Avaya PPP User Manual

Configuring PPP Services

Router Software Version 10.0

Site Manager Software Version 4.0

Software Version BNX 6.0

Site Manager Software Version BNX 6.0

Part No. 112920 Rev. A

January 1996

4401 Great America Parkway 8 Federal Street Santa Clara, CA 95054 Billerica, MA 01821

recommendations in this document are believed to be accurate and reliable, but are presented without express or implied warranty. Users must take full responsibility for their applications of any products speciﬁed in this document. The information in this document is proprietary to Bay Networks, Inc.

The software described in this document is furnished under a license agreement and may only be used in accordance with the terms of that license. A summary of the Software License is included in this document.

Restricted Rights Legend

Use, duplication, or disclosure by the United States Government is subject to restrictions as set forth in subparagraph (c)(1)(ii) of the Rights in Technical Data and Computer Software clause at DFARS 252.227-7013.

Notice for All Other Executive Agencies

Notwithstanding any other license agreement that may pertain to, or accompany the delivery of, this computer software, the rights of the United States Government regarding its use, reproduction, and disclosure are as set forth in the Commercial Computer Software-Restricted Rights clause at FAR 52.227-19.

Trademarks of Bay Networks, Inc.

ACE, AFN, BCN, BLN, BN, CN, FRE, LN, Optivity, SynOptics, SynOptics Communications, Wellﬂeet and the Wellﬂeet logo are registered trademarks and AN, ANH, ASN, BaySIS, BayStack, BCNX, BLNX, BNX, EZ Internetwork, EZ LAN, FN, PathMan, PhonePlus, PPX, Quick2Conﬁg, RouterMan, SPEX, Bay Networks, Bay Networks Press, the Bay Networks logo and the SynOptics logo are trademarks of Bay Networks, Inc.

Third-Party T rademarks

All other trademarks and registered trademarks are the property of their respective owners.

Statement of Conditions

In the interest of improving internal design, operational function, and/or reliability, Bay Networks, Inc. reserves the right to make changes to the products described in this document without notice.

Bay Networks, Inc. does not assume any liability that may occur due to the use or application of the product(s) or circuit layout(s) described herein.

Portions of the code in this software product are Copyright © 1988, Regents of the University of California. All rights reserved. Redistribution and use in source and binary forms of such portions are permitted, provided that the abov e copyright notice and this paragraph are duplicated in all such forms and that any documentation, advertising materials, and other materials related to such distribution and use acknowledge that such portions of the software were developed by the University of California, Berkeley. The name of the Univ ersity may not be used to endorse or promote products deri v ed from such portions of the software without speciﬁc prior written permission.

SUCH PORTIONS OF THE SOFTWARE ARE PROVIDED “AS IS” AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.

In addition, the program and information contained herein are licensed only pursuant to a license agreement that contains restrictions on use and disclosure (that may incorporate by reference certain limitations and notices imposed by third parties).

Bay Networks Software License

Note:

This is Bay Networks basic license document. In the absence of a software license agreement specifying varying terms, this license — or the license included with the particular product — shall govern licensee’s use of Bay Networks software.

This Software License shall govern the licensing of all software provided to licensee by Bay Networks (“Software”). Bay Networks will provide licensee with Software in machine-readable form and related documentation (“Documentation”). The Software provided under this license is proprietary to Bay Networks and to third parties from whom Bay Networks has acquired license rights. Bay Networks will not grant any Software license whatsoev er, either explicitly or implicitly, except by acceptance of an order for either Software or for a Bay Networks product (“Equipment”) that is packaged with Software. Each such license is subject to the following restrictions:

1. Upon delivery of the Software, Bay Networks grants to licensee a personal, nontransferable, none xclusiv e license to use the Software with the Equipment with which or for which it was originally acquired, including use at any of licensee’s facilities to which the Equipment may be transferred, for the useful life of the Equipment unless earlier terminated by default or cancellation. Use of the Software shall be limited to such Equipment and to such facility. Software which is licensed for use on hardware not offered by Bay Networks is not subject to restricted use on any Equipment, however, unless otherwise speciﬁed on the Documentation, each licensed copy of such Software may only be installed on one hardware item at any time.

