แปลเน็ตเวิร์ก

Chapter
14
Wide Area Networks
CCNA
WAN
WAN
-
WAN
- Frame
Relay Cisco
- WAN
- VPN(
:
,,,)
-
PPP Cisco
LAN / WAN
Cisco IOS
(WAN) LANs
LANs .

!
WAN High-Level
Data-Link Control (HDLC), Point-to-Point Protocol (PPP)

Point - to-Point Protocol Ethernet (PPPoE), , DSL
FrameRelay.

12
, DSL, HDLC, PPP, PPPoE

Frame Relay. VPNs.
WAN
Introduction to Wide Area Networks
LAN
LAN
LAN
Ethernet
WAN Connection Types

WAN
WAN
WAN
(DTE) DCE
WAN:
Leased lines
pre-WAN CPE
DCE CPE DTE

serial 45Mbps. HDLC PPP

encapsulations
Circuit switching
end-to end . Switching Circuit

dial-up ISDN
ISDN
WAN
Packet switching
Packet

Packet switching
bursty Frame Relay X.25 Packet switching
56Kbps T3 (45Mbps)
WAN Support
Cisco HDLC, PPP Frame Relay

interfaces serial

Corp#config t
Corp(config)#int s0/0/0
Corp(config-if)#encapsulation ?
atm-dxi
ATM-DXI encapsulation
frame-relay Frame Relay networks
hdlc
lapb
ppp
smds
x25
Serial HDLC synchronous

LAPB (X.25 Level 2)
Point-to-Point protocol
Switched Megabit Data Service (SMDS)
X.25
ISDN
ADSL. Ethernet
Token Encapsulation Ring interface serial

WAN : Frame Relay,
ISDN, LAPB, LAPD, HDLC, PPP, PPPoE, Cable, DSL, MPLS
ATM
WAN
HDLC, PPP Frame Relay

Frame Relay packet-switched

1990 Frame Relay Data Link
Physical layer X.25
X.25 ()
Frame Relay
point -to- point
45Mbps
64Kbps
Frame Relay

ISDN Integrated Services Digital Network (ISDN)
. ISDN

Frame Relay T1
LAPB
Link Access Procedure, Balanced (LAPB)
Data Link X.25

LAPB

LAPD
Link Access Procedure, D-Channel (LAPD) ISDN
Data Link ( 2) D (signaling) channel.

LAPD Access Link Procedure, Balanced (LAPB)
ISDN.
HDLC High-Level Data-Link Control (HDLC) Data Link

Control (SDLC) IBM
Link. HDLC Data Link
LAPB.
HDLC
HDLC.
HDLC

HDLC HDLC
PPP
Point-to-Point Protocol (PPP)
HDLC, PPP
. protocol
point -to-point
Network Control Protocol Data Link Header

.
PPPoE
Point-to-Point Protocol over Ethernet PPP
frames Ethernet frames ADSL.

PPP
,
(MTU)
Ethernet
PPPoE

Ethernet Ethernet interfaces
DSL
interface Ethernet
PPP
Cable
HFC 500 2,000
(Hybrid fibre-
coaxial HFC
.)
Internet (CATV)
27Mbps sub-
scriber
2.5Mbps
. 256Kbps 6Mbps.
DSL Digital
()
. HFC
.
Digital Physical
dial-up, DSL

(CPE)
Digital Subscriber Line Access Multiplexer (DSLAM). DSLAM

(CO)
DSL
MPLS MultiProtocol Label Switching (MPLS)

MPLS
()
MPLS - warding
MPLS
layer 3 (equal to IP destination-based
routing) MPLS
TCP / IP. layer 3
MPLS
(

Frame Relay MPLS )
ATM
Asynchronous Transfer Mode (ATM)

ATM packets 53
bytes clocking isochronous (external clocking)

Frame Relay
Frame ATM.
Cable and DSL
DSL Interne
Speed DSL Internet
Security DSL

Popularity Internet
Customer Satisfaction DSL

Cable

SOHO

Headend
headend
Distribution network
100 2,000
fiber-coaxial optical fibertecture
DOCSIS (data over cable service interface specification)
Digital Subscriber Line (DSL)
DSL
DSL
DSL Ethernet Ethernet
DSL
Symmetrical DSL
Asymmetrical DSL
DSL
ADSL
ADSL

ADSL 256Kbps
8Mbps 1Mbps.
POTS
ADSL
ADSL
ADSL

ATM Data Link DSL Layer1
DSLAM ATM DSL ATUCs. ADSL DSLAM
ATM 3 IP
PPPoE
RFC1483 RFC1483

connectionless
ATM
bridged
PPPoA Point-to-Point Protocol (PPP) ATM
PPP ATM AAL5 (ATM Adaptation Layer 5)
DSL ADSL PPP
,
PPPoE
PPPoE
ADSL, PPPoE (Point-to-Point Protocol
over Ethernet) PPP Ethernet

PPP , .

IP PPP
PPP Ethernet
IP.
PPPoE with ADSL
PPP PPPoE

Ethernet

PPPoE reusing IP
Cabling the Serial Wide Area Network

WAN

Physical
Cisco
WAN
Cisco
WAN
HDLC, PPP Frame Relay 45Mbps (T3)
HDLC, PPP Frame Relay
Serial Transmission
Cisco
60-pin connector serial Cisco
Cisco

60-pin " smartserial
"
EIA/TIA-232
EIA/TIA-449
V.35 ( CSU / DSU)
EIA-530
Data Terminal Equipment and Data

Equipment
Communication
terminal (DTE)
(DCE) /
(CSU / DSU)
CSU / DSU (demarc)
RJ-45 (8-pin modular a)
. demarcs

