Friday, January 29, 2010

Playing on PPP

Hi all,
today I'm playing on PPP using Dynamips and a simple topology:



Let's start from basics, configure R0 - R1 link using simple encapsulation ppp, then look at the debug ppp output:

!---- on R0
R0#sh run int ser 1/0 | beg int
interface Serial1/0
ip address 10.10.0.1 255.255.255.252
encapsulation ppp
serial restart-delay 0
clock rate 128000
end

!--- on R1 we first enable debug ppp negotiation...
R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#int ser 1/0
R1(config-if)#shutdown
R1(config-if)#encapsulation ppp
*Jan 29 00:04:33.711: %LINK-5-CHANGED: Interface Serial1/0, changed state to administratively down
R1(config-if)#ip address 10.10.0.2 255.255.255.252
R1(config-if)#do debug ppp negotiation
PPP protocol negotiation debugging is on
R1(config-if)#no shutdown
R1(config-if)#
*Jan 29 00:04:56.675: Se1/0 PPP: Outbound cdp packet dropped
*Jan 29 00:04:58.667: %LINK-3-UPDOWN: Interface Serial1/0, changed state to up
*Jan 29 00:04:58.687: Se1/0 PPP: Using default call direction
*Jan 29 00:04:58.687: Se1/0 PPP: Treating connection as a dedicated line
*Jan 29 00:04:58.687: Se1/0 PPP: Session handle[48000002] Session id[1]
*Jan 29 00:04:58.687: Se1/0 PPP: Phase is ESTABLISHING, Active Open
*Jan 29 00:04:58.687: Se1/0 LCP: O CONFREQ [Closed] id 1 len 10
*Jan 29 00:04:58.691: Se1/0 LCP: MagicNumber 0x011EC7EA (0x0506011EC7EA)
*Jan 29 00:04:58.711: Se1/0 LCP: I CONFREQ [REQsent] id 31 len 10
*Jan 29 00:04:58.715: Se1/0 LCP: MagicNumber 0x001E7A7E (0x0506001E7A7E)
*Jan 29 00:04:58.719: Se1/0 LCP: O CONFACK [REQsent] id 31 len 10
*Jan 29 00:04:58.719: Se1/0 LCP: MagicNumber 0x001E7A7E (0x0506001E7A7E)
*Jan 29 00:04:58.719: Se1/0 LCP: I CONFACK [ACKsent] id 1 len 10
*Jan 29 00:04:58.719: Se1/0 LCP: MagicNumber 0x011EC7EA (0x0506011EC7EA)
*Jan 29 00:04:58.719: Se1/0 LCP: State is Open
*Jan 29 00:04:58.735: Se1/0 PPP: Phase is FORWARDING, Attempting Forward
*Jan 29 00:04:58.735: Se1/0 PPP: Phase is ESTABLISHING, Finish LCP
*Jan 29 00:04:58.735: Se1/0 PPP: Phase is UP
*Jan 29 00:04:58.735: Se1/0 IPCP: O CONFREQ [Closed] id 1 len 10
*Jan 29 00:04:58.735: Se1/0 IPCP: Address 10.10.0.2 (0x03060A0A0002)
*Jan 29 00:04:58.735: Se1/0 CDPCP: O CONFREQ [Closed] id 1 len 4
*Jan 29 00:04:58.735: Se1/0 PPP: Process pending ncp packets
*Jan 29 00:04:58.743: Se1/0 IPCP: I CONFREQ [REQsent] id 1 len 10
*Jan 29 00:04:58.747: Se1/0 IPCP: Address 10.10.0.1 (0x03060A0A0001)
*Jan 29 00:04:58.747: Se1/0 IPCP: O CONFACK [REQsent] id 1 len 10
*Jan 29 00:04:58.751: Se1/0 IPCP: Address 10.10.0.1 (0x03060A0A0001)
*Jan 29 00:04:58.755: Se1/0 CDPCP: I CONFREQ [REQsent] id 1 len 4
*Jan 29 00:04:58.755: Se1/0 CDPCP: O CONFACK [REQsent] id 1 len 4
*Jan 29 00:04:58.767: Se1/0 IPCP: I CONFACK [ACKsent] id 1 len 10
*Jan 29 00:04:58.771: Se1/0 IPCP: Address 10.10.0.2 (0x03060A0A0002)
*Jan 29 00:04:58.771: Se1/0 IPCP: State is Open
*Jan 29 00:04:58.771: Se1/0 CDPCP: I CONFACK [ACKsent] id 1 len 4
*Jan 29 00:04:58.771: Se1/0 CDPCP: State is Open
*Jan 29 00:04:58.771: Se1/0 IPCP: Install route to 10.10.0.1
*Jan 29 00:04:59.739: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1/0, changed state to up
R1(config-if)#
R1(config-if)#do undebug all
All possible debugging has been turned off
R1(config-if)#


