PPP

Point to Point Protocol

Agenda Page 1 Client Logo

 AGEND
A
• INTRODUCTION

• PPP COMPONENTS

• GENERAL OPERATIONS

• STATES , EVENTS AND ACTIONS

• PPP GENERAL FRAME FORMAT

• INDIVIDUAL PPP PROTOCOLS

Agenda Page 2 Client Logo

 INTRODUCTION

 PPP defines a complete method for robust data link connectivity

between units using serial lines or other physical layers.

 Point-to-Point Protocol (PPP) has become the predominant protocol

for modem-based access to the Internet.

 PPP runs at the Datalink layer (ISO layer 2), providing symmetric,
peer-to-peer connections utilizing encapsulation, transmission
and link management services for the upper layer network protocols

Agenda Page 3 Client Logo

• Capabilities and features
- Error detection
- Compression
- Authentication
- Encryption
- Assignment and management of IP addresses

• PPP –advantageous
• Operate Synchronous and asynchronous links ,

but the links should be Full – Duplex.

• Designed to work with several network layer
protocols, such as, IP, IPX and AppleTalk protocol

Agenda Page 4 Client Logo

 PPP
COMPONENTS

PPP components

PPP Family Protocol Information

ATCP | BACP | BAP | BCP | BSD | BVCP | CCP | CHAP | DESE | DNCP | ECP | IPCP |
IPHC | IPv6CP | IPXCP | L2F | L2TP | LCP | LQR | LZS | MPPC | MultiPPP | NBFCP |
OSINLCP | PAP | PPP | PPP-BPDU | PPTP | SDCP | SNACP

Agenda Page 5 Client Logo

 GENERAL OPERATIONS
 GENERAL OPERATION
- LCP packet -- configure & test data link
- Authentication – PAP / CHAP
- NCP packet -- choose &configure
- Links remain until explicitly terminated

Agenda Page 6 Client Logo

 PHASES OF PPP
1. Link Dead
 Link necessarily begins and ends with this phase.

2. Link Establishment Phase

 Establish the connection through an exchange of Configuration packets
 LCP Open state entered, once a Configure-Ack packet has been both sent and received.
 All Configuration Options are assumed to be at default values.

3. Authentication Phase
 To authenticate peer before allowing network-layer protocol packets to be exchanged.
 By default authentication is not mandatory.
 SHOULD take place as soon as possible after link establishment.
 Authentication fails—Link termination phase .

4. Network-Layer Protocol Phase

 Network-layer protocol (such as IP, IPX, or AppleTalk) MUST be separately configured by the
appropriate Network Control Protocol (NCP).

5. Link Termination Phase

 LCP is used to close the link through an exchange of Terminate packets.
 Loss of carrier, authentication failure, link quality failure, the expiration of an idle-period timer,
or the administrative closing

Agenda Page 7 Client Logo

PPP LINK OPERATION

Agenda Page 8 Client Logo

PPP WORKING

Agenda Page 9 Client Logo

 TIMERS AND COUNTERS

Restart Timer
The Restart timer is used to time transmissions of Configure-Request and Terminate-Request
packets. Expiration of the Restart timer causes a Timeout event, and retransmission of the
corresponding Configure-Request or Terminate-Request packet.

Max-Terminate
There is one required restart counter for Terminate-Requests. Max-Terminate indicates the
number of Terminate-Request packets sent without receiving a Terminate-Ack before assuming
that the peer is unable to respond.

Max-Configure
Max- Configure indicates the number of Configure-Request packets sent without receiving a
valid Configure-Ack, Configure-Nak or Configure-Reject before assuming that the peer is
unable to respond

Max-Failure
Max-Failure indicates the number of Configure-Nak packets sent without sending a Configure-
Ack before assuming that configuration is not converging

Agenda Page 10 Client Logo

 STATES

 Initial---In the Initial state, the lower layer is unavailable (Down), and no Open has occurred. The
Restart timer is not running in the Initial state.

