Download Slide 1

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
Document related concepts
no text concepts found
Transcript 
Labcourse “Routerlab”
Customer Access
The big picture
Phone
Network
Phone Exchange
Point of Presence
Core Network
ATM Network
DSLAM
Modem
PPP-AC
Access Router
Core Routers
DSL Router
Splitter
Home Network
Customer Datacenter
Datacenter
Accessing the Net
PPPoE
Connection
Phone Exchange
ATM Circuit
IP Data
Point of Presence
Core Network
ATM Network
DSLAM
PPP-AC
DSL
Connection
DSL Router
Modem
Splitter
Home Network
Access Router
Core Routers
RADIUS
Auth. Request
Customer Datacenter
Datacenter
PPP – Point-to-Point Protocol
• Encapsulates other protocols (tunnel)
• Enables AAA (authentication,
authorization, accounting)
• Supports auto-configuration
• We consider IP over PPPoE (PPP over
Ethernet)
Phases of PPP
No
Link
Dead
Link
Establishment
Phase
Established
successful?
Yes
Need
authentication?
Yes Authentication
Phase
No
Link
Termination
Phase
Network-Layer Yes
Protocol Phase
Authentication
successful?
No
PPPoE Frame
0x8863: PPPoE Discovery
0x8864: PPPoE Session
Ethernet Frame
Data
Dst.
Addr
Always
0x1
Src.
Addr
Type
Always
0x1
PPPoE
0x00: Data
0x07: PADO
0x09: PADI
0x19: PADR
0x65: PADS
0xa7: PADT
Announced in PADS Frame,
before: 0x0000
Version
Type
Code
Session-ID
(4 Bit)
(4 Bit)
(1 Byte)
(2 Byte)
Length
PPP Protocol
(2 Byte)
(2 Byte)
Payload Length in Bytes
Payload
(variable)
0x0021: IP
0x8021: IP Control Prot. (IPCP)
0xc021: Link Control Prot. (LCP)
0xc023: Password Auth. Prot. (PAP)
0xc223: Challenge Handshake
Auth. Prot. (CHAP)
PPPoE Session
DSL-AC
Client
PPPoE Active Discovery (AD) Initiation: PADI
Broadcast Packet, optional: Service-Name
If multiple
PADO:
Choose one
PPPoE AD Offer: PADO
Service-Name, AC-Name
PPPoE AD Request: PADR
Service-Name, AC-Name
PPPoE AD Session Confirmation: PADS
Session-ID
Set local IP
configuration
PPP Session
1) PPP Session handshake (LCP),
including authentication
2) IP configuration (IPCP)
3) IP Session (Payload)
PPPoE AD Termination
Can be sent by either side
Authenticate user
and
authorize session
Record
accounting data
RADIUS
• “Remote Authentication Dial-In User
Service”
• Central RADIUS Server
• Provides authentication service for
Network Access Servers (NAS)
• NAS: Every device that a user can use to
connect to a network, e.g:
PPP-AC, WPA access-point,
802.1x
switch
PPP Session with RADIUS
Client
PPP-AC/NAS
Auth. Server
LCP: Conf Request
Auth. Proto: PAP
LCP: Conf Ack
Auth. Proto: PAP
PAP: Auth Request
Username + Password
PAP: Auth Ack
Username + Password
IPCP: Conf Req.
IP: 0.0.0.0
IPCP: Conf Reject
IP: 1.2.3.4
LCP: Terminate Link
RADIUS: Access Request
Username + Password
RADIUS: Access Accept
Attributes:
• IP Address
•….
RADIUS: Accounting Start
Attributes:
• IP Address
• Session ID
•….
RADIUS: Accounting Stop
Attributes:
•Session ID
•Duration,Traffic Volume
•…
Write accounting
record
Write accounting
record
Excurse: Other providers
Point of Presence
Core
Network
PPP-AC Access Router
Datacenter
Phone Exchange
Point of Presence
Core Network
ATM Network
DSLAM
Modem
Splitter
PPP-AC
Access Router
DSL Router
Core Routers
The smaller picture
Point of Presence
Phone
Network
loadgen10X
Phone Exchange
Point of Presence
Core Network
ATM Network
DSLAM
Modem
PPP-AC
Access Router
Core Routers
DSL Router
Splitter
Home Network
Customer Datacenter
Datacenter
The smaller picture
Point of Presence
loadgen10X
rj1
PPP-AC
Access Router
DSL Router
Loadgen103
VLAN 102
Home Network
Customer Datacenter
Related documents