1. Introduction to PPP agreement
PPP (Point-to-Point Protocol) is a data link layer protocol used to establish a point-to-point data communication connection between two nodes. The PPP protocol is a member of the TCP/IP protocol family. It can transmit IP data packets on the serial communication line and supports various network layer protocols, such as IP, IPX, AppleTalk, etc. The PPP protocol defines a whole set of protocols, including five states of connection establishment, LCP protocol, Authenticate verification protocol, Network network layer protocol, etc.
2. Five states of PPP connection establishment
During the process of establishing a PPP connection, there are five states, namely:
1. Dead state: the initial state, which means no connection has been established.
2. Waiting state (Establishing): Indicates that the connection is being established, the sender sends an LCP protocol message, and the receiver replies with an LCP protocol message.
3. Authentication state (Authenticate): optional state, indicating that authentication is in progress, the sender sends an authentication request message, and the receiver replies with an authentication response message.
4. Network layer negotiation status (Network): Indicates that the network layer negotiation is in progress, the sender sends an IPCP protocol message, and the receiver replies with an IPCP protocol message.
5. Opened state (Opened): Indicates that the connection has been established and data transmission can be performed.
3. Introduction to LCP
LCP (Link Control Protocol) is an important protocol in the PPP protocol, which is used to establish a connection between two nodes. The LCP protocol defines a series of packet types and states, which are used to negotiate connection parameters, such as the maximum transmission unit (MTU), protocol version, and authentication mode.
1. LCP packet type
There are three types of LCP packets:
1. Configure-Request message (Configure-Request): The sender requests the receiver to negotiate the value of a certain parameter.
2. Configuration response message (Configure-Ack): The receiver replies to the sender's request and agrees to negotiate the value of a certain parameter.
3. Configure-Nak message (Configure-Nak): The receiver replies to the sender's request, refuses to negotiate the value of a certain parameter, and provides an alternative value.
2. LCP negotiation message exchange process
The LCP negotiation packet exchange process is as follows:
1. The sender sends a configuration request packet.
2. The receiver replies with a configuration response packet or a configuration rejection packet.
3. If the receiver replies with a configuration reject message, the sender sends the configuration request message again according to the alternative value.
4. If the receiver replies with a configuration response packet, the negotiation is successful.
3. LCP negotiation status
The LCP negotiation status is divided into five types, namely:
1. Initial state (Initial): Indicates that the connection has not been established, and the sender sends a configuration request message.
2. Configuration request sent status (Starting): It means that the sender has sent the configuration request message and is waiting for the receiver to reply.
3. Configuration request received status (Req-Sent): indicates that the receiver has received the configuration request message and is processing it.
4. Configuration Negotiated Status (Ack-Received): It means that the receiver has replied the configuration response message and the sender is processing it.
5. Opened state (Opened): Indicates that the connection has been established and data transmission can be performed.
Four, Authenticate verification stage
The PPP protocol supports two authentication methods, PAP and CHAP.
1. PAP authentication message interaction process
The PAP authentication message exchange process is as follows:
1. The sender sends an authentication request message, including the user name and password.
2. The receiver replies with an authentication response message, indicating the success or failure of the authentication.
2. CHAP authentication message interaction process
The CHAP authentication message exchange process is as follows:
1. The sender sends a challenge request message, including a random number.
2. The receiver replies with a challenge response message, which contains an encrypted random number.
3. The sender encrypts the received random number and password to generate a response message.
4. The receiver verifies whether the response message is correct. If it is correct, the authentication succeeds; otherwise, the authentication fails.
Five, Network network layer negotiation phase
The PPP protocol supports a variety of network layer protocols, such as IP, IPX, AppleTalk, etc. In the negotiation phase of the network layer, the IPCP protocol is used for negotiation.
Introduction to IPCP
IPCP (Internet Protocol Control Protocol) is an important protocol in the PPP protocol, which is used to negotiate network layer parameters such as IP addresses and DNS server addresses between two nodes.
1. IPCP packet type
There are three types of IPCP packets:
1. Configure-Request message (Configure-Request): The sender requests the receiver to negotiate the value of a certain parameter.
2. Configuration response message (Configure-Ack): The receiver replies to the sender's request and agrees to negotiate the value of a certain parameter.
3. Configure-Nak message (Configure-Nak): The receiver replies to the sender's request, refuses to negotiate the value of a certain parameter, and provides an alternative value.
2. IPCP negotiation message exchange process
The IPCP negotiation packet exchange process is as follows:
1. The sender sends a configuration request packet.
2. The receiver replies with a configuration response packet or a configuration rejection packet.
3. If the receiver replies with a configuration reject message, the sender sends the configuration request message again according to the alternative value.
4. If the receiver replies with a configuration response packet, the negotiation is successful.
3. IPCP negotiation status
There are four IPCP negotiation states, namely:
1. Initial state (Initial): Indicates that the connection has not been established, and the sender sends a configuration request message.
2. Configuration request sent status (Starting): It means that the sender has sent the configuration request message and is waiting for the receiver to reply.
3. Configuration request received status (Req-Sent): indicates that the receiver has received the configuration request message and is processing it.
4. Opened state (Opened): Indicates that the connection has been established and data transmission can be performed.
6. PPP message
A PPP packet consists of two parts, namely the PPP header and the data part.
1. PPP header
The PPP header is composed of three fields, which are flag field, address field and control field. The flag field is fixed at 01111110, the address field is fixed at 11111111, and the control field is fixed at 00000011.
2. LCP message format
The LCP message format consists of four fields, namely code field, identifier field, length field and data field. The code field indicates the message type, the identifier field is used to identify the message, the length field indicates the length of the data field, and the data field contains specific negotiation parameters.
3. PAP message format
The PAP authentication message format consists of three fields, namely code field, identifier field and data field. The code field indicates the message type, the identifier field is used to identify the message, and the data field includes a user name and a password.
4. CHAP message format
The CHAP authentication message format consists of four fields, namely code field, identifier field, length field and data field. The code field indicates the message type, the identifier field is used to identify the message, the length field indicates the length of the data field, and the data field contains a challenge request or response random number and an encrypted password.
5. IPCP message format
The IPCP message format is similar to the LCP message format and consists of four fields, namely code field, identifier field, length field and data field. The code field indicates the message type, the identifier field is used to identify the message, and the length field indicates the length of the data field, which contains specific negotiation parameters, such as IP address and DNS server address.
Seven, PPP troubleshooting
In the PPP protocol, common troubleshooting methods include the following:
1. Run the debug command to view the PPP protocol packet exchange process.
2. Check whether the physical connection is normal, such as whether the serial cable is plugged in, whether the serial baud rate is set correctly, etc.
3. Check whether the PPP protocol parameters are set correctly, such as maximum transmission unit (MTU), authentication mode, etc.
4. Check whether the network layer protocol parameters are set correctly, such as IP address, DNS server address, etc.
5. Use network analysis tools, such as Wireshark, to analyze PPP protocol packets to find out where the problem lies.
8. PPP certification
PPP supports multiple authentication methods, including PAP (Password Authentication Protocol) and CHAP (Challenge Handshake Authentication Protocol).
1. PAP authentication: PAP authentication is a simple plaintext authentication method. The client sends the user name and password to the server, and the server performs verification. If the authentication passes, the PPP link is established successfully.
2. CHAP authentication: CHAP authentication is a more secure authentication method, which uses a challenge-response mechanism for authentication. The server sends a random number to the client, the client encrypts the random number with a password and returns it to the server, and the server verifies it. If the authentication passes, the PPP link is established successfully.