Table of contents
Overview of PPP agreement
Point-to-Point Protocol (PPP) : The PPP protocol is the most widely used protocol for point-to-point access . The PPP protocol is actually a protocol family that includes multiple protocols (LCP, NCP, etc.).
Composition of PPP agreement
The PPP protocol has three components: (1) A method of
transmitting datagrams encapsulating multiple protocols to a serial link .
(2) Link Control Protocol (Link Control Protocol, LCP) , the LCP protocol is a part of the PPP protocol. It is used to establish, configure, and test data link connections.
(3) A set of network control protocols (Network Control Protocol, NCP) , NCPs are a series of protocols used to establish and configure different network layer protocols. Each NCP protocol supports different network layer protocols, such as IP protocol, OSI network layer, Apple's Apple Talk, etc.
Frame format of PPP protocol
The following figure shows the various fields of the PPP frame:
flag field
Flag (flag) : The first field of the header and the last field of the tail are flag fields F (flag), and the specified value is expressed as: 0x7E = 01111110 in hexadecimal . The flag field is the delimiter of the PPP frame. There is only one flag field between two consecutive frames . If the value of the flag field happens to appear in the data field, byte padding is required in the data field to eliminate this ambiguity.
The PPP protocol can be applied in asynchronous transmission or synchronous transmission . The asynchronous transmission is transmitted in units of bytes, and the synchronous transmission is transmitted in units of bits. Therefore, the filling method is also divided into byte filling and bit filling .
byte stuffing
Byte stuffing (byte stuffing) : When PPP uses asynchronous transmission , if the same byte (0x7E) as the flag field appears in the information field, byte stuffing is required. The core idea is to fill the escape in front of the byte character (escape character, ESC) .
The rules of PPP protocol byte filling are shown in the figure below:
The rules are as follows:
- When the byte 0x7E of the flag field appears in the information field, the PPP protocol will change 0x7E to 0x5E, and add the specified escape character 0x7D in front , that is, change 0x7E to 0x7D5E .
- If the transition character 0x7D itself appears in the frame, it is replaced with the 2-byte sequence 0x7D5D, turning 0x7D into 0x7D5E . That is, first change 0x7D to 0x5D, and then add a 0x7D in front.
- If the control character of ASCII code appears in the information field (that is, the character whose value is less than 0x20 = less than 32 in decimal), add 0x20 to the byte, such as 0x03 (the end of transmission control character ETX of ASCII code ) becomes 0x23. Then add the escape character 0x7D in front. Taking 0x03 as an example, it becomes the character sequence 0x7D23 .
When the receiving point receives the filled frame, it takes the opposite transformation to restore the data information before filling.
bit stuffing
Bit stuffing : When the PPP protocol is used in links such as synchronous optical fiber networks, it will use synchronous transmission (transmitting a series of bits continuously instead of transmitting in units of bytes). At this time, the PPP protocol uses bit stuffing.
The rules for bit stuffing in the PPP protocol are shown in the figure below:
The rules are as follows:
- The sender will scan the entire data field (implemented by hardware), and as long as it finds 5 consecutive 1s, it will immediately fill in a 0. This ensures that 6 consecutive 1s will not appear in the data field, and the same bit combination as 0111 1110 in the flag field will not appear.
- After receiving the frame, the receiver first finds the flag field of the header, and then uses hardware to scan the subsequent bit stream. Whenever 5 consecutive 1s are found, the 0s after the 5 1s are deleted, which is the reverse operation. The data fields are restored. After encountering the flag field of 0111 1110 again, it means that the whole frame is over.
Transparent transmission
Whether it is byte stuffing (also called character stuffing) or bit stuffing, the goal is to achieve transparent transmission .
Transparent transmission : During the transmission process, no matter what kind of bit combination the transmitted data is, it can be transmitted normally on the link. For data, the transmission link seems to be transparent and non-existent. It is just a channel that can transmit data without any influence or restriction on the data itself.
For example, sending a letter is a transparent transmission. You only need to put the letter in the mailbox. As for how the letter reaches your receiving address, you don't need to know.
The PPP protocol uses byte stuffing or bit stuffing to eliminate the situation that a certain byte in the data field happens to be the same as the bit combination of the special flag field, so that the data field of the upper layer protocol can use any bit combination. The PPP protocol is also a transparent transmission .
address field and control field
Address field (address) and control field (control) : Both refer to the format of the address and control fields of the HDLC protocol . However, these two fields are not currently used in PPP.
The address field originally indicated which station was handling it, but PPP has only one destination, so the address field is set to a fixed value of 0xFF (meaning all stations) .
