E1 PPP Principles and Configuration

PPP Principles and ConfigurationPPP Principles and Configuration

V1.0

Data Customer Service Dept.

For Internal Use Only▲

<Confidential and Proprietary Information of ZTE Corporation ><Confidential and Proprietary Information of ZTE CORPORATION>

Internal Use Only▲

Course Objectives

• Grasp the basic principles of PPP• Grasp the basic principles of MPPP• Familiar with commonly used configuration

methods of PPP




Course Outline

• Chapter 1 PPP Principles

• Chapter 2 MPPP Principles

• Chapter 3 Typical Configurations




Course Content


Section 1 PPP Overview

Section 2 PPP Working Mechanism

Section 3 PPP Authentication


<Confidential and Proprietary Information of ZTE CORPORATION>

Definition

PPP provides a standard method to transmit multiple datagram of Network Layer on Point-to-Point links

Correspondence of PPP and Protocol Stack

PhysicalData-link

Network

Transport

Session

Presentation

Application

PPP Protocol



Features

Support point-to-point (refer to as P2P hereinafter) connection,

provide authentication function, guarantee the network security

via PAP or CHAP authentication

Physical Layer below PPP can be either synchronous or

asynchronous circuits. Frame Relay must be asynchronous

circuits.

Support various Network Control Protocol (NCP), such as IPCP,

IPXCP.




Course Content







PPP Three Components

PPP

TCP/IP

NOVELL IPX

PPP uses NCP to provide support to various network protocols

LCP is used to create and mainta

in links

Encapsulate various network protocol

datagram



PPP Protocol Stack

Physical Layer

Data-link Layer

Network Layer

Physical Media （ Synchronous /Asynchronous ）

Authentication and other LCP

IPCP, IPXCP and other NCP

IP, IPX and other network protocols



Data Frame Format

ChecksumFlag FlagAddress Information FieldControl Protocol Field

1B 1B 2BDefault 1500B

0x7E 0xFF 0x03

1B 2B 1B

0x7E

1B=1Byte

Fixed Value



Several Common Datagram of PPP

Protocol field is 2-byte in length ， used to indicate the protocol type carried in Information Field.

ChecksumIP Datagram0x0021

ChecksumLCP Datagram0xC021

ChecksumNCP Datagram0x8021

Protocol Field Information Filed



PPP Negotiation Flow

Dead Phase Establish Phase Authenticate Phase

Network PhaseTerminate Phase

Bottom Layer up

LCP up

Authentication Fail

Authentication Pass or No Authentication

Closed

Fail

down




Course Content







PAP Authentication

PAP is the simplest authentication method with lowest security level, which is a two-way handshake process.

Authenticatee Authenticator

Username ＋ Password

Pass / Deny



CHAP Authentication

CHAP is another authentication protocol with higher security level than PAP.


Hostname ＋ Encrypted Datagram

Pass /Deny

Hostname ＋ Random datagram



CHAP Challenge

01 random 3604id

2604 3604

User dials in

AuthenticatorAuthenticatee



CHAP Response (1)

MD5

hash

01 random 3604idhost passZTE pc1

2604 3604

User dials in




CHAP Response(2)

01

02

random 3604id

id hash ZTE

host passZTE pc1

MD5

hash

2604 3604

User dials in




CHAP Authentication

01

02

random 3604id

id hash ZTE

user passZTE pc1

host passZTE pc1

=?MD5

hash

MD5

hash

2604 3604

User dials in




CHAP Result

01

02

03

random 3604id

id hash ZTE

id “Welcome in”

user passZTE pc1

host passZTE pc1

MD5

hash

MD5

hash

2604 3604

User dials in





Course Content

• Chapter 2 MPPP Principles



Definitions

MP ： MultiLink PPP MP binds multiple PPP links into one bundle in order to inc

rease bandwidth. MP allows to segment datagram and transfer the segment

s to one destination via multiple point-tot-point links.



Negotiation Process of MP Links

Step1: Perform LCP Negotiation with Peer End

Besides LCP negotiation, it also verifies whether peer end interface is working

in MP mode.

If the peer end is not working in MP mode, it will go on general NCP negotiatio

n but not perform MP bundling after LCP negotiation success.

Step2: Perform PPP Authentication, obtain username of peer end.

If peer end is working in MP mode, it will find virtual interface template for this

designated user and perform NCP negotiation using various NCP parameters

(such as IP address etc.) in this template. The NCP parameters configured on

physical interface does not function.

After NCP negotiation, MP link will be established so that data can be transferr

ed with larger bandwidth.



Negotiation Parameters of MP Link

If a PPP channel negotiate following parameters in LCP, it can

be bound as a sub-channel of MP:

MRRU （ Maximum Received Reconstructed Unit ） : similar to

ordinary MRU parameter in PPP.

SSNHF （ Short Sequence Number Header Format ） : optiona

l parameter.

Endpoint Discriminator: a character string uniquely mark a netw

ork devices (router, host etc.) Only the PPP channels that matc

h Endpoint Discriminator can be bound to one MP.

The identifiers used for MP bundling are: username and Endp

oint Discriminator.




Course Content


Section 1 Basic Configuration Commands

Section 2 Typical Configuration Examples



Basic Configuration Commands

Encapsulation PPP encapsulation ppp

Set authentication Type ppp authentication {pap|chap}

Set username and password user username password password



PAP Configuration Commands

Authenticator Configuration

Configuring authentication type

ppp authentication pap

Configuring user list

user username password password

Authenticatee Configuration

Configuring PAP username

ppp pap sent-username username password password



CHAP Configuration Commands

Authenticator configuration:

Configuring local as authenticator （ authentication type is CHA

P ） ppp authentication chap

Configuring local hostname

ppp chap host hostname

Add username and password into local user list


Authenticatee Configuration:

Configuring local hostname and peer end username and passwor

d

ppp chap host hostname





Course Content


Section 1 Basic Configuration Commands

Section 2 Configuration Examples



Typical Configuration Examples I

Authenticator Authenticatee

ZXR10_1 ZXR10_2

PAP authenticationce1_3/1.1 ce1_3/1.1

ZXR10(config)# username zte1 password zteZXR10(config)# interface ce1_3/1.1ZXR10(config-subif)# ppp authentication pap

ZXR10(config)# interface e1_3/1.1ZXR10(config-subif)# ppp pap sent-username zte1 password zte



Typical Configuration Examples II

ZXR10_1 ZXR10_2

CHAP authenticationce1_3/1.1 ce1_3/1.1

ZXR10(config)# username zte2 password zte1ZXR10(config)# interface ce1_3/1.1ZXR10(config-subif)# ppp authentication chap

ZXR10(config)# interface ce1_3/1.1 ZXR10(config-subif)# ppp chap host zte2ZXR10(config-subif)# ppp chap password zte1

Authenticator Authenticatee



Monitor and Maintenance

Operation Command

Display local user for PPP Authentication

show username

Display PPP configuration and running state of interface

show interface interface-name



Fault Diagnosis and Troubleshooting

Fault 1: Link cannot turn into UP state PPP authentication parameters’ configuration is incorrect

Fault 2: Physical link cannot turn into UP state Use command show interface to view interface state



Summary

What are the three components of PPP?

Briefly describe the PPP negotiation process.

Describe the process of PAP authentication in brief.

Describe the process of CHAP authentication in brief.

What is the working principles of MPPP?

Documents

E1 PPP Principles and Configuration