Presentation is loading. Please wait.

Presentation is loading. Please wait.

WAN Communications.

Similar presentations


Presentation on theme: "WAN Communications."— Presentation transcript:

1 WAN Communications

2 WAN Communications WAN communication WAN cabling
Configuring HDLC and PPP protocols on a serial WAN connection Configuring CHAP authentication on a PPP connection Verify proper point-to-point HDLC and PPP configuration Purpose: This figure states the chapter objectives. Emphasize: Read or state each objective so each student has a clear understanding of the chapter objectives. Transition: The next section presents an introduction to wide-area services.

3 WAN Overview WANs connect sites
Service Provider Purpose: This figure introduces students to WAN connections. Emphasize: Highlight the interconnected WAN connections between the various company sites. The site graphically present a mobile dial-up user, a telecommuter using a DDR connection, and two office sites with multiple connections. This course teaches students how to configure a WAN. Tell students a WAN is a data communications network that serves users across a broad geographic area. Transition: Following are the various physical connections that will connect these sites. WANs connect sites Connection requirements vary depending on user requirements and cost

4 WAN Connection Types: Layer 1
Synchronous serial Leased Line Asynchronous serial, ISDN Telephone Company Circuit-switched Purpose: This figure introduces students to various physical WAN connections. Emphasize: Leased lines have point-to-point connections that are indefinitely reserved for transmissions, rather than switched as transmission is required. Typically, a leased connection is made using serial lines. Circuit-switched connections are dedicated physical circuit paths established only during the duration of a call. Physical circuit switched examples are asynchronous serial and Integrated Services Digital Network (ISDN). Packet-switched networks use packet switching technology for data transfer. Evolving physical connections not discussed in this course follow: Digital subscriber line (DSL)—DSL is an emerging technology that delivers high bandwidth over conversational copper lines. There are four varieties of DSL: asymmetric digital subscriber line (ADSL), high-data-rate digital subscriber line (HDSL), single-line digital subscriber line (SDSL), and very-high-data-rate digital subscriber line (VDSL). Because most DSL technologies do not use the whole bandwidth of the twisted pair, there is room left for a voice channel. Cable—Cable is an emerging technology for data transport that uses a coaxial cable medium to transport the data. It is a good choice in emerging markets such as China where copper pairs for telephones are not standardized. Synchronous serial Packet-switched Service Provider

5 WAN Physical Layer Implementations
Physical layer implementations vary Cable specifications define speed of link Frame Relay HDLC PPP Purpose: This figure illustrates the various WAN standards. Emphasize: The serial standards presented in this course, are presented in the figure. For ISDN, use an RJ-45 port. The cable differs from ports used for serial connections. Note that RJ-45 connections will fit into an RJ-48 and vice versa. Tell students not to connect an ISDN cable into anything other than an ISDN port. EIA/TIA-232 EIA/TIA-449 X.121 V.24 V.35 HSSI

6 Interfacing WAN Service Providers
WAN service provider toll network S S S S CO Switch Local Loop S S S Demarcation Trunks and switches Customer Premises Equipment Purpose: This figure identifies the terms of various devices used to complete the WAN connection. Note: CPE includes both devices owned by the subscriber and devices leased to the subscriber by the service provider. The demarc often occurs at a telecommunication closet (a room containing a punch-down block of provider wiring). Usually the local loop extends for a relatively short distance to the nearest telephone company premises. The central office acts as: An entry point to the WAN cloud for calling. An exit point from the WAN for called devices. A switching point for calls that traverse the facility. Inside the long distance toll network are several types of central offices. For example, a calling subscriber’s connection on a local loop can enter an end central office switch and access an interoffice trunk to a toll central office. In most U.S. locations, AT&T, Sprint, and MCI offer toll offices to handle their subscribers’ calls. Within the provider’s cloud, the caller’s traffic may cross a trunk to a primary center, then go to a sectional center, and then to a regional- or international-carrier center as the call goes the long distance to its destination. A called subscriber can receive a call that has traversed the trunks and switches of a similar hierarchy of central offices. The called subscriber receives the call over the local loop from the called subscriber’s end central office. Often, for point-to-point circuits spanning regional or national boundaries, several providers handle a connection in the toll network. Point-to-point or circuit-switched connection Provider assigns connection parameters to subscriber

