Upload
yu-chuan-cheng
View
303
Download
3
Embed Size (px)
DESCRIPTION
Point-to-Point Tunneling Protocol
Citation preview
Point-to-Point Tunneling Protocol
righthand
1 2013-09-02
Introduction
• The PPTP is a Layer 2 protocol that
encapsulates PPP frames in IP datagrams for
transmission over an IP internetwork.
– Control Connection over TCP (port 1723)
– Tunnel transport GRE encapsulated PPP packets
2
PPTP Access Concentrator(PAC) PPTP Network Server(PNS)
Overview
3
PPP LCP → PPP CHAP → PPP CCP → PPP IPCP
PAC PNS
TCP (port 1723))
(1) Start-Control-Connection-Request
(2) Start-Control-Connection-Reply
(7) Outgoing-Call-Request
(8) Outgoing-Call-Reply
(15) Set-Link-Info
(5) Echo-Request
(6) Echo-Reply
Tunnel
…
(3) Stop-Control-Connection-Request
(12) Call-Clear-Request
(4) Stop-Control-Connection-Reply
(13) Call-Disconnect-Notify
(15) Set-Link-Info
Establish
Manage
Release
Control Connection
• Control Connection establish before Tunnel
– establish, manage, and release
• Control Connection Message
4
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
Length PPTP Message Type
1: Control Message
2: Management Message (not defined)
Magic Cookie
(0x1A2B3C4D)
……
Control Message (I)
• 1 for Start-Control-Connection-Request
– initiate to setup the control connection
• 2 for Start-Control-Connection-Reply
– indicate success or failure of the setup operation
• 3 for Stop-Control-Connection-Request
– request to close the control connection
• 4 for Stop-Control-Connection-Reply
– indicate success or failure of the close operation
5
Start-Control-Connection-Request
6
Start-Control-Connection-Reply
7
Control Message (II)
• 5 for Echo-Request
– send periodically to keep the control connection
alive
• 6 for Echo-Reply
– response to the receipt of an Echo-Request to keep
the control connection active
8
Echo-Request
9
Echo-Reply
10
Control Message (III)
• 7 for Outgoing-Call-Request
– Request to create a VPN tunnel sent by the client.
• 8 for Outgoing-Call-Reply
– contains a unique identifier for that tunnel.
11
Outgoing-Call-Request
12
Outgoing-Call-Reply
13
Control Message (IV)
• 9 for Incoming-Call-Request
– request from a VPN client to receive an incoming call from the server.
• 10 for Incoming-Call-Reply
– indicating whether the incoming call should be answered.
• 11 for Incoming-Call-Connected
– provides additional call parameters to the VPN server.
14
Control Message (V)
• 12 for Call-Clear-Request
– request to disconnect Incoming or Outgoing Call
• 13 for Call-Disconnect-Notify
– response to the receipt of an Call-Clear-Request to
issue whenever a call is disconnected
15
Call-Clear-Request
16
Control Message (VI)
• 14 for WAN-Error-Notify
– sent error notification periodically
• 15 for Set-Link-Info
– notify to change the PPP-negotiated options
17
Set-Link-Info
18
PPP Challenge Handshake Authentication Protocol
19
PPP Compression Control Protocol
20
Tunnel Protocol
• The GRE tunnel is used to carry encapsulated
PPP packets.
– Enhanced GRE header
21
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
C R K S s Recur A Flags Ver Protocol Type
Key (HW) || Payload Length Key (LW) || Call ID
Sequence Number (Optional)
Acknowledgment Number (Optional)
IP Header GRE Header PPP Header PPP Compressed Datagram
PPP Compressed Datagram (I)
22
PPP Compressed Datagram (II)
23