2. Licensee may use the Software with backup Equipment only if the Equipment with which or for which it was acquired is inoperative.

3. Licensee may make a single copy of the Software (but not ﬁrmware) for safekeeping (archives) or backup purposes.

4. Licensee may modify Software (but not ﬁrmware), or combine it with other software, subject to the provision that those portions of the resulting software which incorporate Software are subject to the restrictions of this license. Licensee shall not make the resulting software available for use by any third party.

5. Neither title nor ownership to Software passes to licensee.

6. Licensee shall not provide, or otherwise make available, any Software, in whole or in part, in any form, to any third party. Third parties do not include consultants, subcontractors, or agents of licensee who have licensee’s permission to use the Software at licensee’s facility, and who have agreed in writing to use the Software only in accordance with the restrictions of this license.

7. Third-party owners from whom Bay Networks has acquired license rights to software that is incorporated into Bay Networks products shall have the right to enforce the provisions of this license against licensee.

8. Licensee shall not remove or obscure any copyright, patent, trademark, trade secret, or similar intellectual property or restricted rights notice within or afﬁxed to any Software and shall reproduce and afﬁx such notice on any backup copy of Software or copies of software resulting from modiﬁcation or combination performed by licensee as permitted by this license.

4401 Great America Parkway, Santa Clara, CA 95054

8 Federal Street, Billerica, MA 01821

Bay Networks, Inc.

Bay Networks Software License

9. Licensee shall not reverse assemble, reverse compile, or in any way reverse engineer the Software. [Note: For licensees in the European Community, the Softw are Directi ve dated 14 May 1991 (as may be amended from time to time) shall apply for interoperability purposes. Licensee must notify Bay Networks in writing of any such intended examination of the Software and Bay Networks may provide review and assistance.]

10. Notwithstanding any foregoing terms to the contrary, if licensee licenses the Bay Networks product “Site Manager,” licensee may duplicate and install the Site Manager product as speciﬁed in the Documentation. This right is granted solely as necessary for use of Site Manager on hardware installed with licensee’s network.

11. This license will automatically terminate upon improper handling of Software, such as by disclosure, or Bay Networks may terminate this license by written notice to licensee if licensee fails to comply with any of the material provisions of this license and fails to cure such failure within thirty (30) days after the receipt of written notice from Bay Networks. Upon termination of this license, licensee shall discontinue all use of the Software and return the Software and Documentation, including all copies, to Bay Networks.

12. Licensee’s obligations under this license shall survive expiration or termination of this license.

(continued)

4401 Great America Parkway, Santa Clara, CA 95054

8 Federal Street, Billerica, MA 01821

Bay Networks, Inc.

Contents

About This Guide

Audience ...........................................................................................................................xi

Software Suites ................................................................................................................xii

Before You Begin ..............................................................................................................xii

Bay Networks Customer Support ....................................................................................xiii

CompuServe .............................................................................................................xiii

InfoFACTS .................................................................................................................xiv

World Wide Web ........................................................................................................xiv

How to Get Help ..............................................................................................................xiv

Ordering Bay Networks Publications ............................................................................... xv

Conventions .....................................................................................................................xv

Acronyms .........................................................................................................................xvi

Chapter 1 PPP Overview

Routing over a PPP Link .................................................................................................1-3

Initializing a PPP Interface ..............................................................................................1-4

Establishing the PPP Link ........................................................................................1-4

Authenticating the PPP Link: PAP and CHAP ..........................................................1-7

Password Authentication Protocol .....................................................................1-7

Challenge Handshake Authentication Protocol .................................................1-7

Establishing Network Connections ...........................................................................1-8

Datagram Encapsulation ................................................................................................1-8

Monitoring the PPP Link .................................................................................................1-9

Chapter 2 Implementation Notes

PPP Data Compression ..................................................................................................2-1

PPP Dial Services Support .............................................................................................2-2

Bandwidth-on-Demand ............................................................................................2-2

Dial-on-Demand ....................................................................................................... 2-2

Dial Backup ..............................................................................................................2-2

PPP Multiline ..................................................................................................................2-3

