PPPoE Principle and Configuration P-0

 1. PPPoE Over view ……………........... ,....…..……….…………………Page 3

 2. Working Mechanism of Each Phase…………………...…..………….Page 27

Confidential Information of Huawei. No Spreading Without Permission

PPPoE Principle and Configuration P-1

Confidential Information of Huawei. No Spreading Without Permission

PPPoE Principle and Configuration P-2

Confidential Information of Huawei. No Spreading Without Permission

PPPoE Principle and Configuration P-3

Confidential Information of Huawei. No Spreading Without Permission

 PPPoE Principle and Configuration P-4

 The PPPoE process adopts the Client/Server model. Generally, the PC

requesting the connection is the PPPoE client, and the BRAS or router acts as
the PPPoE server.
 The PPPoE client establishes only one PPPoE connection on an Ethernet port,
while the PPPoE server establishes connections with multiple PPPoE clients
through an Ethernet port. Therefore, the PPPoE server is also called access
concentrator.

Confidential Information of Huawei. No Spreading Without Permission

 PPPoE Principle and Configuration P-5

 PPP is point-to-point communication protocol. It does not provide addressing

function. The PPP protocols can run only when the point-to-point connection is
set up.
 The Ethernet is a multi-access network. The function of PPPoE is to establish
multiple PPP connections on the Ethernet. But how to indentify multiple PPP
connections on the Ethernet?
 PPPoE uses session ID and MAC address to identify a connection. On each
access concentrator, a connection is uniquely identified by a session ID. A
switching network can have multiple access concentrators. Each access
concentrator is identified by the MAC address.
 At the same time, an access concentrator identifies the PPPoE clients with MAC
addresses.
 The value of session ID ranges from 0 to 65535. The number of sessions
supported by an access concentrator may be limited by the hardware
performance of the equipment.

Confidential Information of Huawei. No Spreading Without Permission

 PPPoE Principle and Configuration P-6

 The PPPoE process consists of two phases, discovery stage and session stage.
In the discovery stage, PPPoE establishes the connection through packet
interaction and allocates a session ID for each connection.
 In the session stage, PPPoE carries upper-layer data through the established
connection.

Confidential Information of Huawei. No Spreading Without Permission

 PPPoE Principle and Configuration P-7

 PPPoE packets are encapsulated in Ethernet frames.

 DMAC: indicates the destination MAC address. The packets of different phases
may use unicast MAC address or multicast MAC address.
 SMAC: indicates the source MAC address, namely, the MAC address of the port
sending the frames.
 TYPE: indicates the packet type. The value of the packet type in the discovery
stage is 0x8863; the value of the packet type in the session stage is 0x8864.
 CHECKSUM: indicates the checksum information.

Confidential Information of Huawei. No Spreading Without Permission

 PPPoE Principle and Configuration P-8

 VER: indicates the version. The value must be set to 1.

 TYPE: indicates the type of packets. The value must be set to 1.
 CODE: identifies the type of packets.
 SESSION_ID: indicates the ID of the PPPoE session.
 LENGTH: indicates the length of the payload. The unit is byte.

Confidential Information of Huawei. No Spreading Without Permission

 PPPoE Principle and Configuration P-9

 The configuration of the PPPoE Server on the router consists of the configuration
of port and the configuration of authentication.
 A virtual PPP interface should be created and the created interface should be
bound to the physical Ethernet interface. The PPP attributes need to be
configured on the virtual PPP interface. On the VRP platform, the virtual PPP
interface is represented by Virtual-Template.
 interface Virtual-Template 0
 This command is used to create a virtual PPP interface. The port number is 0 .
 pppoe-server bind virtual-template 0
 This command is used to bind the Ethernet port to the virtual PPP interface. In
this example, the Ethernet port is bound to interface 0.

