PPP Network Layer Negotiation with NCP
Once the link and PPP parameters have been negotiated with LCP, the PPP peers then use a series of Network Control Protocols (NCPs) to negotiate the parameters of individual LAN protocols. Microsoft PPP supports the following NCPs:
Internet Protocol Control Protocol (IPCP) to negotiate the use of IP.
Internetwork Packet Exchange Control Protocol (IPXCP) to negotiate the use of IPX.
AppleTalk Control Protocol (ATCP) to negotiate the use of AppleTalk.
NetBIOS Frames Control Protocol (NBFCP) to negotiate the use of NetBEUI.
IPCP
Internet Protocol Control Protocol (IPCP) as used by Microsoft PPP peers is documented in RFCs 1332 and 1877. IPCP negotiates IP-based parameters to dynamically configure a TCP/IP-based PPP peer across a point-to-point link. Common IPCP options include an IP address and the IP addresses of DNS and NetBIOS name servers.
Packet Structure
IPCP uses the PPP Protocol ID of 0x80-21. The packet structure of IPCP is exactly the same for LCP, except only packet types 1 through 7 are defined. For Configure-Request, Configure-Ack, Configure-Nack, and Configure-Reject IPCP packet types, the IPCP data portion of the IPCP packet consists of one or more IPCP options. Each IPCP option consists of an Option Type field, an Option Length field indicating the total length in bytes of the option, and the data associated with the option.
Negotiated Options
Table 7.10 lists the IPCP options negotiated by Microsoft PPP peers.
Table 7.10 IPCP Options
Option Name |
Option Type |
Option Length |
Description |
|---|---|---|---|
IP compression protocol |
2 |
4 |
Van Jacobsen TCP compression protocol. |
IP address |
3 |
6 |
The IP address to be allocated to the remote access client. |
Primary DNS server address |
129 or 0x81 |
6 |
The primary DNS server for the remote access client. |
Primary NBNS server address |
130 or 0x82 |
6 |
The primary NBNS (WINS) server for the remote access client. |
Secondary DNS server address |
131 or 0x83 |
6 |
The secondary DNS server for the remote access client. |
Secondary NBNS server address |
132 or 0x84 |
6 |
The secondary NBNS (WINS) server for the remote access client. |
Notice that there are no IPCP options for these common TCP/IP configuration items:
Subnet mask
The subnet mask is assumed by the remote access client to be the class-based subnet mask of the IP address that is allocated to the remote access client.Default gateway
The default gateway IP address is not allocated by the remote access server. However, a default route is created on the remote access client, which points to the remote access connection. If a default route already exists in the routing table, then the metric of the existing default route is increased and a new default route is added with a lower metric. This is the default behavior for remote access clients running Windows 32-bit operating systems and can be modified by disabling the Use Default Gateway on Remote Network setting on the TCP/IP properties of a remote access client's phone book entry or dial-up connection object.DNS domain name
The DNS domain name configured from the TCP/IP protocol properties on the remote access server is not negotiated during IPCP. For Windows 2000 remote access clients, the DNS domain name can be obtained through a DHCPInform message. For more information, see "Remote Access and TCP/IP and IPX" later in this chapter.NetBIOS Node Type
If the IP addresses of primary or secondary NetBIOS name servers are negotiated, then the hybrid NetBIOS node type (H-node) is assumed.
IPXCP
Internetwork Packet Exchange Control Protocol (IPXCP) as used by Microsoft PPP peers is documented in RFC 1552. IPXCP negotiates IPX-based parameters to dynamically configure an IPX-based PPP peer across a point-to-point link. Common IPXCP options include IPX network and node addresses.
Packet Structure
IPXCP uses the PPP Protocol ID of 0x80-2B. The packet structure of IPXCP is exactly the same for LCP, except only packet types 1 through 7 are defined. For Configure-Request, Configure-Ack, Configure-Nack, and Configure-Reject IPXCP packet types, the IPXCP data portion of the IPXCP packet consists of one or more IPXCP options. Each IPXCP option consists of an option Type field, an option Length field indicating the total length in bytes of the option, and the data associated with the option.
Negotiated Options
Table 7.11 lists the IPXCP options negotiated by Microsoft PPP peers.
Table 7.11 IPXCP Options
Option Name |
Option Type |
Option Length |
Description |
|---|---|---|---|
IPX Network Number |
1 |
6 |
The IPX network number for the remote access client. |
IPX Node Number |
2 |
6 |
The IPX node number for the remote access client. |
ATCP
AppleTalk Control Protocol (ATCP) as used by Microsoft PPP peers is documented in RFC 1378. ATCP negotiates AppleTalk-based parameters to dynamically configure an AppleTalk-based PPP peer across a point-to-point link. Common ATCP options include an AppleTalk address and server information.
