Back to Dashboard
Module 32
PPP and HDLC (Deep Dive)
β Previous Module
Next Module β
# π CCNA 200-301 - Video 32: PPP and HDLC (Deep Dive) ## Deep Study Notes --- ## π Learning Objectives By the end of this video, you should understand: - HDLC (High-Level Data Link Control) protocol - Cisco HDLC vs. Standard HDLC - PPP (Point-to-Point Protocol) architecture - PPP encapsulation and LCP (Link Control Protocol) - PPP authentication (PAP and CHAP) - PPP configuration and verification - PPPoE (PPP over Ethernet) --- ## π§ Core Concepts ### 1. HDLC Overview **Definition:** High-Level Data Link Control (HDLC) is a bit-oriented, synchronous data link layer protocol that provides reliable delivery of frames over point-to-point links. **Analogy:** Think of HDLC like a standardized shipping container. Every container looks the same, has the same labeling format, and can be stacked and transported uniformly. Cisco HDLC is like a customized container that includes extra features for Cisco-specific content. ``` βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β HDLC FRAME STRUCTURE β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ β β β Standard HDLC Frame: β β βββββββββββ¬ββββββββββ¬ββββββββββ¬ββββββββββββββ¬ββββββββββ¬ββββββββββ β β β Flag β Address β Control β Information β FCS β Flag β β β β 01111110β(8 bits) β(8 bits) β (Variable) β(16 bits)β01111110 β β β βββββββββββ΄ββββββββββ΄ββββββββββ΄ββββββββββββββ΄ββββββββββ΄ββββββββββ β β β β Cisco HDLC Frame (Proprietary): β β βββββββββββ¬ββββββββββ¬ββββββββββ¬ββββββββββ¬ββββββββββββββ¬ββββββββββ¬ββββββ β β β Flag β Address β Control β Protocolβ Information β FCS βFlag β β β β 01111110β(8 bits) β(8 bits) β(16 bits)β (Variable) β(16 bits)β β β β βββββββββββ΄ββββββββββ΄ββββββββββ΄ββββββββββ΄ββββββββββββββ΄ββββββββββ΄ββββββ β β β β Cisco HDLC adds a Protocol field to identify the upper-layer protocol β β (IP, IPX, AppleTalk, etc.) β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ ``` --- ### 2. Cisco HDLC vs. Standard HDLC | Feature | Standard HDLC | Cisco HDLC | |---------|---------------|------------| | **Protocol Field** | No | Yes (16 bits) | | **Multi-Protocol Support** | No (single protocol) | Yes | | **Vendor Support** | Industry standard | Cisco proprietary | | **Keepalives** | Optional | Enabled by default | | **Authentication** | No | No | | **Default on Cisco** | No | Yes (on serial interfaces) | ``` βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β CISCO HDLC PROTOCOL FIELD β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ β β β Protocol Field Values: β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β 0x0800 - IP (Internet Protocol) β β β β 0x0806 - ARP (Address Resolution Protocol) β β β β 0x8137 - IPX (Internetwork Packet Exchange) β β β β 0x80F3 - AppleTalk β β β β 0x8000 - CDP (Cisco Discovery Protocol) β β β β 0x2000 - VINES β β β β 0x8100 - 802.1Q (VLAN Tag) β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ ``` **HDLC Configuration:** ```cisco ! HDLC is default on Cisco serial interfaces Router(config)# interface serial 0/0/0 Router(config-if)# encapsulation hdlc Router(config-if)# keepalive 10 ! Set keepalive interval (default 10 sec) ! Verify HDLC Router# show interfaces serial 0/0/0 ! Output shows: Encapsulation HDLC ``` --- ### 3. PPP Overview **Definition:** Point-to-Point Protocol (PPP) is an industry-standard data link layer protocol that provides encapsulation, authentication, and error detection over point-to-point links. **Analogy:** PPP is like a hotel check-in process. When you arrive (link establishment), you identify yourself (authentication), get your room key (network protocol assignment), and then enjoy your stay (data transfer). When you leave, you check out (link termination). ``` βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β PPP ARCHITECTURE β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β NETWORK LAYER β β β β (IP, IPX, AppleTalk, IPv6, etc.) β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β β β NCP (Network Control Protocol) β β βΌ β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β PPP β β β β (Point-to-Point Protocol) β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β