PPP protocol composition and brief description of the basic process of Protocol Negotiation

PPP Protocol composition and brief description of the basic process of Protocol negotiation 1. PPP (Point-to-Point Protocol) is a link layer Protocol designed for the transmission of data packets between the same unit and other simple links. The design is mainly used to establish a point-to-point connection to send data through dialing or leased lines, making it a common solution for simple connections between hosts, bridges, and routers. 2. the PPP protocol provides a complete set of solutions for link establishment, maintenance, removal, upper-layer protocol negotiation, and authentication. Www.2cto.com 3. The PPP Protocol includes the Link Control Protocol (LCP), the Network Control Protocol (NCP), and the authentication Protocol, password Authentication Protocol (PAP) and Challenge Handshake Authentication Protocol (CHAP) are commonly used ). 4. A typical link creation process consists of three phases: creation, authentication, and network negotiation. Phase 1: Create a PPP link LCP to create a link. At this stage, the basic communication mode will be selected. Devices at both ends of the link Send configuration packets (ConfigurePackets) to each other through LCP ). Once a configuration package (Configure-Ackpacket) is sent and received, the switching is completed and the LCP is enabled. It should be noted that in the Link creation phase, only the authentication protocol is selected, and user authentication will be implemented in stage 2nd. Phase 2: user verification. At this stage, the client sends its identity to the remote access server. This phase uses a security authentication method to prevent a third party from stealing data or impersonating a remote client to take over the connection with the client. Before the authentication is completed, it is prohibited to move from the authentication phase to the network layer protocol phase. If the authentication fails, the authenticator should jump to the end of the link. In this phase, only the Link Control Protocol, authentication protocol, and packets of The Link Quality Monitoring Protocol are allowed. Other packages received in this phase must be quietly discarded. The most common authentication protocols are password authentication protocol (PAP) and Challenge Handshake Authentication Protocol (CHAP ). The authentication method is described in the third part. Phase 3: Call the network layer protocol. After the authentication phase is complete, PPP calls various network control protocols (NCP) selected during the link creation phase (phase 1 ). The selected NCP solves the High-level protocol issues on the PPP link. For example, in this phase, IP Control Protocol (IPCP) can allocate dynamic addresses to the dial-in users. In this way, after three stages, a complete PPP link is established. 5. authentication method 1) password verification protocol (PAP) PAP is a simple plaintext verification method. NAS (Network Access Server) requires users to provide user names and passwords, and PAP returns user information in plaintext. Obviously, this authentication method is less secure. A third party can easily obtain the transferred user name and password, and use this information to establish a connection with NAS to obtain all the resources provided by NAS. Therefore, once a user's password is stolen by a third party, PAP cannot provide protection measures to avoid being attacked by a third party. 2) challenge-the handshake authentication protocol (CHAP) CHAP is an encrypted authentication method that prevents the user's real password from being transmitted when a connection is established. NAS sends a challenge password (challenge) to remote users, including the session ID and an arbitrary challenge string (arbitrarychallengestring ). Remote customers must use the MD5 one-way hashing algorithm to return the user name and the challenge password for encryption, session ID, and user password. The user name is sent in non-Hash mode. CHAP improves PAP and does not directly send plaintext passwords through links. Instead, it uses challenge passwords to encrypt passwords using hash algorithms. Because the server contains the client's plaintext password, the server can repeat the operations performed by the client and compare the results with the password returned by the user. CHAP generates a random challenge string for each verification to prevent replayattack attacks ). Throughout the connection process, CHAP repeatedly sends the challenge password to the client from time to prevent the remote client impersonation attack by the 3rd party. 6. PPP protocol is currently one of the most widely used protocols on the Wide Area Network. It has the advantages of simplicity, user verification capability, and IP Address allocation. Domestic dial-up Internet access establishes a communication link between the client and the access server of the carrier through PPP. At present, broadband access is becoming a trend to replace dial-up Internet access. In today's ever-changing broadband access technology, PPP has also developed new applications. A typical application is in the ADSL (asymmetric data user Loop, asyuncrica lDigital Subscriber Loop) access mode. PPP and other protocols jointly derive a new protocol that meets the broadband access requirements, for example, PPPoE (PPP over Ethernet) and PPPoA (PPP over ATM ). Using Ethernet resources to run PPP over Ethernet for user authentication and access is called PPPoE. PPPoE protects users' Ethernet resources and meets ADSL access requirements. It is currently the most widely used technical standard in ADSL access methods. Similarly, PPPoA is used to manage user authentication by running the PPP protocol on an ATM (Asynchronous Transfer Mode) network. It works in the same way as PPPoE. The difference is that it runs on an ATM network, while PPPoE runs on an Ethernet network, so it must adapt to the ATM and Ethernet standards respectively. The simple and complete PPP protocol has made it widely used. I believe it can play a greater role in the future development of network technology.