PPP Multilink ..................................................................................................................2-3

Using PPP Multilink ..................................................................................................2-4

Compatibility with Previous Versions ........................................................................2-5

Balancing Trafﬁc Loads ............................................................................................2-5

Conﬁguring Multilink Operation ................................................................................2-6

Protocol Prioritization .....................................................................................................2-6

Differences between Multiline and Multilink ....................................................................2-7

PPP Synchronous Line Parameters ...............................................................................2-8

PPP Software Incompatibilities .......................................................................................2-9

Conﬁguring IP to Run over PPP Interfaces ..................................................................2-10

Disabling Network Control Protocols ............................................................................2-10

Calculating and Viewing Line Statistics ........................................................................2-11

Chapter 3 Enabling PPP Service

Enabling PPP on an Interface .........................................................................................3-1

Chapter 4 Editing PPP Parameters

Editing PPP Interface Parameters ..................................................................................4-2

PPP Interface Parameter Descriptions ...........................................................................4-5

Editing PPP Line Parameters .......................................................................................4-15

PPP Line Parameter Descriptions ................................................................................4-18

Deleting PPP ................................................................................................................4-30

Appendix A PPP Parameter Default Settings

Appendix B PPP Statistics

Index

Figures

Figure 1-1. Point-to-Point Network Connection ..........................................................1-1

Figure 1-2. PPP Interface Initialization .......................................................................1-6

Figure 1-3. PPP-Encapsulated Frame ........................................................................1-8

Figure 1-4. Link Quality Monitoring from Router A’s Perspective .............................1-10

Figure 2-1. Multilink Circuits .......................................................................................2-4

Figure 4-1. Conﬁguration Manager Window ...............................................................4-2

Figure 4-2. PPP Interface Lists Window .....................................................................4-3

Figure 4-3. PPP Line Lists Window ..........................................................................4-16

vii

viii

Tables

Table 1-1. Data Link Control Protocol Options ..........................................................1-2

Table 1-2. Network Control Protocols and Options ...................................................1-3

Table 2-1. Comparing Multiline and PPP Multilink ....................................................2-7

Table 2-2. PPP Synchronous Line Parameter Values ...............................................2-8

Table A-1. Point-to-Point (PPP) Interface Parameters .............................................. A-1

Table A-2. Point-to-Point (PPP) Line Parameters ..................................................... A-3

Table B-1. PPP Statistics ......................................................................................... B-1

About This Guide

If you are responsible for conﬁguring and managing Bay Networks™ routers and/ or BNX™ switching platforms running over Point-to-Point links, you need to read this guide.

This guide describes Point-to-Point Protocol (PPP) services and provides instructions for using Site Manager to conﬁgure PPP parameters for your network.

Refer to this guide for

• An overview of Point-to-Point Protocol services (Chapter 1)

• Information on the Bay Networks implementation of PPP services (Chapter 2)

• Instructions on enabling PPP (Chapter 3)

• Descriptions of PPP parameters and how to edit those parameters (Chapter 4)

Audience

• Default parameter settings (Appendix A)

• PPP Statistics (Appendix B) See

Conﬁguring Routers

depending on your platform, for information and instructions about the following topics:

• Initially conﬁguring and saving a WAN interface

• Retrieving a conﬁguration ﬁle

• Rebooting the device with a conﬁguration ﬁle

Written for system and network managers, this guide describes how to conﬁgure the Bay Networks implementation of PPP interfaces and how to use the Site Manager tool to manage your environment.

Conﬁguring Customer Access (BNX Software)

Configuring PPP Services

Software Suites

Routing and Switching software is available in the following suites.

• The

Availability of features and functionality described in this guide depends on the suites you are using.

System Suite

Bridge, Translation Bridge, SNMP Agent, Bay Networks HDLC, PPP, OSPF, EGP, BGP, and basic DLSw.

LAN Suite

IPX, and ATM DXI, in addition to the System Suite.

WAN Suite

addition to the System Suite.

Corporate Suite

entirety.

ARE ATM Suite

signaling, in addition to the LAN Suite.

ARE VNR Corporate Suite

addition to the ARE ATM Suite and Corporate Suite.

