What is Point-to-Point Protocol over Ethernet (PPPoE)?
Point-to-Point Protocol over Ethernet (PPPoE) is a network protocol that facilitates communication between network endpoints. PPPoE encapsulates Point-to-Point Protocol (PPP) frames inside Ethernet frames, offering the same benefits as PPP, while providing connectivity across Ethernet networks.
With PPPoE, service providers can manage multiple client systems, authenticate their access to its services and track customer data usage. PPPoE also supports services such as data encryption and compression.
What is PPPoE used for?
PPPoE is commonly used by internet service providers (ISPs) to deliver internet access services to their customers, typically over broadband connections. PPPoE is implemented extensively by providers offering digital subscriber line (DSL) services. Providers that use PPPoE can connect multiple hosts on a single Ethernet local area network to a remote site via a common device such as a cable or DSL modem. The protocol can also support wireless connections to the internet.
UUNET, Redback Networks and RouterWare developed PPPoE to address PPP limitations and provide a solution for organizations that relied on common customer premises equipment to support multihost environments. In February 1999, the Internet Society helped to formalize PPPoE by publishing Request for Comments 2516, an informational specification that describes PPPoE and how to build PPP sessions and encapsulate PPP packets over Ethernet.
How does PPPoE work?
Ethernet and PPP do not provide native support for each other, yet they both offer important benefits for supporting multihost network environments. PPPoE bridges the gap between Ethernet and PPP by facilitating a point-to-point relationship between network peers. A multihost Ethernet environment can use PPPoE to open PPP sessions to multiple destinations via one or more bridging modems.
Like Ethernet and PPP, PPPoE operates at the network access layer in the Transmission Control Protocol/Internet Protocol (TCP/IP) and at the data link layer in the Open Systems Interconnection (OSI) model. The protocol is intended for use with remote access broadband technologies that offer a bridged Ethernet topology. With PPPoE, service providers can take advantage of Ethernet's cost-effective benefits and still maintain the session abstraction, access control and billing functionality available to PPP.
PPPoE communications are carried out in two stages: PPPoE discovery and PPP session. During the PPPoE discovery stage, the client system establishes a communication channel with an access concentrator (AC) -- a PPPoE server that negotiates and authenticates the connections with PPPoE clients. For example, a service provider might maintain multiple ACs for delivering internet access services to its customers.
When a client attempts to initiate a session with an AC, the client and AC enter into a four-step discovery process in which specific packet types are exchanged:
- The client initiates communication by transmitting a PPPoE Active Discovery Initiation (PADI) packet that includes a request for service.
- When an AC receives the PADI, it responds by sending a PPPoE Active Discovery Offer (PADO) packet that contains its own name and other details about the offered service.
- In response to the PADO, the client sends a PPPoE Active Discovery Request (PADR) packet to the AC, in effect, to accept the service. If the client receives PADOs from multiple ACs, it selects one based on the name or services offered.
- When the AC receives the PADR, it sends a PPPoE Active Discovery Session-confirmation (PADS) packet that confirms the connection and provides a session ID, which is used throughout the session.
After the discovery stage is complete and the connection has been established, the client and AC move on to the PPP session stage. During the session stage, point-to-point communications between the client and AC are carried out just like any PPP encapsulation. The Ethernet packets themselves are sent unicast.
At any point during the session, either the AC or client can send a PPPoE Active Discovery Termination (PADT) packet to end the session. When the client or AC receives the PADT, no further PPP traffic is allowed during that session.
How is PPPoE configured?
Some ISPs supply their customers with broadband modems that have the PPPoE connections already configured. In some cases, however, administrators might need to set up the connection manually. For this, they will need to know the PPPoE username, password and maximum transmission unit (MTU) size. The ISP should provide the customer with the username and password, but administrators are responsible for the MTU sizing.
Networks must be configured with the correct MTU size to work properly. The size is specified in octets -- eight-bit bytes -- and determines the maximize size packet or frame that can be sent across a network. TCP uses MTU when transmitting packets between devices connected to the internet.
An MTU size that's too large might result in retransmissions if the packet encounters a router that can't handle the packet size. An MTU size that's too small can result in more header overhead and a greater number of acknowledgements that need to be sent and received. The recommended MTU for a network interface connected to a PPPoE network is generally a maximum of 1492.
There might also be times when users need to configure PPPoE connections directly from their computers, such as when a bridging modem is set up for passthrough PPPoE connectivity. In this case, users must manually configure the PPPoE connections.
Fortunately, major operating systems, such as macOS, Linux and Windows, include native PPPoE support, so setting up the connection is fairly straightforward. However, users will need the PPPoE account information -- service name, username and password -- which is typically provided by the ISP. Once they set up their connections, they should not need to bother with it again, unless they upgrade their systems or perform other operations that impact the connection.
PPPoE vs. DHCP
Dynamic Host Configuration Protocol (DHCP) is often compared to PPPoE or mentioned within the same context. DHCP is a communications protocol that runs at the TCP/IP application layer. It lets network administrators centrally manage and automate the assignment of IP addresses across a network. It also lets them monitor and distribute IP addresses from a central point and automatically send new IP addresses when computers plug in to other network locations.
DHCP allocates unique IP addresses to network devices so that data packets can be delivered back and forth. The DHCP architecture is typically made up of DHCP clients, DHCP servers and DHCP relay agents. Without DHCP, network administrators must manually configure IP addresses when adding or moving devices from one subnet to another -- or come up with another solution.
Unlike DHCP, PPPoE encapsulates network traffic based on credentialed access. Once a session is established, IP addresses can be assigned to client devices. PPPoE also includes authentication capabilities that enable ISPs to control and monitor access. However, PPPoE must be configured correctly before users can connect to the internet.
In general, PPPoE serves a much different purpose from DHCP. It facilitates authenticated PPP communications on an Ethernet network, whereas DHCP dynamically allocates IP addresses without requiring authentication.