1. Takes higher layer datagram such as IP and encapsulates it, then transmits it over physical link.
2. The framing method is based on HDLC protocol.
3. The frame size is designed to be small to preserve (maximize) bandwidth and maintain efficiency.
Link control protocol (LCP)
1. LCP is responsible for setting up, maintaining and terminating PPP link.
2. LCP is extensible and flexible protocol that allows many configuration parameters to be exchanged and to ensure both routers agree on how the PPP link should be used.
3. If configured, LCP invokes authentication between routers.
Network control protocol (NCP)
1. After link is established by LCP, if authentication is configured, after authentication phase, LCP passes the control over to NCP.
2. NCP only handles layer 3 nothing else, LCP however oversees the entire PPP link phases.
3. Internet protocol control protocol (IPCP) is the focused NCP on this post.
Reference: http://www.tcpipguide.com/free/t_PPPComponentsandGeneralOperation.htm
PPP phases
1. Link dead phase – This happens when no physical connection is not established between routers. This is the start and end phase of PPP.
2. Link establishment phase – This phase is a parameter agreement phase between two routers. Parameters include Maximum received unit, authentication protocol used, quality protocol to enable link quality monitoring, magic number used to detect looped links and abnormality, multilink PPP.
Two routers must agree on the parameters to complete link establishment phase.
Router 1 will send Configure-Request to router 2, if router 2 agrees on all proposed parameters it replies a Configure-Ack.
If router 2 does not agree on parameters by router 1, it replies Configure-Nack.
If router 2 does not understand the parameters by router 1, it replies Configure-Reject.
If parameters are not agreed by two routers, PPP will reset to link establishment phase. In other words, both routers must use the same parameters, mismatch parameters will have no link established.
*Apr 19 14:41:28.891: ppp27 PPP: Phase is ESTABLISHING *Apr 19 14:41:28.891: Se0/0/0 PPP: Using default call direction *Apr 19 14:41:28.891: Se0/0/0 PPP: Treating connection as a dedicated line *Apr 19 14:41:28.895: Se0/0/0 PPP: Session handle[B000001A] Session id[27] *Apr 19 14:41:28.895: Se0/0/0 LCP: Event[OPEN] State[Initial to Starting] *Apr 19 14:41:28.895: Se0/0/0 LCP: O CONFREQ [Starting] id 1 len 23 *Apr 19 14:41:28.895: Se0/0/0 LCP: AuthProto CHAP (0x0305C22305) *Apr 19 14:41:28.895: Se0/0/0 LCP: QualityType 0xC025 period 1000 (0x0408C025000003E8) *Apr 19 14:41:28.895: Se0/0/0 LCP: MagicNumber 0x04F548DD (0x050604F548DD) *Apr 19 14:41:28.895: Se0/0/0 LCP: Event[UP] State[Starting to REQsent] *Apr 19 14:41:28.895: Se0/0/0 LCP: I CONFREQ [REQsent] id 1 len 23 *Apr 19 14:41:28.895: Se0/0/0 LCP: AuthProto CHAP (0x0305C22305) *Apr 19 14:41:28.895: Se0/0/0 LCP: QualityType 0xC025 period 1000 (0x0408C025000003E8) *Apr 19 14:41:28.895: Se0/0/0 LCP: MagicNumber 0x04F547BE (0x050604F547BE) *Apr 19 14:41:28.895: Se0/0/0 LCP: O CONFACK [REQsent] id 1 len 23 *Apr 19 14:41:28.895: Se0/0/0 LCP: AuthProto CHAP (0x0305C22305) *Apr 19 14:41:28.895: Se0/0/0 LCP: QualityType 0xC025 period 1000 (0x0408C025000003E8) *Apr 19 14:41:28.895: Se0/0/0 LCP: MagicNumber 0x04F547BE (0x050604F547BE) *Apr 19 14:41:28.899: Se0/0/0 LCP: Event[Receive ConfReq+] State[REQsent to ACKsent] *Apr 19 14:41:31.187: Se0/0/0 LCP: I CONFACK [ACKsent] id 1 len 23 *Apr 19 14:41:31.187: Se0/0/0 LCP: AuthProto CHAP (0x0305C22305) *Apr 19 14:41:31.191: Se0/0/0 LCP: QualityType 0xC025 period 1000 (0x0408C025000003E8) *Apr 19 14:41:31.191: Se0/0/0 LCP: MagicNumber 0x04F548DD (0x050604F548DD) *Apr 19 14:41:31.191: Se0/0/0 LCP: Event[Receive ConfAck] State[ACKsent to Open] *Apr 19 14:41:31.191: Se0/0/0 PPP: Queue CHAP code[1] id[1]
3. Authentication phase – If authentication is configured, both routers will proceed to this phase. If authentication is successful routers proceed to Network Layer Protocol (IPCP) phase, if unsuccessful both routers transit to link termination phase.
