PPPoE

Question 1

PPPoE is composed of which two phases?

A. Active Authentication Phase and PPP Session Phase
B. Passive Discovery Phase and PPP Session Phase
C. Active Authorization Phase and PPP Session Phase
D. Active Discovery Phase and PPP Session Phase

Answer: D

PPPoE provides a standard method of employing the authentication methods of the Point-to-Point Protocol (PPP) over an Ethernet network. When used by ISPs, PPPoE allows authenticated assignment of IP addresses. In this type of implementation, the PPPoE client and server are interconnected by Layer 2 bridging protocols running over a DSL or other broadband connection.

PPPoE is composed of two main phases:
+ Active Discovery Phase: In this phase, the PPPoE client locates a PPPoE server, called an access concentrator. During this phase, a Session ID is assigned and the PPPoE layer is established.
+ PPP Session Phase: In this phase, PPP options are negotiated and authentication is performed. Once the link setup is completed, PPPoE functions as a Layer 2 encapsulation method, allowing data to be transferred over the PPP link within PPPoE headers.

Question 2

Which statement is true about the PPP Session Phase of PPPoE?

A. PPP options are negotiated and authentication is not performed. Once the link setup is completed, PPPoE functions as a Layer 3 encapsulation method that allows data to be transferred over the PPP link within PPPoE headers.
B. PPP options are not negotiated and authentication is performed. Once the link setup is completed, PPPoE functions as a Layer 4 encapsulation method that allows data to be transferred over the PPP link within PPPoE headers.
C. PPP options are automatically enabled and authorization is performed. Once the link setup is completed, PPPoE functions as a Layer 2 encapsulation method that allows data to be encrypted over the PPP link within PPPoE headers.
D. PPP options are negotiated and authentication is performed. Once the link setup is completed, PPPoE functions as a Layer 2 encapsulation method that allows data to be transferred over the PPP link within PPPoE headers.

Answer: D

PPP Session Phase: In this phase, PPP options are negotiated and authentication is performed. Once the link setup is completed, PPPoE functions as a Layer 2 encapsulation method, allowing data to be transferred over the PPP link within PPPoE headers.

Question 3

A corporate policy requires PPPoE to be enabled and to maintain a connection with the ISP, even if no interesting traffic exists. Which feature can be used to accomplish this task?

A. TCP Adjust
B. Dialer Persistent
C. PPPoE Groups
D. half-bridging
E. Peer Neighbor Route

Answer: B

The “dialer persistent” command (under interface configuration mode) allows a dial-on-demand routing (DDR) dialer profile connection to be brought up without being triggered by interesting traffic. When configured, the dialer persistent command starts a timer when the dialer interface starts up and starts the connection when the timer expires. If interesting traffic arrives before the timer expires, the connection is still brought up and set as persistent. An example of configuring is shown below:

interface Dialer1
ip address 12.12.12.1 255.255.255.0
encapsulation ppp
dialer-pool 1
dialer persistent

Question 4

Prior to enabling PPPoE in a virtual private dialup network group, which task must be completed?

A. Disable CDP on the interface.
B. Execute the vpdn enable command.
C. Execute the no switchport command.
D. Enable QoS FIFO for PPPoE support.

Answer: B

The “vpdn enable” command is used to enable virtual private dialup networking (VPDN) on the router and inform the router to look for tunnel definitions in a local database and on a remote authorization server (home gateway). The following steps include: configure the VPDN group; configure the virtual-template; create the IP pools.

Question 5

A network engineer has been asked to ensure that the PPPoE connection is established and authenticated using an encrypted password. Which technology, in combination with PPPoE, can be used for authentication in this manner?

A. PAP
B. dot1x
C. IPsec
D. CHAP
E. ESP

Answer: D

There are three authentication methods that can be used to authenticate a PPPoE connection:

+ CHAP – Challenge Handshake Authentication Protocol
+ MS-CHAP – Microsoft Challenge Handshake Authentication Protocol Version 1 & 2
+ PAP – Password Authentication Protocol

In which MS-CHAP & CHAP are two encrypted authentication protocol while PAP is unencrypted authentication protocol.

Note: PAP authentication involves a two-way handshake where the username and password are sent across the link in clear text; hence, PAP authentication does not provide any protection against playback and line sniffing.