BNX Suite

PPP, OSPF, EGP, BGP, File-Based Performance Statistics, Frame Relay switching, and Frame Relay billing, and selected components from the Corporate, ARE A TM, and ARE VNR Corporate suites.

includes IP routing, 802.1 Transparent Bridge, Source Route

includes DECnet Phase 4, AppleTalk Phase 2, OSI, VINES,

includes ATM DXI, Frame Relay, LAPB, and X.25, in

includes the System, LAN, and WAN suites in their

provides RFC 1483 and 1577 compliance, ATM UNI 3.0

provides ATM Forum LAN Emulation, in

includes IP Routing, SNMP Agent, Bay Networks HDLC,

Before Y ou Begin

Before using this guide, you must

• Create and save a conﬁguration ﬁle that contains at least one WAN interface

• Retrieve the conﬁguration ﬁle in local, remote, or dynamic mode Refer to

depending on your platform, for instructions on how to do these functions.

xii

Conﬁguring Routers

Conﬁguring Customer Access (BNX Software)

Bay Networks Customer Support

Bay Networks provides live telephone technical support to our distributors, resellers, and service-contracted customers from two U.S. and three international support centers. If you have purchased your Bay Networks product from a distributor or authorized reseller, contact the technical support staff of that distributor or reseller for assistance with installation, conﬁguration, troubleshooting, or integration issues.

Customers also have the option of purchasing direct support from Bay Networks through a variety of service programs. The programs include priority access telephone support, on-site engineering assistance, software subscription, hardware replacement, and other programs designed to protect your investment.

To purchase any of these support programs, including PhonePlus™ for 24-hour telephone technical support, call 1-800-2LANWAN. Outside the U.S. and Canada, call (408) 764-1000. You can also receive information on support programs from your local Bay Networks ﬁeld sales ofﬁce, or purchase Bay Networks support directly from your reseller. Bay Networks provides several methods of receiving support and information on a nonpriority basis through the following automated systems.

About This Guide

CompuServe

Bay Networks maintains an active forum on CompuServ e. All you need to join us online is a computer, a modem, and a CompuServe account. We also recommend using the CompuServe Information Manager software, available from CompuServe.

The Bay Networks forum contains libraries of technical and product documents designed to help you manage and troubleshoot your Bay Networks products. Software agents and patches are available, and the message boards are monitored by technical staff and can be a source for problem solving and shared experiences.

Customers and resellers holding Bay Networks service contracts can visit the special libraries to acquire advanced levels of support documentation and software.

To open an account and receive a local dial-up number, call CompuServe at 1-800-524-3388 and ask for Representative No. 591.

xiii

Configuring PPP Services

• In the United Kingdom, call Freephone 0800-289378.

• In Germany, call 0130-37-32.

• In Europe (except for the United Kingdom and Germany), call (44) 272-760681.

• Outside the U.S., Canada, and Europe, call (614) 529-1349 and ask for Representative No. 591, or consult your listings for an ofﬁce near you.

Once you are online, you can reach our forum by typing the command GO BAYNETWORKS at any ! prompt.

InfoFACTS

InfoFACTS is the Bay Networks free 24-hour fax-on-demand service. This automated system contains libraries of technical and product documents designed to help you manage and troubleshoot your Bay Networks products. The system can return a fax copy to the caller or to a third party within minutes of being accessed.

W orld Wide Web

The World Wide Web (WWW) is a global information system for ﬁle distribution and online document viewing via the Internet. Y ou need a direct connection to the Internet and a Web Browser (such as Mosaic or Netscape).

Bay Networks maintains a WWW Home Page that you can access at http:// www.baynetworks.com. One of the menu items on the Home Page is the Customer Support Web Server, which offers technical documents, software agents, and an E-mail capability for communicating with our technical support engineers.

How to Get Help

For additional information or advice, contact the Bay Networks Technical Response Center in your area:

United States 1-800-2LAN-WAN Valbonne, France (33) 92-966-968 Sydney, Australia (61) 2-903-5800 Tokyo, Japan (81) 3-328-005

xiv

Ordering Bay Networks Publications

To purchase additional copies of this document or other Bay Networks publications, order by part number from Bay Networks Press™ at the following numbers. You may also request a free catalog of Bay Networks Press product publications.

