Wan Services Hdlc Ppp | Router (Computing) | Wide Area Network

WAN Services

High-Level Data Link Control (HDLC) protocol, Point to Point Protocol (PPP)

Point-to-Point Leased Line Implementation

The demarcation point is also called the ³demark´ the point where responsibility of the service provider or telcom ends. To setup point-to-point connection between 2 routers 1. Assign ip address to each interface (must be in same subnet) 2. Issue no shutdown command. 3. Assign clockrate [bps] command to DCE interface.

High-Level Data Link Control (HDLC) protocol
HDLC is a point to point protocol used on leased lines operating at the Data Link Layer (Layer 2) HDLC encapsulates datagrams over serial links No Authentication can be used with HDLC! HDLC is the default encapsulation used by cisco routers over serial links Cisco¶s HDLC is proprietary it wont communicate with any other vendors HDLC implementation. If we have a cisco router connected to a Bay router we have to use PPP encapsulation

2 Cisco Routers (HDLC) Default

Corporate Router>enable Router#config t Router(config)#hostname Corp Corp(config)#interface serial 0 Corp(config-if)#ip address 10.1.1.1 255.255.255.0 Corp(config-if)#no shutdown Corp(config-if)#exit Corp(config)#exit Corp# Branch Router>enable Router#config t Router(config)#hostname Branch Branch(config)#interface serial 0 Branch(config-if)#ip address 10.1.1.2 255.255.255.0 Branch(config-if)#no shutdown Branch(config-if)#exit Branch(config)#exit Branch# If you do a show running-config on a Cisco router, your serial interfaces (by default) won¶t have any encapsulation. This is because they are configured to the default of HDLC. If you do a show interface serial 0/0, you¶ll see that you are running HDLC. Router#show int s0/0 Serial0/0 is up, line protocol is up MTU 1500 bytes, BW 1544 Kbit Encapsulation HDLC, loopback not set

Point-to-Point Protocol (PPP) Leased Line technology
PPP is a data-link protocol that you can use over either asynchronous serial (dial-up) or synchronous serial (ISDN) media. It uses the Link Control Protocol (LCP) to build and maintain data-link connections. Authentication can be used with PPP

If we have a Cisco router and a non-Cisco router connected with a serial connection we must configure PPP or another encapsulation method, such as frame relay because HDLC won't work.

2 Different Routers Cisco and a Bay (Point to Point)

Cisco

Bay

The basic purpose of PPP is to transport Layer 3 packets across a Data Link Layer PPP uses LCP A method of establishing, configuring, maintaining and terminating the point to point connection NCP A method of establishing and configuring different network layer protocols. The Network Control Protocol allows the simultaneous use of multiple protocols e.g. IPCP and IPXCP The PPP stack is specified at the Physical and Data Link Layers only. NCP is used to allow communication of multiple Network layer protocols by encapsulating the protocols across a PPP data link.

PPP Authentication Methods Two methods to Authenticate PPP Links either PAP or CHAP

PAP - less secure. Passwords sent in clear text and PAP is performed only upon the initial link establishment. Peer in control of attempts.

CHAP - used at the initial start-up of the link and at periodic checkups to ensure the router is communicating with the same host. PPP Callback Used after successful authentication using PAP or CHAP, a calling router will contact a remote router, authenticate, the remote router (server) will then terminate the connection and reinitiate the connection to the calling router (client). Both routers must be configured for callback.

Question Which protocol should be chosen to support WAN connectivity in a multi-vendor system and provide strong security through authentication? NAT with DHCP Frame Relay HDLC with encryption HDLC with CHAP PPP with PAP PPP with CHAP Answer PPP with CHAP

HDLC and PPP Configuration
To Verifiy Setup #show interfaces

Configuring PPP on Cisco Routers PAP Example

PPP encapsulation must be enabled on both interfaces connected to a serial line to work. For PAP and CHAP The hostname is the (local router) the username is the remote router Passwords must match on each router

Configuring PPP for PAP and CHAP on RouterA & RouterB
RouterA#config t RouterA(config)#username RouterB password cisco RouterA(config)#int s0 RouterA(config-if)#encapsulation ppp RouterA(config-if)#ppp authentication chap RouterA(config-if)#ppp authentication pap RouterA(config-if)#^Z

RouterB#config t RouterB(config)#username RouterA password cisco RouterB(config)#int s0 RouterB(config-if)#encapsulation ppp RouterB(config-if)#ppp authentication chap RouterB(config-if)#ppp authentication pap RouterB(config-if)#^Z

If both authentication methods are configured as shown here then only the first method will be nd used during link negotiation ±the 2 is backup if the first method fails.

The username is the hostname of the remote router connecting to your router which is case sensitive. The password on both routers must be the same ± a plain text password that you can see with a show run command. You can encrypt the password by using the command service password-encryption. Question

The serial PPP link between the Left and Right routers is configured as shown in the diagram. Which configuration issue explains why the link is unable to establish a PPP session? A. The IP addresses must be on different subnets. B. The usernames are misconfigured. C. The passwords must be different for the CHAP authentication. D. The clock rate must be 56000. E. The clock rate is configured on the wrong end of the link. F. Interface serial 0/0 on Left must connect to interface serial 0/1 on Right. Answer B Explanation Newcomers to ppp sometimes put the local router name in for the username; remember that the remote router name is the username.

