Computers Windows Internet
Expand
home

Network protocols PPPoE and IPoE. Configuring pppoe on the router.

In modern life, the PPPoE protocol has become an integral part of the provision of Internet access services by a provider based on xDSL technology. This protocol provides additional features, such as encryption and compression of data in transit, user authentication. This protocol functions in Ethernet networks. In this regard, it is often necessary to purchase a router that supports this protocol. For example - TP-Link pppoe router.

Router connection interfaces

As a rule, such modems on the rear panel have several connectors for connecting network cables... One of them is called WAN (global computer network) - it is in this connector that you need to connect the cable that goes to the telephone socket and then to the provider. The rest of the connectors (power and USB port are not taken into account) have the same appearance and sizes, but they are grouped separately. They already serve to connect nearby standing computers and devices, and are called LAN (local area network).


The router can be either wired or wifi router pppoe - it has no fundamental differences. Wi-Fi is undoubtedly more convenient, but the price for such modems is slightly higher than for wired ones.

Configuring the router. Entering the settings menu

Setting up almost any modern router is traditionally carried out through the web interface. If we take a TP-LINK router as an example, then to configure it, you need to go to any web browser (for example Internet Explorer), and enter into address bar 192.168.1.1 (this is the standard IP address of all routers, set by the manufacturer). Of course, provided that the router is already turned on and connected to the computer. In this case, a window will appear asking you to enter your login and password to access the device settings. If the router has not been previously operated and the factory settings have not changed, then the login and password will be admin and admin, respectively.


Configuring the WAN interface of the router. PPPoE List Selection

Since the topic concerns the PPPoE standard, we will not consider initial settings such as changing the password for entering the settings menu, changing the password for connecting to the network, and the like. Let's go straight to configuring the WAN port, which is directly related to the protocol. So, go to the "Network" tab, then in the "WAN" list that appears.


In the upper central part, we will see the "WAN Connection Type" option, clicking which will expand the list available options connections. Choose PPPoE.

Configuring the WAN interface of the router. Entering username and password

Having selected the PPPoE item, you will need to enter the name in the "User Name" field, and the password provided by your provider in the "Password" field. In the “Confirm Password” field, re-enter the password in order to avoid an error.


After entering the name and password, just below we select the "Connect Automatically" option, which means to establish a connection automatically. It is advisable to use the rest of the functions of this section if it is necessary to restrict access to the Internet, for example, strictly at certain hours or to disconnect the connection during a long period of non-use of the Internet.

Of course, the appearance or location of the option may differ slightly depending on the router or firmware, but it is definitely present. Be sure to press the "SAVE" button after making any changes to the router configuration to save our settings. This completes the pppoe router configuration.

PPPoE Protocol Overview PPPoE Active Discovery Request (PADR) PPPoE Active Discovery Session-confirmation (PADS) Packet PPP Session Stage PPPoE Active Discovery Terminate (PADT) Packet

Answer:

PPPoE (English. Point-to-point protocol over Ethernet) is a network protocol for transmitting PPP frames over Ethernet. The protocol is described in RFC 2516.

Network devices ZyXEL (modems, routers, Internet centers) have PPPoE protocol support. Using PPPoE protocol allows multiple users to access the Internet at the same time with only one account... This requires a single PPPoE connection, not multiple connections equal to the number of users.


Consider 2 options for PPPoE implementation:


  1. PPPoE implementation in the device. ZyXEL device automatically establishes PPPoE connection for all computers local network, sets up only one session. The LAN computers share the available bandwidth.

  2. PPPoE implementation on the computer. The ZyXEL device acts as a transparent bridge using RFC1483 encapsulation. The device only establishes a DSL connection. To access the Internet, you need to configure a PPPoE connection on each computer. It is possible to carry out several communication sessions using several accounts on one line.

First option for PPPoE implementation using a ZyXEL device. In this case, the device operates in routing mode and is a PPPoE client that sends a connection initiation packet to the PPPoE server to establish a PPPoE connection. With this implementation, only one session is established. All hosts on the local network share the bandwidth of the Internet channel.



The modem first establishes a DSL connection and then automatically a PPPoE connection. The modem receives the IP address from the provider on the DSL port and then routes the traffic. At the same time, there is no need to configure PPPoE connection on each computer of the local network.