 Starting---The Starting state is the Open counterpart to the Initial state.Lower layer is still
unavailable (Down). The Restart timer is not running in the Starting state. When the lower layer
becomes available (Up), a Configure-Request is sent

 Closed---link is available (Up), but no Open has occurred. The Restart timer is not running in the
Closed state.Upon reception of Configure-Request packets, a Terminate-Ack is sent.

 Stopped---Open counterpart to the Closed state. It is entered when the automaton is waiting for a
Down event after the This-Layer-Finished action, or after sending a Terminate-Ack. The Restart
timer is not running in the Stopped state.

 Closing---An attempt is made to terminate the connection. A Terminate-Request has been sent and
the Restart timer is running, but a Terminate-Ack has not yet been received. Upon reception of a
Terminate-Ack, the Closed state is entered. Restart timer has expired Max-Terminate times, the
Closed state is entered.

Agenda Page 11 Client Logo

 STATES contd…

 Stopping---Open counterpart to the Closing state. A Terminate-Request has been sent and the
Restart timer is running, but a Terminate-Ack has not yet been received.

 Request-Sent---An attempt is made to configure the connection. A Configure-Request has been

sent and the Restart timer is running, but a Configure-Ack has not yet been received.

 Ack­Received­­­A Configure­Request has been sent and a Configure­
Ack has been received. 

 Ack­Sent­­­A Configure­Request and a Configure­Ack have both been 
sent.

 Opened­­­A Configure­Ack has been both sent and received. The 
Restart timer is not running. When entering the Opened state, the 
implementation SHOULD signal the upper layers that it is now Up. 
Conversely, when leaving the Opened state, the implementation 
SHOULD signal the upper layers that it is now Down.

Agenda Page 12 Client Logo

 EVENTS

Transitions and actions in the automaton are caused by events.

 Up­­­ This event occurs when a lower layer indicates that it is 
ready to carry packets.

 Down­­­This event occurs when a lower layer indicates that it is no 
longer ready to carry packets.

 Open­­­ Link  is administratively available for traffic; that is, 
the link is allowed to be Opened. When this event occurs, and the 
link is not in the Opened state, the automaton attempts to send 
configuration packets to the peer.

 Close­­­Link is not available for traffic; that is, the link is not 
allowed to be Opened. When this event occurs, and the link is not 
in the Closed state, the automaton attempts to terminate the 
connection.

 Timeout (TO+,TO­)­­­Indicates the expiration of the Restart timer. 
The Restart timer is used to time responses to Configure­Request 
and Terminate­Request packets.The TO+ event indicates that the 
Restart counter continues to be greater than zero, which triggers 
the corresponding Configure­ Request or Terminate­Request packet to 
be retransmitted. The 
Agenda Page 13 Client Logo
TO­ event indicates that the Restart counter is not greater than 
 EVENTS contd…

 Receive­Configure­Request (RCR+,RCR­)­­­Occurs when a Configure­
Request packet is received from the peer. Indicates the desire to 
open a connection and may specify Configuration Options. The RCR+ 
event < ­­ > Configure­Request was acceptable, and triggers the 
transmission of a corresponding Configure­Ack. The RCR­ event < ­­ 
> Configure­Request was unacceptable, and triggers the transmission 
of a corresponding Configure­Nak or Configure­Reject.

 Receive­Configure­Ack (RCA)­­­This event occurs when a valid 
Configure­Ack packet is received from the peer. The Configure­Ack 
packet is a positive response to a Configure­Request packet.

 Receive­Configure­Nak/Rej (RCN)­­­This event occurs when a valid 
Configure­Nak or Configure­Reject packet is received from the peer. 
The Configure­Nak and Configure­Reject packets are negative 
responses to a Configure­ Request packet. Receive­

 Terminate­Request (RTR)­­­This event occurs when a Terminate­
Request packet is received. The Terminate­Request packet indicates 
the desire of the peer to close the connection.