Phone: 1-800-845-9523 FAX - U.S./Canada: 1-800-582-8000 FAX - International: 1-916-939-1010

Conventions

This section describes the conventions used in this guide.

About This Guide

arrow character (

➔

) Separates menu and option names in instructions.

➔

Example: Protocols

AppleTalk identiﬁes the

AppleTalk option in the Protocols menu.

bold text

Indicates text that you need to enter and command

dinfo

names in text. Example: Use the

command.

brackets ([ ]) Indicate optional elements. You can choose none, one,

or all of the options.

italic text

Indicates variable values in command syntax descriptions, new terms, ﬁle and directory names, and book titles.

quotation marks (“ ”) Indicate the title of a chapter or section within a book.

screen text

ellipsis points Horizontal (. . .) and vertical ellipsis points indicate

Indicates data that appears on the screen. Example:

Bay Networks Trap Monitor Filters

()

Set

omitted information.

vertical line (|) Indicates that you enter only one of the parts of the

command. The vertical line separates choices. Do not type the vertical line when entering the command.

Example: If the command syntax is

show at routes show at routes

nets

, you enter either

show at nets

, but not both.

Configuring PPP Services

Acronyms

ANSI American National Standards Institute ARP Address Resolution Protocol ATM Asynchronous Transfer Mode BNCP Bridge Network Control Protocol BNX Backbone Node Switch BOFL Breath of Life (message) CCP Compression Control Protocol CHAP Challenge Handshake Authentication Protocol CMIP Common Management Information Protocol CRC Cyclic Redundancy Check DNCP DECnet Phase IV Control Protocol EGP Exterior Gateway Protocol FCS Frame Check Sequence FDDI Fiber Distributed Data Interface HDLC High-level Data Link Control HSSI High-speed serial interface IP Internet Protocol IPCP IP Control Protocol IPX Internet Packet Exchange IPXCP IPX Control Protocol LAN Local Area Network LCP Link Control Protocol LQM Link Quality Monitoring LQR Link Quality Report MAC Media Access Control MIB Management Information Base MTU Maximum Transmission Unit NCP Network Control Protocol OSI Open Systems Interconnection OSINLCP OSI Network Layer Control Protocol P AP Password Authentication Protocol

xvi

About This Guide

RFC Request for Comment SMDS Switched Multimegabit Data Service SNMP Simple Network Management Protocol TCP/IP Transmission Control Protocol/Internet Protocol TFTP Trivial File Transfer Protocol VINES Virtual Networking System VNCP VINES Network Control Protocol W AN Wide Area Network XNS Xerox Network System XNSCP Xerox Network System Control Protocol

xvii

Chapter 1

PPP Overview

Point-to-Point Protocol (PPP) is a standard method of routing or bridging datagrams between peer routers or other devices over serial point-to-point links (Figure 1-1).

LAN

Synchronous Line

Figure 1-1. Point-to-Point Network Connection

PPP serves three major functions:

• Data link layer connection and management

• Network layer connection and management

• Datagram encapsulation

LAN

RouterRouter

1-1

Configuring PPP Services

PPP uses a suite of data link and network control protocols to connect peer routers. PPP also allows peer routers to negotiate and determine data link and network layer options (Table 1-1 and Table 1-2). When negotiations complete successfully, PPP encapsulates the data and transmits it over the link.

Table 1-1. Data Link Control Protocol Options

Option Function

Maximum Receive Unit Speciﬁes the Maximum Transmission Unit (MTU)

size for the line.

Authentication Protocol: Password Authentication

Protocol (PAP) or Challenge Handshake Authentication Protocol (CHAP)

PAP ID or CHAP Local Name Text string that identiﬁes the caller for bandwidth-

Link Quality Protocol Enables or disables link quality monitoring and

Multilink Endpoint Discriminator Enables the PPP mulitlink protocol and speciﬁes

Imposes network security by requiring an authentication process.

on-demand, dial-on-demand, and dial backup lines.

reporting.

the identity of the sender of the option.

