Linux PPP and pppoe)

Linux PPP and pppoe) Favorites

Reference: http://www.akadia.com/services/pppoe_iptables.html;

Http://en.wikipedia.org/wiki/point-to-point_protocol_over_ethernet;

Http://blog.csdn.net/absurd/archive/2007/05/04/1596496.aspx

Http://www.36ji.net/article/0859/3550.html

Http://blog.csdn.net/csucxcc/archive/2007/07/10/1684416.aspx

PPP:

PPP consists of two types of Protocols: LCP and NCP ).

LCP is used to establish, remove, and monitor PPP data links. NCP is mainly used to negotiate the format and type of data packets transmitted on the data link. PPP also provides verification protocol families (PAP and CHAP) for network security ).

PPP is a layered structure. At the underlying layer, it can use synchronous media (such as isdnh or synchronous ddnleased line), as well as Asynchronous media (such as modem-based dial-up PSTN network ).

On the data link layer, PPP provides a wide range of services for Link Layer establishment, which are provided in the form of LCP negotiation options.

In the upper layer, PPP supports multiple network layer protocols through NCPs. PPP has a Encapsulation Format for each network layer protocol to distinguish their packets.

 

PPP negotiation is divided into several stages: Dead, establish, authenticate, network, and termintate. Different protocols are negotiated at different stages. only after the preceding negotiation results are displayed can we proceed to the next stage for negotiation of the next protocol.

1) when the physical layer is unavailable, the PPP link is in the dead stage, and the link must start and end from this stage. when the physical layer is available, PPP performs LCP negotiation before establishing a link. The negotiation content includes SP or MP, verification method and maximum transmission unit.

2) the LCP enters the establish stage after negotiation. The LCP status is opened, indicating that the link has been established.

3) If authentication (local or local remote verification) is cultivated, it enters the authenticate stage and begins chap or PAP verification.

4) if the verification fails to enter the terminate stage, the link is removed and the LCP status changes to down. If the verification is successful, the network negotiation stage (NCP) is started, and the LCP status is still opened, the ipcp status is changed from initial to request.

5) NCP negotiation supports ipcp negotiation. ipcp negotiation mainly includes the IP addresses of both parties. select and configure a network layer protocol through NCP negotiation. after the selected network layer protocol is configured successfully, the network layer protocol can send packets through this link.

6) The PPP link will maintain communication until a clear LCP or NCP frame closes the link or some external events occur (for example, user intervention ).

Pppoe:

Point-to-Point Protocol over Ethernet: a protocol that encapsulates PPP packets over Ethernet. Packet-switched Ethernet does not have a "circuit" or a link. Therefore, IP or Mac conflicts and security are not guaranteed. Pppoe users can establish virtual links for secure communication on the links.

Pppoe is divided into two phases:

Pppoe discovery: Traditional PPP connections are point-to-point, while muti-accesss over Ethernet, that is, any node on the Ethernet can access other nodes. The frame in Ethernet contains the MAC address of the target node to find the target node. Therefore, before converting a PPP frame, the two communication nodes must know the MAC address of the other node in advance. In the discovery stage of pppee, nodes in the Ethernet are allowed to exchange notifications to their MAC addresses and create a session ID for subsequent packet switching.

Pppoe session: When nodes know the MAC addresses of each other, they enter the session stage.

 

PPP in Linux:

PPP framework:

 

[1] pppoe program: first, pppoe completes the pppoe discovery stage, that is, mutual MAC address notification. The program then sends/receives all packets through the PPP Network Interface (such as ppp0. (You Need To Know How sockets with 0x8863 and 0x8864 work, and how packets are transmitted between pppoe and PPP protocol stacks through the Pty device ).

[2] pppd: Works with pppoe to complete dial-up Internet access negotiation and maintenance.

[3]/dev/PPP: After a PPP device is created, packets in the PPP process are classified by the protocol stack and transmitted to the queue of this interface. Pppd reads packets in the PPP process from this interface and sends them to the corresponding protocol stack for processing. If the response packet is also written to the device, the device sends the packet to the protocol stack and forwards it.

[4] socket: the Ethernet types of packets in the pppoe session and discovery phase are 0x8863 and 0x8864, respectively, because the two types of data packets are sent and received by the pppoe application through socket, You need to define these two types of sockets in the kernel.

[5] PPP protocol stack: it is mainly responsible for encapsulation, compression, and decompression of the PPP layer. In addition, it also distributes common data packets and PPP data packets, and submits common data packets to the TCP/IP protocol stack, send the packets in the PPP process to the/dev/PPP device queue and wait for pppd to receive the packets for processing.

[6] Pty device: a serial device, a transit station for the PPP kernel protocol stack and pppoe applications. Since the PPP protocol runs mostly on the serial link, the PPP protocol stack in the Linux kernel is closely integrated with the serial device.