Agenda Page 14 Client Logo

 EVENTS contd…

 Receive­Terminate­Ack (RTA)­­­Occurs when a Terminate­Ack packet is 
received from the peer. The Terminate­Ack packet is usually a 
response to a Terminate­Request packet. The Terminate­Ack packet 
may also indicate that the peer is in Closed or Stopped states.

 Receive­Unknown­Code (RUC)­­­Occurs when an un­interpretable packet 
is received from the peer. A Code­Reject packet is sent in 
response.

 Receive­Code­Reject, Receive­Protocol­Reject (RXJ+,RXJ­)­­­Occurs  
when a Code­Reject or a Protocol­Reject packet is received from the 
peer.The RXJ+ event arises when the rejected value is acceptable, 
such as a Code­Reject of an extended code, or a Protocol­Reject of 
a NCP. The RXJ­ event arises when the rejected value is 
catastrophic, such as a Code­Reject of Configure­Request, or a 
Protocol­Reject of LCP! This event communicates an unrecoverable 
error that terminates the connection.

 Receive­Echo­Request, Receive­Echo­Reply, Receive­Discard­
Request(RXR)­­­Occurs when an Echo­Request, Echo­Reply or Discard­
Request packet is received from the peer. The Echo­Reply packet is 
a response to an Echo­Request packet.
Agenda Page 15 Client Logo
 ACTIONS

Actions in the automaton caused by events and typically indicate the 
transmission of packets
and/or the starting or stopping of the Restart timer.

 Illegal­Event (­)­­­This indicates an event that cannot occur in a 
properly implemented automaton. 

 This­Layer­Up (tlu)­­­This action indicates to the upper layers 
that the automaton is entering the Opened state. used by the LCP to 
signal the Up event to a NCP, Authentication Protocol, or Link 
Quality Protocol, or MAY be used by a NCP to indicate that the link 
is available for its network layer traffic.

 This­Layer­Down (tld)­­­Indicates to the upper layers that the 
automaton is leaving the Opened state. used by the LCP to signal 
the Down event to a NCP, Authentication Protocol, or Link Quality 
Protocol, or MAY be used by a NCP to indicate that the link is no 
longer available for its network layer traffic.

 This­Layer­Started (tls)­­­Indicates to the lower layers that the 
automaton is entering the Starting state, and the lower layer is 
needed for the link.
Agenda Page 16 Client Logo
 ACTIONS contd…

 This­Layer­Finished (tlf)­­­Indicates to the lower layers that the 
automaton is entering the Initial, Closed or Stopped states, and 
the lower layer is no longer needed for the link.

 Initialize­Restart­Count (irc)­­­Sets the Restart counter to the 
appropriate value(Max­Terminate or Max­Configure). The counter is 
decremented for each transmission, including the first.

 Zero­Restart­Count (zrc)­­­This action sets the Restart counter to 
zero.

 Send­Configure­Request (scr)­­­A Configure­Request packet is 
transmitted. Indicates the desire to open a connection with a 
specified set of Configuration Options. The Restart timer is 
started when the Configure­Request packet is transmitted, to guard 
against packet loss.

 Send­Configure­Ack (sca)­­­A Configure­Ack packet is transmitted. 
This acknowledges the reception of a Configure­Request packet.

 Send­Configure­Nak (scn)­­­This negative response reports the 
reception of a Configure­Request packet with an unacceptable set of 
Agenda Page 17 Client Logo
Configuration Options.
 ACTIONS contd…

 Send­Terminate­Request (str)­­­A Terminate­Request packet is 
transmitted. This indicates the desire to close a connection. 

 Send­Terminate­Ack (sta)­­­A Terminate­Ack packet is transmitted. This 
acknowledges the reception of a Terminate­Request packet .

 Send­Code­Reject (scj)­­­A Code­Reject packet is transmitted. This 
indicates the reception of an unknown type of packet.

 Send­Echo­Reply (ser)­­­An Echo­Reply packet is transmitted. This 
acknowledges the reception of an Echo­Request packet.