7 Serial Implementation of DTE versus DCE
Data Terminal Equipment End of the user’s device on the WAN link Data Communications Equipment End of the WAN provider’s side of the communication facility DCE is responsible for clocking Modem CSU/DSU DTE DCE Purpose: This section describes the DTE and DCE. Emphasize: The DTE end attached to your router and the DCE end attaches the the CSU/DSU (or modem) which is attached to the service provider’s network. DTE and DCE do not refer to male and female connectors. Note: Data switching equipment (DSE) is an additional term sometimes used to describe the switch components that appear inside the cloud. The DSE adds and removes channels assigned inside the WAN. The DSE connects traffic from various sources to their final destinations through other switches. S S S S S S DTE DCE DCE DTE DTE/DCE—The point where responsibility passes

8 Serial Point-to-Point Connections Network connections at the CSU/DSU
Router connections End user device DTE Purpose: This section describes the various serial standards that support leased line connections. Emphasize: The same 60-pin end that attaches to a Cisco device supports all standards illustrated. Note: Data switching equipment (DSE) is an additional term sometimes used to describe the switch components that appear inside the cloud. The DSE adds and removes channels assigned inside the WAN. The DSE connects traffic from various sources to their final destinations through other switches. Transition: The next layer in the stack is the layer 2, the data link layer. CSU/ DSU DCE Service Provider EIA/TIA-232 EIA/TIA-449 V.35 X.21 EIA-530 Network connections at the CSU/DSU

9 Modular Interfaces Serial WAN ports can be modular
WAN Interface Card Serial WAN ports can be modular 1603 Router—rear view Module Ethernet 10BaseT Ethernet AUI ISDN BRI S/T Console 3640 Router— rear view Purpose: This figure shows modular interface routers. Emphasize: A modular interface router requires additional hardware network modules and/or WAN interface cards. This generally costs more than a fixed interface router. However, you have the flexibility to change the interface components as your network scales. When configuring an interface on a fixed configuration router, some interfaces must be called out with the slot and port. Note: The figure displays a 1603 router with a 60-pin WAN interface card. It also displays a 3640 with an 8 port serial network module. The laboratory exercise suggests the use of a 3640 as the core router. If you use this router, show the students the various network modules you have installed.

10 Typical WAN Encapsulation Protocols: Layer 2
HDLC, PPP, SLIP Leased Line X.25, Frame Relay, ATM Packet-switched Service Provider Purpose: This figure introduces students to various encapsulation options to use over the various physical connections. Emphasize: In order to exchange traffic over a WAN link, the packets must be encapsulated into a Layer 2 frame. There are a variety of Layer 2 encapsulation types available that can be used, depending on the WAN connection being used. Some of the types are listed on the figure. Encapsulation must be configured on the router when configuring the interface. Some of these encapsulation types will be seen again in the following chapters. In an ISDN environment, Point-to-Point (PPP) is the B channel’s Layer 2 encapsulation. Link Access Procedure on the D channel (LAPD) is the encapsulation for the D channel. Either the proprietary Cisco or Internet Engineering Task Force (IETF) (defined in RFC 1490) encapsulations are the Layer 2 encapsulations for Frame Relay. Note: Other encapsulations not shown include AppleTalk Remote Access Protocol (ARAP), Compressed Serial Link Internet Protocol (CSLIP), or Synchronous Data Link control (SDLC). Transition: We will first look at the HDLC encapsulation. PPP, SLIP, HDLC Circuit-switched Telephone Company

11 HDLC Frame Format Cisco HDLC Flag Address Control Proprietary Data FCS Flag Cisco’s HDLC has a proprietary data field to support multiprotocol environments HDLC Purpose: This figure introduces students to HDLC encapsulation. Emphasize: HDLC is the default layer 2 protocol for Cisco router serial interfaces. Cisco’s proprietary enhancement to HDLC incorporates a protocol or type field to allow multiple protocols to be carried on a single link Flag Address Control Data FCS Flag Supports only single protocol environments

12 HDLC Command Enable hdlc encapsulation
Router(config-if)#encapsulation hdlc Enable hdlc encapsulation HDLC is the default encapsulation on synchronous serial interfaces Purpose: This figure describes how to configure HDLC on a serial connection. Emphasize: encapsulation hdlc is the default encapsulation on a Cisco router’s serial connection. Transition: If the network consists of Cisco and non-Cisco devices, you should PPP instead of HDLC.