1-2

PPP Overview

Table 1-2. Network Control Protocols and Options

Protocol Negotiable Options

IP Control Protocol (IPCP) IP Addresses (for backward compatibility), IP

Address (default)

Internet Packet Exchange Control Protocol (IPXCP)

AppleTalk Control Protocol (ATCP)

DECnet Phase IV Control Protocol (DNCP)

OSI Network Layer Control Protocol (OSINLCP)

Xerox Network System Control Protocol (XNSCP)

VINES Network Control Protocol (VNCP)

Bridge Network Control Protocol (BNCP)

Routing over a PPP Link

You can enable the following protocols over PPP interfaces:

• AppleTalk

IPX Network Number, IPX Node Number, IPX Routing Protocol, IPX Router Name, IPX Conﬁguration Complete

AppleTalk Network Number, AppleTalk Node Number, AppleTalk Routing Protocol

None

MAC Type Selection

• DECnet Phase IV

• Internet Packet Exchange (IPX)

• Internet Protocol (IP)

• Open Systems Interconnection (OSI)

• Virtual Networking System (VINES)

• Xerox Network System (XNS)

1-3

Configuring PPP Services

Transparent/Translation Bridge and Source Routing Bridge are other routing media that you can enable over any PPP interface. The PPP bridge accepts incoming trafﬁc from any media (Ethernet, FDDI, Token Ring) and forwards data transparently (or translates when necessary).

Initializing a PPP Interface

PPP creates an interface between peer routers to allow them to exchange data. The routers initialize the interface in three phases:

1. Link establishment

2. Authentication

3. Network layer protocol negotiations

The following sections describe each phase.

Establishing the PPP Link

PPP’s Link Control Protocol (LCP) helps establish a link. LCP generates three types of packets:

1-4

• Link conﬁguration packets, including Conﬁgure-Request, Conﬁgure-ACK, Conﬁgure-NAK, and Conﬁgure-Reject packets

• Link termination packets, including Terminate-Request and Terminate-ACK packets

• Link maintenance packets, including Code-Reject, Protocol-Reject, Echo-Request, and Echo-Reply packets

When two routers initialize a PPP dialogue, each of them sends a ConﬁgureRequest packet to the other (peer) router . Each Conﬁgure-Request packet contains a list of LCP options and corresponding values that the sending router uses to deﬁne its end of the link.

For example, a Conﬁgure-Request packet may specify the link’s maximum transmission unit (MTU) size and whether the sender wants to use Password Authentication Protocol (PAP) or Challenge Handshake Authentication Protocol (CHAP). The Conﬁgure-Request packet contains the user-conﬁgured values, which the sender and its peer router may need to negotiate.

PPP Overview

Each router receives a Conﬁgure-Request packet from its peer. Each router responds with one of three types of packets:

• Conﬁgure-ACK If a router accepts the proposed LCP options, it responds with a Conﬁgure

Acknowledgment (ACK) packet. When the routers on each side of the link send and receive Conﬁgure-ACK

packets, the LCP advances to an

open state,

which means that the PPP

interface can advance to the next phase.

• Conﬁgure-Reject If the Conﬁgure-Request packet contains options that the peer router is not

willing to negotiate, the peer router sends back a Conﬁgure-Reject packet specifying the nonnegotiable options. From that point on, Conﬁgure-Request packets that the originating router sends should no longer specify the unacceptable options.

• Conﬁgure-NAK If the Conﬁgure-Request packet contains proposed values for options that the

peer disagrees with, it responds with a Conﬁgure Negative Acknowledgment (NAK) packet. The Conﬁgure-NAK packet notes the values that the peer disagrees with, and it includes the corresponding values that the peer would like to see in subsequent Conﬁgure-Request packets.

LCP negotiations between peers continue until either the routers converge (reach an agreement regarding the Conﬁgure-Request) and PPP advances to the next phase or until the peer router transmits a user-speciﬁed number of ConﬁgureNAK packets before sending a Conﬁgure-Reject packet. When the originating router receives a Conﬁgure-Reject packet, the originating router removes the offending options. The routers should then converge.

Figure 1-2 demonstrates how a PPP interface initializes.