Well, that relatively verbose debug output tell us the two phases of PPP negotiation: LCP and IPCP.
LCP, formerly Link Control Protocol, as specified on RFC 1661 is used to setup the link, exchanging setup frames and agreeing on configuration options, such as authentication protocols, compression, error detection and multilink.
Note the "Magic" numbers exchanged, they are use to detect if the link is looped somewhere, comparing the sent magic number with the received one.
Magic number is also used to detect misconfigurations, just in case you have different PPP peers on a shared media, like is possible with PPPoE, the CONFREQ sent magic number must match with the CONFACK received one, otherwise, a misconfig is assumed...

the second phase, IPCP, formerly Internet Protocol Control Protocol, as specified on RFC 1332, is used, if your interface is running IP protocol, to setup and configure the ip protocol over a PPP link.
Options negotiated with IPCP are compression (no compression by default) and IP address.

In order to speed up the PPP negotiation convergence time, there are two commands introduced with the IOS 12.2(4)T :
ppp lcp predictive
ppp ipcp predictive

those two are used to send ACK in early sequence during the LCP and IPCP phases, optimizing the convergence time (see: "Optimize PPP Negotiation" for further details)

Note also that by default IPCP installs a /32 route with the ip of the other end:

*Jan 29 00:04:58.771: Se1/0 IPCP: Install route to 10.10.0.1

R1#sh ip route | beg Gate
Gateway of last resort is not set

10.0.0.0/8 is variably subnetted, 4 subnets, 2 masks
C 10.10.0.0/30 is directly connected, Serial1/0
C 10.10.0.1/32 is directly connected, Serial1/0
C 10.10.0.4/30 is directly connected, Serial1/1
C 10.1.1.1/32 is directly connected, Loopback0
R1#

To disable this peer route installation, simply use:

R1#sh run int ser 1/0 | beg int
interface Serial1/0
description R1 - R0
ip address 10.10.0.2 255.255.255.252
encapsulation ppp
shutdown
no fair-queue
serial restart-delay 0
no cdp enable
end

R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#int ser 1/0
R1(config-if)#no peer neighbor-route
R1(config-if)#no shutdown
R1(config-if)#end
R1#
*Jan 29 16:00:46.370: %SYS-5-CONFIG_I: Configured from console by console
*Jan 29 16:00:47.158: %LINK-3-UPDOWN: Interface Serial1/0, changed state to up
*Jan 29 16:00:47.166: %ENTITY_ALARM-6-INFO: CLEAR INFO Se1/0 Physical Port Administrative State Down
*Jan 29 16:00:48.210: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1/0, changed state to up
R1#sh ip route | beg Gate
Gateway of last resort is not set

10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
C 10.10.0.0/30 is directly connected, Serial1/0
C 10.10.0.4/30 is directly connected, Serial1/1
C 10.1.1.1/32 is directly connected, Loopback0
R1# ping 10.10.0.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/28/48 ms
R1#

The neighbor still reachable, but without the /32 peer route installed.

Well, let's talk about authentication, we have to remind that authentication on PPP links is unidirectional, so we can use different authentication methods on the same link, just to have more fun. There are three authentication methods: CHAP, PAP and EAP.

In our topology we have 3 serial links.... so we can try to configure authentication only on clockwise direction, starting from R0 and using chap, pap and eap respectively.

