1 / 45

Instructor & Todd Lammle

Instructor & Todd Lammle. Sybex CCNA 640-802 Chapter 14: Wide Area Networks. Chapter 14 Objectives. The CCNA Topics Covered in this chapter include: Introduction to WAN’s HDLC PPP Frame Relay Introduction to VPN’s. 2. Defining WAN Terms. Customer Premises Equipment (CPE)

cedric
Télécharger la présentation

Instructor & Todd Lammle

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Instructor & Todd Lammle Sybex CCNA 640-802 Chapter 14: Wide Area Networks

  2. Chapter 14 Objectives The CCNA Topics Covered in this chapter include: • Introduction to WAN’s • HDLC • PPP • Frame Relay • Introduction to VPN’s 2

  3. Defining WAN Terms • Customer Premises Equipment (CPE) • Demarcation (demarc) • Local loop • Central Office (CO) • Toll network

  4. WAN Connection Types

  5. DTE-DCE-DTE Channel Service Unit (CSU) is a device that converts a digital data frame from the communications technology used on a local area network (LAN) into a frame appropriate to a wide-area network (WAN) and vice versa. The Data Service Unit (DSU) is a device that performs protective and diagnostic functions for a telecommunications line.

  6. WAN Support • Frame Relay • ISDN: Integrated Services Digital Network • LAPB: Link Access Procedure, Balanced • LAPD: Link Access Procedure, D-channel • HDLC: High-level Data Link Control • PPP • ATM: Asynchronous Transfer Mode

  7. HDLC Protocol • Bit-oriented Data Link layer ISO standard protocol, i.e., control information is encoded by bits • Specifies a data encapsulation method on synchronous serial data links • A point-to point protocol used on leased lines • No authentication can be used

  8. HDLC Frame Format

  9. Point-to-Point Protocol (PPP) • Purpose: • Transport layer-3 packets across a Data Link layer point-to-point link • Can be used over asynchronous serial (dial-up) or synchronous serial (ISDN) media • Uses Link Control Protocol (LCP) • Builds & maintains data-link connections

  10. Point-to-Point Protocol Stack

  11. PPP Main Components • EIA/TIA-232-C • Intl. Std. for serial communications • HDLC • Serial link datagram encapsulation method • LCP • Used in P-t-P connections: • Establishing • Maintaining • Terminating • NCP • Method of establishing & configuring Network Layer protocols • Allows simultaneous use of multiple Network layer protocols

  12. LCP Configuration Options • Authentication • PAP: Password Authentication Protocol • CHAP: Challenge Handshake Authentication Protocol • Compression • Stacker • Predictor • Error detection • Quality • Magic Number • Multilink • Splits the load for PPP over 2+ parallel circuits; a bundle

  13. PPP Session Establishment • Link-establishment phase • Authentication phase • Network-layer protocol phase

  14. PPP Session Establishment

  15. PPP Authentication Methods • Password Authentication Protocol (PAP) • Passwords sent in clear text • Remote node returns username & password • Only performed in initial link establishment • Challenge Handshake Authentication Protocol (CHAP) • Done at start-up & periodically • Challenge & Reply • Remote router sends a one-way hash ~ MD5

  16. Configuring PPP • Step #1: Configure PPP on RouterA & RouterB: Router__#config t Router__(config)#int s0 Router__(config-if)#encapsulation ppp Router__(config-if)#^Z • Step #2: Define the username & password on each router: • RouterA: RouterA(config)#username RouterB password cisco • RouterB: RouterB(config)#username RouterA password cisco NOTE: (1) Username maps to the remote router (2) Passwords must match • Step #3: Choose Authentication type for each router; CHAP/PAP Router__(Config)#int s0 Router__(config-if)#ppp authentication chap Router__(config-if)#ppp authentication pap Router__(config-if)#^Z

  17. PPP Example 1

  18. PPP Example 2: Failed PPP authentication

  19. PPP Example 3:Mismatched WAN Encapsulations

  20. PPP Example 4:Mismatched IP Address

  21. Frame Relay • Background • High-performance WAN encapsulation method • OSI Physical & data Link layer • Originally designed for use across ISDN • Supported Protocols • IP, DECnet, AppleTalk, Xerox Network Service (XNS), Novell IPX, Banyan Vines, Transparent Bridging, & ISO

  22. Before Frame Relay

  23. After Frame Relay

  24. Frame Relay • Purpose • Provide a communication interface between DTE & DCE equipments • Connection-oriented Data Link layer communication • Via virtual circuits: PVC, SVC • Provides a complete path from the source to destination before sending the first frame

  25. Frame Relay Terminology

  26. Frame Relay Encapsulation • Specified on serial interfaces • Encapsulation types: • Cisco (default encapsulation type) • IETF (used between Cisco & non-Cisco devices) RouterA(config)#int s0 RouterA(config-if)#encapsulation frame-relay ? ietf Use RFC1490 encapsulation <cr>

  27. Data Link Connection Identifiers (DLCIs) • Frame Relay PVCs are identified by DLCIs • IP end devices are mapped to DLCIs • Mapped dynamically or mapped by IARP • Global Significance: • Advertised to all remote sites as the same PVC, need LMI extensions • Local Significance: • DLCIs do not need to be unique • Configuration RouterA(config-if)#frame-relay interface-dlci ? <16-1007> Define a DLCI as part of the current subinterface RouterA(config-if)#frame-relay interface-dlci 16