With CHAP, the server (authenticator) sends a challenge to the remote access client. The client uses a hash algorithm (also known as a hash function) to compute a Message Digest-5 (MD5) hash result based on the challenge and a hash result computed from the user’s password. The client sends the MD5 hash result to the server. The server, which also has access to the hash result of the user’s password, performs the same calculation using the hash algorithm and compares the result to the one sent by the client. If the results match, the credentials of the remote access client are considered authentic. A hash algorithm provides one-way encryption, which means that calculating the hash result for a data block is easy, but determining the original data block from the hash result is mathematically infeasible.

Question 6

Which statement is a restriction for PPPoE configuration?

A. Multiple PPPoE clients can use the same dialer interface.
B. Multiple PPPoE clients can use the same dialer pool.
C. A PPPoE session can be initiated only by the client.
D. A PPPoE session can be initiated only by the access concentrator.

Answer: C

A PPPoE session is initiated by the PPPoE client. If the session has a timeout or is disconnected, the PPPoE client will immediately attempt to reestablish the session. The following four steps describe the exchange of packets that occurs when a PPPoE client initiates a PPPoE session:
1. The client broadcasts a PPPoE Active Discovery Initiation (PADI) packet.
2. When the access concentrator receives a PADI that it can serve, it replies by sending a PPPoE Active Discovery Offer (PADO) packet to the client.
3. Because the PADI was broadcast, the host may receive more than one PADO packet. The host looks through the PADO packets it receives and chooses one. The choice can be based on the access concentrator name or on the services offered. The host then sends a single PPPoE Active Discovery Request (PADR) packet to the access concentrator that it has chosen.
4. The access concentrator responds to the PADR by sending a PPPoE Active Discovery Session-confirmation (PADS) packet. At this point a virtual access interface is created that will then negotiate PPP, and the PPPoE session will run on this virtual access.

If a client does not receive a PADO for a preceding PADI, the client sends out a PADI at predetermined intervals. That interval is doubled for every successive PADI that does not evoke a response, until the interval reaches a configured maximum.

If PPP negotiation fails or the PPP line protocol is brought down for any reason, the PPPoE session and the virtual access will be brought down. When the PPPoE session is brought down, the client waits for a predetermined number of seconds before trying again to establish a PPPoE.

Question 7

Refer to the exhibit.

interface Ethernet 0
pppoe-client dial-pool-number 5
pppoe-client ppp-max-payload 1500
interface Dialer 1
ip address negotiated
dialer pool 5
mtu 1492

Which statement about the configuration is true?

A. This configuration is incorrect because the MTU must match the ppp-max-payload that is defined.
B. This configuration is incorrect because the dialer interface number must be the same as the dialer pool number.
C. This configuration is missing an IP address on the dialer interface.
D. This configuration represents a complete PPPoE client configuration on an Ethernet connection.

Answer: D

Question 8

Which command configures a PPPoE client and specifies dial-on-demand routing functionality?

A. pppoe-client dial-pool-number
B. PPPoE enable
C. interface dialer 1
D. encapsulation PPP

Answer: A

Question 9

Which command instruct a PPPoE client to obtain its IP address from the PPPoE server?

A. interface dialer
B. ip address negotiated
C. pppoe enable
D. ip address dhcp
E. ip address dynamic

Answer: B

The picture below shows all configuration needed for PPPoE:

As we can see from the PPPoE Client configuration, to get the IP address assigned from the PPPoE server the command “ip address negotiated” should be used.

Question 10

Which two configurations can a PPPoE client support? (Choose two)

A. Eight clients are configured on a single CPE
B. The client is connected to multiple hosts over DMVPN
C. The client is installed on the same network device as the server
D. The client is connecting over an ATM PVC
E. The client is installed on a native IPv6 network

Answer: A B

The PPPoE client does not support the following:
+ More than ten clients per customer premises equipment (CPE)-> This means a CPE can support up to 10 clients so answer A is correct.
+ Coexistence of the PPPoE client and server on the same device -> answer C is not correct

In the above link there is a topology shows “DMVPN Access to Multiple Hosts from the Same PPPoE Client” -> Answer B is correct.

Question 11

Which DSL encapsulation method requires client software running on the end-user PC that is directly connected to a DSL modem?

A. PPPoA
B. PPPoE
C. PPP
D. L2TP
E. ATM

Answer: B

Question 12

Which two commands do you need to implement on a router to support PPPoE client?

A. peer default ip address pool
B. MTU
C. bba-group pppoe
D. pppoe enable group
E. pppoe-client dialer-pool-number

Answer: B E