PPP Server - Link Termination Phase

                                 Consider our device is PPP Server and other peer is PPP Client. There are 5 states present in the PPP communication. They are ESTABLISH, AUTHENTICATE, NETWORK, TERMINATE and DEAD states. If the client or server moved to the PPP Terminate State, then that device can no longer accept the LCP packets so re-start is not possible. We will discuss more about this later in this post. As the topic is about the Link termination phase we are not going into the details about the other states.

In PPP communication both the parties can initiate the Link(Connection) Termination. The link termination is achieved through the exchange of 2 messages - Terminate Request and Terminate Acknowledgement. 

If the client needs to terminate the connection, a terminate-REQ message is send and wait for the terminate-ACK message from the server. Upon receiving the ACK message the PPP state will be changed to TERMINATE and LCP state to CLOSED subsequently. Same will be applicable if the server initiates the link termination. In the server side, after sending the ACK message to the client, the server should wait until at least one restart timer has passed for changing the state to DEAD. After that if same or different client tries to re-connect, then the server will move from the DEAD state to ESTABLISH state upon receiving the LCP Config-REQ message from the Client.

If the client is initiating the link terminate, then server will move to DEAD state instead of TERMINATE state so, later it can re-establish another connection. But for the opposite scenario the state will be changed to TERMINATE and cannot re-establish the connection.

Big Endian Read and Write

/* This demo program shows how to read */
/* and write big-endian data  */

#include  stdio.h
#include  stdint.h

static inline uint32_t read_32bit_be( const uint8_t * const ptr_buf )
{
  uint32_t  byte0;
  uint32_t  byte1;
  uint32_t  byte2;
  uint32_t  byte3;

  byte0 = ptr_buf[0];
  byte1 = ptr_buf[1];
  byte2 = ptr_buf[2];
  byte3 = ptr_buf[3];

  byte0 <<= 24;
  byte1 <<= 16;
  byte2 <<= 8;

  return  ( byte0 | byte1 | byte2 | byte3 );
}

static inline void  write_32bit_be( uint8_t * ptr_buf, uint32_t value )
{
  ptr_buf[0] = value >> 24;
  ptr_buf[1] = value >> 16;
  ptr_buf[2] = value >> 8;
  ptr_buf[3] = value;
}

int main()
{
  uint8_t buffer[4];
  uint32_t val_32bit;

  val_32bit = UINT32_MAX;

  /*write the 32 bit value to the buffer*/
  write_32bit_be( buffer, val_32bit );

  val_32bit = 0;
  /*Retrieve the big endian value from the buffer*/
  val_32bit = read_32bit_be( buffer );

  printf( "Big-Endian value - %X", val_32bit );

  return 0;
}

Static and Dynamic Configuration in Embedded C Programming

/* This demo program shows the static and dynamic */
/* configuration with respect to IPv4 and IPv6 */
/* Compiler Used - Visual Studio */
#include stdio.h
#include stdint.h

/* IP_ENABLE == 0: none */
/* IP_ENABLE == 1: IPv4 */
/* IP_ENABLE == 2: IPv6 */
/* IP_ENABLE == 3: IPv4 and IPv6 */
#define IP_ENABLE     0

#define TRUE          1
#define FALSE         0

typedef struct
{
  int ipv4_enable;
  int ipv6_enable;
}ipconfig;

ipconfig ip_config;

static void set_ip_config( ipconfig * ptr_config )
{
  ip_config.ipv4_enable = ptr_config->ipv4_enable;
  ip_config.ipv6_enable = ptr_config->ipv6_enable;
}

int main()
{
  ipconfig ip; /*for getting the input*/
  /*Static configuration*/
#if ( IP_ENABLE == 0 )
  ip_config.ipv4_enable = FALSE;
  ip_config.ipv6_enable = FALSE;
#elif ( IP_ENABLE == 1 )
  ip_config.ipv4_enable = TRUE;
  ip_config.ipv6_enable = FALSE;
#elif ( IP_ENABLE == 2 )
  ip_config.ipv4_enable = FALSE;
  ip_config.ipv6_enable = TRUE;
#elif ( IP_ENABLE == 3 )
  ip_config.ipv4_enable = TRUE;
  ip_config.ipv6_enable = TRUE;
#endif

  printf( "IPv4: %d\t", ip_config.ipv4_enable );
  printf( "IPv6: %d\n", ip_config.ipv6_enable );

  /*Dynamic Configuration*/
  (void)scanf( "%d", &(ip.ipv4_enable) );
  (void)scanf( "%d", &(ip.ipv6_enable) );

  set_ip_config( &ip );

  printf( "IPv4: %d\t", ip_config.ipv4_enable );
  printf( "IPv6: %d\n", ip_config.ipv6_enable );

  if ( ip_config.ipv4_enable == TRUE )
  {
    /*Get the IPv4 address from the DHCP server*/
  }

  if ( ip_config.ipv6_enable == TRUE )
  {
    /*Get the IPv6 address from the DHCPv6 server*/
  }
  
  return 0;
}

Point to Point Protocol Communication(PPP)

