PPP protocol functions

Source: Internet
Author: User
PPP protocol functions
First look"Slip"Protocol. Protocol change can be understood as a simplified version of PPP, which is helpful for deepening the understanding of PPP.
In addition, by observing the shortcomings of the "slip" protocol, we can gain a deeper understanding of the clever and targeted design of the PPP protocol.

Slip defects in simple encapsulation:

  • Because there is no negotiation process, many parameters (such as IP addresses) need to be implemented
  • No domain is used to specify the upper-layer protocol. Therefore, only one protocol can be used here, and dynamic decisions cannot be implemented because the negotiation mechanism is not implemented.
  • Some errors cannot be detected in time without a Checksum. However, you need to wait for the upper-layer protocol to handle the problem. Waste of system resources

    Note that PPP is not necessarily related to our commonly used Ethernet. All belong to the data link layer.

    The address field (ADD) and the control field of the data frame (CTRL) have no practical significance.
    Since the PPP protocol is a Point-to-Point Protocol, no MAC address of the Ethernet is required for the PPP protocol.
    Protocol used to mark data in packaged packets

    I will not talk about the IP protocol. I will focus on the above four protocols.
    LCP Protocol


    Code field: indicates "sub-Protocol"

    Id field: equivalent to the Message ID.
    Length field: length field content = total bytes of data (code field + sign field + length field + data field ). Bytes other than the number of characters indicated by the length field will be ignored as the padding byte.

    LCP Data Packet Classification
    1. Link Configuration packetsIs used to establish and configure a link. Including config-request, config-ack, config-Nak, and config-reject

    The Type field contains

    Some negotiation issues during configuration

  • When one end of the received config-request message identifies all Configuration Parameter options sent and recognizes the content of all Configuration Parameter options data fields, the receiving end will return a config-ACK packet to the peer end and place the Configuration Parameter options in the configuration request packet intact in
    The data domain of the config-ACK packet (according to the protocol, the order of Configuration Parameter options cannot be changed ). After receiving the config-ACK packet, the sender of the configuration request enters the next stage from the current stage.

    When one end of the received config-request message can identify all the Configuration Parameter options sent by the sender, but it does not recognize the content in the data field of some Configuration Parameter options, the acceptor will send a config-Nak message to the peer. Only the unauthenticated configuration parameters are included in the message.
    Item,
    The data content of these Configuration Parameter options is the desired value of this end. However, when the receiving end receives the config-Nak message, it resends the config-request message,
    The difference between the config-Request Message and the config-Request Message sent last time is that the content of the Configuration Parameter options that are not recognized by the peer is filled in
    The config-Request Message sent again after the end of the service provider (the Configuration Parameter options sent back from the config-Nak message ).

    When one end of the received config-request message cannot identify all Configuration Parameter options sent by the sending end, the receiving end will return a config-reject message to the peer end, the data fields in the message only carry Unrecognized configuration parameter options (when the parameter option class is configured
    When the domain is not recognized ). After receiving the config-reject message, the peer will send a config-request message again, the difference between this configuration request message and the previous sending is that the Configuration Parameter options that cannot be identified are deleted.

    Link termination messageTo terminate a link. Including terminate-request and terminate-reply
    Link maintenance packetsIt is mainly used to maintain and debug links. Except for the preceding two packet types, all the remaining packet types belong to the link maintenance report.
    Maintenance message generation

  • When the receiving end finds that the Code field of the LCP message is an invalid value, it will respond to the sending end with a code-reject message, in the response message, the content of the rejected message is appended.

    When
    When the receiving end finds that the Protocol domain of the received data frame is an invalid value, it will respond to a protocol-reject message to the sending end, and the sending end will stop sending the rejected message
    Protocol type data packets. The protocol-REJECT packet can be processed only when the LCP state machine is in the opened State, and the packet received in other states will be lost.
    Discard. The protocol type and content of the rejected message will be included in the data domain of the Protocol-reject message.

    Echo-request message and echo-
    Reply packets are mainly used to detect self-loops on two-way links. In addition, some link quality tests and other functions can be provided. When the LCP state machine is in the opened State, if
    When Echo-request is enabled, an echo-reply packet must be sent back to the peer end. Otherwise, messages of this type will be discarded in other LCP states. After the length of this type of data packet
    Instead of directly following the data field, you need to insert a four-byte magic-number (magic word). This magic word is obtained when the Configuration Parameter options of the config-request in LCP are negotiated.
    .

    NCP Protocol
    The NCP protocol mainly includes ipcp and ipxcp. However, in practice, only ipcp is the most common protocol.
    Note: NCP is not a specific protocol, but a general term for protocols such as ipcp and ipxcp.

    Ipcp
    The ipcp control protocol is mainly used to negotiate the configuration parameters required for IP Network Layer Protocol Communication. During the running process, ipcp mainly completes the dynamic negotiation of IP addresses at both ends of the point-to-point communication device.

    The protocol message and LCP are similar. The package type is a subset of LCP and is commonly used, such as config-request, config-ack, config-Nak, and config-reject.

    Static negotiation, That is, do not negotiate. IP addresses have been configured at both ends of the point-to-point communication device before PPP negotiation. Therefore, you do not need to negotiate IP addresses at the network layer protocol stage. The only difference between the two parties is to tell the other party their own IP addresses.

    Both parties separately tell the other party their IP addresses and other optional information.

    Dynamic negotiationIn other words, one end is configured to dynamically obtain the IP address, and the other end is manually configured to allow the Peer to assign an IP address. This process can be consistent with the narrowband dial-up Internet access process.

    Sender first places the IP field 0 to dynamically send an IP address to the receiver. The last four are consistent with those of static negotiation.

    Authentication Protocol
    The PPP protocol also provides optional authentication configuration parameters. By default, the two ends of point-to-point communication are not authenticated. Multiple authentication configuration options cannot be carried at one time in the config-request message of LCP. Either of them is required (PAP/chap)

    Note that the authentication process is performed between LCP and NCP.

    PAP

    PAP authentication is a two-way handshake (single direction ).
    The user name and password are in plain text, which is less secure.

    Chap


     

    Start to send a random packet to the verified party and add the host name. When the verified party receives the verification request from the verified party, it extracts the host name sent by the verified party, and then
    This host name searches for records with the same user name in the background database of the verified device. When it is found, it uses the key corresponding to this user name, then, according to the key, Message ID, and random
    The message uses the MD5 encryption algorithm to generate a response. Then, the response is sent back to its host name. After receiving a response from the verified party, the user name of the verified party is extracted, after finding the consistent user name,
    Generate the result based on the key corresponding to the user name, the retained Message ID, and the random message using the MD5 encryption algorithm. Compare the result with the response returned by the verified party. If it is the same, Ack is returned. Otherwise, Nak is returned.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.