β β LCP (Link Control Protocol) β β βΌ β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β PHYSICAL LAYER β β β β (Serial, ISDN, PPPoE, etc.) β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ ``` --- ### 4. PPP Components | Component | Description | |-----------|-------------| | **LCP (Link Control Protocol)** | Establishes, configures, and tests the data link connection | | **NCP (Network Control Protocol)** | Configures and enables network layer protocols (IPCP, IPXCP, etc.) | | **Authentication Protocols** | PAP (Password Authentication Protocol) and CHAP (Challenge Handshake Authentication Protocol) | | **Encapsulation** | Frames network layer packets with PPP header/trailer | ``` βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β PPP FRAME STRUCTURE β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ β β β PPP Frame: β β βββββββββββ¬ββββββββββ¬ββββββββββ¬ββββββββββββββ¬ββββββββββ¬ββββββββββ β β β Flag β Address β Control β Protocol β Data β FCS β Flag β β β 01111110β11111111 β00000011 β (16 bits) β(Variable)β(16 bits)β01111110β β βββββββββββ΄ββββββββββ΄ββββββββββ΄ββββββββββββββ΄ββββββββββ΄ββββββββββ β β β β Fields: β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β’ Flag: 01111110 (start/end of frame) β β β β β’ Address: 11111111 (broadcast - all stations) β β β β β’ Control: 00000011 (unnumbered information frame) β β β β β’ Protocol: Identifies encapsulated protocol (0x0021 = IP) β β β β β’ Data: Network layer packet β β β β β’ FCS: Frame Check Sequence (CRC for error detection) β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ ``` --- ### 5. PPP LCP Operation **LCP States:** ``` βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β LCP STATE MACHINE β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β DEAD β β β β (Link is down) β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β β β Physical layer up β β βΌ β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β ESTABLISH β β β β (LCP negotiation) β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β β β LCP UP β β βΌ β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β AUTHENTICATE β β β β (PAP or CHAP) β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β β β Success β β βΌ β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β NETWORK β β β β (NCP negotiation) β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β β β NCP UP β β βΌ β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β OPEN β β β β (Data transfer) β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β β β Link down or termination β β βΌ β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β TERMINATE β β β β (Link termination) β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β β β β β β βΌ β β (Return to DEAD) β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ ``` **LCP Configuration Options:** | Option | Description | |--------|-------------| | **Maximum Receive Unit (MRU)** | Maximum packet size (default 1500) | | **Authentication Protocol** | PAP, CHAP, or none | | **Magic Number** | Loopback detection | | **Link Quality Monitoring** | Monitors link quality | | **Compression** | Data compression | | **Multilink** | Bundles multiple links | --- ### 6. PPP Authentication: PAP vs. CHAP | Feature | PAP | CHAP | |---------|-----|------| | **Type** | 2-way handshake | 3-way handshake | | **Security** | Low (passwords sent in clear text) | High (passwords never sent) | | **Challenge** | No | Yes | | **Re-authentication** | No | Periodic | | **Vulnerability** | Password sniffing | Replay attacks (mitigated by changing challenges) | | **Configuration** | Simple | Moderate | ``` βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β PAP (Password Authentication Protocol) β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ β β β Client Server β β β β β β β 1. Authenticate-Request β β β β (username + password in clear text) β β β β βββββββββββββββββββββββββββββββββββββββββββΊ β β β β β β β β 2. Authenticate-Ack or Authenticate-Nak β β β β βββββββββββββββββββββββββββββββββββββββββββ β β β β β β β β β β’ Password sent in clear text (vulnerable to sniffing) β β β’ Simple 2-way handshake β β β’ No periodic re-authentication