chapter14ccna

Download Report

Transcript chapter14ccna

Sybex CCNA 640-802
Chapter 14: Wide Area Networks
Instructor & Todd Lammle
Chapter 14 Objectives
The CCNA Topics Covered in this chapter
include:
• Introduction to WAN’s
• HDLC
• PPP
• Frame Relay
• Introduction to VPN’s
2
Defining WAN Terms
• Customer Premises Equipment
(CPE)
• Demarcation (demarc)
• Local loop
• Central Office (CO)
• Toll network
WAN Connection Types
DTE-DCE-DTE
WAN Support
•
•
•
•
•
•
•
Frame Relay
ISDN
LAPB
LAPD
HDLC
PPP
ATM
HDLC Protocol
• Bit-oriented Data Link layer ISO
standard protocol
• Specifies a data encapsulation
method
• No authentication can be used
HDLC Frame Format
Point-to-Point Protocol (PPP)
• Purpose:
– Transport layer-3 packets across a
Data Link layer point-to-point link
• Can be used over asynchronous
serial (dial-up) or synchronous
serial (ISDN) media
– Uses Link Control Protocol (LCP)
• Builds & maintains data-link
connections
Point-to-Point Protocol Stack
PPP Main Components
• EIA/TIA-232-C
– Intl. Std. for serial communications
• HDLC
– Serial link datagram encapsulation method
• LCP
– Used in P-t-P connections:
• Establishing
• Maintaining
• Terminating
• NCP
– Method of establishing & configuring Network
Layer protocols
– Allows simultaneous use of multiple Network
layer protocols
LCP Configuration Options
• Authentication
– PAP
– CHAP
• Compression
– Stacker
– Predictor
• Error detection
– Quality
– Magic Number
• Multilink
– Splits the load for PPP over 2+ parallel
circuits; a bundle
PPP Session Establishment
• Link-establishment phase
• Authentication phase
• Network-layer protocol phase
PPP Session Establishment
PPP Authentication Methods
• Password Authentication
Protocol (PAP)
– Passwords sent in clear text
– Remote node returns username &
password
• Challenge Authentication
Protocol (CHAP)
– Done at start-up & periodically
– Challenge & Reply
• Remote router sends a one-way hash
~ MD5
Configuring PPP
•
Step #1: Configure PPP on RouterA & RouterB:
Router__#config t
Router__(config)#int s0
Router__(config-if)#encapsulation ppp
Router__(config-if)#^Z
•
Step #2: Define the username & password on each router:
– RouterA:
cisco
– RouterB:
cisco
RouterA(config)#username RouterB password
RouterB(config)#username RouterA password
NOTE: (1) Username maps to the remote router
(2) Passwords must match
•
Step #3: Choose Authentication type for each router;
CHAP/PAP
Router__(Config)#int s0
Router__(config-if)#ppp authentication chap
Router__(config-if)#ppp authentication pap
Router__(config-if)#^Z
PPP Example 1
PPP Example 2
PPP Example 3
PPP Example 4
Frame Relay
• Background
– High-performance WAN
encapsulation method
– OSI Physical & data Link layer
– Originally designed for use across
ISDN
• Supported Protocols
– IP, DECnet, AppleTalk, Xerox
Network Service (XNS), Novell IPX,
Banyan Vines, Transparent Bridging,
& ISO
Before Frame Relay
After Frame Relay
Frame Relay
• Purpose
– Provide a communications
interface between DTE & DCE
equipment
– Connection-oriented Data Link
layer communication
• Via virtual circuits
• Provides a complete path from the
source to destination before sending
the first frame
Frame Relay Terminology
Frame Relay Encapsulation
• Specified on serial interfaces
• Encapsulation types:
– Cisco (default encapsulation type)
– IETF (used between Cisco & nonCisco devices)
RouterA(config)#int s0
RouterA(config-if)#encapsulation framerelay ?
ietf Use RFC1490 encapsulation
<cr>
Data Link Connection Identifiers
(DLCIs)
• Frame Relay PVCs are identified by DLCIs
• IP end devices are mapped to DLCIs
– Mapped dynamically or mapped by IARP
• Global Significance:
– Advertised to all remote sites as the same PVC
• Local Significance:
– DLCIs do not need to be unique
• Configuration
