Hide Navigation Pane
Show Navigation Pane
Download
SHA1
Broadband Remote Access Support for PPP Overview
Broadband Remote Access Server (B-RAS) is an application that aggregates the output from digital subscriber line access multiplexers (DSLAMs). B-RAS provides user PPP sessions and PPP session termination and routes traffic onto the backbone. See JunosE Broadband Access Configuration Guide for details on B-RAS.
The router provides an enhanced version of PPP to accommodate B-RAS with the following features:
- Internet Protocol Control Protocol (IPCP) extensions for Windows Internet Name Service (WINS) and Domain Name System (DNS) name server addresses
- Password Authentication Protocol (PAP)
- Challenge Handshake Authentication Protocol (CHAP)
- Keepalive timeout
- Session timeout
- Inactivity timeout
- Accounting
Authentication
The router acts as an authenticator. It demands authentication from a remote PPP peer but refuses to authenticate itself.
Rate Limiting for PPP Control Packets
The router implements rate limiting for PPP control packets to protect the corresponding PPP interface from denial-of-service (DoS) attacks. The interface discards control packets when the rate of control packets received exceeds the rate limit for PPP interfaces.
A PPP interface has a rate limit control that is non-configurable and always in effect; the rate limit is the same for all PPP interfaces. In addition, each interface instance maintains its own state and statistics counters for tracking the rate. The rate limit for PPP control packets is approximately 10 packets per second.
For a PPP interface, the router increments the discards counter in the show ppp interface command display to track the number of PPP control packets discarded on receipt (in) or discarded before they were transmitted (out) on this interface.
For examples of the show ppp interface command display, see Monitoring PPP Interfaces.