β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β CHAP (Challenge Handshake Authentication Protocol) β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ β β β Client Server β β β β β β β β β β β 1. Challenge (random value) β β β β βββββββββββββββββββββββββββββββββββββββββββ β β β β β β β β 2. Response (hash of challenge + password) β β β β βββββββββββββββββββββββββββββββββββββββββββΊ β β β β β β β β 3. Success or Failure β β β β βββββββββββββββββββββββββββββββββββββββββββ β β β β β β β β 4. Periodic re-challenge (optional) β β β β βββββββββββββββββββββββββββββββββββββββββββΊ β β β β β β’ Password never sent over link β β β’ Uses MD5 hashing (or other hash algorithms) β β β’ Periodic re-authentication β β β’ More secure than PAP β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ ``` --- ### 7. PPP Configuration **Basic PPP Configuration:** ```cisco ! Configure PPP encapsulation Router(config)# interface serial 0/0/0 Router(config-if)# encapsulation ppp ! Set keepalive (default 10 seconds) Router(config-if)# keepalive 10 ! Optional: Set MTU Router(config-if)# mtu 1500 ``` **PAP Authentication Configuration:** ```cisco ! Router A RouterA(config)# username RouterB password Cisco123 RouterA(config)# interface serial 0/0/0 RouterA(config-if)# encapsulation ppp RouterA(config-if)# ppp authentication pap RouterA(config-if)# ppp pap sent-username RouterA password Cisco123 ! Router B RouterB(config)# username RouterA password Cisco123 RouterB(config)# interface serial 0/0/0 RouterB(config-if)# encapsulation ppp RouterB(config-if)# ppp authentication pap RouterB(config-if)# ppp pap sent-username RouterB password Cisco123 ``` **CHAP Authentication Configuration:** ```cisco ! Router A RouterA(config)# username RouterB password Cisco123 RouterA(config)# interface serial 0/0/0 RouterA(config-if)# encapsulation ppp RouterA(config-if)# ppp authentication chap RouterA(config-if)# ppp chap hostname RouterA RouterA(config-if)# ppp chap password Cisco123 ! Router B RouterB(config)# username RouterA password Cisco123 RouterB(config)# interface serial 0/0/0 RouterB(config-if)# encapsulation ppp RouterB(config-if)# ppp authentication chap RouterB(config-if)# ppp chap hostname RouterB RouterB(config-if)# ppp chap password Cisco123 ``` **CHAP with Local Database (Alternative):** ```cisco ! Router A RouterA(config)# username RouterB password Cisco123 RouterA(config)# interface serial 0/0/0 RouterA(config-if)# encapsulation ppp RouterA(config-if)# ppp authentication chap ! No need for ppp chap hostname if using local username ! Router B RouterB(config)# username RouterA password Cisco123 RouterB(config)# interface serial 0/0/0 RouterB(config-if)# encapsulation ppp RouterB(config-if)# ppp authentication chap ``` --- ### 8. PPP Authentication Types Order ```cisco ! Specify authentication order (try PAP first, then CHAP) Router(config-if)# ppp authentication pap chap ! Try CHAP first, then PAP Router(config-if)# ppp authentication chap pap ! Use both (require both authentications) Router(config-if)# ppp authentication pap chap Router(config-if)# ppp authentication pap Router(config-if)# ppp authentication chap ``` --- ### 9. PPP Verification Commands | Command | Purpose | |---------|---------| | `show interfaces serial [int]` | Display interface status and encapsulation | | `show ppp interfaces` | Display PPP interface information | | `show ppp authentication` | Display PPP authentication status | | `debug ppp authentication` | Debug PPP authentication process | | `debug ppp negotiation` | Debug PPP LCP/NCP negotiation | | `debug ppp packet` | Debug PPP packet exchange | **Example Outputs:** ```cisco Router# show interfaces serial 0/0/0 Serial0/0/0 is up, line protocol is up Hardware is GT96K Internet address is 10.1.1.1/30 MTU 1500 bytes, BW 1544 Kbit/sec, DLY 20000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation PPP, LCP Open, Open: IPCP, CDPCP Keepalive set (10 sec) Last input 00:00:05, output 00:00:00, output hang never ... ``` ```cisco Router# debug ppp authentication PPP authentication debugging is on *Mar 1 00:01:23.456: Se0/0/0 PPP: Using default call direction *Mar 1 00:01:23.456: Se0/0/0 PPP: Treating connection as a dedicated line *Mar 1 00:01:23.456: Se0/0/0 PPP: Phase is AUTHENTICATING, attempting CHAP *Mar 1 00:01:23.456: Se0/0/0 CHAP: Using hostname RouterA *Mar 1 00:01:23.456: Se0/0/0 CHAP: Using password Cisco123 *Mar 1 00:01:23.456: Se0/0/0 CHAP: Received CHAP challenge *Mar 1 00:01:23.456: Se0/0/0 CHAP: Sending CHAP response *Mar 1 00:01:23.456: Se0/0/0 CHAP: Received CHAP success *Mar 1 00:01:23.456: Se0/0/0 PPP: Phase is FORWARDING, Attempting Forward ``` --- ### 10. PPPoE (PPP over Ethernet) **Definition:** PPPoE is a protocol that encapsulates PPP frames inside Ethernet frames, commonly used for DSL broadband connections. ``` βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β PPPoE ARCHITECTURE β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ β β β Customer Premises ISP β β β β βββββββββββββββββββ βββββββββββββββββββ β β β PC/Router β β DSLAM/BRAS β β β β β β β β β β βββββββββββββ β Ethernet β βββββββββββββ β β β β β PPP β βββββββββββββββββββββΊβ β PPP β β β β β β Session β β β β Session β β β β β βββββββββββββ β β βββββββββββββ β β β β βββββββββββββ β PPPoE Discovery β βββββββββββββ β β β β β PPPoE β βββββββββββββββββββββΊβ β PPPoE β β β β β βββββββββββββ β β βββββββββββββ β β β β βββββββββββββ β Ethernet β βββββββββββββ β β β β β Ethernet β βββββββββββββββββββββΊβ β Ethernet β β β β β βββββββββββββ β β βββββββββββββ β β β βββββββββββββββββββ βββββββββββββββββββ β β β β PPPoE Phases: β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β 1. Discovery Phase: Find the access concentrator β β β β - PADI (PPPoE Active Discovery Initiation) β β β β - PADO (PPPoE Active Discovery Offer) β β β β - PADR (PPPoE Active Discovery Request) β β β β - PADS (PPPoE Active Discovery Session) β β β β β β β β 2. Session Phase: PPP session established (LCP, Authentication, NCP)β β β β 3. Termination Phase: PADT (PPPoE Active Discovery Terminate) β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β β β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ ``` **PPPoE Configuration (Client):** ```cisco ! Configure dialer interface Router(config)# interface dialer 1 Router(config-if)# mtu 1492 ! 1500 - 8 (PPPoE header) Router(config-if)# ip address negotiated Router(config-if)# encapsulation ppp Router(config-if)# ppp authentication chap pap Router(config-if)# ppp chap hostname user@isp.com Router(config-if)# ppp chap password Cisco123 Router(config-if)# dialer pool 1 Router(config-if)# exit ! Configure physical interface Router(config)# interface gigabitEthernet 0/0 Router(config-if)# pppoe enable Router(config-if)# pppoe-client dial-pool-number 1 Router(config-if)# exit ! Configure default route Router(config)# ip route 0.0.0.0 0.0.0.0 dialer 1 ``` --- ### 11. PPP Troubleshooting | Problem | Symptom | Solution | |---------|---------|----------| | **Link Protocol Down** | Line protocol down | Check physical connectivity, cable, CSU/DSU | | **LCP Not Opening** | LCP closed | Verify encapsulation match, keepalive mismatch | | **Authentication Failure** | LCP Open but authentication fails | Verify usernames, passwords, CHAP hostnames | | **IPCP Failure** | IP not assigned | Verify IPCP negotiation, no IP address configured | | **Keepalive Mismatch** | Link flapping | Ensure same keepalive interval on both ends | **Troubleshooting Commands:** ```cisco ! Check interface status Router# show interfaces serial 0/0/0 ! Check PPP debugging Router# debug ppp authentication Router# debug ppp negotiation Router# debug ppp error ! Clear PPP session Router# clear interface serial 0/0/0 ``` --- ## π§ Complete Configuration Examples ### Lab 1: HDLC Configuration **Topology:** ``` Router A βββββββββββββββ Router B Serial Link (HDLC) ``` **Router A Configuration:** ```cisco hostname RouterA ! interface Serial0/0/0 ip address 10.1.1.1 255.255.255.252 encapsulation hdlc keepalive 10 no shutdown ! end ``` **Router B Configuration:** ```cisco hostname RouterB ! interface Serial0/0/0 ip address 10.1.1.2 255.255.255.252 encapsulation hdlc keepalive 10 no shutdown ! end ``` --- ### Lab 2: PPP with CHAP Authentication **Topology:** ``` Router A βββββββββββββββ Router B Serial Link (PPP/CHAP) ``` **Router A