Professional Documents
Culture Documents
ITE I Chapter 6
Cisco Public
Objectives
In this chapter, you will learn to:
Describe the fundamental concepts of point-to-point serial communication. Describe key PPP concepts. Configure PPP encapsulation. Explain and configure PAP and CHAP authentication.
ITE 1 Chapter 6
Cisco Public
A parallel connection sends the bits over more wires simultaneously. In the 25-pin parallel port on your PC, there are 8 data wires to carry 8 bits simultaneously.
The parallel link theoretically transfers data eight times faster than a serial connection.
In reality, it is often the case that serial links can be clocked considerably faster than parallel links, and they achieve a higher data rate
Two factors that affect parallel communications: clock skew and crosstalk interference.
3
ITE 1 Chapter 6
Cisco Public
Interference
Parallel wires are physically bundled in a parallel cable. The possibility of crosstalk across the wires requires more processing. Since serial cables have fewer wires, there is less crosstalk, and network devices transmit serial communications at higher, more efficient frequencies.
ITE 1 Chapter 6 2006 Cisco Systems, Inc. All rights reserved. Cisco Public
There are three key serial communication standards affecting LAN-to-WAN connections:
RS-232 - Most serial ports on personal computers conform to the RS-232C standards.
Both 9-pin and 25-pin connectors are used. It be used for device, including modems, mice, and printers.
ITE 1 Chapter 6
Cisco Public
ITE 1 Chapter 6
Cisco Public
The multiplexer (MUX) accepts input from attached devices in a round-robin fashion and transmits the data in a never-ending pattern.
The MUX puts each segment into a single channel by inserting each segment into a timeslot. A MUX at the receiving end separate data streams based only on the timing of the arrival of each bit. A technique called bit interleaving keeps track of the sequence of the bits so that they can be efficiently reassembled into their original form upon receipt.
ITE 1 Chapter 6 2006 Cisco Systems, Inc. All rights reserved. Cisco Public
ITE 1 Chapter 6
Cisco Public
On a larger scale, the industry uses the SONET or SDH for optical transport of TDM data.
SONET, used in North America, and SDH, used elsewhere, for synchronous TDM over fiber. SONET/SDH takes n bit streams, multiplexes them, and optically modulates the signal, sending it out using a light emitting device over fiber with a bit rate equal to (incoming bit rate) x n. Thus traffic arriving at the SONET multiplexer from four places at 2.5 Gb/s goes out as a single stream at 4 x 2.5 Gb/s, or 10 Gb/s.
SDH - Synchronous Digital Hierarchy SONET - Synchronous optical networking
ITE 1 Chapter 6
Cisco Public
10
E1: Outside North America, 32 DS0 units are multiplexed for E1 transmission at 2.048 Mb/s.
ITE 1 Chapter 6
Cisco Public
11
Demarcation Point
The demarcation point marks the point where your network interfaces with the network owned by another organization.
This is the interface between customer-premises equipment (CPE) and network service provider equipment. The demarcation point is the point in the network where the responsibility of the service provider ends.
In other countries, the network terminating unit (NTU) is provided and managed by the service provider.
The customer connects a CPE device, such as a router or frame relay access device, to the NTU using a V.35 or RS-232 serial interface.
ITE 1 Chapter 6 2006 Cisco Systems, Inc. All rights reserved. Cisco Public
12
The DCE, commonly a modem or CSU/DSU, is the device used to convert the user data from the DTE into a form acceptable to the WAN service provider transmission link.
This signal is received at the remote DCE, which decodes the signal back into a sequence of bits. The remote DCE then signals this sequence to the remote DTE.
The connection between the two DCE devices is the WAN service provider transmission network.
13
14
The Router-to-Router
When using a null modem, keep in mind that synchronous connections require a clock signal. When using a null modem cable in a router-torouter connection, one of the serial interfaces must be configured as the DCE end to provide the clock signal for the connection.
ITE 1 Chapter 6
Cisco Public
15
Your PC also has a Universal Asynchronous Receiver/Transmitter (UART) chip on the motherboard. The UART is the DTE agent of your PC and communicates with the modem or other serial device, which, in accordance with the RS-232C standard, has a complementary interface called the DCE interface.
The data in your PC flows along parallel circuits, the UART chip converts the groups of bits in parallel to a serial stream of bits.
ITE 1 Chapter 6 2006 Cisco Systems, Inc. All rights reserved. Cisco Public
16
Serial Line Internet Protocol (SLIP) - A standard protocol for point-to-point serial connections using TCP/IP.
SLIP has been largely displaced by PPP.
X.25/Link Access Procedure, Balanced (LAPB) - X.25 specifies LAPB, a data link layer protocol.
X.25 is a predecessor to Frame Relay.
Frame Relay - Frame Relay eliminates some of the timeconsuming processes (such as error correction and flow control) employed in X.25. ATM - The cell relay in which devices send multiple service types (voice, video, or data) in fixed-length (53-byte) cells.
Fixed-length cells allow processing to occur in hardware, thereby reducing transit delays.
With SLIP, you have to know the IP address assigned to you by your service provider. You also need to know the IP address of the remote system you will be dialing into. You may also need to configure such details as MTU (maximum transmission unit), MRU (maximum receive unit), etc.
17
ITE 1 Chapter 6
Cisco Public
HDLC Encapsulation
HDLC is a bit-oriented synchronous data link layer protocol developed by the International Organization for Standardization (ISO).
HDLC was developed from the Synchronous Data Link Control (SDLC) standard proposed in the 1970s. HDLC provides both connection-oriented and connectionless service. HDLC defines a Layer 2 framing structure that allows for flow control and error control through the use of acknowledgments. HDLC uses a frame delimiter, or flag, to mark the beginning and the end of each frame.
Cisco has developed an extension to the HLDC protocol to solve the inability to provide multiprotocol support.
Cisco HLDC (also referred to as cHDLC) is proprietary Cisco HDLC frames contain a field for identifying the network protocol being encapsulated.
ITE 1 Chapter 6
Cisco Public
18
Address - The address field contains the HDLC address of the secondary station.
This address can contain a specific address, a group address, or a broadcast address.
Control - HDLC defines three types of frames, each with a different control field format:
Information (I) frame: I-frames carry upper layer information and some control information. Supervisory (S) frame: S-frames provide control information. Unnumbered (U) frame: U-frames support control purposes and are not sequenced.
Protocol - (only in Cisco HDLC) It specifies the protocol type encapsulated within the frame (e.g. 0x0800 for IP). Data - The data field contains a path information unit (PIU) or exchange identification (XID) information. Frame check sequence (FCS) - The FCS precedes the ending flag delimiter and is usually a cyclic redundancy check (CRC) calculation remainder.
ITE 1 Chapter 6 2006 Cisco Systems, Inc. All rights reserved. Cisco Public
19
If you are connecting to a non-Cisco device, use synchronous PPP. There are two steps to enable HDLC encapsulation:
Step 1. Enter the interface configuration mode of the serial interface. Step 2. Enter the encapsulation hdlc command to specify the encapsulation protocol on the interface.
The output of the show interfaces serial command displays information specific to serial interfaces. When HDLC is configured, "Encapsulation HDLC"
ITE 1 Chapter 6
Cisco Public
20
Serial x is down, line protocol is down Serial x is up, line protocol is down Serial x is up, line protocol is up (looped) Serial x is up, line protocol is down (disabled) Serial x is administratively down, line protocol is down
ITE 1 Chapter 6
Cisco Public
21
ITE 1 Chapter 6
Cisco Public
22
ITE 1 Chapter 6
Cisco Public
23
ITE 1 Chapter 6
Cisco Public
24
ITE 1 Chapter 6
Cisco Public
25
ITE 1 Chapter 6
Cisco Public
26
What is PPP?
Recall that HDLC is the default serial encapsulation method when you connect two Cisco routers.
Cisco HDLC can only work with other Cisco devices.
However, when you need to connect to a non-Cisco router, you should use PPP encapsulation. PPP includes many features not available in HDLC:
The link quality management feature monitors the quality of the link. If too many errors are detected, PPP takes the link down. PPP supports PAP and CHAP authentication.
ITE 1 Chapter 6
Cisco Public
27
PPP does not impose any restrictions regarding transmission rate other than those imposed by the particular DTE/DCE interface in use. Most of the work done by PPP is at the data link and network layers by the LCP and NCPs.
The LCP sets up the PPP connection and its parameters The NCPs handle higher layer protocol configurations, and the LCP terminates the PPP connection.
ITE 1 Chapter 6
Cisco Public
28
The LCP provides automatic configuration of the interfaces at each end, including:
Handling varying limits on packet size Detecting common misconfiguration errors Terminating the link Determining when a link is functioning properly or when it is failing
PPP also uses the LCP to agree automatically on encapsulation formats (authentication, compression, error detection) as soon as the link is established.
ITE 1 Chapter 6
Cisco Public
29
NCPs include functional fields containing standardized codes (PPP protocol field numbers shown in the figure) to indicate the network layer protocol that PPP encapsulates.
Each NCP manages the specific needs required by its respective network layer protocols. The various NCP components encapsulate and negotiate options for multiple network layer protocols.
ITE 1 Chapter 6 2006 Cisco Systems, Inc. All rights reserved. Cisco Public
30
ITE 1 Chapter 6
Cisco Public
31
The link remains configured for communications until explicit LCP or NCP frames close the link, or until some external event occurs.
This happen because of the loss of the carrier, authentication failure, link quality failure, the expiration of idle-period timer, or administrative closing the link.
ITE 1 Chapter 6 2006 Cisco Systems, Inc. All rights reserved. Cisco Public
32
Link-maintenance frames manage and debug a link (Code-Reject, Protocol-Reject, Echo-Request, EchoReply, and Discard-Request)
Echo-Request, Echo-Reply, and Discard-Request - These frames can be used for testing the link.
33
LCP Packet
Each LCP packet is a single LCP message consisting of
Code field identifying the type of LCP packet,
The code field of the LCP packet identifies the packet type according to the table.
Identifier field so that requests and replies can be matched, Length field indicating the size of the LCP packet Data: Packet type-specific data.
ITE 1 Chapter 6
Cisco Public
34
To negotiate the use of these PPP options, the LCP link-establishment frames contain Option information in the Data field of the LCP frame. This phase is complete when a configuration acknowledgment frame has been sent and received.
ITE 1 Chapter 6 2006 Cisco Systems, Inc. All rights reserved. Cisco Public
35
NCP Process
After the LCP has configured and authenticated the basic link, the appropriate NCP of the network layer protocol being used.
There are NCPs for IP, IPX, AppleTalk, and others.
IPCP Example
After LCP has established the link, the routers exchange IPCP messages, negotiating options specific to the protocol. IPCP negotiates two options: Compression - Allows devices to negotiate an algorithm to compress TCP and IP headers and save bandwidth. IP-Address - Allows the initiating device to specify an IP address to use for routing IP over the PPP link, or to request an IP address for the responder. Dialup network links commonly use the IP address option. When the NCP process is complete, the link goes into the open state and LCP takes over again.
ITE 1 Chapter 6
Cisco Public
36
ITE 1 Chapter 6
Cisco Public
37
Compression - Increases the effective throughput on PPP connections by reducing the amount of data in the frame that must travel across the link.
Two compression are Stacker and Predictor.
Multilink - Cisco IOS Release 11.1 and later supports multilink PPP.
This alternative provides load balancing over the router interfaces that PPP uses.
PPP Callback - To enhance security, Cisco IOS Release 11.1 and later offers callback over PPP.
The client makes the initial call, requests that the server call it back, and terminates its initial call.
ITE 1 Chapter 6 2006 Cisco Systems, Inc. All rights reserved. Cisco Public
38
Example 2: Compression
You can configure point-to-point compression on serial interfaces after you have enabled PPP. Because this option invokes a software compression process, it can affect system performance. If the traffic already consists of compressed files (.zip, .tar, or .mpeg, for example), do not use this option. R3(config)#interface serial 0/0 R3(config-if)#encapsulation ppp R3(config-if)#compress [predictor | stac]
Why?
ITE 1 Chapter 6
Cisco Public
39
ITE 1 Chapter 6
Cisco Public
40
ITE 1 Chapter 6
Cisco Public
41
Use the debug ppp command to display information about the operation of PPP.
ITE 1 Chapter 6
Cisco Public
42
Look at each line in the output and match it to the meaning of the field.
PPP - PPP debugging output. Serial2 - Interface number associated with this debugging information. (o), O - The detected packet is an output packet. (i), I - The detected packet is an input packet. lcp_slqr() - Procedure name; running LQM, send a Link Quality Report (LQR). lcp_rlqr() - Procedure name; running LQM, received an LQR. input (C021) - Router received a packet of the specified packet type (in hexadecimal). A value of C025 indicates packet of type LQM. state = OPEN - PPP state; normal state is OPEN. magic = D21B4 - Magic Number for indicated node; when output is indicated, this is the Magic Number of the node on which debugging is enabled. The actual Magic Number depends on whether the packet detected is indicated as I or O.
ITE 1 Chapter 6 2006 Cisco Systems, Inc. All rights reserved. Cisco Public
43
ITE 1 Chapter 6
44
Look at each line in the output and match it to the meaning of the field.
PPP - PPP debugging output. Serial3(i) - Interface number associated with this debugging information; indicates that this is an input packet. rlqr receive failure - Receiver does not accept the request to negotiate the Quality Protocol option. myrcvdiffp = 159 - Number of packets received over the time period specified. peerxmitdiffp = 41091 - Number of packets sent by the remote node over this period. myrcvdiffo = 2183 - Number of octets received over this period. peerxmitdiffo = 1714439 - Number of octets sent by the remote node over this period. threshold = 25 - Maximum error percentage acceptable on this interface. You calculate this percentage using the threshold value entered in the ppp quality percentage interface configuration command. A value of 100 minus number is the maximum error percentage. In this case, a number of 75 was entered. This means that the local router must maintain a minimum 75 percent non-error percentage, or the PPP link closes down.
ITE 1 Chapter 6 2006 Cisco Systems, Inc. All rights reserved. Cisco Public
45
CHAP is more secure than PAP. It involves a threeway exchange of a shared secret.
46
Using PAP, you send passwords across the link in clear text and there is no protection from playback or repeated trial-and-error attacks.
47
ITE 1 Chapter 6
Cisco Public
48
ITE 1 Chapter 6
Cisco Public
49
50
Note that the shared secret password must be identical on R1 and R2.
ITE 1 Chapter 6
Cisco Public
51
ITE 1 Chapter 6
Cisco Public
52
ITE 1 Chapter 6
Cisco Public
53
The PAP username and password that each router sends must match those specified with the username name password password command of the other router.
CHAP
CHAP periodically verifies the identity of the remote node using a three-way handshake.
The hostname on one router must match the username the other router has configured. The passwords must also match. This occurs on initial link establishment and can be repeated any time after the link has been established.
The router name and password are exactly the same, because they are case-sensitive
ITE 1 Chapter 6 2006 Cisco Systems, Inc. All rights reserved. Cisco Public
54
Cisco Thai Nguyen Networking Academy Troubleshooting the serial encapsulation configuration
The debug ppp authentication command displays the authentication exchange sequence. Figure illustrates the Left router output during CHAP authentication with the router on the right when debug ppp authentication is enabled. With two-way authentication configured, each router authenticates the other. Messages appear for both the authenticating process and the process of being authenticated. Use the debug ppp authentication command to display the exchange sequence as it occurs. Figure highlights router output for a twoway PAP authentication. The debug ppp command is used to display information about the operation of PPP. The no form of this command disables debugging output.
Router#debug ppp {authentication | packet | negotiation | error | chap} Router#no debug ppp {authentication | packet | negotiation | error | chap}
ITE 1 Chapter 6
Cisco Public
55
ITE 1 Chapter 6
Cisco Public
56
http://www.cisco.com/en/US/tech/tk713/tk507/technologies_configuration_example09186a0080094333.shtml
ITE 1 Chapter 6 2006 Cisco Systems, Inc. All rights reserved. Cisco Public
57
ITE 1 Chapter 6
Cisco Public
58
http://www.cisco.com/warp/public/471/debug_ppp_negotiation.html
Debug ppp negotiation includes: LCP (Mandatory Phase) Authentication (Optional Phase) (debug ppp authentication) NCP (Mandatory Phase)
ITE 1 Chapter 6
Cisco Public
59
Debugging allows you to confirm your configuration and correct any deficiencies.
The command is debug ppp authentication.
Line 1 says that the router is unable to authenticate on interface Serial0 because the peer did not send a name. Line 2 says the router was unable to validate the CHAP response because USERNAME 'pioneer' was not found. Line 3 says no password was found for 'pioneer'. In the last line, the code = 4 means a failure has occurred. Other code values are as follows:
1 = Challenge 2 = Response 3 = Success 4 = Failure
id = 3 is the ID number per LCP packet format. len = 48 is the packet length without the header.
ITE 1 Chapter 6 2006 Cisco Systems, Inc. All rights reserved. Cisco Public
60
Configure PPP encapsulation. Explain and configure PAP and CHAP authentication.
ITE 1 Chapter 6
Cisco Public
61