Configuring CHAP CHAP requires you to configure a username / password combination for any remote device that will be involved in authentication. (We're assuming that the routers have already been configured with their names via the global hostname command.) Both routers will use the password CISCO. R1 R1#username R2 password CISCO R1(config)#int bri0 R1(config-if)#encapsulation ppp R1(config-if)#ppp authentication chap R2 #username R1 password CISCO #int bri0 #encapsulation ppp #ppp authentication chap

Chap Example

CHAP Example

Troubleshooting PPP If we have PPP encapsulation enabled here¶s how you would verify that it¶s up and running with the show interface command. RouterA#show int s0 Serial0 is up. Line protocol is up Hardware is HD64570 Internet address is 172.16.20.1/24 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, rely Encapsulation PPP, loopback not set, keepalive set (10s) LCP Open

The version of HDLC used by Cisco routers is the default encapsulation type on Serial interfaces, verifiable with the show interface serial command

R1#show interface serial 1 Serial1 is up, line protocol is up Hardware is HD64570 Internet address is 172.12.13.1/24 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation HDLC, loopback not set R3#show int serial1 Serial1 is up, line protocol is up Hardware is HD64570 Internet address is 172.12.13.3/24 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation HDLC, loopback not set At this point, each partner in the PTP link can ping the other. R1#ping 172.12.13.3 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.12.13.3, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 36/36/36 ms R3#ping 172.12.13.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.12.13.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 32/35/36 ms

If one of the routers is running another encapsulation type, the physical interfaces will still be up, but the line protocol will go down and IP connectivity will be lost. To illustrate, I'll change the encapsulation type on R3's Serial1 interface to the Point-To-Point Protocol (PPP).

R3(config-if)#exit R3(config)#int serial 1 R3(config-if)#encapsulation ppp A few seconds later, the line protocol goes down on R3. 2d04h: %SYS-5-CONFIG_I: Configured from console by console 2d04h: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1, changed state to down show interface serial 1 on both routers verifies that the physical interface is up, but the line protocol is down. IP connectivity is lost. R3#show interface serial 1 Serial1 is up, line protocol is down R3#ping 172.12.13.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.12.13.1, timeout is 2 seconds: ..... Success rate is 0 percent (0/5) R1#show interface serial 1 Serial1 is up, line protocol is down R1#ping 172.12.13.3 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.12.13.3, timeout is 2 seconds: ..... Success rate is 0 percent (0/5) The encapsulation mismatch has brought the line protocol down, and to bring it back up, we simply need to make the encapsulation types match again. Question A two router network is running PPP over the serial interfaces that connect them. The enable password on the Denim router is "gateway". The Denim router also has a locally configured authentication password for the Plaid router which is "fortress". Which command must be executed on the Plaid router to allow Denim to authenticate to the Plaid router using CHAP? A. Plaid(config)# enable secret gateway B. Plaid(config)# enable secret fortress C. Plaid(config)# username Plaid password fortress D. Plaid(config)# username Denim password fortress E. Plaid(config)# hostname Plaid secret password gateway F. Plaid(config)# hostname Plaid secret password fortress Answer D

Question

Refer to the output of the show interface Serial0/0 command in the graphic. How many NCPs have been established? A. 1 B. 2 C. 3 D. 4 Answer B IPCP, CDPCP Question Interface is Serial0/0, electrical interface is UNKNOWN. What can be concluded about the Serial 0/0 interface? (Choose three.) A. Serial0z0 is down, line protocol is down B. Serial0/0 is down, line protocol is up C. Serial0/0 is up, line protocol is down D. The interface is neither DCE or DTE. E. The interface hardware may be faulty. F. The cabling may be improperly connected. Answer A, E, F Serial0z0 is down, line protocol is down, The interface hardware may be faulty, The cabling may be improperly connected. Question Which of the following is a reason for using such protocols as PAP and CHAP? A. to establish a PPP session B. to provide error checking on a WAN link C. to restrict access to networks connected by serial and ISDN links D. to provide a backup hostname and privilege mode password on the router Answer C

Question Several tasks must occur before a link between two routers can pass data using PPP. Which of the following are required to establish and maintain a PPP session between two routers? A. configure each host with a PPP address B. configure authentication between the two routers C. send LCP and NCP frames to negotiate configuration parameters D. send hostname and password information between the two routers Answer C send LCP and NCP frames to negotiate configuration parameters Question Which of the following describes the High-Level Data Link Control protocol? (Choose three.) A. HDLC provides flow and error control. B. Standard HDLC supports multiple protocols on a single link. C. HDLC uses sequencing and acknowledgements. D. HDLC is defined as the default encapsulation on Cisco LAN interfaces. E. Cisco implemented a proprietary version of HDLC. Answer A, C, E HDLC provides flow and error control, HDLC uses sequencing and acknowledgements, Cisco implemented a proprietary version of HDLC. Incorrect Answers B. Pt-2-Pt not multipoint D. Default Encapsulation on WAN interfaces Question Which authentication protocol can be spoofed to allow playback attacks? A. MD5 B. CHAP C. PAP D. NCP Answer C PAP Question You are configuring a PPP CHAP connection between two routers. The hostnames are SNOWBALL1 and SNOWBALL2. The SNOWBALL1 router has already been configured. You are responsible for configuring SNOWBALL2. The password configured on SNOWBALL1 is cisco. Which of the following is the correct username syntax that you will need to configure on SNOWBALL2? A. Username SNOWBALL2 password cisco B. Username SNOWBALL1 password cisco C. Username SNOWBALL2 password SNOWBALL1 D. Username SNOWBALL1 password SNOWBALL2 Answer B Explanation