The second option for implementing PPPoE on a computer. In this case, the ZyXEL device acts as a transparent bridging and uses RFC1483 encapsulation. To access the Internet, you need to configure a PPPoE connection on each computer. In this case, there are multiple PPPoE sessions within the same VC.




Required additional customization operating system. The modem only establishes a DSL connection with the provider's equipment. V operating system you need to create a PPPoE connection for authorization on the provider's server. To access the Internet, the user will need to launch a PPPoE connection each time. Information on creating PPPoE connection in Windows XP / Vista operating systems can be found in the note to this article.


PPPoE Overview


PPP over Ethernet (PPPoE) provides access control and billing similar to dial-up services using PPP. PPPoE client and PPPoE server must
be located in one logical segment of the 2nd level. A PPPoE session can operate both on behalf of each user connected to the xDSL modem (the xDSL modem must work in bridge mode and transparently pass connections), and on behalf of the modem itself (the xDSL modem must operate in the router mode). DSLAM usually does not recognize PPPoE sessions, it transparently switches Ethernet frames without analyzing their content.


With PPPoE, multiple PPP sessions can be established within a single physical connection. Providers often use PPPoE because of the low cost of implementing such solutions. A PPPoE server is also called an Access Concentrator or Broadband Remote Access Server (BBRAS).


There are two distinct stages when using PPPoE, which can be called connection stage and session stage.
For the stage of establishing a connection, the value of the field Type equals 8863 , and for the session stage, the value of the field Type equals 8864 .



If a host wants to initiate a PPPoE session, it must first perform a connection establishment procedure in order to determine the Ethernet MAC address of the client device and establish Session ID PPPoE. While PPP operation is peer-to-peer communication, connection establishment is client-server communication. During the process of establishing a connection, the host detects an access concentrator (PPPoE server). Depending on the topology of the network, a host can access not one, but several PPPoE servers. At the stage of establishing a connection, the host can discover all kinds of PPPoE servers and then select one of them. If the connection establishment stage is successfully completed, the host and the PPPoE server of its choice have the information necessary to establish a point-to-point connection via Ethernet.
After the connection stage is complete, the session stage begins, during which the host receives from the PPPoE server, and then a PPP session is established, with both the host and server having to allocate the necessary resources for the PPP virtual interface.


PPPoE Encapsulation



Field length Version is 4 bits and its meaning must be equal 0x1
Field length Type of is 4 bits and its meaning must be equal 0x1 for this version of the PPPoE specification.
Field length Code is 8 bits (1 byte) and is set for the stages of connection establishment and PPP session.
Field length Session id is 16 bits (2 bytes)... Below is its meaning for connection packets. This value remains unchanged within a PPP session.
Field length Length is 16 bits (2 bytes)... Its value specifies the length of the PPPoE payload, excluding the length of the Ethernet or PPPoE headers.


The connection establishment stage is divided into 4 steps:


  1. The host sends a broadcast request packet to initialize the connection (Code: 0x09).
  2. One or more PPPoE servers send a response packet (Code: 0x07).
  3. The host sends a unicast session request packet (Code: 0x19).
  4. The selected PPPoE server sends a session confirmation packet (Code: 0x65).

The host then enters the PPP session stage. At the stage of establishing a connection in all Ethernet frames, the value of the field Medium type equals 0x8863.


To terminate a session, the PPPoE server or host sends a session termination packet (Code: 0xA7).




There are five types of packets sent during connection setup:


    PPPoE connection initiation packet - Active Discovery Initiation ( PADI) (Code: 0x09)

    PPPoE Response Packet - Active Discovery Offer ( PADO) (Code: 0x07)

    Connection request packet - PPPoE Active Discovery Request ( PADR) (Code: 0x19)

    Session confirmation packet - PPPoE Active Discovery Session-confirmation ( PADS) (Code: 0x65)

    Session end packet - PPPoE Active Discovery Terminate ( PADT) (Code: 0xA7)


PPPoE Package - Active Discovery Initiation (PADI)



In this packet, the Destination MAC Addr field contains 0xffffffffff, which means broadcast. The host sends a broadcast request packet to initiate a connection.
In field Ether Type costs 0x8863, which means that the parties are at the stage establishing a connection.
In field Code costs 0x09 which means it is initiation package.
At the stage of establishing a connection Session ID always equal 0x00 because the session is not open yet.
V this example Service Name - fae.