CHAP, R0 authenticates to R1:
!---- on R0 side I send username and password:
R0#sh run int ser 1/0 | beg int
interface Serial1/0
description R0 - R1
ip address 10.10.0.1 255.255.255.252
encapsulation ppp
serial restart-delay 0
ppp lcp predictive
ppp chap hostname R0
ppp chap password 0 cisco

ppp ipcp predictive
end

!---- on R1 side, I request authentication and create the username/pass:
R1#sh run | inc username R0
username R0 password 0 cisco

R1#sh run int ser 1/0 | beg int
interface Serial1/0
description R1 - R0
ip address 10.10.0.2 255.255.255.252
encapsulation ppp
serial restart-delay 0
ppp lcp predictive
ppp authentication chap
ppp ipcp predictive
end



!--- let's verify it on R0:
R0#debug ppp authentication
PPP authentication debugging is on
R0#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R0(config)#int ser 1/0
R0(config-if)#shutdown
*Jan 29 19:28:16.339: %LINK-5-CHANGED: Interface Serial1/0, changed state to administratively down
*Jan 29 19:28:17.339: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1/0, changed state to down
R0(config-if)#no shutdown
*Jan 29 19:28:20.751: %LINK-3-UPDOWN: Interface Serial1/0, changed state to up
*Jan 29 19:28:20.763: Se1/0 PPP: Using default call direction
*Jan 29 19:28:20.763: Se1/0 PPP: Treating connection as a dedicated line
*Jan 29 19:28:20.763: Se1/0 PPP: Session handle[86000015] Session id[21]
*Jan 29 19:28:20.763: Se1/0 PPP: Authorization required
*Jan 29 19:28:20.779: Se1/0 PPP: No authorization without authentication
*Jan 29 19:28:20.795: Se1/0 CHAP: I CHALLENGE id 20 len 23 from "R1"
*Jan 29 19:28:20.807: Se1/0 CHAP: Using hostname from interface CHAP
*Jan 29 19:28:20.811: Se1/0 CHAP: Using password from interface CHAP
*Jan 29 19:28:20.811: Se1/0 CHAP: O RESPONSE id 20 len 23 from "R0"
*Jan 29 19:28:20.823: Se1/0 CHAP: I SUCCESS id 20 len 4
*Jan 29 19:28:21.835: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1/0, changed state to up


PAP, R1 authenticates to R2:
!--- on R1 side, I send username and password
R1#sh run int ser 1/1 | beg int
interface Serial1/1
description R1 - R2
ip address 10.10.0.5 255.255.255.252
encapsulation ppp
serial restart-delay 0
ppp lcp predictive
ppp pap sent-username R1 password 0 cisco
ppp ipcp predictive
end

!--- same story on R2, I configure pap authentication and R1 user/pass:
R2#sh run | inc username R1
username R1 password 0 cisco

R2#sh run int ser 1/0 | beg int
interface Serial1/0
description R2 - R1
ip address 10.10.0.6 255.255.255.252
encapsulation ppp
serial restart-delay 0
ppp lcp predictive
ppp authentication pap
ppp ipcp predictive
end

!--- Verify on R1:
R1#debug ppp authentication
PPP authentication debugging is on
R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#int ser 1/1
R1(config-if)#shutdown
*Jan 29 21:34:08.035: %LINK-5-CHANGED: Interface Serial1/1, changed state to administratively down
*Jan 29 21:34:08.039: %ENTITY_ALARM-6-INFO: ASSERT INFO Se1/1 Physical Port Administrative State Down
*Jan 29 21:34:09.035: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1/1, changed state to down
R1(config-if)#no shutdown
R1(config-if)#
*Jan 29 21:35:48.195: %LINK-3-UPDOWN: Interface Serial1/1, changed state to up
*Jan 29 21:35:48.211: Se1/1 PPP: Using default call direction
*Jan 29 21:35:48.215: Se1/1 PPP: Treating connection as a dedicated line
*Jan 29 21:35:48.215: Se1/1 PPP: Session handle[67000023] Session id[217]
*Jan 29 21:35:48.215: Se1/1 PPP: Authorization required
*Jan 29 21:35:48.235: Se1/1 PPP: No authorization without authentication
*Jan 29 21:35:48.235: Se1/1 PAP: Using hostname from interface PAP
*Jan 29 21:35:48.239: Se1/1 PAP: Using password from interface PAP
*Jan 29 21:35:48.239: Se1/1 PAP: O AUTH-REQ id 213 len 13 from "R1"
*Jan 29 21:35:48.271: Se1/1 PAP: I AUTH-ACK id 213 len 5
*Jan 29 21:35:49.291: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1/1, changed state to up


