1.Internet Architecture and Protocols University of education township campus lahore, PakistanLecture 05 PPP (POINT TO POINT PROTOCOL)Internet Architecture and Protocols, University of education township campus, lahore1

2. Lecture Objectives WAN Basics Three types of WAN Services Introduction to Point-to-Point protocol (PPP) Basic Components of PPP Encapsulation, LCP, NCP PPP Frame Format PPP Authentication PAP, CHAP General Operation of PPP PPP Services Internet Architecture and Protocols, University of education township campus, lahore2 3. WAN Point-to-Point LinkInternet Architecture and Protocols, University of education township campus, lahore3 4. WAN Services TermDescriptionLeased linesA dedicated, always on circuit between two end points. The service provider just passes a constant rate bit stream. Generally is more expensive than packet switching todayCircuit switched/ dialProvide dedicated bandwidth between two points, but only for the duration of the call. Typically used as a cheaper alternative to leased lines, particularly when connectivity is not needed all the time. Also useful for backup when a leased line or packet-switched service failsPacketswitchedProvides virtual circuits between pairs of sites, with contracted traffic rates for each VC. Each sites physical connectivity consists of a leased line from the site to a device in the providers network. Generally cheaper than leased lines.Internet Architecture and Protocols, University of education township campus, lahore4 5. WAN Data-Link Protocols for Point-to-Point Links Leased lineCircuit-switchedPacket-switchedInternet Architecture and Protocols, University of education township campus, lahore5 6. An Overview of Wide-Area Services Call Setup (SS7 or other)C AB ETime-Division Multiplexed Circuits (56/64 kbps or T1/E1) Central Office (CO)Basic Telephone ServiceCO X.25/Frame Relay X.25 / Frame Relay Networks NetworksBasic Telephone Service A simplified look inside the WAN cloud The router also uses a WAN central officeInternet Architecture and Protocols, University of education township campus, lahore6 7. PPP over the Internet Today, million of Internet users who need to connect their home PCs to the server of an ISP use PPP The Internet needs a PPP for a variety of purposes, including router-to-router traffic (leased line) and home-user to ISP (dial-up) traffic. Majority users have a traditional modem, DSL modem or a cable modem which connects them to the Internet through a Telephone line or a TV cable connection. These lines provide a physical link, but to control and manage the transfer of data, there is a need of PPPInternet Architecture and Protocols, University of education township campus, lahore7 8. PPP over the Internet For both connections, router-to-router (leased line connections) and home-user to ISP (dial-up connections) some data link protocol is required on the line for: Framing or encapsulation Error control and other data link layer functions If two devices are directly connected to each other, then they are said to be in point-to-point configuration Point-to-point protocol is a data link layer protocol which is used to control the communication over such linksInternet Architecture and Protocols, University of education township campus, lahore8 9. Definition - PPP PPP is defined in 1661. It originally emerged as an encapsulation protocol for transporting IP traffic over point-topoint links. PPP also established a standard for assigning and managing IP addresses asynchronous and synchronous encapsulation network protocol multiplexing link configuration & link quality testing error detection, option negotiation Internet Architecture and Protocols, University of education township campus, lahore9 10. PPP Components Main components of PPP include: Encapsulation/Framing Link Control Protocol (LCP) Network Control Protocol (NCP) These components help PPP to define the frame formats to be exchanged, how the 2 devices will negotiate with each other to establish a link and for exchanging the data, how the link is configured and terminated.Internet Architecture and Protocols, University of education township campus, lahore10 11. 1. Encapsulation It is a method for encapsulating datagrams of network layer over serial links A framing mechanism defines the boundaries of the start and end of the PPP frame It also helps in error detectionInternet Architecture and Protocols, University of education township campus, lahore11 12. EncapsulationInternet Architecture and Protocols, University of education township campus, lahore12 13. 