RouterA(config-if)#frame-relay interface-dlci ?
<16-1007> Define a DLCI as part of the current
subinterface
RouterA(config-if)#frame-relay interface-dlci 16
DLCI’s are Locally Significant
Local Management
Interface (LMI)
• Background
• Purpose
• LMI Messages
– Keepalives
– Multicasting
– Multicast addressing
– Status of virtual circuits
LMI Types
• Configuration:
RouterA(config-if)#frame-relay lmi-type ?
cisco
ansi
q933a
– Beginning with IOS ver 11.2+ the LMI
type is auto-sensed
– Default type: cisco
• Virtual circuit status:
– Active
– Inactive
– Deleted
Sub-interfaces
• Definition
– Multiple virtual circuits on a single
serial interface
– Enables the assignment of different
network-layer characteristics to each
sub-interface
• IP routing on one sub-interface
• IPX routing on another
– Mitigates difficulties associated with:
• Partial meshed Frame Relay networks
• Split Horizon protocols
Partial Meshed Networks
Creating Sub-interfaces
Configuration:
#1: Set the encapsulation on the serial interface
#2: Define the subinterface
RouterA(config)#int s0
RouterA(config)#encapsulation frame-relay
RouterA(config)#int s0.?
<0-4294967295> Serial interface number
RouterA(config)#int s0.16 ?
multipoint
Treat as a multipoint link
point-to-point
Treat as a point-to-point link
Mapping Frame Relay
Necessary to IP end devices to
communicate
– Addresses must be mapped to
the DLCIs
– Methods:
• Frame Relay map command
• Inverse-arp function
Using the map command
RouterA(config)#int s0
RouterA(config-if)#encap frame
RouterA(config-if)#int s0.16 point-to-point
RouterA(config-if)#no inverse-arp
RouterA(config-if)#ip address 172.16.30.1 255.255.255.0
RouterA(config-if)#frame-relay map ip 172.16.30.17 16
ietf broadcast
RouterA(config-if)#frame-relay map ip 172.16.30.18 17
broadcast
RouterA(config-if)#frame-relay map ip 172.16.30.19 18
Using the inverse arp
command
RouterA(config)#int s0.16 point-to-point
RouterA(config-if)#encap frame-relay ietf
RouterA(config-if)#ip address 172.16.30.1
255.255.255.0
Congestion Control
• Discard Eligibility (DE)
• Forward-Explicit Congestion
Notification (FECN)
• Backward-Explicit Congestion
Notification (BECN)
Committed Information
Rate (CIR)
• Definition: Provision allowing
customers to purchase amounts of
bandwidth lower than what they
might need
– Cost savings
– Good for bursty traffic
– Not good for constant amounts of
data transmission
Monitoring Frame Relay
RouterA>sho frame ?
ip
show frame relay IP statistics
lmi
show frame relay lmi statistics
map
Frame-Relay map table
pvc
show frame relay pvc statistics
route show frame relay route
traffic Frame-Relay protocol statistics
RouterA#sho int s0
RouterB#show frame map
Router#debug frame-relay lmi
Troubleshooting Frame Relay
Why can’t RouterA talk to RouterB?
Troubleshooting Frame Relay
Why is RIP not sent across the PVC?
Introduction to VPN’s
• VPNs are used daily to give
remote users and disjointed
networks connectivity over a
public medium like the Internet
instead of using more
expensive permanent means.
42
Types of VPN’s
• REMOTE ACCESS VPNS
Remote access VPNs allow remote users like telecommuters to securely
access the corporate network wherever and whenever they need to.
• SITE-TO-SITE VPNS
Site-to-site VPNs, or, intranet VPNs, allow a company to connect its remote
sites to the corporate backbone securely over a public medium like the
Internet instead of requiring more expensive WAN connections like Frame
Relay.
• EXTRANET VPNS
Extranet VPNs allow an organization’s suppliers, partners, and customers to
be connected to the corporate network in a limited way for business-tobusiness (B2B) communications.
43
Written Labs and Review
Questions
– Open your books and go through all the
written labs and the review questions.
– Review the answers in class.
44