Information on how to collect data on all packets passing through the ZyXEL subscriber device (for example, to diagnose the establishment of a PPPoE connection) can be found in the following Knowledge Base article: BZ-1370


PPPoE - Active Discovery Offer (PADO)



In this packet, the Destination MAC Addr is the MAC address of the host, and the Source MAC Addr is the address of the Broadband Remote Access Server (BBRAS) sending the reply packet to the host.
In field Code costs 0x07 which means it is response packet.
Useful information PPPoE includes BBRAS information.


PPPoE Active Discovery Request (PADR)



The host sends a request based on the information provided by BBRAS.
In field Code costs 0x19 which means it is Request package.


PPPoE Active Discovery Session-confirmation (PADS) Package



BBRAS responds to host session confirmation packet.
In field Code this package contains 0x65, also the package contains Session ID assigned by BBRAS.


PPP session stage



After the stage of establishing the connection comes session stage... Note that now in the field Ether Type contains the value 0x8864... Both parties in a PPPoE connection communicate with each other using Session ID received from the session acknowledgment packet. Protocol top level(PPP) runs on top of the PPPoE layer, and communication begins with the connection establishment phase. LCP.
At the stage of the session in the field Code packages always worth 0x00.


PPPoE Active Discovery Terminate (PADT) packet



If the host or BBRAS wants to break the PPPoE connection, it sends session end package, in field Code which contains 0xA7 and the value in the field Session ID corresponds to a virtual connection.
Note that the session termination is related to the connection stage, not the session stage, since no data is being transferred anymore.

Note


1. For information on configuring an ADSL modem when using PPPoE encapsulation, see the following article: BZ-1894


2. You can find information on configuring the P-330W router to connect to the Internet via PPPoE in the following article: БЗ-1895


3. When implementing PPPoE on a computer, additional configuration of the operating system is required. To access the Internet, you need to create a PPPoE connection in the operating system and then start each time.

To create a PPPoE connection in the operating room Windows system Vista go to Control Panel> Network and Sharing Center and select Establishing a connection or network... Please select Internet connection and press the button Further... The wizard will start Internet connection... Please select Create a new connection anyway... Then select Create a new connection and press the button Further... Select connection type High Speed ​​(with PPPoE)... In the next window enter Username and Password to access the Internet provided by your ISP and click Connection... To complete the wizard Internet connection press the button Close.


To create a PPPoE connection in Windows XP, click Start> Settings> Network connections> New Connection Wizard... Click the button Further to continue working New Connection Wizards... Select item Connect to the Internet... In the next window select Set up a connection manually... Then select the item Through a high-speed connection asking for a username and password... Next, enter the name of the connection being created. In the next window enter Username and Password provided by your ISP for Internet access. To close the New Connection Wizard, click the button Ready.

The technology for using PPP stack over Ethernet is relatively new, but has already gained widespread acceptance. On this moment it is defined by RFC 2516, which was developed and released in February 1999. However, this document is not a standard and is still informative in nature. The founders of this document were RedBack Networks, RouterWare, UUNET and others. Thus, the "perceived age" of this technology is very small. Its use provides Internet service providers with new opportunities in organizing and accounting for user access to the network. This is especially true for those providers who are planning or already offering their users access to the Internet using an Ethernet network, for example, in modern residential complexes, where twisted-pair cabling is no longer an innovation.

Particularly noteworthy is the fact that you do not need a modem to configure the provider's router, install a hub at the entrance of a residential building, a network card and a small software, there is no need to occupy a single telephone line, since the service provider can now organize, restrict access and accounting of user traffic in such a way as if the user is using a regular modem channel. This implementation was made possible thanks to PPPoE technology, which launches a PPP session, but not over a modem connection, but over an Ethernet network.

At the same time, user authentication via PAP and CHAP protocols, dynamic allocation of IP addresses to users, assignment of a gateway address, DNS server, etc. will be supported.

PPPoE technology is currently one of the cheapest in providing users with access to Internet services in residential complexes based on Ethernet and using DSL technology.