Configuration:** ```cisco hostname RouterA ! ! Configure username for Router B username RouterB password Cisco123 ! interface Serial0/0/0 ip address 10.1.1.1 255.255.255.252 encapsulation ppp ppp authentication chap ppp chap hostname RouterA no shutdown ! end ``` **Router B Configuration:** ```cisco hostname RouterB ! ! Configure username for Router A username RouterA password Cisco123 ! interface Serial0/0/0 ip address 10.1.1.2 255.255.255.252 encapsulation ppp ppp authentication chap ppp chap hostname RouterB no shutdown ! end ``` --- ### Lab 3: PPP with PAP Authentication **Router A Configuration:** ```cisco hostname RouterA ! ! Configure username for Router B username RouterB password Cisco123 ! interface Serial0/0/0 ip address 10.1.1.1 255.255.255.252 encapsulation ppp ppp authentication pap ppp pap sent-username RouterA password Cisco123 no shutdown ! end ``` **Router B Configuration:** ```cisco hostname RouterB ! ! Configure username for Router A username RouterA password Cisco123 ! interface Serial0/0/0 ip address 10.1.1.2 255.255.255.252 encapsulation ppp ppp authentication pap ppp pap sent-username RouterB password Cisco123 no shutdown ! end ``` --- ### Lab 4: PPPoE Client Configuration **Topology:** ``` Router (CPE) ββββββββ DSL Modem ββββββββ ISP Network Gi0/0 ``` **Router Configuration:** ```cisco hostname CPE ! ! Configure VLAN for PPPoE (if needed) vlan 10 name PPPoE ! ! Configure dialer interface interface Dialer1 mtu 1492 ip address negotiated encapsulation ppp ppp authentication chap ppp chap hostname user@isp.com ppp chap password isppassword dialer pool 1 ! ! Configure physical interface interface GigabitEthernet0/0 no ip address pppoe enable pppoe-client dial-pool-number 1 ! ! Default route ip route 0.0.0.0 0.0.0.0 Dialer1 ! end ``` --- ## β Exam Tips (For CCNA 200-301) | Topic | What Cisco Tests | |-------|------------------| | **HDLC** | Cisco proprietary, default on serial, no authentication | | **PPP** | Industry standard, LCP, NCP, authentication | | **PAP** | 2-way handshake, clear-text passwords | | **CHAP** | 3-way handshake, never sends password | | **LCP** | Link establishment, negotiation | | **NCP** | Network layer protocol configuration | | **PPPoE** | DSL broadband, Ethernet encapsulation | ### Common Exam Scenarios: **Scenario 1:** "A serial link between two Cisco routers uses the default encapsulation. What protocol is being used?" - **Answer:** Cisco HDLC **Scenario 2:** "Which PPP authentication protocol sends passwords in clear text?" - **Answer:** PAP (Password Authentication Protocol) **Scenario 3:** "What is the purpose of LCP in PPP?" - **Answer:** Establishes, configures, and tests the data link connection ### Mnemonics: **PPP Components:** **"L-N-A" - LCP, NCP, Authentication** - **L**CP: Link setup - **N**CP: Network setup - **A**uthentication: User verification **PAP vs. CHAP:** **"PAP = Plain-text, CHAP = Challenge"** - PAP sends password in **P**lain text - CHAP uses **C**hallenge-response **PPPoE Phases:** **"D-S-T" - Discovery, Session, Termination** - **D**iscovery: Find access concentrator - **S**ession: PPP operation - **T**ermination: Close connection --- ## π Summary (1-Minute Revision) ``` HDLC (High-Level Data Link Control): FEATURES: βββ Cisco proprietary (on Cisco routers) βββ Default encapsulation on serial interfaces βββ No authentication βββ Supports keepalive (default 10 sec) βββ Protocol field for multi-protocol support CONFIGURATION: βββ encapsulation hdlc (default) βββ keepalive [seconds] PPP (Point-to-Point Protocol): FEATURES: βββ Industry standard βββ Authentication (PAP, CHAP) βββ LCP (Link Control Protocol) βββ NCP (Network Control Protocol) βββ Error detection PPP AUTHENTICATION: PAP (Password Authentication Protocol): βββ 2-way handshake βββ Password in clear text βββ Simple βββ Vulnerable to sniffing CHAP (Challenge Handshake): βββ 3-way handshake βββ Never sends password βββ Uses MD5 hash βββ Periodic re-authentication βββ More secure PPP FRAME: βββ Flag (01111110) βββ Address (11111111) βββ Control (00000011) βββ Protocol (16 bits) βββ Data βββ FCS βββ Flag VERIFICATION: βββ show interfaces serial βββ debug ppp authentication βββ debug ppp negotiation βββ show ppp interfaces PPPoE: βββ PPP over Ethernet (DSL) βββ MTU 1492 (1500 - 8) βββ Discovery phase (PADI, PADO, PADR, PADS) βββ Session phase βββ Termination (PADT) ``` --- ## π§ͺ Practice Questions **1. What is the default encapsulation on Cisco serial interfaces?