*Apr 19 15:32:32.679: %LINK-3-UPDOWN: Interface Serial0/0/0, changed state to up *Apr 19 15:32:32.683: Se0/0/0 PPP: Using default call direction *Apr 19 15:32:32.683: Se0/0/0 PPP: Treating connection as a dedicated line *Apr 19 15:32:32.683: Se0/0/0 PPP: Session handle[5900003B] Session id[58] *Apr 19 15:32:32.691: Se0/0/0 CHAP: O CHALLENGE id 1 len 23 from "R2" *Apr 19 15:32:32.691: Se0/0/0 CHAP: I CHALLENGE id 1 len 23 from "R1" *Apr 19 15:32:32.691: Se0/0/0 PPP: Sent CHAP SENDAUTH Request *Apr 19 15:32:32.691: Se0/0/0 PPP: Received SENDAUTH Response PASS *Apr 19 15:32:32.691: Se0/0/0 CHAP: Using hostname from unknown source *Apr 19 15:32:32.691: Se0/0/0 CHAP: Using password from AAA *Apr 19 15:32:32.691: Se0/0/0 CHAP: O RESPONSE id 1 len 23 from "R2" *Apr 19 15:32:32.695: Se0/0/0 CHAP: I RESPONSE id 1 len 23 from "R1" *Apr 19 15:32:32.695: Se0/0/0 PPP: Sent CHAP LOGIN Request *Apr 19 15:32:32.695: Se0/0/0 PPP: Received LOGIN Response PASS *Apr 19 15:32:32.703: Se0/0/0 CHAP: I SUCCESS id 1 len 4 *Apr 19 15:32:32.703: Se0/0/0 CHAP: O SUCCESS id 1 len 4
4. Network Layer Protocol phase – Once link establishment phase or authentication phase (if authentication is configured) is established, LCP passes control over to IPCP.
IPCP NCP established layer 3 link between routers by:
IP address – Sends its own used IP address or request peer router’s IP address by initiating with Configure-Request.
IP-header-compression – This is used between routers to negotiate the use of TCP and IP header compression.
*Apr 19 15:53:21.859: Se0/0/0 PPP: Phase is UP *Apr 19 15:53:21.859: Se0/0/0 IPCP: Protocol configured, start CP. state[Initial] *Apr 19 15:53:21.859: Se0/0/0 IPCP: Event[OPEN] State[Initial to Starting] *Apr 19 15:53:21.859: Se0/0/0 PPP: I pkt type 0x8021, datagramsize 14 link[ip] *Apr 19 15:53:21.859: Se0/0/0 IPCP: O CONFREQ [Starting] id 1 len 10 *Apr 19 15:53:21.859: Se0/0/0 IPCP: Address 192.168.1.2 (0x0306C0A80102) *Apr 19 15:53:21.859: Se0/0/0 IPCP: Event[UP] State[Starting to REQsent] *Apr 19 15:53:21.859: Se0/0/0 CDPCP: Protocol configured, start CP. state[Initial] *Apr 19 15:53:21.859: Se0/0/0 PPP: I pkt type 0x8207, datagramsize 8 link[cdp] *Apr 19 15:53:21.859: Se0/0/0 CDPCP: Event[OPEN] State[Initial to Starting] *Apr 19 15:53:21.863: Se0/0/0 CDPCP: Authorizing CP *Apr 19 15:53:21.863: Se0/0/0 CDPCP: CP stalled on event[Authorize CP] *Apr 19 15:53:21.863: Se0/0/0 IPCP: I CONFREQ [REQsent] id 1 len 10 *Apr 19 15:53:21.863: Se0/0/0 IPCP: Address 192.168.1.1 (0x0306C0A80101) *Apr 19 15:53:21.863: Se0/0/0 IPCP AUTHOR: Start. Her address 192.168.1.1, we want 0.0.0.0 *Apr 19 15:53:21.863: Se0/0/0 IPCP AUTHOR: Reject 192.168.1.1, using 0.0.0.0 *Apr 19 15:53:21.863: Se0/0/0 IPCP AUTHOR: Done. Her address 192.168.1.1, we want 0.0.0.0 *Apr 19 