Home à PPP Items à PPP Learning Objectives

Washington School District WAN
PPP Learning Objectives and Network Design

Learning Objectives
In Semester 4 chapter 4, we learned about Point-to-Point Protocol (PPP). Much like layer 2 protocols on a local area network, such as Ethernet, WAN connections also require layer 2 protocols to establish a data path, and one of these protocols is PPP. This protocol was developed in the 1980s to replace SLIP, because PPP is better suited for remote Internet connectivity. PPP offers control over the data link setup, provides for dynamic assignment of IP addresses through DHCP, allows the use of multiple layer 3 protocols, enables configuration of the link and quality testing, provides for error detection, and allows for network layer address negotiation and data compression.

PPP uses Link Control Protocol (LCP) for establishing and configuring the data link. Another important function that LCPs perform is preventing data transmission until the client or workstation can be authenticated. PPP uses two authentication protocols: PAP and CHAP. PAP is the weaker of the two, because passwords are sent in clear text, and the remote node is in control of the frequency and timing of login attempts, which makes the local router vulnerable to brute force trial-and-error attacks. CHAP uses a three-way handshake approach in which the local node is in control of login attempts. Authentication is only allowed when the local node challenges the remote node, and periodically re-challenges the node, which limits time of exposure to an attack.

PPP uses Network Control Protocols (NCPs) for establishing and configuring network-layer protocols, which allows it to encapsulate protocols other than TCP/IP, in contrast to SLIP which only encapsulates TCP/IP.

Application to Network Design
On the Washington School District WAN, PPP will be used on the ISDN link between Sunnyslope Central Office and the Community School. Because ISDN runs over the public telephone network, this link is more open to outside attempts to access the network, and is therefore more insecure. CHAP will be used to force nodes attempting to access the network to authenticate. Also, the link is not always-on, but will come up and go down again relatively frequently, so PPP's ability to configure and test the data link are beneficial. In addition, although the Community School will not have a computer lab running IPX like the other schools, if in the future they choose to add one, PPP can accomodate IPX traffic as well as TCP/IP traffic.