Table of Contents
Advertisement
Junos OS LN1000 Mobile Secure Router User Guide
Optional CHAP Authentication
30
PPPoE active discovery initiation (PADI)—The client initiates a session by
1.
broadcasting a PADI packet on the LAN to request a service.
PPPoE active discovery offer (PADO)—Any access concentrator that can provide
2.
the service requested by the client in the PADI packet replies with a PADO packet
that contains it own name, the unicast address of the client, and the service requested.
An access concentrator can also use the PADO packet to offer other services to the
client.
PPPoE active discovery request (PADR)—From the PADOs it receives, the client
3.
selects one access concentrator based on its name or the services offered and sends
it a PADR packet to indicate the service or services needed.
PPPoE active discovery Session-confirmation (PADS)—When the selected access
4.
concentrator receives the PADR packet, it accepts or rejects the PPPoE session.
To accept the session, the access concentrator sends the client a PADS packet
with a unique session ID for a PPPoE session and a service name that identifies
the service under which it accepts the session.
To reject the session, the access concentrator sends the client a PADS packet
with a service name error and resets the session ID to zero.
PPPoE Session Stage
The PPPoE session stage starts after the PPPoE discovery stage has completed. The
access concentrator can start the PPPoE session after it sends the PADS packet to the
client, or the client can start the PPPoE session after it receives a PADS packet from the
access concentrator. The router supports multiple PPPoE sessions on each interface.
Each PPPoE session is uniquely identified by the Ethernet address of the peer and the
session ID. After the PPPoE session is established, data is sent as in any other PPP
encapsulation. The PPPoE information is encapsulated within an Ethernet frame and is
sent to a unicast address. In this stage, both the client and the server must allocate
resources for the PPPoE logical interface.
After a session is established, the client or the access concentrator can send a PPPoE
active discovery termination (PADT) packet anytime to terminate the session. The PADT
packet contains the destination address of the peer and the session ID of the session to
be terminated. After this packet is sent, the session is closed to PPPoE traffic.
For interfaces with PPPoE encapsulation, you can configure interfaces to support the
PPP Challenge Handshake Authentication Protocol (CHAP). When you enable CHAP on
an interface, the interface can authenticate its peer and be authenticated by its peer.
If you configure an interface to handle incoming CHAP packets only (by including the
passive
statement at the
[edit interfaces interface-name ppp-options chap]
level), the interface does not challenge its peer. However, if the interface is challenged,
it responds to the challenge. If you do not include the
always challenges its peer.
hierarchy
statement, the interface
passive
Copyright © 2010, Juniper Networks, Inc.
Advertisement
Table of Contents