Packet Structure
ATCP uses the PPP Protocol ID of 0x80-29. The packet structure of ATCP is exactly the same as LCP, except that only packet types 1 through 7 are defined. For Configure-Request, Configure-Ack, Configure-Nack, and Configure-Reject ATCP packet types, the ATCP data portion of the ATCP packet consists of one or more ATCP options. Each ATCP option consists of an option Type field, an option Length field indicating the total length in bytes of the option, and the data associated with the option.
Negotiated Options
Table 7.12 lists the ATCP options negotiated by Microsoft PPP peers.
Table 7.12 ATCP Options
Option Name |
Option Type |
Option Length |
Description |
|---|---|---|---|
AppleTalk Address |
1 |
6 |
Negotiates the AppleTalk network and node numbers |
Server Information |
3 |
16 |
Used to convey information about the remote access server |
NBFCP
NetBIOS Frames Control Protocol (NBFCP) as used by Microsoft PPP peers is documented in RFC 2097. NBFCP negotiates NetBEUI-based parameters to dynamically configure a NetBEUI-based PPP peer across a point-to-point link. Common NBFCP options include multicast filtering options and peer information.
Packet Structure
NBFCP uses the PPP Protocol ID of 0x80-3F. The packet structure of NBFCP is exactly the same for LCP, except that only packet types 1 through 7 are defined. For Configure-Request, Configure-Ack, Configure-Nack, and Configure-Reject NBFCP packet types, the NBFCP data portion of the NBFCP packet consists of one or more NBFCP options. Each NBFCP option consists of an option Type field, an option Length field indicating the total length in bytes of the option, and the data associated with the option.
Negotiated Options
Table 7.13 lists the NBFCP options negotiated by Microsoft PPP peers.
Table 7.13 NBFCP Options
Option Name |
Option Type |
Option Length |
Description |
|---|---|---|---|
Multicast filtering |
3 |
5 |
Negotiates the handling of multicast packets |
Peer information |
2 |
17 |
Used to convey NetBIOS configuration information |
Compression Control Protocol
Compression Control Protocol (CCP) is documented in RFC 1962. CCP negotiates parameters to dynamically configure, enable, and disable data compression algorithms between PPP peers across a point-to-point link. Common CCP options include an organization identifier and the use of MPPC.
Packet Structure
CCP uses the PPP Protocol ID of 0x80-FD. The packet structure of CCP is exactly the same for LCP, except only packet types 1 through 7 are defined. For Configure-Request, Configure-Ack, Configure-Nack, and Configure-Reject CCP packet types, the CCP data portion of the CCP packet consists of one or more CCP options. Each CCP option consists of an option Type field, an option Length field indicating the total length in bytes of the option, and the data associated with the option.
Negotiated Options
Table 7.14 lists the CCP options negotiated by Microsoft PPP peers.
Table 7.14 CCP Options
Option Name |
Option Type |
Option Length |
Description |
|---|---|---|---|
Organization Unique Identifier |
0 |
6 or larger |
Used to negotiate an organization's proprietary compression protocol. |
MPPC |
18 or 0x12 |
6 |
Used to indicate the use of MPPC, MPPE, and the encryption strength. |
MPPE and MPPC
With CCP option 18, Microsoft PPP peers negotiate both MPPC and MPPE at the same time. The option data field for CCP option 18 is 4 bytes (32 bits) long. Bits within this data field are used as flags to indicate:
Whether compression is enabled (0x00-00-00-01).
Whether 40-bit session keys are derived from the LAN Manager version of the user's password (0x00-00-00-10).
Whether 40-bit session keys are derived from the Windows NT version of the user's password (0x00-00-02-00).
Whether 56-bit session keys are derived from the Windows NT version of the user's password (0x00-00-00-80).
Whether 128-bit session keys are derived from the Windows NT version of the user's password (0x00-00-00-40).
Whether the encryption keys are refreshed with each PPP frame (0x01-00-00-00).
For multiple choices, the flag values are added together. For example, for compression (0x00-00-00-01) and 128-bit encryption keys (0x00-00-00-40), the resulting 32-bit option data field is set to 0x00-00-00-41.
For more information about MPPE, see the Internet draft, "Microsoft Point-To-Point Encryption (MPPE) Protocol."
ECP
The Encryption Control Protocol (ECP) is used to negotiate a specific encryption method and is documented in RFC 1968. However, for Microsoft PPP peers, the only encryption that is supported is MPPE that is negotiated during CCP with the negotiation of MPPC. Therefore, Microsoft PPP peers do not use ECP.