13 Link setup and control using LCP in PPP
An Overview of PPP Multiple protocol encapsulations using NCPs in PPP PPP Encapsulation TCP/IP Novell IPX AppleTalk Purpose: This figure presents an overview of PPP. Emphasize: The figure illustrates the multiple protocols NCP supports. The two arrows pointing to the router interfaces is where PPP encapsulation occurs. The first bullet summarizes the role of NCP. The second bullet summarizes the role of LCP options that the administrator can use to set up and control the data link. Several RFCs are used to specify aspects of PPP. RFC 1548 is the major specification for the major PPP NCP and LCP operations. Link setup and control using LCP in PPP PPP can carry packets from several protocol suites using Network Control Programs PPP controls the setup of several link options using LCP

14 Layering PPP Elements PPP PPP—A data link with network-layer services
IP IPX Layer 3 Protocols IPCP IPXCP Network Layer Many Others PPP Network Control Protocol Data Link Layer Authentication, other options Purpose: This figure maps the elements of PPP to the OSI model. Emphasize: At the bottom layer, PPP operates using synchronous media such as ISDN or asynchronous media such as basic telephone service dialup. For ISDN, PPP operates over dialup connections like those in a Cisco LAN2LAN Personal Office node, or over a link between two routers. PPP offers data-link services that control access to communication media between devices considered directly connected over the WAN. This ISO/OSI Layer 2 protocol connects a DTE (local router) to another DTE (remote router). Using PPP’s LCP options, an administrator can provide secure access and reliable data transfer. PPP blends with many Layer 3 protocols using PPP NCPs. For example, in the ISDN lab that follows the next chapter, the router will use IP Control Protocol (IPCP) with PPP encapsulation. Link Control Protocol Synchronous or Asynchronous Physical Media Physical Layer PPP—A data link with network-layer services

15 PPP LCP Configuration Options
Feature How It Operates Protocol Require a password PAP Authentication Perform Challenge Handshake CHAP Compress data at source; reproduce data at destination Stacker or Predictor Compression Purpose: The figure presents an overview of the most popular PPP features. Emphasize: The table in the figure lists and describes the various LCP options. PPP compression is offered in Cisco’s Compression Control Protocol (CCP). RFC 1548 covers the Internet Engineering Task Force (IETF) approved PPP options in detail. RFC 1717 defines Multilink Protocol. RFC 1990, The PPP Multilink Protocol (MP), obsoletes RFC 1717. Note: To further enhance security, Cisco IOS Release 11.1 offers callback over PPP. With this LCP option, a Cisco router can act as a callback client or as a callback server. The client makes the initial DDR call requests that it be called back, and terminates its initial call. The callback server answers the initial call and makes the return call to the client based on its configuration statements. This option is described in RFC 1570. Reference: Students will only learn how to configure PAP and CHAP authentication in this course. To learn how to configure the other LCP options, students should attend the Building Cisco Remote Access (BCRAN) course. Error Detection Monitor data dropped on link Magic Number Avoid frame looping Load balancing across multiple links Multilink Protocol (MP) Multilink

16 PPP Authentication Overview
Dialup or Circuit-Switched Network PPP Session Establishment 1 Link Establishment Phase 2 Optional Authentication Phase 3 Network-Layer Protocol Phase Purpose: This graphic presents the PPP authentication overview. Emphasize: A PPP session establishment has three phases: Link establishment phase—In this phase, each PPP device sends LCP packets to configure and test the data link. Authentication phase (optional)—After the link has been established and the authentication protocol decided on, the peer may be authenticated. PPP supports two authentication protocols: PAP and CHAP. Both of these protocols are detailed in RFC 1334, PPP Authentication Protocols. However, RFC 1994, PPP Challenge Handshake Authentication Protocol, obsoletes RFC 1334. Network-layer protocol phase—In this phase, the PPP devices send NCP packets to choose and configure one or more network-layer protocol. Two PPP authentication protocols: PAP and CHAP

17 CHAP Authentication Protocol
3-Way Handshake Remote Router (SantaCruz) Central-Site Router (HQ) Challenge Response Hostname: santacruz username HQ password boardwalk Accept/Reject Purpose: This figure presents the PPP authentication protocol, CHAP. Emphasize: CHAP is done upon initial link establishment and can be repeated any time after the link has been established. CHAP transactions occur only when a link is established. The local access server does not request a password during the rest of the session. (The local access server can, however, respond to such requests from other devices during a session.) CHAP is specified in RFC It is an additional authentication phase of the PPP Link Control Protocol. Transition: Now that you know how PPP and PPP authentication operates, the following section describes how to configure it on an IOS router. username SantaCruz password boardwalk Use “secret” known only to authenticator and peer

