PPP is a Data-link communication protocol In order for it to successfully complete it must go through certain phases. There are 3 main components/steps to PPP and its negotiation process:
Step 1: – LCP (Link establishment Phase).
* This is where parameters are specified for th link o be established, both devices need to agree on authentication type, compression, error detection, multilink and ppp callback. Once the values are agreed it can move onto step 2 or 3.
Step 2: – Authentication (PAP,CHAP or EAP).
* This is an optional phase, but if implemented both devices need to know that the device they are speaking to is who they say they are.
Step 3: – NCP ((Network Control Phase).
* This is the laye 2 to layer 3 transition phase. It provides communication with the IP layer (IPCP). Gives us an IP address we can then communicate with.
One way of verifying step 1 is to run a “sh int atm 0/0/0” (will show the lcp status)
LCP REQsent
(LCP OPEN = LCP successful, LCP CLOSED = Indicates LCP failure, LCP REQsent = both sides could not match parameters i.e mis match of encapsulation)
During the process of PPP negotiation the different packets we will see are:
1. (CONFREQ) > The values that are sent to complete stage (request for information).
2. (CONFREJ) > This will be a return packet if the request is not acceptable or not recognizable,
3. (CONFNAK) > This will be the return packet when the request is recongnizable, however some of the values are not accepted i.e Chap is sent but the other end wants to authenticate with PAP.
4. (CONFACK) > When the router values are accepted, (response to the CONFREQ).
There are also:
1. (TERMREQ) > This is when there is a request for a LCP closure
2. (TERMACK) > This is acceptance of the above.
3. (ECHO REQ/REPLY) >- The PPP keep alives for the connection.
Below shows an overview of the process.
DEBUG PPP Negotiation:
The debug PPP negotiation command is useful because it can not only be used as a vital diagnostic tool, but it also shows the full PPP negotiation process.
Below is an extract from a live debug. You can see the router goes through the 3 phases needed for successful PPP negotiation. Now not all PPP negotiation will go through the exact same process, but it still will be quite similar. (i.e. in a scenario where there is no authentication – as this is an optional phase).
The following images shows how to read a debug output.
Below is the extract of the different phases as seen in a debug output.
Here you can see the LCP start. Notices the stage field changes from PPP (global stage) to LCP. The first CONFREQ is an outgoing request with an ID of 1. However it is followed by an incoming request (ID 124), requests specific LCP attributes (CHAP authentication, MRU, Magic number). The router automatically responds to request which is a CONFACK with its matching attributes. Notice that the response has the same ID number. This way we can match the incoming and corresponding outgoing message.
Once both connections have agreed on LCP details they then need to authenticate against one another. In this output you can see that an Incoming challenge is sent from the remote device, This router has responded to the challenge but full authentication has been unsuccessful. We see this sometimes when authentication has to go through multiple hops. Although the response if a fail here, and the lcp establishment needs to start again (always restarts if there is a fail), the next time the router gets to this stage it will bypass this hop “bras-red4.mqd” (or teh bras will just let it through) and the authentication will go straight to the next stage.
This is the last stage on PPP and it is the NCP stage, so that layer 2 can communicate with layer 3. Notice again the change of stage, which now reads ‘IPCP’. It also shows that LCP stage is complete. The key here is the issuing of the gateway IP (the address the IP needs to speak to, to get its credentials) and teh confirmation of this IP. See ID 87. Once the CONFACK is sent. The router now knows it needs to speak to this IP address to progress.