Point-to-Point Protocol over Ethernet (PPPoE) is a network protocol that facilitates communication between network endpoints. PPPoE encapsulates Point-to-Point Protocol (PPP) frames within Ethernet frames, offering the same benefits as PPP while providing connectivity across Ethernet networks.
PPP (Point-to-Point Protocol) is a data link protocol used to establish a direct connection between two nodes in a network, typically over serial cables, phone lines, or other physical mediums. It is commonly used for dial-up connections and also serves as part of the authentication and encapsulation process for DSL (Digital Subscriber Line) connections.
The essence of PPP lies in its ability to provide a reliable and secure way to transmit data between two endpoints. It supports features such as error detection and correction, multiple network layer protocols (like IP, IPv6, IPX), and authentication methods (like PAP and CHAP) to ensure data integrity and confidentiality.
PPPoE (Point-to-Point Protocol over Ethernet), on the other hand, is a network protocol that encapsulates PPP frames within Ethernet frames, allowing PPP to be transmitted over Ethernet networks. PPPoE is commonly used by DSL service providers to establish a connection between a customer’s premises and the Internet Service Provider (ISP).
PPPoE can replace traditional PPP connections in scenarios where Ethernet infrastructure is available and more convenient than serial or dial-up connections. It enables ISPs to offer broadband services to customers using existing Ethernet infrastructure while still benefiting from the features and security of PPP.
In this post, I will show you how to configure a PPPoE Client on a Cisco Router using a sample network topology.
Network Topology
The network topology we will be making use of in this post is shown below. As you can see, it consists of two routers and a cloud symbol, which stands for internet. One of the routers is an ISP router, which is serving as a PPPoE server, while the other is a customer router, which we will configure as a PPPoE client. Some of the authentication details are displayed on the network Network topology. You can inquire about the MTU and MSS values from your ISP. The one we will be using for this demonstration is displayed in the network topology as well.
How to Configure PPPoE Client on Cisco Router
Here are the steps to configure the PPPoE client on a Cisco router using the sample network topology above.
Step 1: Configure Ethernet Interface
R1(config)#interface ethernet0/0
R1(config-if)#no ip address
R1(config-if)#no shutdown
R1(config-if)#exit
Step 2: Enable PPPoE Client on Ethernet Interface
R1(config)#interface ethernet0/0
R1(config-if)#pppoe enable group global
R1(config-if)#pppoe-client dial-pool-number 1
R1(config-if)#exit
Here is a brief description of the commands you might find confusing.
- pppoe enable group global: This command enables PPPoE on the interface and specifies the PPPoE group to which the interface belongs.
- pppoe-client dial-pool-number 1: This command assigns the interface to a dial pool for PPPoE client connections.
Step 3: Configure Dialer Interface for PPPoE
R1(config)#interface dialer 1
R1(config-if)#mtu 1480 <-- You can inquire about the MTU values from your ISP
R1(config-if)#ip address negotiated
R1(config-if)#encapsulation ppp
R1(config-if)#ip tcp adjust-mss 1440 <-- You can inquire about the MSS values from your ISP
R1(config-if)#dialer pool 1
R1(config-if)#dialer-group 1
R1(config-if)#ppp pap sent-username fiber123@fttxhome password fttxhome <-- You can inquire about your username & password from your ISP.
R1(config-if)#exit
Here is a brief description of the commands that you may find confusing;
- interface dialer 1: This command enters interface configuration mode for Dialer1 interface.
- mtu 1480: This command sets the Maximum Transmission Unit (MTU) size for the interface to 1480 bytes.
- ip address negotiated: This command configures the interface to negotiate its IP address dynamically with the peer (the ISP).
- encapsulation ppp: This command specifies PPP encapsulation for the interface.
- ip tcp adjust-mss 1440: This command adjusts the TCP Maximum Segment Size (MSS) for packets traversing the interface to 1440 bytes, which is often necessary for PPPoE connections.
- dialer pool 1: This command assigns the interface to a dialer pool, allowing it to use the physical interface for outbound connections.