18 Configuring PPP and Authentication Overview
Verify who you are. Service Provider Authenticating Router (The router that received the call.) ppp encapsulation hostname username / password ppp authentication Router to Be Authenticated (The router that initiated the call.) ppp encapsulation hostname username / password ppp authentication Enabling PPP Enabling PPP ü ü Purpose: This figure provides a sign post highlighting the tasks to complete to enable PPP and PPP authentication. Emphasize: Highlight the steps the student must take to enable PPP authentication. Enabling PPP Authentication Enabling PPP Authentication ü ü ü ü ü ü

19 Configuring PPP Router(config-if)#encapsulation ppp
Enable PPP encapsulation Purpose: This figure describes how to encapsulate PPP on an interface.

20 Configuring PPP Authentication
Router(config)#hostname name Assigns a host name to your router Router(config)#username name password password Identifies the username and password of authenticating router Purpose: This figure describes how to set the hostname on the local device and a remote device’s username and password. Emphasize: Correct configuration is essential since PAP and CHAP will use these parameters to authenticate. The names and password are case sensitive.

21 Configuring PPP Authentication
Router(config-if)#ppp authentication {chap | chap pap | pap chap | pap} Enables PAP and/or CHAP authentication Purpose: This figure continues with the PPP authentication configuration commands. Emphasize: If both PAP and CHAP are enabled, then the first method specified will be requested during link negotiation. If the peer suggests using the second method or simply refuses the first method, then the second method will be tried.

22 Configuring CHAP Example
Router1 Router2 PSTN/ISDN hostname left username Router2 password cisco ! int serial 0 ip address encapsulation ppp ppp authentication CHAP hostname right username Router1 password cisco ! int serial 0 ip address encapsulation ppp ppp authentication CHAP Purpose: This page shows an example of CHAP configuration between two routers. Emphasize: When you configure the usernames and passwords for the local databases, the passwords on both systems must be identical. Usernames and passwords are case sensitive. Transition: The next section shows how to verify that the connection is operating as intended.

23 Verifying HDLC and PPP Encapsulation Configuration
Router#show interface s0 Serial0 is up, line protocol is up Hardware is HD64570 Internet address is /24 MTU 1500 bytes, BW 1544 Kbit, DLY usec, rely 255/255, load 1/255 Encapsulation PPP, loopback not set, keepalive set (10 sec) LCP Open Open: IPCP, CDPCP Last input 00:00:05, output 00:00:05, output hang never Last clearing of "show interface" counters never Queueing strategy: fifo Output queue 0/40, 0 drops; input queue 0/75, 0 drops 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 38021 packets input, bytes, 0 no buffer Received broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 38097 packets output, bytes, 0 underruns 0 output errors, 0 collisions, 6045 interface resets 0 output buffer failures, 0 output buffers swapped out 482 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up Purpose: This graphic presents the show interface command, which is used to verify that PPP encapsulation is configured on the interface. The same command is used to verify proper HDLC configuration.

24 Verifying PPP Authentication with the debug ppp authentication Command
Left router Service Provider Right router 4d20h: %LINK-3-UPDOWN: Interface Serial0, changed state to up 4d20h: Se0 PPP: Treating connection as a dedicated line 4d20h: Se0 PPP: Phase is AUTHENTICATING, by both 4d20h: Se0 CHAP: O CHALLENGE id 2 len 28 from ”Router1" 4d20h: Se0 CHAP: I CHALLENGE id 3 len 28 from ” Router2" 4d20h: Se0 CHAP: O RESPONSE id 3 len 28 from ” Router1 " 4d20h: Se0 CHAP: I RESPONSE id 2 len 28 from ” Router2" 4d20h: Se0 CHAP: O SUCCESS id 2 len 4 4d20h: Se0 CHAP: I SUCCESS id 3 len 4 4d20h: dialer Protocol up for Se0 4d20h: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to up Purpose: This page shows an example of debug ppp authentication output. The output illustrates of a successful CHAP authentication challenge. Emphasize: The debug ppp authentication command displays the authentication exchange sequence as it occurs. debug ppp authentication successful CHAP output

25 PPP Configuration Lab.pdf PPP Configuration Lab.pkt
Lab file PPP Configuration Lab.pdf Lab scenario PPP Configuration Lab.pkt


Download ppt "WAN Communications."

Similar presentations


Ads by Google