The control field is used to indicate the frame sequence and retransmission behavior (applied to reliable transmission), but the reliability of the link layer does not rely on the simple PPP protocol. So the control field is set to a fixed value of 0x03 . In actual transmission, an option called address and control field compression
(ACFC) is often used to omit them, that is, the sender and receiver will agree to eliminate these 2 bytes.
protocol field
Protocol field (protocol) : The protocol field indicates the protocol type of the data field carried by PPP. The PPP protocol can carry multiple protocols, so the protocol field is required to determine the protocol type used by the data field. Including various network layer protocols, NCP protocol and LCP protocol.
This field defaults to 2 bytes , but an option called Protocol Field Compression (PFC) can be used to compress the protocol field to 1 byte through negotiation between the two parties when the link is established .
When the value of the protocol field is 0x0021, the information field of PPP is the IP datagram.
When the value of the protocol field is 0xC021, the information field is the LCP packet.
When the value of the protocol field is 0x8021, the information field is the IPCP protocol packet of the NCP.
When the value of the protocol field is 0xC023, the information field is the PAP authentication protocol.
When the value of the protocol field is 0xC223, the information field is the CHAP authentication protocol.
valid data section
The data field is the payload information of the PPP protocol, and its length is variable, not exceeding 1500 bytes at most.
Frame Check Sequence FCS Field
Frame Check Sequence (Frame Check Sequence, FCS) : The FCS field is used for error detection, so that the receiver can know whether the received frame has an error. It can only detect errors, not correct them.
The error detection of PPP uses the cyclic redundancy check (CRC) algorithm. If you want to understand the CRC algorithm, you can read my blog post: Cyclic Redundancy Check CRC
The FCS of a PPP frame is generally a 16-bit generator polynomial (called CRC-16, which is x 16 x^{16}x16+ x 12 x^{12} x12+ x 5 x^{5} x5 +1 = 1 0001 0000 0010 0001). And through negotiation,the LCP option can extend the FCS to 32 bits, using the 32-bit generating polynomialCRC-32.
Therefore, the FCS field of the PPP frame is 2 or 4 bytes .
Working Status of PPP Protocol
The connection of the link needs to be completed in stages, including: idle, establishment, authentication, networking, opening, termination and then idle again.
The protocol of the PPP protocol data field is different at each stage. Only by understanding each stage of link connection can we fully understand the working mode of PPP.
- Idle : The link is not being used at this time. There is no connection between the physical layer and the link layer between the sender and the receiver (for example, the individual user has not connected to the local ISP at the beginning).
- Establishment : If both parties want to establish a link, they first need to enter the establishment phase. At this stage , the LCP protocol will work (that is, the PPP frame will encapsulate the LCP protocol, and the two parties will complete the establishment work by exchanging the PPP frame containing the LCP protocol). The sender will exchange LCP packets with the receiver to negotiate the configuration of some options (such as the payload size of the frame, whether to compress the PPP protocol field, etc.). (Strictly speaking, the establishment phase requires both the physical layer and the data link layer to work at the same time. The sender sends the carrier signal of the physical layer first, and then negotiates the options required for the link layer connection after the physical layer connection is established. configuration).
- Authentication : The authentication phase is optional. The main purpose is to identify the identity of the sender. According to the identity information such as the ID and password of the authentication message, the receiver decides whether to communicate with the sender. If the identity of the sender is recognized by the receiver, it will enter the networking stage, otherwise it will directly enter the termination stage. Commonly used authentication protocols are the PAP protocol and the CHAP protocol .
- Networking : The networking stage is the negotiation of network layer protocols. It is accomplished through the corresponding network control protocol NCP . Because the PPP protocol supports multiple network layer protocols, both parties must determine which network layer protocol to exchange before datagram transmission, and the relevant regulations of the corresponding network layer protocol must also reach an agreement. For example, if the PPP protocol needs to encapsulate IP datagrams, it is necessary to configure the modules required for exchanging IP datagrams on both sides. The two parties will exchange the IP control protocol IPCP to complete the configuration work.
- Open : At the opening stage, the relevant configuration of the connection is completed, and the two parties can formally exchange data packets. Both parties can transmit data until the connection is terminated. During the opening phase, both parties can also exchange echo request and echo reply LCP packets to check the connection status of the link.
- Termination : If the two parties do not need to exchange data packets, they can use the LCP protocol to complete the operation of terminating the connection. The two parties will exchange the relevant LCP packets used to terminate the connection to close the link.
How to convert each phase of the PPP protocol can refer to the following figure:
LCP protocol
Link Control Protocol LCP (Link Control Protocol) : The LCP protocol is used to establish, test, monitor, and terminate link connections. During the establishment phase and termination phase of PPP work, the establishment and termination of the link must be controlled by exchanging LCP packets. In the opening stage of PPP work, not only the message of the network layer can be sent, but also the echo request and echo reply packet of LCP can be sent to test whether the link is connected normally.
