Point-to-point protocol (PPP)
- can detect loop
- link quality monitoring (LQM):
- error detection
- disables link if quality drop lower than threshold
- quality = 100% × (rcvd pkts/bytes)/(sent pkts/bytes)
- reliable data transmission
- authentication: PAP, CHAP
- supports compression
; CHAP, PASS must match on both ends, secret not allowed
(config)# username <NEIGHBOUR_NAME> password <PASS>
; sends CHAP challenge
(config-if)# ppp authentication chap
; responds to CHAP challenge
(config-if)# ppp chap password <PASS>
; off default, LQM,
(config-if)# ppp quality <%>
; payload compression
(config-if)# compress <METHOD>
; request IP address from peer
(config-if)# ip address negotiate
; mask matches value, configured on interface
(config-if)# peer default ip address <IP>
; installs /32 for peer route
(config-if)# peer neighbor-route
PPP frame
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Flag FD | Address | Control | L3 Protocol |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
\ \
/ Data /
\ \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| FCS | Flag FD |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Flag FD: 0x7e
Address: 0xff
Control: 0x03
Multilink PPP (MLPPP)
- splits packet and sends pieces over all member links
- does not use hash to select link – uses all links
- splits the packet even if fragmentation is not required
- CPU intensive
(config)# interface multilink <M>
; period to calculate average values
(config-if)# load-interval <sec>
(config)# interface serial <N>
(config-if)# ppp multilink group <M>
# show ppp multilink
MLPPP header (long sequence number)
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|B|E| 0x00 | Sequence number |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
\ \
/ Data /
\ \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
B: beginning fragment
E: ending fragment
MLPPP header (short sequence number)
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|B|E| 0x00 |Sequence number| Data (variable length) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Link fragmentation and interleaving (LFI)
- fragment size = fragment delay (ms) × BW
- if packet is larger than fragment size → fragment packet
- if packet is equal or smaller than fragment size ≡ small packet
; enable LFI, off default
(config-if)# ppp multilink interleave
; 16 default, n=1 ≡ disable fragmentation
(config-if)# ppp multilink fragment maximum <N>
; 30ms default
(config-if)# ppp multilink fragment delay <ms>
On-demand address pool
- request IP pool via IPCP to distribute it further (≈ DHCP-PD)
IPCP client
(config)# ip dhcp pool <POOL>
(dhcp-config)# import all
(dhcp-config)# origin ipcp
(config-if)# ip address pool <POOL>
(config-if)# ppp ipcp mask request
IPCP server
(config)# ip local pool <POOL> <START> <END>
(config-if)# peer default ip address pool <POOL>
(config-if)# ppp ipcp mask <MASK>
PPPoE
- phases:
- Discovery
- PPPoE active discovery initiation (PADI):
- client-to-server
- bcast
- search for DSL access concentrator (DSL-AC)
- PPPoE active discovery offer (PADO):
- server-to-client
- unicast
- PPPoE active discovery request (PADR):
- client-to-server
- unicast
- PPPoE active discovery session confirmation (PADS):
- server-to-client
- unicast
- passes session ID
- PPPoE active discovery termination (PADT):
- both server and client
- unicast
- tears down connection
- PPPoE active discovery initiation (PADI):
- Session
- Discovery
- VPDN: virtual private dial-up network
- credentials should be stored in NVRAM, otherwise ISP may send Clear and purge entry from config
Client CLI
(config)# interface dialer <N>
(config-if)# encapsulation ppp
(config-if)# mtu 1492
(config-if)# dialer pool <M>
(config-if)# ip address negotiate
(config-if)# ip address pppoe [set-route]
; unidirectional authC
(config-if)# ppp chap hostname <USERNAME>
(config-if)# ppp chap password <PASSWD>
(config)# interface <INTF>
(config-if)# pppoe-client dial-pool-number <M>
Server CLI
(config)# vpdn enable
(config)# vpdn-group <GROUP> request dialout pppoe
(config)# vpdn group <GROUP> ppp authentication <MODE>
(config)# vpdn group <GROUP> localname <USERNAME>
(config)# vpdn username <USERNAME> password <PASSWD> [store-local]
(config-if)# pppoe client vpdn group <GROUP>