  28. DLCI’s are Locally Significant

  29. Local Management Interface (LMI) • Background: a signaling standard between a router and the first connected frame relay switch • Purpose: passing information about the operation and status of the VC between the DTE and switch • LMI Messages • Keepalives • Multicasting • Global addressing • Status of virtual circuits

  30. LMI Types • Configuration: RouterA(config-if)#frame-relay lmi-type ? cisco ansi q933a • Beginning with IOS ver 11.2+ the LMI type is auto-sensed • Default type: cisco • Virtual circuit status: • Active: everything is up, routers can exchange information • Inactive: router interface is up and connected with the switch, but the remote router is not up • Deleted: no LMI info is being received on the interface from the switch

  31. Single interfaces RouterA(config)#int s0/0 RouterA(config-if)#encapsulation frame-relay RouterA(config-if)#ip address 172.16.20.1 255.255.255.0 RouterA(config-if)#frame-relay lmi-type ansi RouterA(config-if)#frame-relay interface-dlci 101 RouterA(config-if)#^Z

  32. Sub-interfaces • Definition • Multiple virtual circuits on a single serial interface: multiplexing • Enables the assignment of different network-layer characteristics to each sub-interface • IP routing on one sub-interface • IPX routing on another • Mitigates difficulties associated with: • Partial meshed Frame Relay networks • Split Horizon protocols

  33. Creating Sub-interfaces Configuration: #1: Set the encapsulation on the serial interface #2: Define the subinterface RouterA(config)#int s0 RouterA(config)#encapsulation frame-relay RouterA(config)#int s0.? <0-4294967295> Serial interface number RouterA(config)#int s0.16 ? multipoint Treat as a multipoint link point-to-point Treat as a point-to-point link

  34. Sub-interfaces Point-to-point: a single virtual circuit connects one router to another. Each p-t-p subinterface requires its own subnet. Multipoint: when the router is the center of a star of virtual circuits that are using a single subnet for all routers’ serial interfaces connected to the switch.

  35. Mapping Frame Relay Necessary to IP end devices to communicate • Addresses must be mapped to the DLCIs • Methods: • Frame Relay map command • Inverse-arp function

  36. Using the map command RouterA(config)#int s0 RouterA(config-if)#encap frame RouterA(config-if)#int s0.16 point-to-point RouterA(config-subif)#no inverse-arp RouterA(config-subif)#ip address 172.16.30.1 255.255.255.0 RouterA(config-subif)#frame-relay map ip 172.16.30.17 16 ietf broadcast

  37. Using the inverse arp command RouterA(config)#int s0.16 point-to-point RouterA(config-subif)#encap frame-relay ietf RouterA(config-subif)#ip address 172.16.30.1 255.255.255.0 RouterA(config-subif)#frame-relay interface-dlci 200

  38. Committed Information Rate (CIR) • Definition: Provision allowing customers to purchase amounts of bandwidth lower than what they might need • Cost savings • Good for bursty traffic • Not good for constant amounts of data transmission

  39. Congestion Control • Discard Eligibility (DE): • Transmit packets beyond the CIR, the packets exceeding the CIR are to be discarded if network is congested at that time. These excessive bits are marked with a DE bit. • Forward-Explicit Congestion Notification (FECN) • When the frame relay network recognizes congestion in the cloud, the FECN bit will be set to 1 to notify the destination DTE that the path the frame just traversed is congested. • Backward-Explicit Congestion Notification (BECN) • When the switch detects congestions, it’ll set the BECN bit in a frame that’s destined for the source router.

  40. Monitoring Frame Relay RouterA>sho frame ? ip show frame relay IP statistics lmi show frame relay lmi statistics map Frame-Relay map table pvc show frame relay pvc statistics route show frame relay route traffic Frame-Relay protocol statistics RouterA#sho int s0 RouterB#show frame map Router#debug frame-relay lmi

  41. Troubleshooting Frame Relay Why can’t RouterA talk to RouterB? You need to use your own DLCI number 100 instead of the remote DLCI number to communicate with the switch.

  42. Troubleshooting Frame Relay Why is RIP not sent across the PVC? Because frame relay is a non-broadcast multi-access network, i.e., no broadcast across the PVC. So it’s necessary to add broadcast in the mapping statement.

  43. Introduction to VPN’s • VPNs are used daily to give remote users and disjointed networks connectivity over a public medium like the Internet instead of using more expensive permanent means. 43

  44. Types of VPN’s • REMOTE ACCESS VPNS Remote access VPNs allow remote users like telecommuters to securely access the corporate network wherever and whenever they need to. • SITE-TO-SITE VPNS Site-to-site VPNs, or, intranet VPNs, allow a company to connect its remote sites to the corporate backbone securely over a public medium like the Internet instead of requiring more expensive WAN connections like Frame Relay. • EXTRANET VPNS Extranet VPNs allow an organization’s suppliers, partners, and customers to be connected to the corporate network in a limited way for business-to-business (B2B) communications. 44

  45. Written Labs and Review Questions • Open your books and go through all the written labs and the review questions. • Review the answers in class. 45

More Related