Configuring pppoe, Feature and hardware compatibility, Overview – H3C Technologies H3C SecPath F1000-E User Manual

Page 152: Pppoe, Pppoe server

Advertising
background image

127

Configuring PPPoE

Feature and hardware compatibility

Feature F1000-A-EI/E-SI/S-AI

F1000-E

F5000-A5 Firewall

module

Configuring the
PPPoE client

Yes No

No

No

Overview

PPPoE

Point-to-Point Protocol over Ethernet (PPPoE) can provide access to the Internet for the hosts in an Ethernet
through a remote access device and implement access control and accounting on a per-host basis.

Integrating the low cost of Ethernet and scalability and management functions of PPP, PPPoE has gained

popularity in various application environments, such as residential networks.
PPPoE adopts the client/server model. It can establish point-to-point links in Ethernet. With PPPoE, PPP
packets are encapsulated in Ethernet frames.
PPPoE undergoes two phases: discovery and PPP session.

Discovery phase, where a PPPoE session is initiated. In this phase, the host obtains the MAC
address of the access end and generates the PPPoE session ID. When the discovery phase ends, the

PPPoE session ID between the host and the server is determined, and the PPP session phase begins.

PPP session phase, where PPP packets are encapsulated in Ethernet frames before being sent to the
peer. In the frame, the session ID must be the one determined in the discovery phase, the MAC
address must be that of the peer, and the PPP packet section begins from the Protocol ID field. In the

session phase, either side of the link can terminate the session by sending PPPoE Active Discovery

Terminate (PADT) packets.

For more information about PPPoE, see RFC 2516.

PPPoE server

The firewall can operate as a PPPoE server to provide the following functions:

Dynamic IP address allocation.

Multiple authentication methods, such as local authentication and RADIUS/TACACS+. When
working with a packet-filtering firewall or stateful firewall, a PPPoE server can provide security for

networks connecting the Internet through Ethernet, such as campus networks and residential
networks. This, however, requires installation of PPPoE client dial-up software on hosts.

Advertising
This manual is related to the following products:

H3C SecPath F5000-A5 Firewall, H3C SecPath F1000-A-EI, H3C SecPath F1000-E-SI, H3C SecPath F1000-S-AI, H3C SecPath F5000-S Firewall, H3C SecPath F5000-C Firewall, H3C SecPath F100-C-SI, H3C SecPath F1000-C-SI, H3C SecPath F100-A-SI, H3C SecBlade FW Cards, H3C SecBlade FW Enhanced Cards, H3C SecPath U200-A U200-M U200-S, H3C SecPath U200-CA U200-CM U200-CS, H3C SecBlade LB Cards, H3C SecPath L1000-A Load Balancer

Popular Brands
Popular manuals