EAP is really similar, here we finish with R2 authentication to R0:
!--- on R2 I send usename (eap calls "identity") and pass
R2#sh run int ser 1/1 | beg int
interface Serial1/1
description R2 - R0
ip address 10.10.0.10 255.255.255.252
encapsulation ppp
serial restart-delay 0
ppp lcp predictive
ppp eap identity R2
ppp eap password 0 cisco

ppp ipcp predictive
end

!--on R0 I configure username/pass and the authentication eap
!--eap uses local user database instead of radius
R0#sh run | inc username R2
username R2 password 0 cisco

R0#sh run int ser 1/1 | beg int
interface Serial1/1
description R0 - R2
ip address 10.10.0.9 255.255.255.252
encapsulation ppp
serial restart-delay 0
ppp lcp predictive
ppp authentication eap
ppp eap local

ppp ipcp predictive
end

!-- verfy on R2:
R2#debug ppp authentication
PPP authentication debugging is on
R2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#int ser 1/1
R2(config-if)#shutdown
*Jan 29 21:47:21.347: %LINK-5-CHANGED: Interface Serial1/1, changed state to administratively down
*Jan 29 21:47:22.347: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1/1, changed state to down
R2(config-if)#no shutdown
*Jan 29 21:42:15.855: %LINK-3-UPDOWN: Interface Serial1/1, changed state to up
*Jan 29 21:42:15.867: Se1/1 PPP: Using default call direction
*Jan 29 21:42:15.871: Se1/1 PPP: Treating connection as a dedicated line
*Jan 29 21:42:15.875: Se1/1 PPP: Session handle[240000D8] Session id[218]
*Jan 29 21:42:15.875: Se1/1 PPP: Authorization required
*Jan 29 21:42:15.895: Se1/1 PPP: No authorization without authentication
*Jan 29 21:42:15.907: Se1/1 EAP: I REQUEST IDENTITY id 3 len 5
*Jan 29 21:42:15.911: Se1/1 EAP: O RESPONSE IDENTITY id 3 len 7 from "R2"
*Jan 29 21:42:15.955: Se1/1 EAP: I REQUEST MD5 id 4 len 24 from "R0"
*Jan 29 21:42:15.963: Se1/1 EAP: Using hostname from interface EAP
*Jan 29 21:42:15.963: Se1/1 EAP: Using password from interface EAP
*Jan 29 21:42:15.963: Se1/1 EAP: O RESPONSE MD5 id 4 len 24 from "R2"
*Jan 29 21:42:15.975: Se1/1 EAP: I SUCCESS id 4 len 4
*Jan 29 21:42:16.975: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1/1, changed state to up

Note that EAP uses md5 to autenticate.
As required we can use a two way authentication with the same or a different protocol.

Another interesting thing to know about PPP is the possibility to assign an ip address to the neighbor peer. The ip address can be originated directly by ipcp, or by a dhcp or a local pool.

!--- R1 requests for an address
R1#sh run int ser 1/0 | beg int
interface Serial1/0
description R1 - R0
ip address negotiated
encapsulation ppp
no peer neighbor-route
serial restart-delay 0
ppp lcp predictive
ppp authentication chap
ppp ipcp predictive
end

!--- R0 assigns an ip address to the peer


R0#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R0(config)#int ser 1/0
R0(config-if)#peer default ip address ?
A.B.C.D Default IP address for remote end of this interface
dhcp Use DHCP proxy client mechanism to allocate a peer IP address
dhcp-pool Use local DHCP pools to allocate a peer IP address
pool Use IP pool mechanism to allocate a peer IP address


R0(config-if)#peer default ip address 10.10.0.2
R0(config-if)#do sh run int ser 1/0 | beg int
interface Serial1/0
description R0 - R1
ip address 10.10.0.1 255.255.255.252
encapsulation ppp
no peer neighbor-route
peer default ip address 10.10.0.2
serial restart-delay 0
ppp lcp predictive
ppp chap hostname R0
ppp chap password 0 cisco
ppp ipcp predictive
end

