Professional Documents
Culture Documents
Course Objectives
Grasp the basic principles of PPP Grasp the basic principles of MPPP Familiar with commonly used configuration methods of PPP
<Confidential and Proprietary Information of ZTE CORPORATION> <Confidential and Proprietary Information of ZTE Corporation >
Course Outline
Chapter 1 PPP Principles Chapter 2 MPPP Principles Chapter 3 Typical Configurations
<Confidential and Proprietary Information of ZTE CORPORATION> <Confidential and Proprietary Information of ZTE Corporation >
Course Content
Chapter 1 PPP Principles
Section 1 PPP Overview Section 2 PPP Working Mechanism Section 3 PPP Authentication
<Confidential and Proprietary Information of ZTE CORPORATION> <Confidential and Proprietary Information of ZTE Corporation >
Definition
PPP provides a standard method to transmit multiple datagram of Network Layer on Point-toPoint links
Correspondence of PPP and Protocol Stack
Application Presentation Session Transport Network Data-link Physical
PPP Protocol
Features
Course Content
Chapter 1 PPP Principles
Section 1 PPP Overview Section 2 PPP Working Mechanism Section 3 PPP Authentication
<Confidential and Proprietary Information of ZTE CORPORATION> <Confidential and Proprietary Information of ZTE Corporation >
PPP
Network Layer
IP, IPX and other network protocols IPCP, IPXCP and other NCP
Data-link Layer
Physical Layer
Fixed Value
0x7E
Flag
0xFF 0x03
Address Control Protocol Field Information Field Default 1500B Checksum 2B
0x7E
Flag 1B
1B
1B
1B
2B
1B=1Byte
Protocol Field
Information Filed
0x0021
IP Datagram
Checksum
0xC021
LCP Datagram
Checksum
0x8021
NCP Datagram
Checksum
Protocol field is 2-byte in length used to indicate the protocol type carried in Information Field.
Bottom Layer up
LCP up
Dead Phase
Establish Phase
Authenticate Phase
Fail
Authentication Fail
down
Terminate Phase
Network Phase
Closed
Course Content
Chapter 1 PPP Principles
Section 1 PPP Overview Section 2 PPP Working Mechanism Section 3 PPP Authentication
<Confidential and Proprietary Information of ZTE CORPORATION> <Confidential and Proprietary Information of ZTE Corporation >
PAP Authentication
Authenticatee
UsernamePassword
Authenticator
Pass / Deny
PAP is the simplest authentication method with lowest security level, which is a two-way handshake process.
CHAP Authentication
Authenticatee
Authenticator
Pass /Deny
CHAP is another authentication protocol with higher security level than PAP.
<Confidential and Proprietary Information of ZTE CORPORATION>
CHAP Challenge
Authenticatee
User dials in
Authenticator
2604
3604
01 id random
3604
Authenticator
3604
01 id random
3604
MD5 hash
CHAP Response(2)
Authenticatee
User dials in 2604
Authenticator
3604
host ZTE
pass pc1
01 id random
3604
02 id
MD5 hash
hash
ZTE
CHAP Authentication
Authenticatee
User dials in 2604 host ZTE pass pc1
Authenticator
3604
01 id random
3604
user ZTE
pass pc1
02 id
MD5 hash
hash
ZTE
MD5
=?
hash
CHAP Result
Authenticatee
User dials in 2604 host ZTE pass pc1
Authenticator
3604
01 id random
3604
user ZTE
pass pc1
02 id
MD5 hash
hash
ZTE
MD5 hash
03 id Welcome in
Course Content
Chapter 2 MPPP Principles
<Confidential and Proprietary Information of ZTE CORPORATION> <Confidential and Proprietary Information of ZTE Corporation >
Definitions
MPMultiLink PPP
MP binds multiple PPP links into one bundle in order to increase bandwidth. MP allows to segment datagram and transfer the segments to one destination via multiple point-tot-point links.
Besides LCP negotiation, it also verifies whether peer end interface is working in MP mode.
If peer end is working in MP mode, it will find virtual interface template for this designated user and perform NCP negotiation using various NCP parameters (such as IP address etc.) in this template. The NCP parameters configured on physical interface does not function.
After NCP negotiation, MP link will be established so that data can be transferred with larger bandwidth.
network devices (router, host etc.) Only the PPP channels that
match Endpoint Discriminator can be bound to one MP.
The identifiers used for MP bundling are: username and Endpoint Discriminator.
Course Content
Chapter 3 Typical Configurations
Section 1 Basic Configuration Commands Section 2 Typical Configuration Examples
<Confidential and Proprietary Information of ZTE CORPORATION> <Confidential and Proprietary Information of ZTE Corporation >
Encapsulation PPP
encapsulation ppp
Authenticator Configuration
Configuring authentication type ppp authentication pap Configuring user list user username password password
Authenticatee Configuration
Authenticator configuration:
Add username and password into local user list user username password password
Authenticatee Configuration:
Configuring local hostname and peer end username and password ppp chap host hostname
Course Content
Chapter 3 Typical Configurations
Section 1 Basic Configuration Commands Section 2 Configuration Examples
<Confidential and Proprietary Information of ZTE CORPORATION> <Confidential and Proprietary Information of ZTE Corporation >
Authenticator
ZXR10_1
ZXR10(config)# username zte1 password zte ZXR10(config)# interface ce1_3/1.1 ZXR10(config-subif)# ppp authentication pap
ZXR10(config)# interface e1_3/1.1 ZXR10(config-subif)# ppp pap sent-username zte1 password zte
ZXR10_1
ZXR10_2
ZXR10(config)# username zte2 password zte1 ZXR10(config)# interface ce1_3/1.1 ZXR10(config-subif)# ppp authentication chap
ZXR10(config)# interface ce1_3/1.1 ZXR10(config-subif)# ppp chap host zte2 ZXR10(config-subif)# ppp chap password zte1
Operation
Display local user for PPP Authentication Display PPP configuration and running state of interface
Summary
What are the three components of PPP? Briefly describe the PPP negotiation process. Describe the process of PAP authentication in brief. Describe the process of CHAP authentication in brief. What is the working principles of MPPP?