bitmindframes

Prepare your router for the Wide Area Network.

Cisco devices use HLDC encapsulation by default.

Serial COMMUNICATION
Serial connections send 1 data bit at a time when transmitting.
Parallel Connections send multiple bits simultaneously.
Theoretically an 8 bit parallel bus, transfers data 8X faster.
Serial connections can be clocked much faster than parallel links.
2 of the main factors that affect parallel communication are clock skew & cross talk.
Clock skew - some parallel bits arrive later than others.
Overcoming clock skew is difficult & involves clocking.

Cross-Talk - crosstalk normally refers to a signal affecting another nearby signal.

SERIAL STANDARDS
Data is encapsulated by the protocol on the sending router.

A frame is sent on a physical medium in various ways, but receiving router uses the same protocol to de-encapsulate.
There are 3 key serial standards for LAN - WAN connections.

RS-232 - 9 pin, 25 pin & rj45
V.35 typical for modem to multiplexer
HSSI - supports rates up to 52Mbs often used in T3 (seen on h end cisco routers)

TIME DIVISION MULTIPLEXING
Bell labs invented TDM to maximize voice traffic.
Before multiplexing each cell required its own link.
TDM transmits 2 or more channels on the same link by allocating a time
slot for each channel.
Channels take turns using the link.
TDM is a L1 concept - INDEPENDENT of L2
ANALOGOUS to highway traffic - traffic from four roads can fit on one lane.

STATISCTICAL TDM
STDM was developed to overcome inefficiency.
STDM uses variable time slot allowing channels to compete for any free space on the line.
It employs buffer memory

TRUNK CARRIERS
The original unit used MUXing telephone calls is 64kbs
This is referred to as DS0

In N.A. 24 DS0 = T1 / elsewhere 32 DS0 = E1
T1 is more correctly referred to as DS1
T-carriers refer to the bundling of DS0’s

DEMARC
Prior to deregultion in N.A. telcos owned the local loop including the
wiring & equip on customer premis.
Deregulation forced telcos to allow other suppliers to provide
equipment & services.
This led to a need for a demarc.
In the US the customer provides the NTU while elsewhere it is provided
& mangaed by the provider.
This allows the service provider to actively manage and troubleshoot
the local loop.
This international difference may impact interfaces on WAN routers
*some may have dce built in.

HDLC ENCAPSULATION
HDLC is a synchronous protocol from ISO.
Allows for flow control & error control with ACKs.
Cisco developed an extension to HDLC to provide multiprotocol support.
Cisco’s HDLC, cHDLC is proprietary.
HDLC defines 3 types of frames, each with a different control field format.
I information
S supervisory
U unnumbered

CONFIG HDLC
Cisco hdlc is the default encapsulation & does not normally need to be configured.
If you are connecting to a non-cisco device use PPP.
If the default encap method has been changed use:
R1(config-if)#encapsulation hdlc

TROUBLESHOOTING A SERIAL INTERFACE

R1#show int serial
If hdlc is config it should be reflected in the output

R1#show controllers
The output indicates if DCE or DTE cable is attached
If the int is UNKNOWN the likely problem is an improperly connected
cable & the line will be down.

PPP
To connect to a non-cisco router use PPP.
PPP also has other advantages:
Link quality mgmt feature - PPP can take bad links down
Support for PAP & CHAP authentication
Compression - Increases throughput on slow links
Multilink - Link aggregation

PPP contains 3 main components :
HDLC for encapsulating L3 over point to point links.
LCP to establish, configure & test L2 connection.
Family of NCPs for configuration different protocols.

NCP (network control protocol)

PPP ARCHITECTURE
PPP uses a layered architecture.
PPP & OSI share same physical layer but PPP ditributes LCP & NCP differently.
AT L1 PPP runs on Async, Sync, HSSI & ISDN lines.
Most of the work done by PPP is at the data link & network layer by LCP & NCP’s.
LCP sets up the PPP connection & parameters.
NCP handle L3 configurations.
LCP terminates PPP connections.

LCP
LCP sits on top of the physical layer & establishes configures & tests
the data link connection.
LCP establishes the P2P link, negotiates & sets up control options on
the WAN data link.
LCP provides the following services:
Handling varying limits on packet size
Detecting common misconfiguration issues
Terminating the link
Determining when link is functioning or not
Setting up authentication compression & error detection

NCP
PPP permits multiple L3 protocols on the same link
For every L3 protocol used PPP uses a separate NCP
e.g. ICPCP, CDPCP, IPXCP, ATCP
Each NCP manages the specific needs required by its respective network
layer protocols

ESTABLISHING A PPP CONNECTION
There are 3 phases to establishing a PPP connection
1 . LINK establishment & configuration negotiation - This phase is
complete when the receiver sends a confACK frame back to the
initiating router
2 . LINK quality determination (optional)
3 . Network layer protocol config negotiation - Appropriate ncp
separately configures L3
If LCP closes the link it informs L3

PPP CONFIG OPTIONS
PPP can be config for:
Authentication, using PAP or CHAP
Compression, using Stacker or Predictor
Multilink which combines 2 or more lines

To negotiate options the LCP frames contain option info in the data field
If an option is not included in the frame > default is assumed
This phase is complete when confACK has been sent & received

NCP PROCESS
NCP can carry 2 or more L3 protocols simultaneously
Each network protocol has a correspondng NCP & RFC
When NCP has successfully completed, the network protocol is in the
OPEN STATE on the established LCP link.