Agenda Page 18 Client Logo

STATE TRANSITION
DIAGRAM
LAYER OPERATION

Agenda Page 19 Client Logo

PPP GENERAL FRAME
FORMAT

Agenda Page 20 Client Logo

 LCP—LINK CONTROL PROTOCOL

 PPP is about links, and LCP is about controlling those links.

 Three classes of LCP packets

- Link Configuration - to establish and configure a link (Configure-Request, Configure-Ack,
Configure-Nak and Configure-Reject).
- Link Termination - terminate a link (Terminate-Request and Terminate-Ack).
- Link Maintenance packets - manage and debug a link (Code-Reject, Protocol-Reject, Echo-Request,
Echo-Reply and Discard-Request).

LCP PACKET FORMAT

Code Identifier Length Options

Agenda Page 21 Client Logo

 CODE FIELD VALUES

Code Packet Type Description

0116 Configure-request Contains the list of proposed options and their values

0216 Configure-ack Accepts all options proposed

0316 Configure-nak Announces that some options are not acceptable
0416 Configure-reject Announces that some options are not recognized

0516 Terminate-request Requests to shut down the line

0616 Terminate-ack Accepts the shut down request

0716 Code-reject Announces an unknown code
0816 Protocol-reject Announces an unknown protocol

0916 Echo-request A type of hello message to check if the other end is alive

0A16 Echo-reply The response to the echo-request message

0B16 Discard-request A request to discard the packet Agenda Page 22 Client Logo
LINK CONFIGURATION OPTIONS
Configuration option format

Type Length Data

Type - The Type field is one octet, and indicates the type of Configuration Option.

Length - Field is one octet.

Includes type,length and data fields.
Data - field is zero or more octets.
Contains information specific to configuration options.
0 Reserved

1 Maximum- receive-unit

3 Authentication-protocol

4 Quality-protocol

5 Magic-number

7 Protocol-field compression

8 Address & control field compression

Agenda Page 23 Client Logo

 AUTHENTICATION
PROTOCOL

Authentication is not mandatory . If required there are two different protocols

used for the purpose of authentication during PPP set up

• PAP – Password Authentication Protocol

• CHAP – Challenge Handshake Authentication Protocol

Agenda Page 24 Client Logo

 Password Authentication Protocol

 The Password Authentication Protocol (PAP) provides a simple method for the peer to establish
its identity using a 2-way handshake.

 This is done only upon initial link establishment.

 After the Link Establishment phase is complete, an Id/Password pair is repeatedly sent by the
peer to the authenticator until authentication is acknowledged or the connection is terminated.

Packet format: PAP

Code(1) Identifier(1) Length(2)
Data…

Code: 1- Auth-req, 2-Auth-Ack, 3-Auth-Nak

Configuration Option format

Type(1) Length(1) Authentication Protocol(2)

Agenda Page 25 Client Logo

 PAP cont’d…

• PAP

Agenda Page 26 Client Logo

Challenge Handshake Authentication
Protocol
 The Challenge-Handshake Authentication Protocol (CHAP) is used to periodically
verify the identity of the peer using a 3-way handshake.

 CHAP provides protection against playback attack through the use of an

incrementally changing identifier and a variable challenge value.

 This authentication method depends upon a "secret" known only to the

authenticator and that peer. The secret is not sent over the link.

Packet format: CHAP

Code(1) Identifier(1) Length(2)
Data…
Code: 1- Challenge, 2- Response, 3- Success, 4- Failure.

Configuration Option format

Type(1) Length(1) Authentication Protocol(2)
Algorithm
Type: 3 Length: 5 Authentication Protocol: c223(hex)
Agenda Page 27 Client Logo
 CHAP cont’d…

challenge

MD 5 challenge

Hash value
MD 5

Hash value
Compare

 Protocol:
1. After the Link Establishment phase is complete, the authenticator sends a
"challenge" message to the peer.
2. The peer responds with a value calculated using a "one-way hash" function.
3. The authenticator checks the response against its own calculation of the
expected hash value. If the values match, the authentication is acknowledged;
otherwise the connection SHOULD be terminated.

