The Point-to-Point Protocol over Ethernet (PPPoE) is a network protocol for encapsulating Point-to-Point Protocol (PPP) frames inside Ethernet frames. It is used mainly with DSL services where individual users connect to the DSL modem over Ethernet and in plain Metro Ethernet networks. It was developed by UUNET, Redback Networks, and RouterWare and is available as an informational RFC 2516.
Ethernet networks are packet-based and have no concept of a connection or circuit and also lack basic security features to protect against IP and MAC conflicts and rogue DHCP servers. By using PPPoE, users can virtually "dial" from one machine to another over an Ethernet network, establish a point to point connection between them and then securely transport data packets over the connection. It is mainly used by telephone companies, since PPPoE easily integrated with then current dial-up AAA systems, and perfectly fits into the then-current ATM backbones. The protocol also permits very easy unbundling of DSLAMs where required by regulators, since the user would simply use a different login into PPP, then the ATM circuit would be routed to the user's ISP. Also pre-paid traffic bucket business models can be created with PPPoE more easily than with DHCP, or multiplexing multiple users with different speed tiers or QOS through 1 DSL modem, or creating a different login for each static IPs purchased by customers.
PPPoE faces a difficult future. MPLS/IP backbones and IP DSLAMs are considered the norm, and the circuit switched family technologies (ATM/PDH) are being called legacy technologies. Pseudowire and VOIP can be used to deal with legacy customers and equipment. PPPoE has the highest overhead DSL delivery method[1], and adds .53% of overhead[2]. ATM because of its overhead is also being purged, and PPPoE goes out with that. For example, Verizon's FIOS product has converted to using DHCP internet access instead of PPPoE delivery[3][4]. GPON, an upgrade of BPON, added an alternative to ATM. PPPoE networks face difficulty in adding multicasting, and many level of QOS, and lowest overhead for highest speeds for IPTV in today's convergence and triple play networks.
Broadband Intrenet connection through PPPoE and DSL
Now-a-days broadband through laesed line is achieved throught PPPoE through DSL line which is the normal telephone line. As signals travel through leased line we have PPPoE authenication protocol to monitor this data transfer through ATM from DSLAM in TELCO to DSL modem(acts as a BRIDGE connects two network interfaces).
In early days we used to have plain DSL modems or simply bridges which connect two network interface (e.g. Ethernet and TCP/IP in this case) but now a days we have multipurpose broadband routers which behaves as router or simply bridges.
Block diagram for connection to the internet.
|
These can be configured in two mode
• BRIDGE
○ Simply acts as a DSL modem and PPPOE software runs in dialer software in windows(win xp PPPOE client)
○ Public IP is provided to computer.
• PPPOE
○ PPPOE software runs within the router.
○ Public IP is held by router which also provides a hardware firewall via NAT and provide a private IP to computer chain connected to it.
○ Many computers can be connected.
○ Login automatic as user name and pass is contained in router.
In all this what is important that in PPPoE type of broadband connection we have to have the PPPoE software somewhere either in computer (e.g - windows PPPoE client) or in the router. In the former case we have to configure the router in bridge mode and in the later case the router is in PPPoE mode with autoconnect feature as username and password is stored inside the router and then we can connect a LAN chain with the router having private IPs and the publuc IPs is provided to router.
In PPPoE mode router also provides a hardware firwall through NAT(natwork address translation).In bridge mode only one computer can share the internet connection as the router only acts as a bridge or plain DSL modem.
How PPPoE fits in
This figure shows how PPPoE fits into the DSL Internet access architecture.
The transport protocol used on the telephone network is ATM. The DSL modem encapsulates PPP packets inside ATM cells and sends them over the WAN. One way of doing this is to bridge the Ethernet packets containing the PPPoE packets over ATM, using the mechanism specified in RFC 2684; this is sometimes called PPPoEoE (PPP-over-Ethernet-over-Ethernet). Another way is to convert PPPoE into PPPoA on AAL5 (RFC 2684).
PPPoE stages
The PPPoE has two distinct stages:
PPPoE discovery
Since traditional PPP connections are established between two end points over a serial link or over an ATM virtual circuit that has already been established during dial-up, all PPP frames sent on the wire are sure to reach the other end. But Ethernet networks are multi-access where each node in the network can access every other node. Ethernet packets contain the hardware address of the destination node (MAC address) encoded in the packet. This helps the packet reach the intended destination.
Hence before exchanging PPP control packets to establish the connection over Ethernet, the MAC address of the two end points should be known to each other so that they can be encoded in these control packets. The PPPoE Discovery stage does exactly this. In addition it also helps establish a Session ID that can be used for further exchange of packets.
PPP session
Once the MAC address of the peer is known and a session has been established, the Session stage.
PPPoE Discovery (PPPoED)
Although traditional PPP is a peer-to-peer protocol, PPPoE is inherently a client-server relationship since multiple hosts can connect to a service provider over a single physical connection.
The Discovery process consists of four steps between the host computer which acts as the client and the access concentrator at the internet service provider's end. They are outlined below. The fifth and last step is the way to close an existing session.