 

Pppoe dialing establishment process

= Pppoe's discovery process

= PPP process

= Set the Internet host

 

Pppd implementation:

The network protocol is implemented hierarchically. Generally, the upper layer only needs to know its direct lower layer, and only uses the indirect lower layer interface in rare cases. For example, for general socket programming, they only need to know the TCP/IP protocol, rather than the existence of the PPP protocol. This hierarchical design simplifies protocol implementation and application development.

However, the PPP protocol does not only provide simple data link layer functions, but also provides some extended functions (such as authentication PAP/chap and encryption and decryption of ECP ). Applications require transparency and do not care about the existence of these extended functions. The PPP protocol processing module itself cannot deal with these strategic things, because it does not know the user name/password, whether to compress, or whether to encrypt.

The emergence of pppd solves this problem. Pppd is a background service process (Daemon) and a user space process. Therefore, it is natural to move the strategic content from the kernel's PPP protocol processing module to pppd. (Pppd implements all the control protocols for authentication, compression, encryption, decryption, and other extended functions)

Pppd is a user-space program that communicates with the kernel through a device file (/dev/PPP. Through the read system call, pppd can read data packets from the PPP protocol processing module (the PPP protocol processing module only sends data packets that should be processed by pppd to pppd); Through the write system call, pppd can transmit data packets to the PPP protocol processing module. By calling the ioctrl system, pppd can set PPP parameters and establish/disable connections.

In pppd, each protocol is implemented in an independent C file, which usually implements the protent interface (this interface is mainly used to process data packets) and fsm_callbacks interfaces (this interface is mainly used for state machine status switching ). The receiving of data packets is handled by main. C: get_input in a unified manner, and then implemented based on the protocol type method. The packet sending is completed by the Protocol implementer calling the output function as needed.

======= Process ========

The application sends TCP/IP packets through the socket interface. How do these TCP/IP packets pass through the PPP protocol processing module and then are sent through the serial port?

Pppd calls ioctrl (pppiocnewunit) in the make_ppp_unit function to create a network interface (such as ppp0). When the PPP protocol module in the kernel processes pppiocnewunit, call register_netdev to register the PPP Network Interface (ppp0) with the kernel. The transmission function of this network interface points to ppp_start_xmit.

When the application sends data, the kernel finds the PPP Network Interface (ppp0) based on the IP address and route table, and then uses the ppp_start_xmit function. The control is transferred to the PPP protocol processing module. Ppp_start_xmit calls the ppp_xmit_process function to send all data packets in the queue. ppp_xmit_process also calls ppp_send_frame to send a single data packet, ppp_push calls PCH-> Chan-> OPS-> start_xmit to send data packets.

 

Pppoe (user mode ):

Pppoe: pppoe Client Version: rp-pppoe-3.5-32.1 Website: http://www.roaringpenguin.com/products/pppoe

The main pppoe file is pppoe. The C entry function is main (). In the main function, we mainly do two things:

In the discovery phase of pppoe Protocol: The processing function is Discovery (). This function establishes a raw socket, sends a message, waits for a response, waits for processing, and sets the status to the session phase.

In the session phase of the ppoe protocol, the processing function is SESSION (). This function first establishes a raw socket, reads data from pppd, and sends the data with pppoe, then, the received data is sent to the pppd program for pppd to process. After processing, the pppoe connection is established, the ppp0 port is also established, and the IP address is allocated from the server.

 

The data packet process after pppoe establishes a connection:

 

If the pppoe data is received from ETH: -- first, the data is received by raw socket data in pppoe, pppoe unlocks the pppoe header of the data packet, then, the data packet is transmitted to the slave device of the Pseudo Terminal master device-> the slave device of the Pseudo Terminal, and then the kernel is sent to ppp0 to unbind the data packet. The ppp0 device processes the data packet through the driver and transmits the data packet to the upstream layer.

 

Packet sending: -- first, the port on which data is to be sent is known to the ppp0 device based on the route. After the data reaches the ppp0 device, ppp0 transmits the data to the Pseudo Terminal from the device-> the Pseudo Terminal master device, then it reaches pppoe. pppoe adds the pppoe header to the data packet, and then sends it out from the ETH interface through raw socket.

 

[Problem ]:

Data Packet Processing-top-down: PPP encapsulation-> pppoe encapsulation-> Ethernet header, but pppoe user State (the implementation of pppoe kernel state is the ideal process) the implementation process is not like this. the user-State implementation is used to add a Pseudo Terminal to PPP and pppoe to avoid damaging the interface implemented by the original terminal in the Linux kernel, because the Linux kernel uses the serial device as the terminal device.