DTE-DCE DTE
WAN DTE DCE
DCE CSU / DSU

CSU / DSU .
DCE (CSU / DSU) clocking DTE-interface (
interface serial) DCE clocking
CSU / DSU nonproduction

crossover WAN CSU / DSU
clocking DCE
DTE-DCE-DTE WAN connection
High-Level Data-Link Control (HDLC) Protocol
Data Link layer

serial (dial-up) (ISDN)
Link Control Protocol (LCP)
Network Control Protocol (NCP)
HDLC encapsulation serial
serial Cisco
PPP
PPP layer 3 packets

point-to-point
nonproprietary.
Cisco PPP interfaces serial
HDLC Cisco PPP
layer 3
PPP

HDLC
Point-to-Point Protocol stack
EIA/TIA-232-C, V.24, V.35, and ISDN

Physical
HDLC
LCP , ,
point-to-point
NCP
NCP
IPCP (Internet Protocol Control Protocol)
IPXCP (Internetwork Packet Exchange Control Protocol).
Link Control Protocol (LCP) Configuration Options

Link Control Protocol (LCP) PPP
Authentication
Compression
PPP PPP
PAP CHAP
Error detection
Multilink
PPP Magic Number
IOS 11.1
multilink
PPP
.3 T1s
multilink PPP 3Mbps 3.

PPP callback
PPP
PPP

(client) (server)
. (

.)
PPP Session Establishment
PPP
Link-establishment phase
LCP PPP
Authentication phase CHAP PAP

.

Network layer protocol phase
(NCP)
PPP Network Control Protocol

PPP.
( IP, IPX, AppleTalk )

NCP.
PPP Authentication Methods
2 PPP
Password Authentication Protocol (PAP)

PPP
Knox Fort!
Challenge Handshake Authentication Protocol (CHAP)

. PPP

MD5.
.
Configuring PPP on Cisco Routers
PPP CLI

Router#config t
Enter configuration commands, one per line. End with
CNTL/Z.
Router(config)#int s0
Router(config-if)#encapsulation ppp
Router(config-if)#^Z
Router#
serial
Configuring PPP Authentication
interface serial
encapsulation PPP
PPP .
Router#config t
CNTL/Z.
Router(config)#hostname RouterA
RouterA(config)#username RouterB password cisco

PAP
RouterA#config t
CNTL/Z.
RouterA(config)#int s0
RouterA(config-if)#ppp authentication chap pap
RouterA(config-if)#^Z
RouterA#
Verifying PPP Encapsulation
CHAP

Pod1R1#sh int s0/0
Serial0/0 is up, line protocol is up
Hardware is PowerQUICC Serial
Internet address is 10.0.1.1/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 239/255, txload 1/255, rxload 1/255
Encapsulation PPP
loopback not set
Keepalive set (10 sec)
LCP Open
Open: IPCP, CDPCP
[output cut]
6 PPP

IP
LCP
NCP
CDP

Pod1R1#sh int s0/0
Serial0/0 is up, line protocol is down
Encapsulation PPP, loopback not set
LCP Closed
Closed: IPCP, CDPCP
Serial0 / 0

LCP
Debugging PPP Authentication
PPP.
encapsulation PPP
PPP
d16h: Se0/0 PPP: Using default call direction

1d16h: Se0/0 PPP: Treating connection as a dedicated line
1d16h: Se0/0 CHAP: O CHALLENGE id 219 len 27 from "Pod1R1"
1d16h: Se0/0 CHAP: I CHALLENGE id 208 len 27 from "Pod1R2"
1d16h: Se0/0 CHAP: O RESPONSE id 208 len 27 from "Pod1R1"
1d16h: Se0/0 CHAP: I RESPONSE id 219 len 27 from "Pod1R2"
1d16h: Se0/0 CHAP: O SUCCESS id 219 len 4
1d16h: Se0/0 CHAP: I SUCCESS id 208 len 4
1d16h: Se0/0 PPP: Using default call direction
1d16h:
1d16h:
1d16h:
1d16h:
1d16h:
1d16h:
1d16h:
Se0/0 PPP: Treating connection as a dedicated line

%SYS-5-CONFIG_I: Configured from console by console
Se0/0 CHAP: O CHALLENGE id 220 len 27 from "Pod1R1"
Se0/0 CHAP: I CHALLENGE id 209 len 27 from "Pod1R2"
Se0/0 CHAP: O RESPONSE id 209 len 27 from "Pod1R1"
Se0/0 CHAP: I RESPONSE id 220 len 27 from "Pod1R2"
Se0/0 CHAP: O FAILURE id 220 len 25 msg is "MD/DES compare failed"
Mismatched WAN Encapsulations
point-to-point
PPP HDLC
Mismatched WAN encapsulations
Pod1R1
Pod1R1#sh int s0/0

LCP REQsent
Closed: IPCP, CDPCP
LCP
Pod1R2 encapsulation HDLC.
Pod1R2
encapsulation PPP interface serial.
PPP

Mismatched IP Addresses
HDLC PPP
interface serial IP
Pod1R1 10.0.1.1/24
Pod1R2 10.2.1.2/24.
Pod1R1#sh int s0/0

Serial0/0 is up, line protocol is up

LCP Open
Open: IPCP, CDPCP
IP
PPP ,
HDLC Frame Relay layer WAN 2 encapsulation
IP IP

Pod1R1#sh cdp neighbors detail
------------------------Device ID: Pod1R2
Entry address(es):
IP address: 10.2.1.2

PPPoE Configuration
PPPoE
DSL PPPoE
client PPPoE
R1(config)#int f0/0
R1(config-if)#p?
pppoe pppoe-client priority-group
R1(config-if)#pppoe ?
enable
Enable pppoe
max-sessions Maximum PPPOE sessions
R1(config-if)#pppoe enable ?
group attach a BBA group
<cr>
R1(config-if)#pppoe enable group ?
WORD
BBA Group name
global Attach global PPPoE group
R1(config-if)#pppoe enable group global
R1(config-if)#pppoe-client dial-pool-number ?
<1-255> Dialer pool number
R1(config-if)#pppoe-client dial-pool-number 1
!
interface FastEthernet4
description $ETH-WAN$
no ip address
duplex auto
speed auto
pppoe enable group global
pppoe-client dial-pool-number 1
!
PPPoE PPPoE client.

PPPoE
DHCP

DSL
interface Dialer0
ip address negotiated
ip mtu 1452
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap callin
ppp chap hostname Todd
ppp chap password 0 lammle
Frame Relay
Frame Relay WAN

Frame Relay non-multi-access (
NBMA) broadcasts
Frame Relay X.25

X.25
""

HDLC Frame Relay.
Frame Relay
Introduction to Frame Relay Technology

CCNA Frame Relay
. Frame Relay

- HDLC PPP
- Frame Relay a point-to-point leased
line
- Frame Relay
Frame Relay

Relay.
Frame Relay
Frame Relay
799

Frame Relay
Dedicated/
leased
lines
to each
location
$$$
14 . 15 Frame
Relay
Frame Relay
.
14 . Frame
14
Relay
Statistically
multiplexing
multiple logical
circuits over a
single physical
connection
Frame Relay
CCNA
Committed Information Rate (CIR)

Frame Relay packet-switched

Frame Relay Frame Relay

Frame Relay

(Access rate)
CIR
Frame Relay

:
T1 (1.544Mbps) CIR
256Kbps 256Kbps
256Kbps
T1 ()
( CIR)
MBR com-bined
partic
guaran-tee
256Kbps
256Kbps

DTE
256Kbps
(T1)

oversubscription CIR
Frame Relay
Frame Relay Encapsulation

Frame Relay Cisco
encapsulation serial interfaces
HDLC PPP Frame Relay encapsulation
2 Cisco IETF (Internet Engineering Task Force)

encapsulation 2
Frame Relay
Cisco
RouterA(config-if)#encapsulation frame-relay ?
ietf
Use RFC1490 encapsulation
<cr>
Encapsulation Cisco IETF Cisco
Cisco IETFencapsulation Cisco

Cisco Frame Relay
encapsulation Frame Relay
Virtual Circuits
Frame Relay

Pro viders "cloud Frame Relay
DTE
dumping

- manent
(PVCs) "permanent
"
(SVCs)

Frame Relay SVCs
North America.
Data Link Connection Identifiers (DLCIs)

Frame Relay PVCs DTE
Data Link
Connection Identifiers (DLCIs) Frame Relay DLCI
Frame Relay interfaces
multipoint interface
Frame Relay, DLCIs
T1
interfaces serial
T1 Frame Relay PVCs
T1 T1 PVCs
T1
CSU / DSU, PVCs
interfaces T1 tional CSU /
DSUs
ARP (IARP)
DLCIs Frame Relay
ARP DLCI IP
ARP
MAC IARP
Frame Relay
DLCI Frame Relay Frame Relay
IP-to- DLCI
IARP
statically IP-to- DLCI
Inverse ARP (IARP) is used to map a known DLCI to an IP

address
DLCIs bit more. -
LMI .
DLCIs
DLCI
. : RouterA RouterB,
IARP DLCI IP .
DLCI DLCI DLCI

. DLCI / -
com-porbination observes. "
" ( -) DLCI
.
RouterB. DLCI
RouterA RouterB DLCI
.
RouterA
. DLCI .
DLCIs telco "" PVC.

DLCIs 14.16.
, DLCI 100 RouterA cir - cuit

RouterA Relay. DLCI 200
RouterB Relay.
14.16
RouterA
DLCIs are local to your router
DLCI 100
DLCI 200
RouterB
DLCI PVC
16
DLCI
RouterA(config-if)#frame-relay interface-dlci ?
<16-1007> Define a DLCI as part of the current

subinterface
RouterA(config-if)#frame-relay interface-dlci 16
Local Management Interface (LMI)

Local Management Interface (LMI) signaling
Frame Relay

DTE ()
Keepalives
Multicasting LMI
ARP net
Frame Relay Multicasting DLCIs reserved 1,019

1,022
Global addressing
DLCIs
Frame Relay LAN

Status of virtual circuits DLCI
keepalives LMI
LMI

Frame Relay
PVC LMI
PVC PVCs
LMI : Cisco, ANSI
Q.933A . Dif - ferent

IOS 11.2, LMI autosensed
LMI
autosense Relay

Cisco Cisco
ANSI Q.933A
LMI
RouterA(config-if)#frame-relay lmi-type ?
cisco
ansi
q933a
LMI signaling

Cisco
LMI Gang (). Local
Management Interface (LMI) 1,990 Cisco
Systems, StrataCom, Northern Telecom Digital- ment
Corporation Gang-of- LMI Cisco LMI
ANSI
D ANSI T1.617
T ITU (Q.933A)
ITU-T
Q.933a
Active state

Inactive state
Frame Relay Congestion Control

CIR CIR

Frame Relay DTE

Discard Eligibility (DE)
(

CIR PVC) CIR

Eligi bility (DE) bit Frame Relay
gested, Frame
Relay bit DE

CIR DE
Forward Explicit Congestion Notification (FECN)
recog Frame Relay - nizes

bit 1 Frame
Relay
Frame Relay
Backward Explicit Congestion Notification (BECN)
Frame Relay

gestion Cisco

Troubleshooting Using Frame Relay Congestion Control

Frame Relay

Frame Relay frame-relay pvc command
RouterA#sh frame-relay pvc
Acti Inacti Dele
Stat
Local
ve
ted
ic
Switch ve
ed
0
0
0
1
Unuse
0
0
0
0
d
0
0
0
0
DLCI = 100, DLCI USAGE = LOCAL, PVC STATUS
=input
ACTIVE,
= Serial0/0
pkts INTERFACE
in bytes
output pkts
1300
out bytes
21802000 out
pkts dropped 0
in BECN pkts
192 out BECN

pkts 259
out bcast pkts
0
1270 dropped
21212000
out bytes
dropped 147
FECN pkts
147
in DE pkts
214
pkts 4
in pkts
dropped 0 out
in FECN pkts
147
out DE pkts
0
out bcast
bytes 0
PVC Statistics for interface Serial0/0 (Frame Relay DTE)
Frame Relay Implementation and Monitoring

Frame Relay
CCNA

subinterfaces

pvc create time 00:00:06, last time
pvc status changed 00:00:06
(Single Interface)

RouterA#config t
,
.
CNTL /
Z.
RouterA(config)#int s0/0
RouterA(config-if)#encapsulation frame-relay
RouterA(config-if)#ip address 172.16.20.1 255.255.255.0
RouterA(config-if)#frame-relay lmi-type ansi

RouterA(config-if)#frame-relay interface-dlci 101
RouterA(config-if)#^Z
RouterA#
encapsulation Cisco
IETF Cisco
Cisco IETF IP-address
LMI ANSI (
Cisco)
DLCI 101 PVC
( ISP) PVC

subinterfaces

subinterfaces subinterface interface
IOS Subinterfaces interface
interfaces multiplexing
Frame Relay
subinterface
PVC DLCI subnet
subinterface subinterfaces
s0.subinterface int encapsulation interface
serial
subinterface PVC
RouterA(config-if)#encapsulation frame-relay
RouterA(config-if)#int s0.?
<0-4294967295>
Serial interface number
RouterA(config-if)#int s0.16 ?
multipoint
Treat as a multipoint link
point-to-point
Treat as a point-to-point link
RouterA(config-if)#int s0.16 point-to-point
subinterfaces
subinterfaces
DLCIs
subinterface 16 DLCI PVC

subinterfaces
(Point-to-point)
subinterface subnet
(Multipoint)
subnet 'interfaces

(away point-to-point)
point-to-point subinterfac

subinterfaces output subinterface
DLCI majorly interfaces
interface Serial0
no ip address (notice there is no IP address on the
physical interface!)
no ip directed-broadcast
encapsulation frame-relay
!
interface Serial0.102 point-to-point
ip address 10.1.12.1 255.255.255.0
frame-relay interface-dlci 102
!
ip address 10.1.13.1 255.255.255.0
!
ip address 10.1.14.1 255.255.255.0
!
ip address 10.1.15.1 255.255.255.0
!
LMI
Cisco autodetect ( Cisco IOS
11.2 )
DLCI subnet point-to-point subinterfaces

Monitoring Relay Frame
interfaces
PVCs
RouterA>sho frame ?
end-to-end
Frame-relay end-to-end VC information
fragment
show frame relay fragmentation information
ip
show frame relay IP statistics
lapf
show frame relay lapf status/statistics
lmi
show frame relay lmi statistics
map
Frame-Relay map table
pvc
show frame relay pvc statistics
qos-autosense
show frame relay qos-autosense information
route
svc
traffic
vofr
show frame relay route

show frame relay SVC stuff
Frame-Relay protocol statistics
Show frame-relay VoFR statistics
The show frame-relay lmi Command
frame-relay lmi LMI

Frame Relay
Router#sh frame lmi
LMI Statistics for interface Serial0 (Frame Relay DTE)

LMI TYPE = CISCO
Invalid Unnumbered info 0
Invalid Prot Disc 0
Invalid dummy Call Ref 0
Invalid Msg Type 0
Invalid Status Message 0
Invalid Lock Shift 0
Invalid Information ID 0
Invalid Report IE Len 0
Invalid Report Request 0
Invalid Keep IE Len 0
Num Status Enq. Sent 0
Num Status msgs
Rcvd 0
Num Update Status Rcvd 0
Num Status Timeouts 0
Router#
The show frame pvc Command

PVCs DLCI PVC
BECN FECN
PVC
RouterA#sho frame pvc
PVC Statistics for interface Serial0 (Frame Relay DTE)

DLCI = 16,DLCI USAGE = LOCAL,PVC STATUS
=ACTIVE,
INTERFACE = Serial0.1
input pkts 50977876
output pkts 41822892
in bytes 3137403144
out bytes 3408047602 dropped pkts 5
in FECN pkts 0
in BECN pkts 0
out FECN pkts 0
pkts 0
in DE pkts 9393
out BECN
out DE pkts 0
pvc create time 7w3d, last time pvc status changed 7w3d
input pkts 30572401
in bytes 1797291100
out bytes 3227181474
in FECN pkts 0
in BECN pkts 0
BECN pkts 0
in DE pkts 28
pvc create time 7w3d, last
The show interface Command
output pkts 31139837

dropped pkts 5
out FECN pkts 0
out
out DE pkts 0
time pvc status changed 7w3d
LMI.
interface encapsulation 2
3 infor - mation. protocol, DLCI LMI.
out
DLCI = 18,DLCI USAGE =LOCAL,PVC STATUS
=ACTIVE, INTERFACE = Serial0.3
RouterA#sho int s0
Serial0 is up, line protocol is up
Hardware is HD64570
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, rely
255/255, load 2/255
Encapsulation FRAME-RELAY, loopback not set, keepalive
set (10 sec)
LMI enq sent 451751,LMI stat recvd 451750,LMI upd recvd
164,DTE LMI up
LMI enq recvd 0, LMI stat sent 0, LMI upd sent 0

LMI DLCI 1023 LMI type is CISCO frame relay DTE
Broadcast queue 0/64, broadcasts sent/dropped 0/0,
interface broadcasts 839294
The show frame map Command

RouterB#show frame map
Serial0 (up): ipx 20.0007.7842.3575 dlci 16(0x10,0x400),
dynamic, broadcast,, status defined, active
Serial0 (up): ip 172.16.20.1 dlci 16(0x10,0x400),
Serial1 (up): ipx 40.0007.7842.153a dlci 17(0x11,0x410),
Serial1 (up): ip 172.16.40.2 dlci 17(0x11,0x410),
The debug frame lmi Command
consoles (
)
Frame Relay
LMI
Router#debug frame-relay lmi
Serial3/1(in): Status, myseq 214
RT IE 1, length 1, type 0
KA IE 3, length 2, yourseq 214, myseq 214
PVC IE 0x7 , length 0x6 , dlci 130, status 0x2 , bw 0
Serial3/1(out): StEnq, myseq 215, yourseen 214, DTE up
datagramstart = 0x1959DF4, datagramsize = 13
FR encap = 0xFCF10309
00 75 01 01 01 03 02 D7 D6
Serial3/1(in): Status, myseq 215
RT IE 1, length 1, type 1
KA IE 3, length 2, yourseq 215, myseq 215
Serial3/1(out): StEnq, myseq 216, yourseen 215, DTE up
datagramstart = 0x1959DF4, datagramsize = 13
FR encap = 0xFCF10309
00 75 01 01 01 03 02 D8 D7
Troubleshooting Frame Relay Networks
Frame Relay

.
Frame Relay
encapsulation serial.
Encapsulations Relay: Cisco IETF Cisco
Cisco
Router
DLCI
Frame
Relay
DLCI
Router
100
200
A
RouterA#show running-config B
interface s0/0
ip address 172.16.100.2
255.255.0.0
frame-relay map ip
172.16.100.1 200 broadcast
Frame Relay Cisco

Frame Relay encapsulation IETF
RouterA(config-if)#encapsulation frame-relay ?
ietf
Use RFC1490 encapsulation
<cr>
RouterA(config-if)#encapsulation frame-relay ietf
14.17
Frame Relay mappings
RouterA RouterB Frame
Relay?

DLCI
Frame Relay; DLCI!

DLCI 100 DLCI 200
encapsulation Frame Relay, DLCIs

Frame Relay
14.18
Router DLCI
A
100
Frame Relay routing problems
DLCI
200
Router
B
Using SDM for WAN Connections
WAN serial SDM
HDLC (),PPP Frame Relay

HDLC
HDLC, PPP
Frame Relay
SDM
PPP SDM ( Configuring PPP with
Authentication Using SDM )
WAN serial corp
R3 PPP Authentication
Edit Connection Interface

If I don't do this, the interface won't show up as available to configure
through SDM
Create
Connection
RouterA#show running-config
interface s0/0
ip address 172.16.100.2
255.255.0.0
frame-relay map ip
172.16.100.1 100
router rip
network 172.16.0.0
RouterB#show
running-config
interface s0/0
ip address
172.16.100.1
255.255.0.0
encapsulation framerelay
frame-relay map ip
172.16.100.2 200
router rip
network
172.16.0.0
CON WAN Serial Wizard
HDLC Next
Point-to-Point Protocol IP Address
IP
Authen- tication

Next
Finish
Connection
R3 dem -
onstrated corp
( PPP CLI )
CLI
corp
!
interface Serial0/2/0
description Connection to R3$FW_OUTSIDE$
ip address 10.1.5.1 255.255.255.0
ip verify unicast reverse-path
ip virtual-reassembly
encapsulation ppp
clock rate 2000000
ppp authentication chap callin

ppp chap hostname R3
ppp chap password 0 cisco
!

ISP T1 (
) ISP point-to-point serial

SDM PPP
CLI.
Corp#sh int s0/2/0
Serial0/2/0 is up, line protocol is down
Hardware is GT96K Serial
Description: Connection to R3$FW_OUTSIDE$
Encapsulation PPP, LCP Listen
[output cut]
()
Physical
Data Link
keepalives R3
Corp#debug ppp auth

*May 15 18:46:12.039:
*May 15 18:46:12.039:
len 23 from "R3"
*May 15 18:46:12.039:
len 25 from "Corp"
*May 15 18:46:12.043:
len 25 from "Corp
Se0/2/0 PPP: Authorization required

Se0/2/0 CHAP: O CHALLENGE id 33
Se0/2/0 CHAP: I CHALLENGE id 33
Se0/2/0 CHAP: I RESPONSE id 33
*May 15 18:46:12.043: Se0/2/0 CHAP: Using hostname from

interface CHAP
*May 15 18:46:12.043:
interface CHAP
*May 15 18:46:12.043:
len 23 from "R3"
*May 15 18:46:12.043:
Request
*May 15 18:46:12.043:
Response FAIL
*May 15 18:46:12.043:
25 msg is
"Authentication failed"
Corp#un all
Se0/2/0 CHAP: Using password from
Se0/2/0 CHAP: O RESPONSE id 33

Se0/2/0 PPP: Sent CHAP LOGIN
Se0/2/0 PPP: Received LOGIN
Se0/2/0 CHAP: O FAILURE id 33 len
CLI config -
uring username
Corp(config)#username R3 password cisco
Router R3
R3(config)#username Corp password cisco
Corp#debug ppp auth

PPP authentication debugging is
*May 15 16:53:34.479: Se0/2/0
*May 15 16:53:34.479: Se0/2/0
len 25 from "Corp"
*May 15 16:53:34.483: Se0/2/0
23 from "R3"
*May 15 16:53:34.483: Se0/2/0
Request
*May 15 16:53:34.483: Se0/2/0
on
PPP: Authorization required
CHAP: O CHALLENGE id 1
CHAP: I RESPONSE id 1 len

PPP: Sent CHAP LOGIN
PPP: Received LOGIN
Response
*May 15
Request
*May 15
Request
*May 15
Response
*May 15
Response
*May 15
4
*May 15
Request
*May 15
Request
*May 15
AUTHOR
PASS
16:53:34.487: Se0/2/0 PPP: Sent LCP AUTHOR
16:53:34.487: Se0/2/0 PPP: Sent IPCP AUTHOR
16:53:34.487: Se0/2/0 LCP: Received AAA AUTHOR

PASS
16:53:34.487: Se0/2/0 IPCP: Received AAA AUTHOR
PASS
16:53:34.487: Se0/2/0 CHAP: O SUCCESS id 1 len
16:53:34.487: Se0/2/0 PPP: Sent CDPCP AUTHOR
16:53:34.491: Se0/2/0 PPP: Sent IPCP AUTHOR
16:53:34.491: Se0/2/0 CDPCP: Received AAA

Response PASS
Configuring PPPoE with SDM

PPPoE SDM
DSL SDM
SDM interface FastEthernet
SDM
Connection
Ethernet (PPPoE Unencapsulated )
Ethernet WAN
Configuration Wizard.
Next. Encapsulation,
Encapsulation
Next
Enable PPPoE
IP
Easy IP (IP Negotiated) Next
Next
Next
Configuring Frame Relay with SDM
corp R3
PPP PPPoE
Frame Relay SDM

SDM
Interface Wizard Frame Relay Next
IP address Next
LMI DLCI Next
Next,
Finish Router CLI

Router
Finish
Router CLI
Router IP Address Physical
Interface Subinterface SDM
!
interface Serial0/2/0
description Connection to R3$FW_OUTSIDE$

no ip address
ip verify unicast reverse-path

ip virtual-reassembly
clock rate 2000000
frame-relay lmi-type ansi

!
interface Serial0/2/0.1 point-to-point

ip address 10.1.5.1 255.255.255.0
frame-relay interface-dlci 17 CISCO

!
Router ISP ISP (
) PVC
LMI Cisco ISP Cisco Frame

Relay
ANSI LMI
Corp
router R3 router
VPN
(VPN)

non-TCP/IP VPNs
Internet
VPNs 3
Remote access VPNs VPNs
Telecommuters
Site-to-site VPNs Site-to-site VPNs VPNs

Internet WAN
Frame Relay
Extranet VPNs VPNs
(B2B)
VPNs
Jonesing VPNs ?
VPN IPSec
Endpoints IP
Endpoints

IPSec
Layer 2 Forwarding (L2F) Layer 2 Forwarding (L2F)

Cisco Dial-up
(VPDNs) VPDN
Dial-up
L2F
L2TP L2F
Point-to-Point Tunneling Protocol (PPTP) Point-to-Point Tunneling
Protocol (PPTP) Microsoft
Layer 2 Tunneling Protocol (L2TP) Layer 2 Tunneling Protocol

(L2TP) Cisco Microsoft L2F PPTP
L2TP L2F PPTP
Generic Routing Encapsulation (GRE) Generic Routing Encapsulation

Cisco
(GRE)
point-to-point
IP
VPN
VPN IPSec
Cisco IOS IPSec

IPSec
IP Layer 3 Network Layer

OSI
IP-based network IPSec
Non-IP
Non-IP GRE IPSec
IPSec
IPSec transform
IPSec

Hashing IPSec
IPSec Authentication
Header (AH) Encapsulating Security Payload (ESP)
Authentication Header (AH) AH
IP

IPSec
AH
ESP
Encapsulating Security Payload (ESP)
NASDAQ's gonna Superball ESP

Connectionless Antireplay
ESP
4
- Confidentiality DES
3DES
Endpoints VPN
- Data origin authentication and connectionless integrity
Connectionless
- Anti-replay service

IP

- Traffic flow

Bad guys
Site-to-Site VPN Task

Site-to-Site VPN
VPNs / IPSec
SDM
VPNs Router
VPN corp Router

Router
Close
VPN
IP Router (R3)
Key
Corp Router
IPSec VPN
SDM
IPSec VPNs Finish
VPN Yes SDM
SDM
SDM
(QoS)
VPN

Internet

IP

QoS

QoS Policy Generation

SDM QoS
SDM NBAR
Yes
Yes
QoS

Close
Finish
Router

WAN
,DSL,HDLC,PPP, PPPoE Frame Relay
VPN
High-Level Data-Link Control (HDLC)
HDLC HDLC
HDLC Router
HDLC
Router
PPP LCP
2 PAP CHAP
Frame Relay
encapsulation
LMI
Frame Relay subinterface Frame
Relay
Relay
SDM WAN
VPNs VPN IPSec
QoS WANs
encapsulation serial Router Cisco Router Cisco

High-Level Data-Link Control (HDLC) Encapsulation
Serial
Encapsulations Frame Relay Cisco
Frame Relay Encapsulation Router Cisco
Router Cisco Frame

Relay
Internet Engineering Task Force (IETF) Router
Cisco Frame Relay

CIR Frame Relay CIR
Frame Relay
Frame Relay lmi

LMI Router
Frame Relay pvc
PVCs DLCI
PPP Data Link Data Link 3
Network Control Protocol (NCP)
Link Control Protocol (LCP) ,,
Point-to-point High-Level Data-Link

Control (HDLC) MAC Encapsulates Packets
WAN serial WAN
HDLC PPP Frame
Relay
VPN
Lab 14
WAN
1. Encapsulation 0 Router Cisco

2. Encapsulation PPP s0
3. Todd Cisco
Router Cisco
PPP
4. Interface Serial Cisco( PPP

Encapsulation)
5. DLCI Interfaces Serial,0

1, 16 s0 17
S1
6.
Point-to-point Subinterface
DLCI 16 IP 172.16.60.1/24.
7. xDSL
8. 3 PPP
9. VPN
10. VPNs 3
( Lab 14
)
Hands-on Labs
Router Cisco WAN Labs
(Labs
Router Cisco )
Lab 14.1 : PPP Encapsulation

Lab 14.2 : HDLC
Lab 14.3 : Frame Relay Subinterfaces
Hands-on Lab 14.1 : PPP

Router Cisco High-Level
Encapsulation

Data-Link
Control (HDLC) Point-to-point Encapsulation

Serial Cisco
Encapsulation PPP
E0
50
50
E0
1. sh int s0 Router A B Encapsulation

2. Router
RouterA#config t
RouterA(config)#hostname RouterA
RouterB#config t
RouterB(config)#hostname RouterB
3. HDLC Encapsulation Router

PPP
Encapsulation Interface
Encapsulation
RouterA#Config t
RouterA(config-if)#Encap ppp
4. Router B serial 0
PPP Encapsulation
RouterB#config t
RouterB(config)#int s0
RouterB(config-if)#encap ppp
5. sh int s0 Router
7. Router
Router
RouterA#config t
RouterA(config)#username RouterB password todd
RouterB#config t
RouterB(config)#username RouterA password todd
8. CHAP PAP interface

RouterA(config-if)#ppp authentication chap
RouterB(config-if)#ppp authentication chap
9. PPP Router
Hands-on Lab 14.2 : HDLC

HDLC Lab 14.1
PPP
Encapsulation Router PPP

Lab
Router
Lab HDLC Encapsulation
Lab Lab 14.1
1. Encapsulation Serial Interface HDLC

Encapsulation
RouterA#config t
RouterA(config-if)#encapsulation hdlc
RouterB#config t
RouterB(config-if)#encapsulation hdlc
2. HDLC Encapsulation s0
Router
Hands-on Lab 14.3 : Frame

Relay Subinterfaces
Lab
F0/27
F0/3
F0/26
F0/0 1900
2950
50/0
50/0
DCE
F0/4
F0/2 F0/5
F0/1
F0/0
50/1
DCE
F0/4
F0/5
F0/3
F0/2
F0/1
F0/0
50/0
2950
Lab Router Lab _B Frame Relay

Lab_A Router Lab_C
PVC
1. Frame-Relay Encapsulation
Serial Interface
Frame Relay
Router#config t
Router(config)#hostname Lab_B
Lab_B(config)#frame-relay switching [ Router FR ]
Lab_B(config)#int s0
Lab_B(config-if)#encapsulation frame-relay
Lab_B(config-if)#int s1
Lab_B(config-if)#encapsulation frame-relay
2. Frame Relay mappings Interface
IP

Frame Relay
Lab_B(config-if)#int s1
Lab_B(config-if)#frame intf-type dce
Lab_B(config-if)#frame-relay route 201 interface
Serial0/0 102
Lab_B(config-if)#clock rate 64000 [ DCE]
frames PVC 102 int
s0 / 1 PVC 201 Serial 0 / 1

int s0 / 1 serial0 /0 PVC 102
3. Lab_A point-to-point subinterface
Router#config t
Router(config)#hostname Lab_A
Lab_A(config)#int s0
Lab_A(config-if)#encapsulation frame-relay
Lab_A(config-if)#int s0.102 point-to-point
Lab_A(config-if)#ip address 172.16.10.1
255.255.255.0
Lab_A(config-if)#frame-relay interface-dlci 102
4. Lab_C point-to-point subinterface
Router#config t
Router(config)#hostname Lab_C
Lab_C(config)#int s0
Lab_C(config-if)#encapsulation frame-relay
Lab_C(config-if)#int s0.201 point-to-point
Lab_C(config-if)#ip address 172.16.10.2
255.255.255.0
Lab_C(config-if)#frame-relay interface-dlci 201
5.
Lab_A>sho frame ?
ip
show frame relay IP statistics
lmi show frame relay lmi statistics
map Frame-Relay map table
pvc show frame relay pvc statistics
route show frame relay route
traffic Frame-Relay protocol statistics
6. Ping Telnet
1. CHAP Router
2 Router
. show chap authentication

. show interface serial 0
. debug ppp authentication
. debug chap authentication
2. Frame Relay
ARP
. frame-relay arp
. frame-relay map
. frame-relay interface-dci
. frame-relay lmi-type
3. HQ 6

WAN
HQ Router HQ
. PPP
. HDLC
. Frame Relay
. ISDN
4. Router# frame-relay ()
. dlci
. neighbors
. lmi
. pvc
. map
5. Router Frame Relay

. Subinterface PVC
DLCI Subnet
Subinterface
. Frame Relay Point-to-point
Multicast
Broadcast
. Subinterfaces Subnet
. Subinterface PVC
Router Interfaces
6. Encapsulations Serial Interface (
)
. Ethernet
. Token Ring
. HDLC
. Frame Relay
. PPP
7. Frame Relay Point-to-point Subinterfaces
. Frame Relay Encapsulation Physical Interface

. DLCI Subinterface
. IP address Physical Interface
. Subinterface Point-to-point
8. Router Frame Relay WAN Serial DTE
Interface
. CSU / DSU
. Router
. Physical layer bit

9. Frame Relay WAN Physical
Network
.
.
.
.
Point-to-point
Broadcast multi-access
Non-broadcast multi-access
Non-broadcast multipoint
10. Encapsulates PPP frames Ethernet frames PPP
. PPP
. PPPoA
. PPPoE
. Token Ring
11. Router Cisco Frame

Relay
.
.
.
.
WAN interface Router

Router(config-if)#encapsulation frame-relay
q933a
ansi
ietf
cisco
12. Acme Corporation Dial-up

. 802.1
.
.
.
.
Frame Relay
HDLC
PPP
PAP
13. WAN Encapsulation

Asynchronous Serial
()
. PPP
. ATM
. HDLC
. SDLC
. Frame Relay
14. ATM Data Link layer

DSLAM
. DSL
. PPPoE
. Frame Relay
. Dedicated T1
. Wireless
. POTS
15. Corp Router Remote Router

Corp#sh int s0/0

Remote#sh int s0/0
Encapsulation HDLC, loopback not set
. Serial Cable
. IP addresses Subnet
. Subnet masks
.
. Layer 2
16. HFC
. DSL
. PPPoE
. Frame Relay
. Cable
. Wireless
. POTS
17.
Router Ping
Router
Central#show running-config
!
interface Serial0
ip address 10.0.8.1 255.255.248.0
frame-relay map ip 10.0.15.2 200
!
Router rip
Network 10.0.0.0
Remote#show running-config
!
interface Serial0
ip address 10.0.15.2 255.255.248.0
frame-relay map ip 10.0.8.1 100
!
Router rip
Network 10.0.0.0
. Frame Relay PVC
. IP Central / Remote Router link

. RIP
. Frame Relay Inverse ARP
18. Layer 3 Network layer OSI
IP-based
. HDLC
. Cable
. VPN
. IPSec
. xDSL
19.

non-TCP/IP
. HDLC
. Cable
DLCI 100
Router A
DLCI 200
Router B
. Router A frame
. Router B frame
. Encapsulation Router A Router B

. Router B frame

1. C. PPP PPP
Point-to-point
2. B. Router Frame Relay IARP

Frame Relay maps Router
DLCI-to-IP address mappings
3. C. Router Frame Relay

4. C , D , E. Frame-Relay
lmi PVC
5. A. Serial port DLCIs

( 5)
Subinterfaces
PVC Frame Relay
6. C, D, E. Ethernet Token Ring LAN

Serial Interface
PPP, HDLC Frame Relay Layer 2 WAN
Serial
Interface
7. C. CCNA
Frame Relay
Point-to-point Subinterfaces IP address Physical Interface
8. A. Clocking Serial Interface CSU / DSU (

DCE) CSU / DSU
Nonproduction Clocking
Serial
Interface Router DCE
9. C. Frame Relay Nonbroadcast multiaccess( NBMA)
Broadcasts RIP
10. C. PPPoE Encapsulates PPP frames Ethernet frames

PPP
PPPoA ATM
11. C. Router Cisco Frame Relay

Router Cisco
Frame Relay encapsulation IETF
Cisco encapsulation
Router Cisco Frame Relay
12. D. PPP HDLC Frame Relay

PPP
PAP CHAP
13. A, B. ATM
CCNA
ATM
PPP Dial-up (async) ATM

PPP
14. A. ATM Data-Link layer

DSL layer 1 CPE
DSLAM ATM DSL interface
cards ATU-Cs
15. Router HDLC

Serial Encapsulation Router
Corp PPP Serial Encapsulation Router Remote
Encapsulation PPP
Router Corp HDLC
16. D. Hybrid fibre-coaxial (HFC)

17. C. IP addresses Subnet B

ping PVC A
IARP C
Frame Relay Non-
broadcast multi-access
Broadcasts RIP PVC
Broadcast Statement
Frame-Relay
18. D. IPSec

IP-based Layer 3 Network layer
OSI
19. C.
Non-TCP/IP
VPN
20. A. DLCIs

Router Router
DLCI
Router A DLCI 100
Router B
Router A
Router B DLCI 200
Lab 14.1
1. sh int s0
2. config t
int s0
encap ppp
3. config t
username todd password cisco
4. config t
int bri0
ppp authentication chap

5. config t
int s0
frame interface-dlci 16
int s1
6. config t
int s0
encap frame
int s0.16 point-to-point
ip address 172.16.60.1 255.255.255.0

7. PPPoE
8. HDLC, LCP NCP
9. IPSec
10. Remote access VPNs, site-to-site VPNs extranet VPNs

แปลเน็ตเวิร์ก

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

แปลเน็ตเวิร์ก

Uploaded by

Copyright:

Available Formats

Chapter

Data-Link Control (HDLC), Point-to-Point Protocol (PPP)

, DSL, HDLC, PPP, PPPoE

WAN Connection Types

serial 45Mbps. HDLC PPP

end-to end . Switching Circuit

Cisco HDLC, PPP Frame Relay

Serial HDLC synchronous

Token Encapsulation Ring interface serial

Frame Relay packet-switched

Link Access Procedure, Balanced (LAPB)

Data Link X.25

Link Access Procedure, D-Channel (LAPD) ISDN

Data Link ( 2) D (signaling) channel.

HDLC High-Level Data-Link Control (HDLC) Data Link

Point-to-Point Protocol (PPP)

Point-to-Point Protocol over Ethernet PPP

frames Ethernet frames ADSL.

HFC 500 2,000

Asynchronous Transfer Mode (ATM)

bytes clocking isochronous (external clocking)

Cable and DSL

Speed DSL Internet

fiber-coaxial optical fibertecture

DOCSIS (data over cable service interface specification)

Digital Subscriber Line (DSL)

ADSL, PPPoE (Point-to-Point Protocol

over Ethernet) PPP Ethernet

PPPoE with ADSL

Cabling the Serial Wide Area Network

Data Terminal Equipment and Data

DCE CSU / DSU

CSU / DSU nonproduction

DTE-DCE-DTE WAN connection

High-Level Data-Link Control (HDLC) Protocol

Point-to-Point Protocol (PPP)

Data Link layer

PPP layer 3 packets

Point-to-Point Protocol stack

EIA/TIA-232-C, V.24, V.35, and ISDN

IPCP (Internet Protocol Control Protocol)

IPXCP (Internetwork Packet Exchange Control Protocol).

Link Control Protocol (LCP) Configuration Options

PPP Magic Number

multilink PPP 3Mbps 3.

PPP Session Establishment

Authentication phase CHAP PAP

PPP Network Control Protocol

( IP, IPX, AppleTalk )

PPP Authentication Methods

Configuring PPP on Cisco Routers

Configuring PPP Authentication

Debugging PPP Authentication

d16h: Se0/0 PPP: Using default call direction

1d16h: Se0/0 PPP: Using default call direction

Se0/0 PPP: Treating connection as a dedicated line

Mismatched WAN Encapsulations

Mismatched WAN encapsulations

Pod1R1#sh int s0/0

Pod1R1#sh int s0/0

Internet address is 10.0.1.1/24

PPPoE PPPoE client.

Frame Relay WAN

Frame Relay X.25