PPP CONFIG OPTIONS
COMPRESSION - increases the effective throughput by reducing the
amount of data travelling across a link

ERROR DETECTION - identifies fault conditions. The qulity & magic #
options help ensure reliable loop free link

Multilink - a method for load balancing / link aggregation

PPP CALLBACK - a router can act as a callback client or a callback server

PPP Configuration Commands
Before you actually configure PPP on a serial interface, we will look
at the commands and the syntax of these commands as shown in the
figure. This series of examples shows you how to configure PPP and
some of the options.

Example 1: Enabling PPP on an Interface

To set PPP as the encapsulation method used by a serial or ISDN
interface, use the encapsulation ppp interface configuration command.

The following example enables PPP encapsulation on serial interface 0/0:

R3#configure terminal

R3(config)#interface serial 0/0

R3(config-if)#encapsulation ppp

The encapsulation ppp command has no arguments, however, you must
first configure the router with an IP routing protocol to use PPP
encapsulation. You should recall that if you do not configure PPP on a
Cisco router, the default encapsulation for serial interfaces is HLDC.

Example 2: Compression

You can configure point-to-point software compression on serial
interfaces after you have enabled PPP encapsulation.
Because this option invokes a software compression process, it can
affect system performance.
If the traffic already consists of compressed files (.zip, .tar, or
.mpeg, for example), do not use this option.

To configure compression over PPP, enter the following commands:

R3(config)#interface serial 0/0

R3(config-if)#encapsulation ppp

R3(config-if)#compress predictor | stac

Example 3: Link Quality Monitoring

Recall from our discussion on LCP phases that LCP provides an optional
link quality determination phase. In this phase, LCP tests the link to
determine whether the link quality is sufficient to use Layer 3
protocols. The command ppp qualitypercentage ensures that the link
meets the quality requirement you set; otherwise, the link closes
down.

The percentages are calculated for both incoming and outgoing
directions. The outgoing quality is calculated by comparing the total
number of packets and bytes sent to the total number of packets and
bytes received by the destination node. The incoming quality is
calculated by comparing the total number of packets and bytes received
to the total number of packets and bytes sent by the destination node.

If the link quality percentage is not maintained, the link is deemed
to be of poor quality and is taken down. Link Quality Monitoring (LQM)
implements a time lag so that the link does not bounce up and down.

This example configuration monitors the data dropped on the link and
avoids frame looping:

R3(config)#interface serial 0/0

R3(config-if)#encapsulation ppp

R3(config-if)#ppp quality 80

Use the no ppp quality command to disable LQM.

Example 4: Load Balancing Across Links

Multilink PPP (also referred to as MP, MPPP, MLP, or Multilink)
provides a method for spreading traffic across multiple physical WAN
links while providing packet fragmentation and reassembly, proper
sequencing, multivendor interoperability, and load balancing on
inbound and outbound traffic.

MPPP allows packets to be fragmented and sends these fragments
simultaneously over multiple point-to-point links to the same remote
address. The multiple physical links come up in response to a
user-defined load threshold. MPPP can measure the load on just inbound
traffic, or on just outbound traffic, but not on the combined load of
both inbound and outbound traffic.

The following commands perform load balancing across multiple links:

Router(config)#interface serial 0/0

Router(config-if)#encapsulation ppp

Router(config-if)#ppp multilink

The multilink command has no arguments. To disable PPP multilink, use
the no ppp multilink command.

VERIFY PPP
R1#show interfaces

*verify proper encapsulation
Encapsulation PPP, LCP OPEN
OPEN : IPCP, CDPCP
2nd line indicates that NCP completed successfully

TROUBLESHOOTING PPP
R1#debug ppp

R1#debug ppp packet
(o) output packet
(i) input packet
STATE = OPEN - PPP STATE
Magic = D21B4 - magic number for indicated node

R1#debug ppp negotiation
ppp : sending confREQ -config request
ppp SERIAL4 : state = ACKSENT
ppp : config ACK received
ppp : ipcp_reqco : returning confACK

AUTHENTICATION
PPP allows authentication of peers before allowing L3
PAP is a very basic process 2 way handshake
No encryption - username & pass sent in plain text
CHAP uses a hashed shared secret 3 way handshake
Authentication may be 1 way or 2 way

PAP configuration
R1(config-if)#ppp authentication pap
Username & pass are sent in one LCP frame
The server side does not prompt & wait for a response
The client just keeps asking to authenticate the receiving node to
acknowledges it or terminates the connection
At the receiving node the credentials are checked & an accept or
reject message is returned
Vulnerable to playback or trial and error attacks

CHAP AUTHENTICATION
PAP onlu authenticates at startup & assumes all is well
CHAP conducts periodic changes
The password value is changed unpredictably
R1(config-if)#ppp authentication chap
The remote node responds with a one way hash value typically MD5 based
on a password & challenge msg
The server checks the response against its own calculation
Protects against playback by using a variable challenge
Uses periodic & variable challenge limiting the time of exposure. The
server controls the frequency & timing

AUTHENTICATION CONFIG
Both chap & pap can be specified at the same time
R1(config-if)#ppp authentication chap pap | pap chap
The first method that works will be used
PAP requires name & pass to be checked against a local database

AUTHENTICATION CONFIG
The PAP username/password sent must match the other router
RTRA(config-if)# ppp pap sent-username fred password 123
RTRB(config)#username fred password 123

With CHAP the hostname on one router must match the username the other
router has config
With chap the passwords must match

TROUBLESHOOTING PPP
R1#debug ppp authentication

2 way handshake vs 2 way authentication
2 way handshake initializes the connections but when using
authentication both routers will do the 2 way handshake so they are
both authenticating each other.

Tags: study, ip, 802.1q, wan, vtp, vlan