15:53:21.863: Se0/0/0 IPCP: O CONFACK [REQsent] id 1 len 10 *Apr 19 15:53:21.863: Se0/0/0 IPCP: Address 192.168.1.1 (0x0306C0A80101) *Apr 19 15:53:21.863: Se0/0/0 IPCP: Event[Receive ConfReq+] State[REQsent to ACKsent] *Apr 19 15:53:21.863: Se0/0/0 CDPCP: I CONFREQ [Starting] id 1 len 4 *Apr 19 15:53:21.863: Se0/0/0 CDPCP: Store stalled packet [0x6716D2B8] *Apr 19 15:53:21.863: Se0/0/0 IPCP: I CONFACK [ACKsent] id 1 len 10 *Apr 19 15:53:21.863: Se0/0/0 IPCP: Address 192.168.1.2 (0x0306C0A80102) *Apr 19 15:53:21.867: Se0/0/0 IPCP: Event[Receive ConfAck] State[ACKsent to Open] *Apr 19 15:53:21.867: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0/0, changed state to up *Apr 19 15:53:21.871: Se0/0/0 CDPCP: CP unstall *Apr 19 15:53:21.871: Se0/0/0 CDPCP: O CONFREQ [Starting] id 1 len 4 *Apr 19 15:53:21.871: Se0/0/0 CDPCP: Event[UP] State[Starting to REQsent] *Apr 19 15:53:21.871: Se0/0/0 CDPCP: Continue processing stalled packet: *Apr 19 15:53:21.871: Se0/0/0 CDPCP: I CONFREQ [REQsent] id 1 len 4 *Apr 19 15:53:21.871: Se0/0/0 PPP: I pkt type 0x8207, datagramsize 8 link[cdp] *Apr 19 15:53:21.871: Se0/0/0 CDPCP: O CONFACK [REQsent] id 1 len 4 *Apr 19 15:53:21.871: Se0/0/0 CDPCP: Event[Receive ConfReq+] State[REQsent to ACKsent] *Apr 19 15:53:21.871: Se0/0/0 CDPCP: I CONFACK [ACKsent] id 1 len 4 *Apr 19 15:53:21.871: Se0/0/0 CDPCP: Event[Receive ConfAck] State[ACKsent to Open]
If CDP is enabled, CDP negotiation occurs in NLP phase.
After IPCP is completed, routers proceed to Link Open phase.
5. Link Open phase – This is an operational phase, routers exchange datagrams in this phase.
*Apr 19 15:53:21.875: Se0/0/0 IPCP: State is Open *Apr 19 15:53:21.875: Se0/0/0 CDPCP: State is Open *Apr 19 15:53:21.875: Se0/0/0 IPCP: Install route to 192.168.1.1 *Apr 19 15:53:26.095: Se0/0/0 PPP: O pkt type 0x0207, datagramsize 322 *Apr 19 15:53:26.099: Se0/0/0 PPP: I pkt type 0x0207, datagramsize 322 link[cdp] *Apr 19 15:53:27.095: Se0/0/0 PPP: O pkt type 0x0207, datagramsize 322 *Apr 19 15:53:27.095: Se0/0/0 PPP: I pkt type 0x0207, datagramsize 322 link[cdp]
6. Link termination phase – This phase occurs when link fails, or when remote router wants to terminate communication with local router. Router that wants to terminate communication sends LCP termination frame and the receiving router acknowledges. This phase will then proceed back to Link dead phase.
*Apr 19 15:52:32.031: Se0/0/0 PPP: Phase is TERMINATING *Apr 19 15:52:32.035: Se0/0/0 IPCP: Remove route to 192.168.1.1 *Apr 19 15:52:32.035: Se0/0/0 LCP: Event[DOWN] State[Closing to Initial] *Apr 19 15:52:32.035: Se0/0/0 PPP: Phase is DOWN
Reference: http://www.tcpipguide.com/free/t_PPPLinkSetupandPhases.htm
Reference: Routing-bits handbook version 4.41 page 55. You can buy a copy from routing-bits.com
cyruslab 