1-5

Configuring PPP Services

Router A Router B

1. PPP interface comes alive on network; begin LCP negotiations:

Send Configure-Request

Send Configure-ACK

2. LCP opened; begin authentication phase, PAP or CHAP:

Send Authenticate-Request

*Shows Router A initiating authentication. Router B can also initiate authentication.

Send Configure-Request Send Configure-ACK

PAP* CHAP*

Challenge

Send Authenticate-ACK

Response Match

Response

1-6

3. Authentication complete; begin NCP negotiations:

Send Configure-Request

Send Configure-Request Send Configure-ACK

Send Configure-ACK

4. NCP open; begin transmitting data: Send Data

Figure 1-2. PPP Interface Initialization

Authenticating the PPP Link: PAP and CHAP

In the authentication phase of PPP initialization, one or both peer routers enable either Password Authentication Protocol (PAP) or Challenge Handshake Authentication Protocol (CHAP).

Password Authentication Protocol

PAP imposes network security by requiring the peer router to send a PAP packet that contains a plain-text user identiﬁer and password to the originating router before the interface can advance to the network layer protocol phase.

If P AP fails, the netw ork administrator must change the identiﬁer and password on both peer routers and disable and re-enable LCP to reinitialize the line.

Challenge Handshake Authentication Protocol

CHAP imposes network security by requiring that the peers share a plain-text secret. The originating peer sends a challenge message to its receiving peer. The receiving peer responds with a value it calculates on the basis of knowing the secret. The ﬁrst peer then matches the response against its own calculation of what the response should be. If the values match, it sends a success message, and the LCP establishes the link.

PPP Overview

CHAP uses an incrementally changing identiﬁer and a variable challenge value to provide network security. It also allows for repeated challenges at intervals that either router on a link can specify. A router may transmit challenge packets not only during the link establishment phase, but also at any time during the network layer protocol phase to ensure that the connection retains its integrity.

If CHAP fails, the network administrator must change the identiﬁers and secret on both peer routers and disable and re-enable LCP to reinitialize the line.

Note:

For all dial services, you must use PAP or CHAP, either of which provides an identiﬁcation mechanism that is essential to bring up bandwidthon-demand, dial-on-demand, and dial backup lines. In addition, for all dial services, failure of either authentication protocol causes the connection to be dropped, and no intervention from the network administrator is needed.

1-7

Configuring PPP Services

Establishing Network Connections

PPP uses various network control protocols to determine the values of parameters during the ﬁnal phase of PPP initialization, network layer negotiations. Like the LCP, each network control protocol allows peer routers to negotiate various network options over the data link by transmitting Conﬁgure-Request, ConﬁgureACK, Conﬁgure-NAK, and Conﬁgure-Reject packets.

Network options include which network addresses to use and which media types to bridge. Once both peer routers agree upon network options, the network control protocol reaches the opened state. The routers then begin transmitting user data packets for any upper-layer protocols over the link.

Datagram Encapsulation

Before transmitting data across the link, PPP encapsulates data in a frame similar to a High-level Data Link Control (HDLC) frame (Figure 1-3).

PPP Frame

1-8

AddressFlag

1 byte

Figure 1-3. PPP-Encapsulated Frame

1 byte

Control

1 byte

Protocol

2 bytes

Data

Variable

FCS

2 or

4 bytes

Flag

1 byte

The parts of the PPP frame function as follows:

• The Flag ﬁeld marks the be ginning and end of a frame. Peers on synchronous

lines exchange ﬂags continuously when there are no frames to transmit.

• The Address ﬁeld indicates which device originated the frame.

• The Control ﬁeld shows the frame type (information or administrative).

• The Protocol ﬁeld indicates the operative network layer protocol.

• The Data ﬁeld contains the data one link sends to the other. Its length is less

than or equal to the MTU line size. The default maximum length is 1594 bytes; LCP negotiations determine the actual length.

• The Frame Check Sequence (FCS) shows the sequence order of the frame;

router hardware computes the FCS. A 16- or 32-bit Cyclic Redundancy Check (CRC) is at the end of each frame.

+ 60 hidden pages