Manualshelf

User guide

ManualsBrandsEricsson ManualsComputer equipmentECN330
81828384858687888990
Security
82
1/1551-HSC 901 35/3 Uen C 2005-12-02
9.2 PPP, VLAN and Forced Forwarding
9.2.1 PPP (Point to Point Protocol)
Using PPP, sessions are created between the clients and the BRAS. The
IP DSLAM does not take active part in handling the PPP sessions.
Being able to recognize and verify the identity of a subscriber enables the
Service Provider to deliver the exact service that the subscriber is entitled
to. Furthermore, to perform charging of service usage the identity of the
service user must be known to the system. The usual way of recognizing a
subscriber is by a unique combination of username and password or DHCP
Relay Agent Information Option (Option 82). The subscriber must present
these login credentials before access to services is granted.
The Point-to-Point Protocol (PPP) is widely deployed for providing dialup
access to an Internet service provider via an analogue modem. With PPP a
point-to-point connection that can convey a packet-oriented network layer
protocol (for example, IP) is created between the subscriber’s equipment
and the service provider’s access server. The access server constitutes the
Service Providers Point-of-Presence (PoP). To establish a PPP session the
subscriber usually must login with username and password to get access.
These login credentials are typically verified towards a server with
subscriber profile information, for instance a RADIUS server. In case of
successful login the subscriber is equipped with network configuration data,
for example an IP address, a subnet mask, and a default gateway.
PPPoA is also supported and is converted to PPPoE.
The subscriber’s PPP client may be located in the CPE modem or at the
subscriber’s PC. It is possible to start multiple PPP sessions over the same
DSL connection, for instance from different PCs connected to the CPE
LAN. In this way it is possible to access different services simultaneously.
PPP in EDA is implemented according to the standard for PPP over
Ethernet (PPPoE). The standard supports the presence of multiple
broadband access servers (BRAS) on the same Ethernet, for example
representing individual service providers. Via the PPPoE client the
subscriber is presented with a list of available BRAS servers to choose
from.
After the BRAS have obtained the username and password from the
subscriber, it is sent to the RADIUS server in an access request.
The contained subscriber password is encrypted using a “secret” shared
between the RADIUS client and server. The RADIUS server can accept or
reject the authentication request. Alternatively, the RADIUS server may
wish to perform authentication directly towards the subscriber, before