Agenda Page 28 Client Logo

CHAP cont’d…

Agenda Page 29 Client Logo

 NETWORK CONTROL
PROTOCOL

- The Network Control Protocol (NCP) phase in the PPP link connection
process is used for establishing and configuring different network-layer
protocols such as IP, IPX or AppleTalk.

- After a NCP has reached the Opened state, PPP will carry the corresponding
network-layer protocol packets. Any supported network-layer protocol packets
received when the corresponding NCP is not in the Opened state MUST be
silently discarded.

- During this phase, link traffic consists of any possible combination of LCP,
NCP, and network-layer protocol packets.

- The most common layer 3 protocol negotiated is IP. The routers

exchange IP Control Protocol (IPCP) messages negotiating options
specific to the protocol

Agenda Page 30 Client Logo

PPP NETWORK CONTROL PROTOCOL
FOR IP
 The IP Control Protocol (IPCP)  Used for  configuring,enabling, 
and disabling the IP protocol modules on both ends of the point­to­
point link. It is an NCP protocol
 IPCP  Has same packet exchange mechanism as the Link Control 
Protocol (LCP). 
 IPCP packets exchanged after PPP has reached the Network­Layer 
Protocol phase.
 LCP performs the basic link setup, and after (optional) 
authentication, invokes a Network Control Protocol (NCP) 
 The NCP conducts a negotiation.

FRAME FORMAT

Agenda Page 31 Client Logo

 IPCP

                                      
1. Data Link Layer Protocol Field
One IPCP packet is encapsulated in the Information field of PPP Data Link Layer frames.
2. Code field
Codes 1 through 7 are used.
CODE IPCP PACKET

01 Configure-request

02 Configure-ack

03 Configure-nak

04 Configure-reject

05 Terminate-request

06 Terminate-ack

07 Code-reject

1. Timeout
           IPCP packets may not be exchanged until PPP has reached the 
Network­Layer protocol phase.
3. Configuration Option Types
  IPCP has a distinct set of Configuration Options.
Agenda Page 32 Client Logo
CONFIGURATION OPTIONS

IPCP COFIGURATION OPTIONS

- Allow negotiation of desirable Internet Protocol parameters.

 IP-Compression-Protocol: Allows devices to negotiate the use of something called “Van Jacobson
TCP/IP header compression”. This compresses the size of TCP and IP headers to save bandwidth.
Thus, this is similar in concept to the Protocol-Field-Compression and Address-and-Control-Field-
Compression (ACFC) options in LCP.

 IP-Address: Allows the device sending the Configure-Request to either specify an IP address it
wants to use for routing IP over the PPP link, or to request that the other device supply it with one.
This is most commonly used for dial-up networking links.

Agenda Page 33 Client Logo

 PPP ENCAPSULATION
PPP uses the High-Level Data Link Control (HDLC) protocol as a basis for encapsulating
datagrams over point-to-point links.
The PPP encapsulation is used to disambiguate multiprotocol datagrams. This
encapsulation requires framing to indicate the beginning and end of the encapsulation .

PROTOCOL FIELD
– "0***" to "3***" -- Identify the network layer protocol of specific packets.
– "8***" to "b***" -- Packets belonging to the associated network control protocols
– "4***" to "7***" -- Protocols with low volume traffic have no associated
NCP.
– "c***" to "f***" --- Link layer control protocols (such as LCP).
INFORMATION FIELD
– Contains the datagrams for the protocol specified in the Protocol field
– Maximum length –1500 octets(MRU)
PADDING
– Information field may be padded with an arbitrary number of octets up to the MRU
Agenda Page 34 Client Logo
 PPP SETUP

Establish connection: PPP link MUST first send LCP

packets to configure and test the data link.

Authenticate Users: User Name & password

Authenticate

PPP send NCP packets to configure Network Layer Protocol, then

Transmit Data
DATA Protocol Header PPP

PPP Protocol Header DATA

Agenda Page 35 Client Logo