A mathod for transmitting PPP over Ethernet (PPPoE)

zhaozj2021-02-16  57

NetWork Working Group L. MamakosRequest for Comments: 2516 K. Lidlcategory: Information J. Evarts UUNET TECHNOLOGIES, Inc. D. Carrel D. Simone Redback Networks, Inc. R. Wheeler Routerware, Inc. February 1999

A mathod for transmitting PPP over Ethernet (PPPoE)

STATUS OF this Memo

This Memo Provides Information for the Internet Community. It Does Not Specify An Internet Standard of Any Kind. Distribution of this Memo is unlimited.

Copyright Notice

Copyright (c) The Internet Society (1999). All Rights Reserved.

Abstract

The point-to-point protocol (PPP) [1] Province A Standard Method for Transporting Multi-Protocol DataGrams over Point-to-Point Links.

This Document Describes How To Build PPP sessions and encapsulate PPP Packets over Ethernet.

Applicability

This specification is intended to provide the facilities which are defined for PPP, such as the Link Control Protocol, Network-layer Control Protocols, authentication, and more. These capabilities require a point-to-point relationship between the peers, and are not designed For the Multi-Point Relationships Hich Are Available In Ethernet and other Multi-Access Environments.

This specification can be used by multiple hosts on a shared, Ethernet to via open PPP sessions to multiple destinations one or more bridging modems. It is intended to be used with broadband remote access technologies that provide a bridged Ethernet topology, when access providers wish to MAINTAIN THE SESSION ABSTRACTION Associated with ppp.mamakos, et. al. informational [Page 1] RFC 2516 Transmitting PPP over Ethernet February 1999

This Document Describes The PPP over Ethernet Encapsulation That Being Deployed by Redback Networks, Routerware, Uunet and Others.

INTRODUCTION

Modern access technologies are faced with several conflicting goals. It is desirable to connect multiple hosts at a remote site through the same customer premise access device. It is also a goal to provide access control and billing functionality in a manner similar to dial-up services using PPP. In many access technologies, the most cost effective method to attach multiple hosts to the customer premise access device, is via Ethernet. In addition, it is desirable to keep the cost of this device as low as possible while requiring little or no CONFIGURATION.

PPP over Ethernet (PPPoE) provides the ability to connect a network of hosts over a simple bridging access device to a remote Access Concentrator. With this model, each host utilizes it's own PPP stack and the user is presented with a familiar user interface. Access Control, Billing and Type of Service Can Be Done ON A Per-User, Rather Than A Per-site, Basis.

To provide a point-to-point connection over Ethernet, each PPP session must learn the Ethernet address of the remote peer, as well as establish a unique session identifier. PPPoE includes a discovery protocol that provides this.2. Conventions

The Keywords Must, Must Not, Required, Shall, Shall Not, Should, Should Not, Recommend, May, And Optional, When Appear in this document, Are to be interpreted as described in [2].

3. Protocol overview

PPPoE has two distinct stages. There is a Discovery stage and a PPP Session stage. When a Host wishes to initiate a PPPoE session, it must first perform Discovery to identify the Ethernet MAC address of the peer and establish a PPPoE SESSION_ID. While PPP defines a peer-to-peer relationship, Discovery is inherently a client-server relationship. In the Discovery process, a Host (the client) discovers an Access Concentrator (the server). Based on the network topology, there may be more than one Access Concentrator that the Host can communicate with. The Discovery stage allows the Host to discover all Access Concentrators and then select one. When Discovery completes successfully, both the Host and the selected Access Concentrator have the information they will use to build their point-to- Point Connection over Ethernet.

Mamakos, et. Al. Informational [Page 2] RFC 2516 Transmitting PPP over Ethernet February 1999

.

