3Com Switch 4200G Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module

161

162

163

164

165

166

167

168

169

170

Introduction to 802.1x 151

■ EAP protocol packets transmitted between the supplicant system and the

authenticator system are encapsulated as EAPoL packets.

■ EAP protocol packets transmitted between the supplicant system PAE and the

RADIUS server can either be encapsulated as EAPoR (EAP over RADIUS) packets or

be terminated at system PAEs (The system PAEs then communicate with RADIUS

servers through PAP (password authentication protocol) or CHAP

(challenge-handshake authentication protocol) protocol packets.)

■ When a supplicant system passes the authentication, the authentication server

passes the information about the supplicant system to the authenticator system.

The authenticator system in turn determines the state (authorized or

unauthorized) of the controlled port according to the instructions (accept or reject)

received from the RADIUS server.

Encapsulation of EAPoL

Messages

The format of an EAPoL packet

EAPoL is a packet encapsulation format defined in 802.1x. To enable EAP protocol

packets to be transmitted between supplicant systems and authenticator systems

through LANs, EAP protocol packets are encapsulated in EAPoL format. Figure 45

illustrates the structure of an EAPoL packet.

Figure 45 The format of an EAPoL packet

In an EAPoL packet:

■ The PAE Ethernet type field holds the protocol identifier. The identifier for 802.1x is

888E.

■ The Protocol version field holds the version of the protocol supported by the

sender of the EAPoL packet.

■ The Type field can be one of the following:

00: Indicates that the packet is an EAP-packet, which carries authentication

information.

01: Indicates that the packet is an EAPoL-start packet, which initiates

authentication.

02: Indicates that the packet is an EAPoL-logoff packet, which sends logging off

requests.

03: Indicates that the packet is an EAPoL-key packet, which carries key

information packets.

04: Indicates that the packet is an EAPoL-encapsulated-ASF-Alert packet, which is

used to support the alerting messages of ASF (alert standard forum).

■ The Length field indicates the size of the Packet body field. A value of 0 indicates

that the Packet Body field does not exist.

■ The Packet body field differs with the Type field.

PAE Ethernet type Protocol version Length

Packet body

TypePAE Ethernet type Protocol version Length

Packet body

Type