2. Link Control Protocol LCP is used to establish, configure and test the data link connections Its main purpose is: to bring the lines up, test them negotiate options and bringing them gracefully down again when they are no longer needed It supports synchronous and asynchronous circuits LCP configuration options include: Maximum frame size or MTU (maximum transmission unit) Authentication protocol specifications (if any) Options to skip control and address fields of PPP frame PPP negotiates configuration parameters at the start of the connection using LCP. Internet Architecture and Protocols, University of education township campus, lahore13 14. LCP packet encapsulated in a frameInternet Architecture and Protocols, University of education township campus, lahore14 15. LCP Phase: Common options OptionDefaultMaximum receive unit1500Authentication protocolNoneProtocol field compression Address and compressioncontrolOff fieldInternet Architecture and Protocols, University of education township campus, lahoreOff15 16. Link Control Protocol (LCP) LCP is responsible for establishing, maintaining, configuring, and terminating links. It also provides negotiation mechanisms to set options between the two endpoints. Both endpoints of the link must reach an agreement about the options before the link can be established. When PPP is carrying a LCP packet, it is either in establishing or terminating state No user data is exchanged during this state All LCP packets are carried in the data field of the PPP frame Internet Architecture and Protocols, University of education township campus, lahore16 17. Link Control Protocol (LCP) LCP frames are categorized into 3 classes Link establishment frames Link terminating frames Link maintenance frames Options There are many options that can be negotiated between the two endpoints. Options are inserted in the information field of the configuration packetsInternet Architecture and Protocols, University of education township campus, lahore17 18. LCP packets and their codes CodePacket TypeDescription0116Configure-requestContains the list of proposed options and their values0216Configure-ackAccepts all options proposed0316Configure-nakAnnounces that some options are not acceptable0416Configure-rejectAnnounces that some options are not recognized0516Terminate-requestRequests to shut down the line0616Terminate-ackAccepts the shut down request0716Code-rejectAnnounces an unknown code0816Protocol-rejectAnnounces an unknown protocol0916Echo-requestA type of hello message to check if the other end is alive0A16Echo-replyThe response to the echo-request message0B16Discard-requestA request to discard the packetInternet Architecture and Protocols, University of education township campus, lahore18 19. PPP AuthenticationInternet Architecture and Protocols, University of education township campus, lahore19 20. Authentication Protocols The term authentication refers to a set of security functions that help one device ensure that it is communicating with the correct other device PPP use two authentication protocols Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP)Internet Architecture and Protocols, University of education township campus, lahore20 21. Password Authentication Protocol Password Authentication Protocol (PAP) PAP sends the username and password in clear text. The user who wants to access a system sends username and password The system checks the validity of the username and password and either accepts or denies connection. For those systems that require greater security, PAP is not enough; a third party with access to the link can easily pick up the password and access the system resources Internet Architecture and Protocols, University of education township campus, lahore21 22. Password Authentication ProtocolInternet Architecture and Protocols, University of education township campus, lahore22 23. Selecting a PPP Authentication ProtocolInternet Architecture and Protocols, University of education township campus, lahore23 24. Challenge Handshake Authentication Protocol Challenge Handshake Protocol (CHAP)Authentication It is a three handshaking authentication protocol that provides greater security that PAP. In this method the password is kept secret, it is never sent online. The system sends to the user a challenge packet containing a challenge value, usually a few byte. The user applies a predefined function (Message Digest-5, one way hash function) that takes the challenge value and the users own password and creates a result. The user sends the result in the response packet to the system Internet Architecture and Protocols, University of education township campus, lahore24 25. CHAP Challenge Handshake Protocol (CHAP)Authentication The system does the same. It applies the same function to the password of the user (known to the system) and the challenge value to create a result. If the result created the same as the result in the response packet, access is granted; otherwise it is denied CHAP is more secure than PAP, especially if the system continuously changes the challenge value. Even if the intruder learns the challenge value and the result, the password is still secret. CHAP authentication is difficult to break Internet Architecture and Protocols, University of education township campus, lahore25 26. CHAPInternet Architecture and Protocols, University of education township campus, lahore26 27. Selecting a PPP Authentication ProtocolInternet Architecture and Protocols, University of education township campus, lahore27