4. PayLoads

The Following Packet Formats Are Defined Here. The PayLoad Contents Will Be Defined In The Discovery and PPP Sections.an Ethernet Frame Is as Follows:

1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 - - - - | DESTINATION_ADDR | | (6 OCTETS) | | | - - | Source_addr | | (6 octets | | | - | Ether_TYPE (2 OCTS) | - - - - - - - - - - - - - - - - - - - | CHECKSUM | - - - - - - - - - - - - - - - -

The DESTINATION_ADDR field contains either a unicast Ethernet destination address, or the Ethernet broadcast address (0xffffffff). For Discovery packets, the value is either a unicast or broadcast address as defined in the Discovery section. For PPP session traffic, this field MUST contain the Peer's Unicast Address AS Determined from The Discovery Stage.The Source_addr Field Must Contains The Ethernet Mac Address of The Source Device.

The ether_type is set to each 0x8863 (ppp session stage).

Mamakos, et. Al. Informational [Page 3] RFC 2516 Transmitting PPP over Ethernet February 1999

The Ethernet Payload for PPPOE IS AS FOLLOWS:

1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - - - - - - - - - - | VER | TYPE | CODE | SESSION_ID | - - - - - - - - - - - - - - - - - - - - | LENGTH | payload ~ - - - - - - - - - - - - - - - - -

The Ver Field Is Four Bits and Must Be Set To 0x1 for this Version of The PPPOE Specification.

...........................

The SESSION_ID field is sixteen bits. It is an unsigned value in network byte order. It's value is defined below for Discovery packets. The value is fixed for a given PPP session and, in fact, defines a PPP session along with the Ethernet SOURCE_ADDR and Destination_addr. A value of 0xfffff is reserved for Future Use and Must Not Be Used

................ ..

5. Discovery Stage

There are four steps to the Discovery stage. When it completes, both peers know the PPPoE SESSION_ID and the peer's Ethernet address, which together define the PPPoE session uniquely. The steps consist of the Host broadcasting an Initiation packet, one or more Access Concentrators sending Offer packets, the Host sending a unicast Session Request packet and the selected Access Concentrator sending a Confirmation packet. When the Host receives the Confirmation packet, it may proceed to the PPP Session Stage. When the Access Concentrator sends the Confirmation packet, it may proceed To the PPP session.

All discovery ethernet frames have the ether_type field set to the value 0x8863.

Mamakos, et. Al. Informational [Page 4] RFC 2516 Transmitting PPP over Ethernet February 1999

The PPPOE PAYLOAD Contains Zero or More Tags. A Tag IS A TLV (TYPE- Length-Value) Construct and is defined As Follows:

1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - - - - - - - - - - | TAG_TYPE | TAG_LENGTH | - - - - - - - - - - | TAG_VALUE ... ~ - - - - - - - - - - - - - - - - - - - - - - - - TAG_TYPE IS A SIXTEEN BIT FIELD IN NETWORK BYTE ORDER. APPENDIX A Contains a list of All tag_types and their tag_values.

Tag_length is a sixteen bit field. It is an unsigned number in network byte order, indeicating the length.

If a discovery packet is received with a TAG of unknown TAG_TYPE, the TAG MUST be ignored unless otherwise specified in this document. This provides for backwards compatibility if / when new TAGs are added. If new mandatory TAGs are added, the version number will be INCREMENTED.

Some Example Discovery Packets Are Shown in Appendix B.

5.1 The PPPoe Active Discovery Initiation (PADI) Packet

The Host Sends The Padi Packet with The Destination_addr Set To The Broadcast Address. The code field is set to 0x09 and the session_id must be set to 0x0000.

The PADI packet MUST contain exactly one TAG of TAG_TYPE Service- Name, indicating the service the Host is requesting, and any number of other TAG types. An entire PADI packet (including the PPPoE header) MUST NOT exceed 1484 octets so as to leave sufficient Room for a relay agent to add a relay-session-id tag.5.2 The PPPOE Active Discovery Offer (PADO) Packet

When the Access Concentrator receives a PADI that it can serve, it replies by sending a PADO packet. The DESTINATION_ADDR is the unicast address of the Host that sent the PADI. The CODE field is set to 0x07 and the SESSION_ID MUST be set to 0x0000.

