The Point-to-Point ProtocolLinux Network Administrators GuidePrevNextChapter 8. The Point-to-Point ProtocolTable of ContentsPPP on LinuxRunning pppdUsing Options FilesUsing chat to Automate DialingIP Configuration OptionsLink Control OptionsGeneral Security ConsiderationsAuthentication with PPPDebugging Your PPP SetupMore Advanced PPP Configurations
Like SLIP, PPP is a protocol used to send datagrams across a
serial connection; however, it addresses a couple of the deficiencies
of SLIP. First, it can carry a large number of protocols and is
thus not limited to the IP protocol. It provides error detection
on the link itself, while SLIP accepts and forwards
corrupted datagrams as long as the corruption does not occur in the
header. Equally important, it lets the communicating sides
negotiate options, such as the IP address and the maximum datagram size
at startup time, and provides client authorization. This built-in
negotiation allows reliable automation of the connection
establishment, while the authentication removes the need for the
clumsy user login accounts that SLIP requires. For each of these
capabilities, PPP has a separate protocol. In this chapter, we briefly
cover these basic building blocks of PPP. This discussion of PPP is
far from complete; if you want to know more about PPP, we urge you to
read its RFC specification and the dozen or so companion
RFCs.[1]
There is also a comprehensive O'Reilly book on the topic
of Using & Managing PPP, by Andrew Sun.
At the very bottom of PPP is the High-Level Data Link
Control (HDLC) protocol, which defines the
boundaries around the individual PPP frames and provides a 16-bit
checksum.[2] As opposed to the more primitive SLIP
encapsulation, a PPP frame is capable of holding packets from
protocols other than IP, such as Novell's IPX or Appletalk. PPP
achieves this by adding a protocol field to the basic HDLC frame that
identifies the type of packet carried by the frame.
The Link Control Protocol, (LCP) is used on top of HDLC
to negotiate options pertaining to the data link. For instance, the
Maximum Receive Unit (MRU), states the maximum
datagram size that one side of the link agrees to receive.
An important step at the configuration stage of a PPP link is client
authorization. Although it is not mandatory, it is really a must for
dialup lines in order to keep out intruders. Usually the called host
(the server) asks the client to authorize itself by proving it knows
some secret key. If the caller fails to produce the correct secret,
the connection is terminated. With PPP, authorization works both
ways; the caller may also ask the server to authenticate
itself. These authentication procedures are totally independent of
each other. There are two protocols for different types of
authorization, which we will discuss further in this chapter: Password Authentication Protocol (PAP)
and Challenge Handshake Authentication Protocol
(CHAP).
Each network protocol that is routed across the data link (like IP and
AppleTalk) is configured dynamically using a corresponding
Network Control Protocol (NCP). To
send IP datagrams across the link, both sides running PPP must first
negotiate which IP address each of them uses. The control protocol
used for this negotiation is the Internet Protocol Control
Protocol (IPCP).
Besides sending standard IP datagrams across the link, PPP also supports
Van Jacobson header compression of IP datagrams. This technique
shrinks the headers of TCP packets to as little as three bytes. It is
also used in CSLIP, and is more colloquially referred to as VJ header
compression. The use of compression may be negotiated at startup time
through IPCP, as well.PPP on LinuxOn Linux, PPP functionality is split into two parts: a kernel component that
handles the low-level protocols (HDLC, IPCP, IPXCP, etc.) and the user space
pppd daemon that handles the various higher-level protocols,
such as PAP and CHAP. The current release of the PPP software for Linux
contains the PPP daemon pppd and a program named
chat that automates the dialing of the remote
system.The PPP kernel driver was written by Michael Callahan and reworked by
Paul Mackerras. pppd was derived from a free PPP
implementation[3] for Sun and 386BSD machines that was written by
Drew Perkins and others, and is maintained by Paul Mackerras. It was
ported to Linux by Al Longyear. chat was written by
Karl Fox.[4]
Like SLIP, PPP is implemented by a special line discipline.
To use a serial line as a PPP link, you first establish the connection
over your modem as usual, and subsequently convert the line to PPP mode.
In this mode, all incoming data is passed to the PPP driver, which checks
the incoming HDLC frames for validity (each HDLC frame carries a 16-bit
checksum), and unwraps and dispatches them. Currently, PPP is able to
transport both the IP protocol, optionally using Van Jacobson header
compression, and the IPX protocol.
pppd aids the kernel driver, performing the
initialization and authentication phase that is necessary before
actual network traffic can be sent across the
link. pppd 's behavior may be fine-tuned
using a number of options. As PPP is rather complex, it is impossible
to explain all of them in a single chapter. This book therefore cannot
cover all aspects of pppd, but only gives you an
introduction. For more information, consult Using & Managing
PPP or the pppd manual pages, and
README s in the pppd
source distribution, which should help you sort out most questions
this chapter fails to discuss. The PPP-HOWTO might also be of use.
Probably the greatest help you will find in configuring PPP will come
from other users of the same Linux distribution. PPP configuration
questions are very common, so try your local usergroup mailing list or
the IRC Linux channel. If your problems persist even after reading the
documentation, you could try the comp.protocols.ppp newsgroup. This is
the place where you can find most of the people involved in
pppd development.Notes[1] Relevant RFCs are listed
in the Bibiliography at the end of this book.[2] In fact, HDLC is a much
more general protocol devised by the International Standards
Organization (ISO) and is also an essential component of the X.25
specification.[3] If you have any general
questions about PPP, ask the people on the Linux-net mailing
list at vger.rutgers.edu.[4] Karl can be reached at
karl@morningstar.com.PrevHomeNextRunning in Server Mode Running pppd
Wyszukiwarka
Podobne podstrony:
x 087 2 ppp authenticationx 087 2 ppp optionsPPP HOWTO pl 6 (2)x 087 2 accounting zeroing counterPPP HOWTO pl 9 (2)x 087 2 cnews miscx 087 2 cnews nfs1 PPP APP Wprowadzenie do zarz środowiskppp faqppp howto 16 apegkq3qoslfyofnhhe5ali6gbxmebdc2e2vdwappp faq 2ppp faq 13x 087 2 mail delivery002 Informacja dla Rodziców – Lista dokumentów na wizytę w PPPx 087 2 masq namelookupsx 087 2 firewall filteringmethodswięcej podobnych podstron