Confidential Information of Huawei. No Spreading Without Permission

 PPPoE Principle and Configuration P-10

 Suppose that the user name for PPPoE dial-up is huawei and the password is hello.
 The VRP manages users by using user domains. The format of user name is
user@huawei, in which huawei is the domain name. The authentication scheme,
accounting scheme, and IP address allocation policy should be specified in the user
domain. When the router allocates IP address to the client, it should use the IP pool
because multiple users will be accessed. If the user name does not contain the domain
name, the VRP should use the default domain.
 domain default enable system
 This command is used to specify the domain that authenticates or allocates IP address to
the user when the user name does not contain the domain name. That is, this command
configures the default domain. In this example, the default domain is system. The users
of domain system adopt local authentication and non-accounting.
 local-user huawei
 This command is used to create a user. The user name is huawei.
 password simple hello
 This command is used to configure the user name and the password. The simple filed
means that the password in the configuration file is in plain text. In this example, the
password is hello.
 service-type ppp
 This command is used to specify the service type of the user. In this example, the user
can use only the PPP dial-up.
 ip pool 0 10.1.1.2 10.1.1.254
 This command is used to create an IP pool.

Confidential Information of Huawei. No Spreading Without Permission

PPPoE Principle and Configuration P-11

Confidential Information of Huawei. No Spreading Without Permission

 PPPoE Principle and Configuration P-12

 As shown in the above figure, the process of establishing a PPPoE connection is as

follows:
 PCA sends a PPPoE Active Discovery Initiation (PADI) packet to request the response of
the PPPoE server. Thus the PPPoE client can discover the PPPoE server on the network.
 In the PADI packet, the destination MAC address is a broadcast address, so all the hosts
and PPPoE servers on the network can receive the packet. In the PADI packet, the
session ID is 0x0000.
 When a PPPoE server receives a PADI packet, it returns a PPPoE Active Discovery Offer
(PADO) packet if it can provide PPPoE services. This packet tells the PPPoE client that it
can provide PPPoE services. In the PADO packet, the destination MAC address is a
unicast address, namely, the source MAC address of the PADI packet. The session ID is
0x0000.
 After the configuration, the Access Concentrator’s Name (AC Name) field is added to the
PADO packet. This field identifies the PPPoE server. If there are multiple PPPoE servers
on the network, the client receives multiple PADO packets sent by the servers. Then, the
client can select a PPPoE server based on this field.

Confidential Information of Huawei. No Spreading Without Permission

 PPPoE Principle and Configuration P-13

 After receiving the PADO packet, the PPPoE client sends a PPPoE Active
 Directory Request (PADR) packet to the PPPoE server. This packet requests the
session ID from the PPPoE server and try to establish a PPPoE session.
 In the PADR packet, the destination MAC address is a unicast address, namely,
the source MAC address of the PADO packet. The session ID is 0x0000.
 After receiving the PADR packet, the PPPoE server generates a unique session
ID and returns a PPPoE Active Discovery Session-Confirmation (PADS) packet.
 This packet reports the allocated session ID to the PPPoE client.
 In the PADS packet, the destination MAC address is a unicast address, namely,
the source MAC address of the PADR packet. The session ID is the one
allocated to the session on the PPPoE server.
 When the PPPoE client receives the PADS packet, it analyzes the session ID. All
the packets sent after the PPPoE session is established are identified by the
session ID.

Confidential Information of Huawei. No Spreading Without Permission

 PPPoE Principle and Configuration P-14

 In the PPPoE packet sent in the session stage, the destination MAC address is
unicast address, the Code filed is 0x00, the session ID is the one allocated in the
discovery stage, and the payload field is the PPP data frame.
 Note: The PPP data frames do not undergo HDLC encapsulation.

Confidential Information of Huawei. No Spreading Without Permission

 PPPoE Principle and Configuration P-15

 When the PPPoE client needs to close the session, it sends a PPPoE Active
 Discovery Terminate (PADT) packet to the PPPoE server. Similarly, if the PPPoE
server needs to close the session, it can also send a PADT packet. This packet is
used to close a session.
 In the PADT packet, the destination MAC address is a unicast address and the
session ID indentifies the session to be closed.
 After one end receives the PADT packet, the session is closed and no further
processing is needed.

Confidential Information of Huawei. No Spreading Without Permission

 PPPoE Principle and Configuration P-16

 How does PPPoE identify point-to-point connection in multi-access network?

 It uses the MAC address and the session ID to identify a connection.

 How many stages does PPPoE have?

 Two. Discovery stage and session stage.

 In general, how many times of exchanging packet are needed to establish

PPPoE connection?
 Four.

Confidential Information of Huawei. No Spreading Without Permission

PPPoE Principle and Configuration P-17

Confidential Information of Huawei. No Spreading Without Permission