Mamakos, et. Al. Informational [Page 5] RFC 2516 Transmitting PPP over Ethernet February 1999

The PADO packet MUST contain one AC-Name TAG containing the Access Concentrator's name, a Service-Name TAG identical to the one in the PADI, and any number of other Service-Name TAGs indicating other services that the Access Concentrator offers. If the Access CONCENTRATOR CAN NOT Serve The Padi It Must Not Respond with a Pado.

5.3 The PPPoE Active Discovery Request (PADR) Packet

Since the PADI was broadcast, the Host may receive more than one PADO. The Host looks through the PADO packets it receives and chooses one. The choice can be based on the AC-Name or the Services offered. The Host then sends one PADR packet to the Access Concentrator that it has chosen. The DESTINATION_ADDR field is set to the unicast Ethernet address of the Access Concentrator that sent the PADO. The CODE field is set to 0x19 and the SESSION_ID MUST be set to 0x0000.

The PADR packet MUST contain exactly one TAG of TAG_TYPE Service- Name, indicating the service the Host is requesting, and any number of other TAG types.5.4 The PPPoE Active Discovery Session-confirmation (PADS) packet

When the Access Concentrator receives a PADR packet, it prepares to begin a PPP session. It generates a unique SESSION_ID for the PPPoE session and replies to the Host with a PADS packet. The DESTINATION_ADDR field is the unicast Ethernet address of the Host that sent the ......................

The Pads Packet Contains Exactly One Tag of Tag_Type Service-Name, Indicating The Service Under Which Access Concentrator Has Accept The PPPOE Session, And Any Number of Other Tag Types.

If the Access Concentrator does not like the Service-Name in the PADR, then it MUST reply with a PADS containing a TAG of TAG_TYPE Service-Name-Error (and any number of other TAG types). In this case the SESSION_ID MUST be set TO 0x0000.

5.5 The PPPoe Active Discovery Terminate (PADT) Packet

This packet may be sent anytime after a session is established to indicate that a PPPoE session has been terminated. It may be sent by either the Host or the Access Concentrator. The DESTINATION_ADDR field is a unicast Ethernet address, the CODE field is set to 0xa7 And the session_id must be set to indeicate which session is to be terminated. no tags are request.

Mamakos, et. Al. Informational [Page 6] RFC 2516 Transmitting PPP over Ethernet February 1999

When a PADT is received, no further PPP traffic is allowed to be sent using that session. Even normal PPP termination packets MUST NOT be sent after sending or receiving a PADT. A PPP peer SHOULD use the PPP protocol itself to bring down a PPPoE session , But The Padt May Be Used When PPP CAN NOT BE Used.6. PPP Session Stage

Once the PPPoE session begins, PPP data is sent as in any other PPP encapsulation. All Ethernet packets are unicast. The ETHER_TYPE field is set to 0x8864. The PPPoE CODE MUST be set to 0x00. The SESSION_ID MUST NOT change for that PPPoE session and .

An Example Packet Is Shown in Appendix B.

7. LCP Considances

. The Magic Number LCP configuration option is RECOMMENDED, and the Protocol Field Compression (PFC) option is NOT RECOMMENDED An implementation MUST NOT request any of the following options, and MUST reject a request for such an option:

FIELD CHECK Sequence (FCS) Alternatives,

Address-And-Control-Field-Compness (ACFC),

Asynchronous-Control-Character-Map (ACCM)

The Maximum-Receive-Unit (MRU) option MUST NOT be negotiated to a larger size than 1492. Since Ethernet has a maximum payload size of 1500 octets, the PPPoE header is 6 octets and the PPP Protocol ID is 2 octets, the PPP MTU Must Not Be Greater Than 1492.

It is RECOMMENDED that the Access Concentrator ocassionally send Echo-Request packets to the Host to determine the state of the session. Otherwise, if the Host terminates a session without sending a Terminate-Request packet, the Access Concentrator will not be able to determine that .. '' s.