!-- Let's verify:
R1#debug ppp negotiation
PPP protocol negotiation debugging is on
R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#int ser 1/0
R1(config-if)#shutdown

*Jan 29 22:11:43.979: %LINK-5-CHANGED: Interface Serial1/0, changed state to administratively down

R1(config-if)#no shutdown
*Jan 29 22:11:53.547: %LINK-3-UPDOWN: Interface Serial1/0, changed state to up
*Jan 29 22:11:53.559: Se1/0 PPP: Using default call direction
*Jan 29 22:11:53.559: Se1/0 PPP: Treating connection as a dedicated line
*Jan 29 22:11:53.559: Se1/0 PPP: Session handle[EB000025] Session id[221]
*Jan 29 22:11:53.559: Se1/0 PPP: Phase is ESTABLISHING, Active Open
*Jan 29 22:11:53.559: Se1/0 LCP: O CONFREQ [Closed] id 6 len 15
*Jan 29 22:11:53.559: Se1/0 LCP: AuthProto CHAP (0x0305C22305)
*Jan 29 22:11:53.563: Se1/0 LCP: MagicNumber 0x015AA11C (0x0506015AA11C)
*Jan 29 22:11:53.567: Se1/0 LCP: I CONFREQ [REQsent] id 176 len 10
*Jan 29 22:11:53.571: Se1/0 LCP: MagicNumber 0x005A535F (0x0506005A535F)
*Jan 29 22:11:53.575: Se1/0 LCP: O CONFACK [REQsent] id 176 len 10
*Jan 29 22:11:53.575: Se1/0 LCP: MagicNumber 0x005A535F (0x0506005A535F)
*Jan 29 22:11:53.575: Se1/0 LCP: State is Open
*Jan 29 22:11:53.575: Se1/0 PPP: Phase is AUTHENTICATING, by this end
*Jan 29 22:11:53.575: Se1/0 CHAP: O CHALLENGE id 5 len 23 from "R1"
*Jan 29 22:11:53.575: Se1/0 LCP: I CONFACK [Open] id 6 len 15
*Jan 29 22:11:53.575: Se1/0 LCP: AuthProto CHAP (0x0305C22305)
*Jan 29 22:11:53.575: Se1/0 LCP: MagicNumber 0x015AA11C (0x0506015AA11C)
*Jan 29 22:11:53.595: Se1/0 CHAP: I RESPONSE id 5 len 23 from "R0"
*Jan 29 22:11:53.599: Se1/0 PPP: Phase is FORWARDING, Attempting Forward
*Jan 29 22:11:53.611: Se1/0 PPP: Phase is AUTHENTICATING, Unauthenticated User
*Jan 29 22:11:53.631: Se1/0 PPP: Phase is FORWARDING, Attempting Forward
*Jan 29 22:11:53.631: Se1/0 PPP: Phase is AUTHENTICATING, Authenticated User
*Jan 29 22:11:53.635: Se1/0 CHAP: O SUCCESS id 5 len 4
*Jan 29 22:11:53.635: Se1/0 PPP: Phase is UP
*Jan 29 22:11:53.635: Se1/0 IPCP: O CONFREQ [Closed] id 1 len 10
*Jan 29 22:11:53.639: Se1/0 IPCP: Address 0.0.0.0 (0x030600000000)
*Jan 29 22:11:53.639: Se1/0 PPP: Process pending ncp packets
*Jan 29 22:11:53.639: Se1/0 CDPCP: O CONFREQ [Closed] id 1 len 4
*Jan 29 22:11:53.643: Se1/0 IPCP: I CONFREQ [REQsent] id 1 len 10
*Jan 29 22:11:53.647: Se1/0 IPCP: Address 10.10.0.1 (0x03060A0A0001)
*Jan 29 22:11:53.651: Se1/0 AAA/AUTHOR/IPCP: Start. Her address 10.10.0.1, we want 0.0.0.0
*Jan 29 22:11:53.651: Se1/0 CDPCP: I CONFREQ [REQsent] id 1 len 4
*Jan 29 22:11:53.651: Se1/0 CDPCP: O CONFACK [REQsent] id 1 len 4