We must allow SNOWBALL2 access to SNOWBALL1. We should therefore specify the username and the password of the hosting router: the peer router. The username of the peer router is SNOWBALL1) and the password is cisco.

Incorrect Answers A. We should use the peer username, not the local username C, D. We must use the password of the peer, not the local password. Question Point-to-Point protocol (PPP) is used as a WAN encapsulation between two routers. Which one of the following is true regarding PPP? A. PPP supports TCP/IP, but not Novell IPX. B. PPP is being phased out of existence by the Serial Line Internet protocol. C. PPP provides router-to-router and host-to-network connections over both synchronous and asynchronous circuits. D. PPP is an ITU-T and ANSI standard that defines the process for sending data over a packetswitched data network. Answer C Explanation PPP provide router-to-router and host-to-network connections over synchronous and asynchronous circuits. Incorrect Answers A. PPP supports both IP and IPX. B. PPP is causing SLIP to be phased out. D. PPP was not designed as a standard for packet-switched data networks. Question Which of the following WAN encapsulations support multiple upper layer protocols? (Choose Two) A. PPP B. LAPD C. ISDN D. HDLC Answer A, D Explanation Cisco has a proprietary HDLC. This Cisco HDLC frame uses a proprietary type field that acts as protocol field, which makes it possible for multiple network later protocols to share the same serial link. PPP is not a proprietary protocol. As result, it is most often used to connect devices of different vendors. In addition, it encapsulates network layer protocol information that makes it possible to support multiple upper layer protocols. Incorrect Answers B. LAPB is a layer 2 protocol but LAPD is not. C. ISDN is a Layer 1 (Physical) layer protocol, not Layer 2(data link).

Question The ABC network is implementing dialup services for their remote employees. ABC uses several different Layer 3 protocols on the network. Authentication of the users connecting to the network is required for security. Additionally, some employees will be dialing long distance and will need callback support. Which protocol is the best choice for these remote access services? A. 802.1 B. Frame relay C. HDLC D. PPP E. SLIP F. PAP Answer D Explanation PPP is the Point to Point Protocol, and is used in the majority of dial-up connections. PPP includes support for numerous features, including caller ID check, PPP callback, and security support. For security, either CHAP or PAP can be used, although CHAP is normally used as it is more secure. PPP is a layer 2 protocol that can support any layer 3 protocols. Question Which PPP subprotocol negotiates authentication options? A. NCP B. ISDN C. SLIP D. LCP E. DLCI Answer D Explanation LCP: A method of establishing, configuring, maintaining, and terminating the point-to-point connection. Link-establishment phase LCP packets are sent by each PPP device to configure and test the link. These packets contain a field called the Configuration Option that allows each device to see the size of the data, compression, and authentication. If no Configuration Option field is present, then the default configurations are used. Question A network administrator needs to configure a serial link between the main office and a remote location. The router at the remote office is a non-Cisco router. How should the network administrator configure the serial interface of the main office router to make the connection? A. Main(config)# interface serial 0/0 Main(config-if)# ip address 172.16.1.1 255.255.255.255 Main(config-f)# no shut B. Main(config)# interface serial 0/0 Main(config-if)# ip address 172.16.1.1 255.255.255.255 Main(config-f)# encapsulation ppp Main(config-if)# no shut C. Main(config)# interface serial 0/0 Main(config-if)# ip address 172.16.1.1 255.255.255.255

Main(config-f)# encapsulation frame-relay Main(config-if)# authentication chap Main(config-if)# no shut D. Main(config)# interface serial 0/0 Main(config-if)# ip address 172.16.1.1 255.255.255.255 Main(config-f)# encapsulation ietf Answer B Explanation: The default encapsulation on a serial interface is the Cisco proprietary HDLC. When connecting to routers from another vendor, we will need to use the standards based PPP, which is correctly defined in choice B. Incorrect Answers A. This is not a correct answer because no encapsulation is defined, so the default HDLC will be used, which is a Cisco proprietary protocol. C. CHAP authentication is only used by PPP, not HDLC. D. IETF itself is not an encapsulation option on an interface; it is used in frame relay networks, where the encapsulation can be frame relay IETF, but not simply IETF alone.

Sign up to vote on this title
UsefulNot useful

Master Your Semester with Scribd & The New York Times

Special offer for students: Only $4.99/month.

Master Your Semester with a Special Offer from Scribd & The New York Times

Cancel anytime.