** - A) PPP - B) HDLC - C) Frame Relay - D) Ethernet <details> <summary>Answer</summary> <b>B) HDLC</b> - Cisco HDLC is the default encapsulation on Cisco serial interfaces. </details> **2. Which PPP authentication protocol uses a 3-way handshake and never sends the password?** - A) PAP - B) CHAP - C) MS-CHAP - D) EAP <details> <summary>Answer</summary> <b>B) CHAP</b> - Challenge Handshake Authentication Protocol uses a 3-way handshake with MD5 hashing. </details> **3. What does LCP stand for in PPP?** - A) Link Control Protocol - B) Layer Control Protocol - C) Link Configuration Protocol - D) Layer Configuration Protocol <details> <summary>Answer</summary> <b>A) Link Control Protocol</b> - LCP establishes, configures, and tests the PPP link. </details> **4. What is the purpose of the Protocol field in Cisco HDLC?** - A) Error detection - B) Identify the upper-layer protocol - C) Authentication - D) Flow control <details> <summary>Answer</summary> <b>B) Identify the upper-layer protocol</b> - Cisco HDLC adds a Protocol field to support multiple protocols. </details> **5. Which PPP authentication protocol sends passwords in clear text?** - A) CHAP - B) MS-CHAP - C) PAP - D) EAP <details> <summary>Answer</summary> <b>C) PAP</b> - Password Authentication Protocol sends credentials in clear text. </details> **6. What is the default keepalive interval on Cisco HDLC?** - A) 5 seconds - B) 10 seconds - C) 30 seconds - D) 60 seconds <details> <summary>Answer</summary> <b>B) 10 seconds</b> - Default keepalive interval is 10 seconds. </details> **7. What is the recommended MTU for PPPoE?** - A) 1500 - B) 1492 - C) 1480 - D) 1400 <details> <summary>Answer</summary> <b>B) 1492</b> - PPPoE adds an 8-byte header, so MTU should be 1492. </details> **8. Which PPP phase discovers the access concentrator?** - A) Session phase - B) Discovery phase - C) Termination phase - D) Authentication phase <details> <summary>Answer</summary> <b>B) Discovery phase</b> - PPPoE discovery uses PADI, PADO, PADR, and PADS messages. </details> **9. Which command configures PPP encapsulation?** - A) `encapsulation ppp` - B) `ppp enable` - C) `encapsulation hdlc` - D) `ppp encapsulation` <details> <summary>Answer</summary> <b>A) `encapsulation ppp`</b> - This command configures PPP encapsulation on the interface. </details> **10. Which command displays PPP authentication debugging?** - A) `debug ppp auth` - B) `debug ppp authentication` - C) `debug authentication` - D) `debug ppp chap` <details> <summary>Answer</summary> <b>B) `debug ppp authentication`</b> - This command shows PPP authentication exchanges. </details> **11. What does NCP stand for in PPP?** - A) Network Control Protocol - B) Node Control Protocol - C) Network Configuration Protocol - D) Node Configuration Protocol <details> <summary>Answer</summary> <b>A) Network Control Protocol</b> - NCP configures and enables network layer protocols. </details> **12. Which command configures CHAP authentication on a PPP interface?** - A) `ppp authentication chap` - B) `ppp chap enable` - C) `authentication chap` - D) `chap enable` <details> <summary>Answer</summary> <b>A) `ppp authentication chap`</b> - This configures CHAP authentication on the PPP interface. </details> --- ## π Next Steps After completing Video 32, you should be ready for: - **Video 33:** PPPoE (Deep Dive) - **Video 34:** GRE Tunnels **Lab Practice:** 1. Configure HDLC between two routers (verify default) 2. Configure PPP with PAP authentication 3. Configure PPP with CHAP authentication 4. Verify with `debug ppp authentication` 5. Configure PPPoE client on a router 6. Troubleshoot authentication failures --- **Ready for Video 33?** Share the link or say "next" and I'll continue with PPPoE (Deep Dive). I'll continue with **Video 33: PPPoE (Point-to-Point Protocol over Ethernet)** based on the standard CCNA 200-301 curriculum. ---