The message format of the LCP protocol is shown in the following figure:
coding
Encoding : The encoding field is 1 byte, which is used to determine the type of LCP packet. Different types of LCP packets play different roles in different stages of link connection.
| coding | grouping type | illustrate |
|---|---|---|
| 0x01 | configuration request | list containing suggested options and their values |
| 0x02 | configuration confirmation | Accept all suggested options |
| 0x03 | configuration not confirmed | Advise that certain options cannot be accepted |
| 0x04 | configuration reject | tell some options are not recognized |
| 0x05 | terminate request | request to close the line |
| 0x06 | Termination of confirmation | accept close request |
| 0x07 | encoding rejection | tell an unknown encoding |
| 0x08 | Agreement rejected | announce an unknown protocol |
| 0x09 | echo request | A call message to detect whether the other end is active |
| 0x0A | echo reply | Response to echo request message |
| 0x0B | drop request | drop packet request |
As shown in the table above, LCP grouping types can be divided into 3 categories:
- In the establishment phase, both parties negotiate on option configurations (the first 4 types).
- In the termination phase, it is used for link termination (types 5 and 6).
- In the opening phase, it is used for link testing and debugging.
logo
Identification (identification, ID) : Because LCP packets often appear in pairs. For example, the sender sends a configuration request LCP packet, and the receiver may reply with a corresponding configuration confirmation LCP packet. The identifier is used to match request and response groups together.
First, the sender will provide the serial number, which will be incremented every time a message is sent (so that the ID of the sender’s LCP message is different), and when the receiver generates the corresponding response message, the ID field of the message will be copied ID of the request packet. In this way, after receiving the response message, the requester can match the message by checking whether the identification fields are the same.
length
Length : The length field gives the byte length of the LCP packet, which cannot exceed the link's Maximum Acceptance Unit (MRU).
options
The LCP protocol is often used in the stage of link establishment and connection, which allows both parties to negotiate the configuration of options. The options are not in the header of the LCP, but in the data part of the LCP. The data field of LCP is divided into three sections: option type, option length and option value. Here are some of the most common options:
| options | Defaults |
|---|---|
| Maximum acceptance unit | 1500 |
| authentication protocol | none |
| Protocol Field Compression | closure |
| Address and Control Field Compression | closure |
authentication protocol
The PPP protocol encapsulates an authentication protocol (Authentication protocol, AP) during the authentication phase . The role of authentication is to allow the receiver to identify the identity of the sender. PPP has two authentication protocols: password authentication protocol and inquiry handshake authentication protocol .
Password Authentication Protocol PAP
Password Authentication Protocol (Password Authentication Protocol, PAP) : This is a very simple authentication protocol. Its value in the protocol field of PPP is: 0xC023 . The sender needs to provide an authentication identity (usually a user name) and a password (commonly known as a password), and the receiver will check the validity of the identity and password to decide whether to accept the connection.
Query handshake authentication protocol CHAP
Query Handshake Authentication Protocol (Challenge Handshake Authentication Protocol, CHAP) : CHAP uses a three-step handshake authentication method, which does not need to transmit a password. The password is initially known to both the sender and receiver. Its value in the protocol field of PPP is: 0xC223 .
1. The receiver will give the sender a query packet containing the query value.
2. The sender generates a result according to the query packet combined with the password, and sends the result to the receiver as a response packet.
3. The receiver also generates a result in the same way. If it is consistent with the result of the sender, the access is allowed; otherwise, the access is denied.
This is actually a very simple principle of cryptography, which is much safer than the PAP protocol. Because the password is never transmitted over the link.
Network Control Protocol NCP
Network Control Protocol (Network Control Protocol, NCP) : This is actually a combination of protocols, with multiple NCP protocols. Because the PPP protocol supports multiple network layer protocols, such as IP protocol, Xerox protocol, etc., each network layer protocol needs to configure relevant information for the corresponding network control protocol before sending datagrams. For example, before an IP datagram is transmitted at the link layer, the IPCP protocol needs to configure a link for carrying the IP datagram.
Since the IP datagram is very important, I will focus on the IPCP protocol for configuring network information for it.
IPCP protocol
Internet Protocol Control Protocol (Internet Protocol Control Protocol, IPCP) : The value of the protocol field of the IPCP protocol in the PPP is 0x8021.
Its header is similar to the LCP packet, and also has a coding field, an identification field, and a length field. Its data field also contains variable IPCP information.
There are 7 types of encoding fields, ranging from 0x01 to 0x07, and each encoding corresponds to a different function.
The link layer needs to transmit IP datagrams, and the IPCP protocol must be used to configure the network layer information. After the two parties reach an agreement, they can enter the open state and transmit IP datagrams normally.