Mamakos, et. Al. Informational [Page 7] RFC 2516 Transmitting PPP over Ethernet February 1999

8. Other considances

When a host does not receive a PADO packet within a specified amount of time, it SHOULD resend it's PADI packet and double the waiting period. This is repeated as many times as desired. If the Host is waiting to receive a PADS packet, a similar .

The ETHER_TYPEs used in this document (0x8863 and 0x8864) have been assigned by the IEEE for use by PPP Over Ethernet (PPPoE). Use of these values ​​and the PPPoE VER (version) field uniquely identify this protocol.

UTF-8 [5] IS Used Throughout this document instead of ascii. UTF-8 Supports the Entire Ascii Character Set While Allowing for International Character Sets as Well. See [5] for more details.

9. Security considitys

To help protect against Denial of Service (DOS) attacks, the Access Concentrator can employ the AC-Cookie TAG. The Access Concentrator SHOULD be able to uniquely regenerate the TAG_VALUE based on the PADR SOURCE_ADDR. Using this, the Access Concentrator can ensure that the PADI SOURCE_ADDR is indeed reachable and can then limit concurrent sessions for that address. What algorithm to use is not defined and left as an implementation detail. An example is HMAC [3] over the Host MAC address using a key known only to the Access> Concentrator. While the AC-Cookie is useful against some DOS attacks, it can not protect against all DOS attacks and an Access Concentrator MAY employ other means to protect resources.While the AC-Cookie is useful against some DOS attacks, it can not protect Against All Dos Attacks and an Access Concentrator May Employ Other Means to Protect Resources.

Many Access Concentrators will not wish to offer information regarding what services they offer to an unauthenticated entity. In that case the Access Concentrator should employ one of two policies. It SHOULD never refuse a request based on the Service-Name TAG, and always return the Tag_Value That Was Sent To It. Or it will Only Accept Requests with a service-name tag with a zero tag_length. The former solution is recommented.

10. ACKNOWLEDGMENTS

This Document Is Based On Concepts Discussed In Several Forums, Including The ADSL Forum.

Mamakos, et. Al. Informational [Page 8] RFC 2516 Transmitting PPP over Ethernet February 1999

Copious Amounts of TEXT HAVEEN Stolen from RFC 1661, RFC 1662 and RFC 2364.

11. References

[1] Simpson, W., Editor, "The Point-to-Point Protocol (PPP)", STD 51, RFC 1661, JULY 1994

[2] BRADNER, S., "Key Words for Use in RFCS to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.

[3] Krawczyk, H., Bellare, M. And R. Canetti, "HMAC: Keyed-Hashing for Message Authentication", RFC 2104, February 1998.

[4] Reynolds, J. And J. Postel, "Assigned Numbers", STD 2, RFC 1700, October 1994. See Also: http://www.iana.org/Numbers.html

[5] Yergeau, F., "UTF-8, A Transformation Format of ISO 10646", RFC 2279, January 1998.

Mamakos, et. Al. Informational [Page 9] RFC 2516 Transmitting PPP over Ethernet February 1999

Appendix a

Tag_types and tag_values

0x0000 end-of-list

THIS TAG INDICES THAT. The Tag_length of this Tag Must Always Be Zero. Use of this tag is not required, but remains for backwards compatibility.

0x0101 service-name

This TAG indicates that a service name follows. The TAG_VALUE is an UTF-8 string that is NOT NULL terminated. When the TAG_LENGTH is zero this TAG is used to indicate that any service is acceptable. Examples of the use of the Service-Name TAG Are to indeicate an isp name or a class or qualy ration of service.

0x0102 AC-NAME

This TAG indicates that a string follows which uniquely identifies this particular Access Concentrator unit from all others. It may be a combination of trademark, model, and serial id information, or simply an UTF-8 rendition of the MAC address of the box. It Is not null terminated.

