====== PPPoE Primer ====== ===== Introduction ===== With simple TCP/IP based networks there are two common ways to quickly establish a network connection. * Providing a **DHCP server** for the devices connecting to the network. Your phone and laptop connecting to the WiFi router at home is a classic example. * Providing a **PPPoE server** for devices connecting to the network. If you are a client of a WISP, the Customer premises equipment (CPE) at your home / office will most likely be a PPPoE client in order to provide connectivity to the WIPS's network. * If you are not working for a WISP or ISP, the exposure to PPPoE might be limited and this page will serve as a background primer. ===== Why use PPPoE ===== * PPPoE comes in handy when you want to **manage access to a network**. * The most basic PPPoE servers require a username and password combination before establishing a connection from the client. * The client is thus configured with a username and password in order to identify itself to the PPPoE server. * More advanced PPPoE servers include support for RADIUS which feature a central user store and options like bandwidth limiting or data limits and usage tracking. * This all makes PPPoE a favorite method used by ISPs and WISPs to manage client connections. * Compare this now with the home network of a LTE router. If someone connects to it (making use of DHCP) there is not really a way for you to prevent them from establishing a connection or limiting their bandwidth. * On the home network you might as an alternative option to PPPoE use a Captive Portal on the break-out point of a network with a DHCP server in order to manage network access, bandwidth and usage quotas. (Like the typical Guest WiFi networks) ===== The PPPoE Protocol ===== * There are lots of documentation on the inner workings of the PPPoE protocol. * This section will just cover the main points. * The PPPoE protocol is a **layer 2 protocol**. * This means that it does not contain an IP Address and communication is between MAC Addresses (on the Data Link Layer) * This is in a way similar to a DHCP discovery packet for instance where the request is broadcasted on the broadcast domain (data link layer). That packet is used in order to try and obtain an IP Address but does not have an IP Address * For a PPPoE client to find out if there are any PPPoE servers around it, it starts with the **PPPoE Discovery** stage. (Broadcast) * PPPoE servers will then reply to the client informing it that they are available. (Usually there is only one PPPoE server running in a broadcast domain.) * The client will then proceed to communicate directly with the server (Unicast) on the MAC level / layer 2 in order to establish the **PPP Session**. * Once the session is establish, the data transmitted between the PPPoE client and PPPoE server will be wrapped inside the PPPoE and PPP protocols. * Inside these packets will be the data used for normal TCP/IP communication. * See the screenshots below of some packets captured on a PPPoE network. ==== PPPoE Discovery ==== * Here's the content of the first packet started by the PPPoE Client. As you can see it is a Layer2 broadcast with destination ff:ff:ff:ff:ff:ff. {{:technical:pppoe:pppoe_discovery2.png?nolink|}} * The PPPoE server respond and now they start to communicate directly with each other. {{:technical:pppoe:pppoe_discovery1.png?nolink|}} * The client is happy with the PPPoE server and will try next to authenticate (PPP protocol) ==== PPP Authentication ==== * We are using PAP in this sample which is why the password is in clear-text. {{:technical:pppoe:ppp-auth.png?nolink|}} ==== PPP Are you still there? ==== * Once the session is established, PPP will do a Ping to determine that the connection is still up. {{:technical:pppoe:ppp_echo_request1.png?nolink|}} * Here's the packet's content {{:technical:pppoe:ppp_echo_request2.png?nolink|}} ==== PPPoE and PPP with Data ==== * Finally you can see how the payload is wrapped inside a packet with PPPoE and PPP on the outside to transport it between the PPPoE client and PPPoE Server. {{:technical:pppoe:pppoe_ppp_ip.png?nolink|}} ===== Conclusion ===== * As you can see the PPPoE protocol is plain and simple, similar to Ethernet (which is on a lower networking layer). * This explain its popularity. As they say // Simplicity is the Ultimate Sophistication//.