- dialer-group 1: This command assigns the interface to a dialer group, which determines which dialer profiles will be used for outgoing calls.
- ppp pap sent-username fiber123@fttxhome password fttxhome: This command configures the PPP authentication protocol (PAP) and specifies the username and password for authentication when establishing the PPPoE connection.
Step 4: Configure Default route
The default route is a route the router will forward traffic to if the route to the destination of the traffic does not appear in the routing table. As for the network topology we are using in this post, we will configure the default to the internet.
R1(config)#ip route 0.0.0.0 0.0.0.0 dialer 1
Step 5: Configure DNS
The Domain Name System (DNS) helps to resolve IP addresses into human-readable names. It basically helps to map an IP address to a human-readable name so that any traffic sent to the name will be forwarded to the IP address mapped to the name. In this demonstration, we will configure 1.1.1.1 and 1.0.0.1 as the DNS servers for the router.
DNS servers “1.1.1.1” and “1.0.0.1” are provided by Cloudflare, and they are publicly accessible DNS servers on the internet.
R1(config)#ip name-server 1.1.1.1 1.0.0.1
Now let’s test if we can reach the internet using the default route we configured and whether the DNS is working by pinging facebook.com.
R1#ping 8.8.8.8 <-- R1 pings a Public IP Address directly to test if R1 can connect to the Internet.
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 24/24/25 ms
R1#ping www.youtube.com <-- R1 pings www.youtube.com to check if the DNS is working.
Translating "www.youtube.com"...domain server (1.1.1.1) [OK]
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.217.194.190, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/29 ms
Step 6: Configure the Router as DHCP Server
Firstly, let’s configure the LAN gateway address on ethernet0/1 and enable this interface.
R1(config)#interface ethernet0/1
R1(config-if)#ip address 192.168.12.1 255.255.255.0
R1(config-if)#no shutdown
R1(config-if)#exit
Then, let’s Configure the DHCP Server.
R1(config)#ip dhcp pool LAN
R1(dhcp-config)#domain-name cisco.lab
R1(dhcp-config)#network 192.168.12.0 /24
R1(dhcp-config)#default-router 192.168.12.1
R1(dhcp-config)#dns-server 1.1.1.1 1.0.0.1
R1(dhcp-config)#lease 1
R1(dhcp-config)#exit
If you are curious to learn about each of the above commands, read our post on how to configure a DHCP server on a Cisco router.
Step 7: Configure PAT
Port Address Translation (PAT) is one of the network address translation protocols that helps route private IP addresses to the internet. To be able to use a private IP address on the WAN to reach the internet, we need to configure PAT on the Cisco router.
R1(config)#ip dhcp excluded-address 192.168.12.1 192.168.12.10
R1(config)#access-list 1 permit 192.168.12.0 0.0.0.255 <-- Create an access-list to classify the hosts that need to be natted.
R1(config)#ip nat inside source list 1 interface dialer 1 overload <-- Configure the NAT to have access list 1 as inside. dialer 1 as outside with overload.
R1(config)#interface dialer 1 <-- Apply the NAT on the outside interfaces of R1.
R1(config-if)#ip nat outside
R1(config-if)#exit
R1(config)#interface ethernet0/1 <-- Apply the NAT on the inside interfaces of R1.
R1(config-if)#ip nat inside
R1(config-if)#exit
If you are curious to learn about each of the above commands, read our post on how to configure PAT on cisco router.
Step 8: Test the Configuration
We can test whether DHCP is working by requesting an IP address from the PC to the DHCP server, which is the router. Also, to check whether PAT is working, we need to ping a public IP address from the PC.
PC1
PC1> dhcp <-- PC1 requests an IP Address from the DHCP server.