Since PPPoE works by establishing a point-to-point connection over a common Ethernet environment, the PPPoE process must be divided into two stages. In the first stage, two devices must tell each other their addresses and establish an initial connection, and in the second stage, start a PPP session.

Connection establishment stage

The stage of establishing a connection between the client (user's computer) and the server (provider's access concentrator) is divided into several stages.

At the first stage, the client sends a broadcast request (destination address - broadcast address) (PADI PPPoE Active Discovery Initiation) to find a server with PPPoE service. This request is received by all users on the network, but only those who have PPPoE service support will answer it. The response packet from the access concentrator (PADO PPPoE Active Discovery Offer) is sent in response to the client, but if there are many devices with PPPoE service on the network, the client will receive many PADO packets. In this case, software the client selects the necessary access concentrator and sends him a packet (PADR PPPoE Active Discovery Request) with information about the required service (the required class of service depends on the services of the provider), the name of the provider, etc. After receiving the request, the access concentrator prepares to start a PPP session and sends a PADS (PPPoE Active Discovery Session-confirmation) packet to the client. If all the services requested by the client are available (this package includes a unique session number assigned by the hub), then the second stage begins - the stage of the established session. If the services requested by the customer cannot be provided, the customer receives a PADS package indicating the error in the service request.

Established session stage

The session starts using PPP packets. When establishing a PPP session, the user can be authenticated using RADIUS, and his traffic will be counted as during normal dial-up access. It can be assigned a dynamic IP address from the hub address pool, set the gateway and DNS server settings. In this case, a virtual interface is appropriately set to the client on the access concentrator. It is desirable for the access concentrator to send periodic requests to the client to determine its status. This operation is necessary so that the client, which for some reason does not terminate the session correctly, is not considered to exist and the resources of the access concentrator are not reserved for it.

The PPPoE connection is terminated at the initiative of the client or access concentrator by sending a PADT (PPPoE Active Discovery Terminate) packet.

The PPPoE protocol provides some additional functions, such as protection against DoS attacks (Denial of Service). Protection against some types of DoS attacks is implemented by adding a special AC-Cookie field to PADI packets, which allows the access concentrator to limit the number of simultaneous PPPoE sessions per client.

Testing products with PPPoE technologies 01.04.01

The INLINE Technologies test laboratory tested products from different manufacturers using PPPoE technology. For this, the following equipment was used as access concentrators:

  • Cisco 7206;
  • Cisco 3640;
  • Cisco 2620;
  • access hub US Robotics Total Control.

Let's look at the configuration of the Cisco 2620 router to use PPPoE service. The above configuration was installed on our test router and worked in conjunction with the known software products clients. The connection diagram is shown in the figure; it corresponds to excerpts from the router configuration.

PPPoE (from the English. Point-to-point protocol over Ethernet) is network protocol over Ethernet PPP frames. It is commonly used by xDSL services. PPPoE provides additional features such as encryption, compression, authentication.

PPPoE- a tunneling protocol that allows you to encapsulate (configure) IP, or other protocols layered on PPP, over Ethernet connections, but with PPP software capabilities. Therefore, this protocol is used to make virtual “calls” to neighboring Ethernet machines, as well as to establish a point-to-point connection used for transporting IP packets that works with PPP capabilities.

This allows traditional PPP-based software to be used to configure connections that will use a packet-based network rather than a serial link to create a classic password and login for Internet connections. In addition, on the other side of the connection, an IP address is assigned only when the PPPoE connection, which makes it possible to dynamically reuse IP addresses.

PPPoE works like this: there is an Ethernet environment, that is, the connection of several network cards addressed by MAC addresses. The headers of Ethernet frames contain the address of the recipient of the frame, the sender of the frame, and the type of the frame itself. One of these cards is listened to by the PPPoE server. The PPPoE server must respond to the Ethernet broadcast frame sent by the client. In turn, the PPPoE server sends a response to the client. If the network contains several PPPoE servers, then each of them sends a response. And then the client needs to choose a suitable server and send him a connection request. Then the server sends a confirmation to the client, which has unique identifier session, and all further frames in the session will have this identifier. That is, a virtual channel is created between the client and the server, identified by the identifier of the MAC addresses of the server and client, and the session. After that, a PPP connection rises in this channel, and IP traffic is packed into PPP packets.

