Next


Chapter 8. The Point-to-Point Protocol

Contents:
Untangling the P's
PPP on Linux
Running pppd
Using Options Files
Dialing Out with chat
Debugging Your PPP Setup
IP Configuration Options
Link Control Options
General Security Considerations
Authentication with PPP
Configuring a PPP Server

Untangling the P's

Just like SLIP, PPP is a protocol to send datagrams across a serial connection; however, it addresses a couple of the deficiencies of SLIP. It lets the communicating sides negotiate options such as the IP address and the maximum datagram size at startup time, and it provides for client authorization. For each of these capabilities, PPP has a separate protocol. In this chapter, we will briefly cover these basic building blocks of PPP. This discussion is far from complete; if you want to know more about PPP, you are urged to read its RFC specification, as well as the dozen or so companion RFCs. [1]

[1] The relevant RFCs are listed in the Bibiliography at the end of this book.

At the very bottom of PPP is the High-Level Data Link Control protocol, abbreviated HDLC, [2] which defines the boundaries around the individual PPP frames and provides a 16-bit checksum. As opposed to the more primitive SLIP encapsulation, a PPP frame is capable of holding packets from other protocols than IP, such as Novell's IPX or Appletalk. PPP achieves this by adding a protocol field to the basic HDLC frame that identifies the type of packet carried by the frame.

[2] In fact, HDLC is a much more general protocol devised by the International Standards Organization (ISO).

LCP, the Link Control Protocol, is used on top of HDLC to negotiate options pertaining to the data link, such as the Maximum Receive Unit (MRU), which states the maximum datagram size one side of the link agrees to receive.

An important step at the configuration stage of a PPP link is client authorization. Although it is not mandatory, it is really a must for dialup lines. Usually, the called host (the server) asks the client to authorize itself by proving it knows some secret key. If the caller fails to produce the correct secret, the connection is terminated. With PPP, authorization works both ways; that is, the caller may also ask the server to authenticate itself. These authentication procedures are totally independent of each other. There are two protocols for different types of authorization, which we will discuss further below. They are named Password Authentication Protocol (PAP), and Challenge Handshake Authentication Protocol (CHAP).

Each network protocol that is routed across the data link, like IP, AppleTalk, etc., is configured dynamically using a corresponding Network Control Protocol (NCP). For instance, to send IP datagrams across the link, both PPPs must first negotiate which IP address each of them uses. The control protocol used for this is IPCP, the Internet Protocol Control Protocol.

Besides sending standard IP datagrams across the link, PPP also supports Van Jacobson header compression of IP datagrams. This is a technique to shrink the headers of TCP packets to as little as three bytes. It is also used in CSLIP and is more colloquially referred to as VJ header compression. The use of compression may be negotiated at startup time through IPCP as well.


Next  PPP on Linux


O'Reilly Home