DORA IP 192.168.12.11/24 GW 192.168.12.1
PC1> show ip
NAME : VPCS[1]
IP/MASK : 192.168.12.11/24
GATEWAY : 192.168.12.1
DNS : 1.1.1.1 1.0.0.1
DHCP SERVER : 192.168.12.1
DHCP LEASE : 86395, 86400/43200/75600
DOMAIN NAME : cisco.lab
MAC : 00:50:79:66:68:04
LPORT : 20000
RHOST:PORT : 127.0.0.1:30000
MTU : 1500
PC1> ping 9.9.9.9 <-- PC1 pings directly to the Public IP address.
84 bytes from 9.9.9.9 icmp_seq=1 ttl=52 time=30.888 ms
84 bytes from 9.9.9.9 icmp_seq=2 ttl=52 time=31.823 ms
84 bytes from 9.9.9.9 icmp_seq=3 ttl=52 time=30.781 ms
84 bytes from 9.9.9.9 icmp_seq=4 ttl=52 time=30.166 ms
84 bytes from 9.9.9.9 icmp_seq=5 ttl=52 time=30.745 ms
PC1> ping www.youtube.com <-- PC1 pings www.youtube.com to check if the DNS is working.
www.youtube.com resolved to youtube-ui.l.google.com(142.251.12.91)
84 bytes from 142.251.12.91 icmp_seq=1 ttl=52 time=30.522 ms
84 bytes from 142.251.12.91 icmp_seq=2 ttl=52 time=30.566 ms
84 bytes from 142.251.12.91 icmp_seq=3 ttl=52 time=30.543 ms
84 bytes from 142.251.12.91 icmp_seq=4 ttl=52 time=30.786 ms
84 bytes from 142.251.12.91 icmp_seq=5 ttl=52 time=30.805 ms
PC2
PC2> dhcp <-- PC2 requests an IP Address from the DHCP server. DORA IP 192.168.12.12/24 GW 192.168.12.1 PC2> show ip
NAME : VPCS[1]
IP/MASK : 192.168.12.12/24
GATEWAY : 192.168.12.1
DNS : 1.1.1.1 1.0.0.1
DHCP SERVER : 192.168.12.1
DHCP LEASE : 86397, 86400/43200/75600
DOMAIN NAME : cisco.lab
MAC : 00:50:79:66:68:05
LPORT : 20000
RHOST:PORT : 127.0.0.1:30000
MTU : 1500
PC2> ping 8.8.8.8 <-- PC2 pings directly to the Public IP address.
84 bytes from 8.8.8.8 icmp_seq=1 ttl=113 time=25.055 ms
84 bytes from 8.8.8.8 icmp_seq=2 ttl=113 time=25.034 ms
84 bytes from 8.8.8.8 icmp_seq=3 ttl=113 time=26.489 ms
84 bytes from 8.8.8.8 icmp_seq=4 ttl=113 time=25.315 ms
84 bytes from 8.8.8.8 icmp_seq=5 ttl=113 time=25.445 ms
PC2> ping www.facebook.com <-- PC2 pings www.facebook.com to check if the DNS is working.
www.facebook.com resolved to star-mini.c10r.facebook.com(157.240.7.35)
84 bytes from 157.240.7.35 icmp_seq=1 ttl=49 time=28.647 ms
84 bytes from 157.240.7.35 icmp_seq=2 ttl=49 time=28.373 ms
84 bytes from 157.240.7.35 icmp_seq=3 ttl=49 time=28.488 ms
84 bytes from 157.240.7.35 icmp_seq=4 ttl=49 time=28.627 ms
84 bytes from 157.240.7.35 icmp_seq=5 ttl=49 time=28.851 ms
I am a passionate Networking Associate specializing in Telecommunications.
With a degree in Electronic engineering, I possess a strong understanding of electronic systems and the intricacies of telecommunications networks. I gained practical experience and valuable insights working for a prominent telecommunications company.
Additionally, I hold certifications in networking, which have solidified my expertise in network architecture, protocols, and optimization.
Through my writing skills, I aim to provide accurate and valuable knowledge in the networking field.
Connect with me on social media using the links below for more insights.
You can contact me using [email protected] or connect with me using any of the social media account linked below