111

Chapter 13
PPP
You have studied wide-area network (WAN) technologies. Now it is important to
understand that WAN connections are controlled by protocols that perform the same basic
functions as Layer 2 LAN protocols, such as Ethernet. In a LAN environment, to move
data between any two nodes or routers, a data path must be established, and flow-control
procedures must be in place to ensure delivery of data. This is also true in the WAN
environment. These tasks are accomplished using WAN protocols.
In this chapter, you learn about the basic components, processes, and operations that
define Point-to-Point Protocol (PPP) communication. In addition, this chapter discusses
the use of Link Control Protocol (LCP) and Network Control Program (NCP) frames in
PPP. Finally, you learn how to configure and verify the configuration of PPP, along with
PPP authentication, and you learn to use Password Authentication Protocol (PAP) and
Challenge Handshake Authentication Protocol (CHAP).
Concept Questions

Demonstrate your knowledge of these concepts by answering the following questions in

the space provided.
1. Discuss the difference between LCP and NCP.

LCP is a protocol that provides a method of establishing, configuring, maintaining, and

terminating the point-to-point connection.
NCP is a program that routes and controls the flow of data between a communications
controller and other network resources.
2. Configure the interface for PPP encapsulation.

This will involve encapsulation changes, PAP or CHAP authentication configuration,

compression configuration, and so on.

3. What changes in the router configuration must occur to implement PPP on the
routers?
Interfaces must be configured for PPP encapsulation.
RouterName(config)# interface s0
RouterName(config-if)# encapsulation ppp

4. CHAP provides protection against playback attacks through the use

of a variable challenge value. How and why does this work?

CHAP provides protection against playback attacks through the use of a variable challenge value
that is unique and unpredictable. The use of repeated challenges is intended to limit the time of
 112

exposure to any single attack. The local router (or a third-party authentication server, such as
Netscape Commerce Server) is in control of the frequency and timing of the challenges.

Vocabulary Exercise

Define the following terms as completely as you can. Use the online curriculum or Chapter
13 of the Cisco Networking Academy Program CCNA 3 and 4 Companion Guide for help.

AppleTalk A series of communications protocols designed by Apple Computer

consisting of two phases. Phase 1, the earlier version, supports a single physical network
that can have only one network number and be in one zone. Phase 2 supports multiple
logical networks on a single physical network and allows networks to be in more than one
zone.
Asynchronous circuits Signals that are transmitted without precise clocking. Such
signals generally have different frequencies and phase relationships. Asynchronous
transmissions usually encapsulate individual characters in control bits (called start and stop
bits) that designate the beginning and end of each character.
Asynchronous physical media PPP uses a layered architecture. With its lower level
functions, PPP can use asynchronous physical media, such as those that use basic
telephone service for dialup connections.
Authentication phase This optional phase takes place before the network layer
protocol configuration phase begins. After the link has been established, and the
authentication protocol decided on, the peer can be authenticated.
CHAP (Challenge Handshake Authentication Protocol) A security feature
supported on lines using PPP encapsulation that prevents unauthorized access. CHAP
does not itself prevent unauthorized access, but it identifies the remote end; the router or
access server then determines whether that user is allowed access.
Encapsulation Wrapping of data in a particular protocol header. For example, upper-
layer data is wrapped in a specific Ethernet header before network transit. Also, when
bridging dissimilar networks, the entire frame from one network can just be placed in the
header used by the data link layer protocol of the other network.
HDLC (High-Level Data Link Control) A bit-oriented synchronous data link layer
protocol developed by ISO. HDLC specifies a data encapsulation method on synchronous
serial links by using frame characters and checksums.
LCP (Link Control Protocol) A protocol that provides a method of establishing,
configuring, maintaining, and terminating the point-to-point connection.
Link establishment An originating PPP node sends LCP frames to configure and test
the data link.
Link establishment phase Each PPP device sends LCP packets to configure and test
the data link. LCP packets contain a configuration option field that allows devices to
negotiate on the use of options, such as the maximum receive unit, compression of certain
PPP fields, and the link authentication protocol. If a configuration option is not included in
 113

an LCP packet, the default value for that configuration option is assumed. Before any
network layer datagrams (for example, IP) can be exchanged, LCP must first open the
connection and negotiate the configuration parameters. This phase is complete when a
configuration acknowledgement frame has been sent and received.
NCP (Network Control Program) A program that routes and controls the flow of data
between a communications controller and other network resources.
Network layer protocol phase When LCP finishes the link-quality determination
phase, network layer protocols can be separately configured by the appropriate NCP and
can be brought up and taken down at any time.
Novell IPX The IPX packet is the basic unit of Novell NetWare networking. A
NetWare network layer (Layer 3) protocol used for transferring data from servers to
workstations. IPX is similar to IP and XNS.
PAP (Password Authentication Protocol) An authentication protocol that allows PPP
peers to authenticate one another. The remote router attempting to connect to the local
router is required to send an authentication request. Unlike CHAP, PAP passes the
password and hostname or username in clear text (that is, unencrypted). PAP does not
itself prevent unauthorized access, but it identifies the remote end; the router or access
server then determines whether that user is allowed access. PAP is supported only on PPP
lines.
Physical media The various physical environments through which transmission signals
pass. Common network media include twisted-pair, coaxial, and fiber-optic cable, and the
atmosphere (through which microwave, laser, and infrared transmission occurs).
PPP (Point-to-Point Protocol) A successor to SLIP, a protocol that provides router-
to-router and host-to-network connections over synchronous and asynchronous circuits.
PPP frame format Consists of the Flag, Address, Control, Protocol, Data, and FCS.
SLIP (Serial Line Internet Protocol) A standard protocol for point-to-point serial
connections using a variation of TCP/IP. The predecessor of PPP.
Synchronous circuits Signals that are transmitted with precise clocking. Such signals
have the same frequency, with individual characters encapsulated in control bits (called
start bits and stop bits) that designate the beginning and end of each character.
Synchronous serial See synchronous circuits.
TCP/IP (Transmission Control Protocol/Internet Protocol) A common name for the
suite of protocols developed by the U.S. Department of Defense in the 1970s to support
the construction of worldwide internetworks. TCP and IP are the two best-known
protocols in the suite.
 114

CCNA Exam Review Questions

The following questions help you review for the CCNA exam. The answers appear in
Appendix A, “Answers to CCNA Exam Review Questions.”
1. Which of the following is/are the network-layer protocol(s) supported
by PPP? (Choose all that apply.)

A. Novell IPX
B. TCP/IP
C. AppleTalk
D. All of the above
2. In a PPP frame, what field identifies whether you have encapsulated
IPX or TCP/IP?

A. Flag
B. Control
C. Protocol
D. FCS
3. When you’re running PPP, LCP is responsible for which of the
following?

A. Establishing, maintaining, and terminating the point-to-point connection

B. Maintaining several links
C. Router updates
D. Compression
4. What type of handshaking occurs when PAP is the selected PPP
authentication protocol?

A. One-way
B. Two-way
C. Three-way
D. Four-way
5. What command on the router can you use to check the LCP and NCP
states for PPP?

A. router> show interfaces

B. router(config)# show interfaces
C. router# show interfaces
D. router(config-if)# show interfaces