*Jan 29 22:11:53.651: Se1/0 AAA/AUTHOR/IPCP: Reject 10.10.0.1, using 0.0.0.0
*Jan 29 22:11:53.651: Se1/0 AAA/AUTHOR/IPCP: Done. Her address 10.10.0.1, we want 0.0.0.0
*Jan 29 22:11:53.651: Se1/0 IPCP: O CONFACK [REQsent] id 1 len 10
*Jan 29 22:11:53.651: Se1/0 IPCP: Address 10.10.0.1 (0x03060A0A0001)
*Jan 29 22:11:53.659: Se1/0 IPCP: I CONFNAK [ACKsent] id 1 len 10
*Jan 29 22:11:53.659: Se1/0 IPCP: Address 10.10.0.2 (0x03060A0A0002)
*Jan 29 22:11:53.659: Se1/0 IPCP: O CONFREQ [ACKsent] id 2 len 10
*Jan 29 22:11:53.659: Se1/0 IPCP: Address 10.10.0.2 (0x03060A0A0002)
*Jan 29 22:11:53.659: Se1/0 IPCP: I CONFACK [ACKsent] id 2 len 10
*Jan 29 22:11:53.659: Se1/0 IPCP: Address 10.10.0.2 (0x03060A0A0002)
*Jan 29 22:11:53.659: Se1/0 IPCP: State is Open
*Jan 29 22:11:53.659: Se1/0 CDPCP: I CONFACK [ACKsent] id 1 len 4
*Jan 29 22:11:53.659: Se1/0 CDPCP: State is Open
*Jan 29 22:11:53.659: Se1/0 IPCP: Install negotiated IP interface address 10.10.0.2
*Jan 29 22:11:53.683: Se1/0 IPCP: I CONFREQ [Open] id 2 len 10
*Jan 29 22:11:53.687: Se1/0 IPCP: Address 10.10.0.1 (0x03060A0A0001)
*Jan 29 22:11:53.691: Se1/0 AAA/AUTHOR/IPCP: Start. Her address 10.10.0.1, we want 10.10.0.1
*Jan 29 22:11:53.703: Se1/0 IPCP: Remove route to 10.10.0.1
*Jan 29 22:11:53.703: Se1/0 AAA/AUTHOR/IPCP: Reject 10.10.0.1, using 10.10.0.1
*Jan 29 22:11:53.703: Se1/0 AAA/AUTHOR/IPCP: Done. Her address 10.10.0.1, we want 10.10.0.1
*Jan 29 22:11:53.703: Se1/0 IPCP: O CONFREQ [Open] id 3 len 10
*Jan 29 22:11:53.703: Se1/0 IPCP: Address 0.0.0.0 (0x030600000000)
*Jan 29 22:11:53.703: Se1/0 IPCP: O CONFACK [Open] id 2 len 10
*Jan 29 22:11:53.703: Se1/0 IPCP: Address 10.10.0.1 (0x03060A0A0001)
*Jan 29 22:11:53.711: Se1/0 IPCP: I CONFNAK [ACKsent] id 3 len 10
*Jan 29 22:11:53.715: Se1/0 IPCP: Address 10.10.0.2 (0x03060A0A0002)
*Jan 29 22:11:53.719: Se1/0 IPCP: O CONFREQ [ACKsent] id 4 len 10
*Jan 29 22:11:53.719: Se1/0 IPCP: Address 10.10.0.2 (0x03060A0A0002)
*Jan 29 22:11:53.727: Se1/0 IPCP: I CONFACK [ACKsent] id 4 len 10
*Jan 29 22:11:53.727: Se1/0 IPCP: Address 10.10.0.2 (0x03060A0A0002)
*Jan 29 22:11:53.727: Se1/0 IPCP: State is Open
*Jan 29 22:11:53.727: Se1/0 IPCP: Install negotiated IP interface address 10.10.0.2
*Jan 29 22:11:54.635: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1/0, changed state to up
R1(config-if)#

The authentication phase begins immediatly after LCP, then comes the turn of IPCP, so the ip address is obtained only if authentication succeeds.

Well, enough PPP for today, in this weekend and for the next week I'll play with eigrp.. so stay tuned, always :-)

Marco

No comments: