Serial Line Communication

In addition to multi-point configurations like Ethernet and Token Ring networks, TCP/IP can be configured to operate across serial, point-to-point communication links such as direct serial cables, dial-up POTS modems, and ISDN lines. Managing communication across this type of link requires different techniques than those used on multi-point networks because these types of media are often slower and prone to errors in transmission. If the connection travels across a switched network, such as the telephone system, the protocols must also deal with feature negotiation and user authentication each time a link is established to verify who the connection is to and how to conduct the conversation. There are two serial line protocols that are commonly used with TCP/IP: SLIP and PPP. Both of these encapsulate IP datagrams and transmit them across serial communications lines. PPP is considerably more robust that SLIP. SLIP Serial Line Internet Protocol (SLIP) is a Network Access Layer protocol designed for point-to-point serial connections running TCP/IP. It is defined in RFC 1055, published in June of 1988, and is implemented on most UNIX platforms. Microsoft Windows Dial-Up Networking also supports dial-up connections to a SLIP host, and SLIP support is available on most other hardware and software platforms. SLIP is an older protocol primarily designed for connecting two computer systems across a telephone modem line or direct cable connection. It is used most often across dedicated phone lines and sometimes for dial-up. The major use of SLIP is connecting two sites that are using different hardware or software and which share no other common Network Access Layer protocols. The greatest advantage of SLIP is that it is a fairly easy protocol to implement so it is widely available. The greatest drawback of SLIP is that it is a simple-minded application that provides no error detection or correction, compression, or any other advanced features, leaving that to other protocol layers. In most applications, SLIP has been replaced by PPP. PPP Point-to-Point Protocol (PPP) is a Network Access Layer protocol designed for reliable point-to-point serial connections. PPP can be used to encapsulate and transmit IP datagrams, and can also be used to support other protocols (e.g. DECNet, NetBEUI, etc.) across the same connection at the same time. It is defined in RFC 1331, published in 1992, and is a widely available protocol supported by almost all hardware and software platforms that support TCP/IP and serial connections. PPP is the most commonly used protocol for POTS dial-up connections to the Internet. It allows a central server to accept incoming calls from many different types of remote clients and negotiates a common set of features for each connection. PPP can also be used to establish permanent connections across a serial line. Most PPP dial-up connections can be configured to request a specific IP address, and to re-dial and re-establish a connection automatically if the line is dropped. Though more commonly found in single user applications, PPP can also be used to support network dial-in connections. When properly configured, IP for an entire network can be routed across a PPP connection. This way an entire local area network can be connected to a remote network using a single POTS, ISDN, or direct serial line. Multiple systems on the local network can be assigned IP addresses and given access to the remote network. If the remote network is an Internet Service Provider, the local network users can be given access to the Internet across the PPP line. PPP uses a number of protocols to manage the connection between two systems. The PPP Link Control Protocol (LCP) is used to establish and test the data link between the two systems at either end of a communications line. LCP is able to negotiate a rich assortment of configuration parameters and provides additional management functions. Two authentication protocols are normally used with PPP; Password Authentication Protocol (PAP), and Challenge Handshake Authentication Protocol (CHAP). These protocols are documented in RFC 1334 and RFC 1994. Authentication is not a mandatory step, but it can be specified during LCP negotiation. The authentication step normally occurs immediately following LCP completion. PAP and CHAP are intended for use by systems that connect to a PPP server via dial-up lines or switched circuits, but might be used on dedicated links as well. The PPP server can use the identification of the connecting system to select options during network layer negotiation. PAP is a simplistic authentication method that does not use strong security techniques. It passes an ID and Password, in clear text, from the client to the server for verification. The client repeatedly passes the ID and Password pair until an acknowledgment is received or the connection is terminated. The passing of the ID and Password in clear text is not considered a secure method because it is possible to eavesdrop on a connection and capture this information. CHAP is a much more robust authentication method that uses a 3-way handshake. The handshake takes place immediately after LCP negotiation is complete, and may be repeated any time after the link has been established. In the 3-way handshake the server performing the authentication sends a "challenge" message to other system. The challenged system responds with a value that has been calculated using a "one-way hash" function based on data from the message and an ID and Password pair. The challenging system checks the response against its own calculation of the expected hash value. If the values match then a message is sent to acknowledge the authentication, otherwise the connection is terminated. CHAP is considered much more robust because the ID and Password do not travel across the link in clear text, and because the authentication may happen multiple times after the link is established. IP Control Protocol (IPCP), documented in RFC 1332, is a PPP Network Control Protocol (NCP) used for establishing and configuring IP over PPP. IPCP negotiates the IP addresses to be used, and also negotiates other options such as the use of TCP/IP header compression with PPP. IPCP negotiation usually occurs after any authentication has been successfully completed.