PPPoE is PPP over Ethernet, a protocol that allows PPP frames to be sent directly over Ethernet. The main advantages of PPPoE over traditional IP over Ethernet are that LAN connections require an account on the gateway. Such organization of the local network makes it possible to simplify the control and configuration of billing.

PPPoE protocol is a complete analogue of dialup connection, differing only in speed - up to 100 Mbps, and transmission medium - Ethernet. Ethernet uses PPP stack technology, which is not new, as it is already widespread.

PPPoE works on the principle of establishing a point-to-point connection over a common Ethernet environment, therefore, the process of PPPoE operation can be divided into two stages. In the first stage, two devices communicate their addresses to each other and establish an initial connection, in the second stage, a PPP session is started.

Advantages and limitations of this protocol:

1) Convenience and ease of use.

2) Multiplatform.

3) Simplicity and ease of handling.

5) Compared to VPN, no grinding costs.

PPPoE (Point-to-Point Protocol over Ethernet) is a communication protocol over Ethernet. For ISPs, the main advantage of PPPoE is that they can easily get by with a limited number of IP addresses by simply assigning them to only those users who are currently connected. Also, with PPPoE, ISPs can flexibly manage their customer base, and it will be more difficult for individuals to host FTP and Web sites on their servers.

Compared to other types of broadband services, PPPoE has much higher security, which will undoubtedly be appreciated by consumers. After all, it will be more difficult for hackers to identify and break into computers with temporary IP addresses. Inconvenience to the user can be delivered by frequent error messages that are issued when the authentication server fails from the provider's side. Thus, PPPoE cannot seriously affect the connection speed. In essence, this protocol creates a tunnel connection between the provider and the subscriber.

It is necessary to authorize PPPoE via CHAP, which means that passwords are always transmitted in encrypted form, and the system records the time of subscriber's connection to the network, which makes it easy to check in case of traffic disputes.

This manual will describe a universal way to connect a router to the Internet using the PPPoE protocol. Providers Dom.Ru, TTK, SevenSky, NetByNet, LanPort, InetKom, GorKom, Iskra Telekom, Maryino.Net, Smile :) and others. The manual is suitable for any router model - the only differences will appear in the name and design of the settings sections in the administrator menu of the router.

Configuring the router

1. Insert the cable from the provider into WAN port on the router (blue), and the Ethernet cable that came with the router - into the computer with one end, and the other into any LAN port on the router (yellow).

2. On a PC under Windows control 7, and in other operating systems, by analogy, open the section network settings: Start => Control Panel => Network and Internet => Network and Sharing Center => Manage network connections => Changes adapter settings.


Click right click mouse on the item "Local Area Connection" go to "Properties" then to the section "Internet Protocol version 4" and check the boxes on "Obtain IP automatically" and "Obtain DNS server address automatically" Apply and save.


3. On the case of the router, we find the IP address to enter the administrative mode (as a rule, it is http://192.168.0.1), and log and pass (usually the login admin is used, the password is empty or admin).



5. We find in the router menu the item "WAN" or "Internet"

6. Select the "WAN" submenu in the "Network" menu. Specify the connection type "PPPoE / Russia PPPoE" Password and username - we take from the contract with the provider. We save all the changes and, preferably, reboot the router.


7. It happens that the provider in the settings of your Internet connection is tied to the MAC address of the previously connected other PC. Then in the admin panel "Clone from computer" this address.


It happens that there is no such function, then the MAC address will have to be specified manually. To do this, go to the computer section "Network Connections" in the control panel, open "Local Area Connection" and click the "Properties" button. We see "Physical address" - this is the desired address, which should be specified in the router settings.


We save the changes on the router and reboot it.

8. Find the section "Wireless Settings" ( Wireless network) and write our values ​​for:

  • SSID - network name
  • Security - WPA2-Personal
  • Encryption method - AES / TKIP
  • Password - for Wi-Fi (at least 8 characters)




Did not find an answer to your question? Look at here
Bugs in Singularity?Bugs in Singularity?
Just Cause 2 crashesJust Cause 2 crashes
Terraria won't start, what should I do?Terraria won't start, what should I do?