PADI
PADI stands for PPPoE Active Discovery Initiation.
If a user wants to dial up to the Internet using DSL, then his computer first must find the DSL access concentrator (DSL-AC) at the user's Internet service provider's point of presence (POP). Communication over Ethernet is only possible via MAC addresses. As the computer does not know the MAC address of the DSL-AC, it sends out a PADI packet via an Ethernet broadcast (MAC: ff:ff:ff:ff:ff:ff). This PADI packet contains the MAC address of the computer sending it.
Example of a PADI-packet:
Frame 1 (44 bytes on wire, 44 bytes captured)
Ethernet II, Src: 00:50:da:42:d7:df, Dst: ff:ff:ff:ff:ff:ff
PPP-over-Ethernet Discovery
Version: 1
Type 1
Code Active Discovery Initiation (PADI)
Session ID: 0000
Payload Length: 24
PPPoE Tags
Tag: Service-Name
Tag: Host-Uniq
Binary Data: (16 bytes)
Src. (=source) holds the MAC address of the computer sending the PADI.
Dst. (=destination) is the Ethernet broadcast address.
The PADI packet can be received by more than one DSL-AC.
PADO
PADO stands for PPPoE Active Discovery Offer.
Once the user's computer has sent the PADI packet, the DSL-AC replies with a PADO packet, using the MAC address supplied in the PADI. The PADO packet contains the MAC address of the DSL-AC, its name (e.g. LEIX11-erx for the T-Com DSL-AC in Leipzig) and the name of the service. If more than one POP's DSL-AC replies with a PADO packet, the user's computer selects the DSL-AC for a particular POP using the supplied name or service.
Here is an example of a PADO packet:
Frame 2 (60 bytes on wire, 60 bytes captured)
Ethernet II, Src: 00:0e:40:7b:f3:8a, Dst: 00:50:da:42:d7:df
PPP-over-Ethernet Discovery
Version: 1
Type 1
Code Active Discovery Offer (PADO)
Session ID: 0000
Payload Length: 36
PPPoE Tags
Tag: AC-Name
String Data: IpzbrOOl
Tag: Host-Uniq
Binary Data: (16 bytes)
AC-Name -> String data holds the AC name, in this case “Ipzbr001” (the Arcor DSL-AC in Leipzig)
Src. holds the MAC address of the DSL-AC.
The MAC address of the DSL-AC also reveals the manufacturer of the DSL-AC (in this case Nortel Networks).
PADR
PADR stands for PPPoE Active Discovery Request.
A PADR packet is sent by the user's computer to the DSL-AC following receipt of an acceptable PADO packet from the DSL-AC. It confirms acceptance of the offer of a PPPoE connection made by the DSL-AC issuing the PADO packet.
PADS
PADS stands for PPPoE Active Discovery Session-confirmation.
The PADR packet above is confirmed by the DSL-AC with a PADS packet, and a Session ID is given out with it. The connection with the DSL-AC for that POP has now been fully established.
PADT
PADT stands for PPPoE Active Discovery Termination.
This packet terminates the connection to the POP. It may be sent from either the user's computer or from the DSL-AC.
Quirks
Since the point to point connection established has an MTU lower than that of standard Ethernet (typically 1492 vs Ethernet's 1500), it can sometimes cause problems when Path MTU discovery is defeated by poorly configured firewalls. Although higher MTUs are becoming more common in providers' networks, usually the fix is to use TCP MSS (Maximum Segment Size) "clamping" or "rewrite", whereby the access concentrator rewrites the MSS to ensure TCP peers send smaller datagrams. Although TCP MSS clamping solves the MTU issue for TCP, ICMP, UDP, and other protocols may still be affected. In practice, this does not present significant issues for residential users since most content is served over TCP.
Some vendors (Cisco and Juniper, for example) refer to PPPoEoE (PPPoE over Ethernet), which is PPPoE running directly over Ethernet or other IEEE 802 networks or over Ethernet bridged over ATM, in order to distinguish it from PPPoEoA (PPPoE over ATM), which is PPPoE running over an ATM virtual circuit using RFC 2684 and SNAP encapsulation of PPPoE. (PPPoEoA is not the same as Point-to-Point Protocol over ATM (PPPoA), which doesn't use SNAP).
See also
References
- ^ http://www.oplink.net/files/WhitePaper_EncapsOverheads.pdf
- ^ http://pflog.net/dsl_overhead/
- ^ https://www22.verizon.com/ResidentialHelp/YahooHelp/FiOSInternet/Uncategorized/QuestionsThree/114638.htm
- ^ http://www.testmy.net/t-4544.msg41400
External links
- RFC 2516 - A Method for Transmitting PPP Over Ethernet (PPPoE)
- RFC 3817 - Layer 2 Tunneling Protocol (L2TP) Active Discovery Relay for PPP over Ethernet (PPPoE)
- RP-PPPoE - GPL PPPoE implementation
- pfSense Open source firewall with PPPoE Server