 

                                PPP(Point to Point Protocol) is a layer 2 protocol(Datalink), commonly used for the communication between switches, routers etc.  PPP can communicate over Serial link(PPPd) or Ethernet(PPPoE) or USB CDC ACM. The PPP peers should pass through different phases to establish the connection. These phases are- 

• LCP (Link Control Protocol)  - 

                                                          This is the starting phase of the PPP communication and initially both the peers send the config request messages. By receiving the config request message the peer came to know about the feature supported by other side. If some of the features are not supported then it will send config NAK message to other side. This negotiation will continue until both sides agree about the features that is going to be used in the further communication. This LCP negotiation will ends with sending the Config ACK message to the other side which declares about the features which are agreed.

Below you can see the wireshark packet which shows LCP communication. Here no Config NAK can be seen because both sides support the features mentioned in the config request packet. 

• Authentication(PAP, CHAP...) - 

                                                          This is an optional phase that means we can also directly move from the LCP phase to IPCP phase bypassing authentication phase. Two commonly used authentication method in PPP communication are PAP(Password Authentication Protocol) and CHAP(Challenge Handshake authentication Protocol). Both the peers will make an agreement about which protocol should be used for authentication in the LCP phase itself. More about the PAP and CHAP protocols

1. PAP - User can select either of these authentication protocols to use in their PPP communication but comparing PAP with CHAP, CHAP will provide more security. In the PAP authentication the peer will send the username and password to the other side. Then the other side will verify the username and password with its database. If verification is successful then the access will be granted. This PAP authentication process can be done in both ways.
2. CHAP - I mentioned earlier that the CHAP authentication is more secure compared to PAP and the reason is, in the CHAP password will not send through network to the other side.  During the CHAP communication the peer will receive a challenge message from other side and using the challenge message and the stored password the peer will create a hash value. This hash value will be send to the other side and in the other side the same process(password + challenge message) will be done to generate the hash value. This hash value will be compared with the received hash value from the peer, if both matches then the authentication is success. Like PAP, CHAP can also be done in both ways. Below wireshark packet shows 2 way CHAP authentication.

• NCP(Network Control Protocol) or IPCP(IP Control Protocol

                                                                 If the authentication process is successful then the PPP communication will be move to the IPCP phase. Similar to the LCP phase, in the IPCP phase also different negotiations will be happen between the peers. Some features may be rejected and the peer will send the Config NAK message to the other side. Some negotiations happen in this phase includes features such as DNS Server address, IP Compression, WINS Server etc. In the IPCP phase the peer acting as server will assign the IP address to the client. This IP address will be assigned in the Config ACK send from the server to client and thereby the client and server move to the connected state. Below wireshark shows the IPCP packet exchange.  

    

                                                                    Once the NCP phase is completed the IP communication can be started between the client and the server. PPP support both the IPv4 and IPv6 and it also supports IP compression(reduces the overhead which is good for low bandwidth networks) protocol such as Van Jacobson Compression.

                                                                    If you are having 2 raspberry pi then you can easily try out the working of PPP communication. I had experience in PPP over serial, so I will only mention the PPP serial commands. Make the serial connection between 2 raspberry pi's. Install the pppd services and packages. For this you can find lots of tutorials in the internet. 

PPP Client Command:

sudo pppd -detach lock /dev/ttyAMA0 115200 debug auth dump record client.pcap +chap local noipdefault defaultroute 0.0.0.0:0.0.0.0

Enable GingerCannot connect to Ginger Check your internet connection
or reload the browserDisable in this text fieldEditEdit in GingerEdit in Ginger×PPP Server Command:

sudo pppd -detach lock 192.168.151.101:192.168.151.203 /dev/ttyAMA0 115200 debug auth local dump record server.pcap +chap

You can find more information about these commands from this website - PPPd commands

Ways to Obtain DNS Server Address in IPv6 Client

                                                   I assume you had a brief idea about DHCPv6 and ICMPv6.

                                                   DHCPv6 Client will usually obtain the dynamic IP address through 4 messages. Those messages are SOLICIT, ADVERTISE, REQUEST and REPLY. So during these message transaction the DHCPv6 client can also request the DNS server address using the ORO(Option Request Option) option. If the client request is accepted by the server then reply packet will contains the DNS Server address. Like wise the client can also request other ORO options.

                                                    The IPv6 client can also obtain the dynamic IPv6 address using other mode called SLAAC mode(Stateless Auto Address Configuration). The IPv6 client will usually perform the SLAAC mode when the managed bit flag is not set in the received router advertisement(RA) message  whereas if the managed bit is set then client will use DHCPv6 client. In the SLAAC mode itself there are 2 ways to obtain the DNS Server address. First one is through RA message itself and it is called as RDNSS and other method will be used when the received ICMP RA message contains the other bit flag set. If the other bit flag is set then DHCPv6 client will be used for getting the additional information's like DNS Server address.

                                                    The final method is of-course the static configuration of the DNS Server Address.