0x0103 Host-UNIQ

This TAG is used by a Host to uniquely associate an Access Concentrator response (PADO or PADS) to a particular Host request (PADI or PADR). The TAG_VALUE is binary data of any value and length that the Host chooses. It is not interpreted by the Access Concentrator. The Host MAY include a Host-Uniq TAG in a PADI or PADR. If the Access Concentrator receives this TAG, it MUST include the TAG unmodified in the associated PADO or PADS response.0x0104 AC-Cookie

This TAG is used by the Access Concentrator to aid in protecting against denial of service attacks (see the Security Considerations section for an explanation of how this works). The Access Concentrator MAY include this TAG in a PADO packet. If a Host receives this TAG , IT Must Return The Tag Unmodified in The Following Padr. The Tag_Value IS Binary Data of Any Value And Length And Is Not Interpreted by The Host.

Mamakos, et. Al. Informational [Page 10] RFC 2516 Transmitting PPP over Ethernet February 1999

0x0105 Vendor-Specific

This TAG is used to pass vendor proprietary information. The first four octets of the TAG_VALUE contain the vendor id and the remainder is unspecified. The high-order octet of the vendor id is 0 and the low-order 3 octets are the SMI Network Management Private Enterprise Code of The Vendor in Network Byte Order, As Defined In The Assigned NumBers RFC [4].

Use of this tag is not recommended. TO ENSURE Inter-Operability, An Implementation May Silently Ignore A Vendor-Specific Tag.

0x0110 relay-session-id

This TAG MAY be added to any discovery packet by an intermediate agent that is relaying traffic. The TAG_VALUE is opaque to both the Host and the Access Concentrator. If either the Host or Access Concentrator receives this TAG they MUST include it unmodified in any discovery packet they send as a response. All PADI packets MUST guarantee sufficient room for the addition of a Relay-Session-Id TAG with a TAG_VALUE length of 12 octets.A Relay-Session-Id TAG MUST NOT be added if the discovery packet already contains one . In that case the intermediate agent SHOULD use the existing Relay-Session-Id TAG. If it can not use the existing TAG or there is insufficient room to add a Relay- Session-Id TAG, then it SHOULD return a Generic-Error TAG To the sender.

0x0201 service-name-error

THIS TAG (TYPICALLY WITH A Zero-Length Data Section) Indicates That for One Reason or Another, The Request Service-Name Request Could Not Beh Honored.

IF The IS Data, And The Data IS Nonzero, Then IT Must Be a Printable UTF-8 String Which Explains Why The Request Was Denied. This String May Not Be Null Terminated.

0x0202 AC-System-Error

...................................... ..

Mamakos, et. Al. Informational [Page 11] RFC 2516 Transmitting PPP over Ethernet February 1999

If there is data, and the first ipt of the data is nonzroRo

This TAG indicates an error. It can be added to PADO, PADR or PADS packets when an unrecoverable error occurs and no other error TAG is appropriate. If there is data then it MUST be an UTF-8 string which explains the nature of the error This String Must Not Be Null Terminated.

Mamakos, et. Al. Informational [Page 12] RFC 2516 Transmitting PPP over Ethernet February 1999

APPPENDIX B

The Following Area Some Example Packets:

A padi packet:

1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - - - - - - - - - - | 0xffffffff | - - - - - - - - - - - - - | 0xfff | HOST_MAC_ADDR | - - - - - - - - - - - - - - - - - - - - - - - - - - | Host_mac_addr (cont) | - - - - - - - - - - - - - - - - - - | Ether_type = 0x8863 | V = 1 | T = 1 | CODE = 0x09 | - - - - - - - - - - - - - - - - - - - - - - - - | session_id = 0x0000 | Length = 0x0004 | - - - - - - - - - - - - - - - - | TAG_TYPE =

0x0101 | TAG_LENGTH = 0x0000 | - - - - - - - - - - - - - - Mamakos, et. Al. Informational [Page 13] RFC 2516 Transmitting PPP over Ethernet February 1999

A pado packet:

1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - - - - - - - - - - | HOST_MAC_ADDR | - - - - - - - - - - - - | HOST_MAC_ADDR (CONT) | Access_concentrator_mac_addr | - - - - - - - - - - - - - - - - - - - | Access_Concentrator_Mac_addr (Cont) | - - - - - - - - - - | Ether_type = 0x8863 | V = 1 | T = 1 | CODE = 0x07 | - - - - - - - - - - - - - - - - - - - - - - - - - - - - - | SESSION_ID = 0x0000 | LENGTH = 0x0020 | - - - - - - - - - - - - - - - | TAG_TYPE =

0x0101 | TAG_LENGTH = 0x0000 | - - - - - - - - - - - - - - | TAG_TYPE = 0x0102 | TAG_LENGTH = 0x0018 | - - - - - - - - - - - - - - - - - - - - | 0x47 | 0x6f | 0x20 | 0x52 | - - - - - - - - - - - - - - - - - - - - - - | 0x65 | 0x64 | 0x42 | 0x61 | - - - - - - - - - - - - - - - - - - - | 0x63 | 0x6b | 0x20 | 0x2D | - - - - - - - - - - - - - - - | 0x20 | 0x65 | 0x73 | 0x68 | - - - - - - - - - - - - - - - - - - - - - | 0x73 | 0x68 | 0x65 | 0x73 | - -

- - - - - - - | 0x68 | 0x6f | 0x6f | 0x74 | - - - - - - - - - - - - - - - - - Mamakos, et. Al. Informational [Page 14] RFC 2516 Transmitting PPP over Ethernet February 1999

A PPP LCP Packet: The PPP Protocol Value Is Shown (0xc021) But The PPP PayLoad Is Left To The Reader. This Is A Packet from The Host To The Access Concentrator.

1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - - - - - - - - - - | Access_concentrator_mac_addr | - - - - - - - - - - - - - - | Access_concentrator_mac_addr (c) | HOST_MAC_ADDR | - - - - - - - - - - - - - - - - - - - - - | HOST_MAC_ADDR (CONT) | - - - - - - - - - - | Ether_type = 0x8864 | V = 1 | T = 1 | Code = 0x00 | - - - - - - - - - - - - - - - - - | Session_ID = 0x1234 | Length = 0x ???? | - - - - - - - - - - - - - | PPP protocol =

0xc021 | PPP PAYLOAD ~ - - - - - - - - - - - - - - - AUTHORS 'Addresses

Louis Mamakos UUNET TECHNOLOGIES, Inc. 3060 Williams Drive Fairfax, Va 22031-4648 United States of America

Email: louie@uu.net

Kurt Lidl UUNET TECHNOLOGIES, Inc. 3060 Williams Drive Fairfax, Va 22031-4648 United States of America

Email: lidl@uu.net

Jeff Evarts UUNET TECHNOLOGIES, Inc. 3060 Williams Drive Fairfax, Va 22031-4648 United States of America

Email: jde@uu.net

Mamakos, et. Al. Informational [Page 15] RFC 2516 Transmitting PPP over Ethernet February 1999

David Carrel Redback Networks, Inc. 1389 Moffett Park Drive Sunnyvale, CA 94089-1134 United States of America

Email: carrel@redback.net

Dan Simone Redback Networks, Inc. 1389 Moffett Park Drive Sunnyvale, CA 94089-1134 United States of America

Email: dan@redback.net

Ross Wheeler Routerware, Inc. 3961 Macarthur Blvd., Suite 212 Newport Beach, CA 92660 United States of America

Email: ross@routerware.com

Mamakos, et. Al. Informational [Page 16] RFC 2516 Transmitting PPP over Ethernet February 1999

Full Copyright Statement

Copyright (c) The Internet Society (1999). All Rights Reserved.

This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind , provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations , except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages ​​other than English.The limited permissions granted above are perpetual and will not BE REVOKED by the Internet society or its successs.

This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY Rights or Any Implied Warranties of Merchantability Or Fitness for a particular purpose.

Mamakos, et. Al. Informational [Page 17]

转载请注明原文地址:https://www.9cbs.com/read-21490.html

New Post(0)