CCNA4_M3_PPP (1130792)
Текст из файла
CCNA – Semester4Module 3PPPObjectives••••Explain serial communicationsPPP concepts, components, operationsPAP, CHAP and PPP authentication processPPP configurationSerial Point-to-Point LinksTime-division multiplexing• Time-Division Multiplexing (TDM) is the transmissionof several sources of information using one commonchannel, or signal, and then the reconstruction of theoriginal streams at the remote end.DTE-DCE• A serial connection has a data terminal equipment (DTE)device at one end of the connection and a datacommunications equipment (DCE) device at the otherend.WAN Serial connection optionsHDLC• In 1979, the ISO agreed on HDLC as a standard bitoriented data link layer protocol that encapsulates dataon synchronous serial data links.• The following examples of derivative protocols arecalled link access protocols:––––Link Access Procedure, Balanced (LAPB) for X.25Link Access Procedure on the D channel (LAPD) for ISDNLink Access Procedure for Modems (LAPM) and PPP for modemsLink Access Procedure for Frame Relay (LAPF) for Frame Relay• HDLC defines a Layer 2 framing structure that allows forflow control and error control using acknowledgmentsand a windowing scheme.Cisco HDLC• Standard HDLC does not inherently supportmultiple protocols on a single link• Cisco HDLC frame uses a proprietary ‘type’ fieldthat acts as a protocol field.• HDLC is the default Layer 2 protocol for Ciscorouter serial interfaces.HDLC frames• HDLC defines the following three types of frame, eachwith a different control field format:– Information frames (I-frames) – Carry the data to be transmitted forthe station.
Additional flow and error control - data may bepiggybacked on an information frame.– Supervisory frames (S-frames) – Provide request/responsemechanisms when piggybacking is not used.– Unnumbered frames (U-frames) – Provide supplemental link controlfunctions, such as connection setup. The code field identifies the Uframe type.HDLC encapsulationTroubleshooting a serial interfaceShow controllerDebug serial interfaceTroubleshooting a serial line statusTroubleshooting a serial line statusTroubleshooting a serial line statusTroubleshooting a serial line statusTroubleshooting a serial line statusTroubleshooting a serial line statusTroubleshooting a serial line statusPPP AuthenticationPPP• PPP uses a layered architecture includingNCP, LCP and the lowest encapsulationprotocol which is HDCL.• PPP provides a method for encapsulatingmulti-protocol datagrams over a point-topoint link, and uses the data link layer fortesting the connection.PPP Physical LayerPPP Data-link LayerPPP Network LayerFrame format: FlagFlag-Indicates the beginning orend of a frame and consists ofthe binary sequence 01111110.Frame format: AddressConsists of the standard broadcastaddress, which is the binary sequence11111111.
PPP does not assignindividual station addresses.Frame format: Control1 byte: 00000011, which callsfor transmission of user datain an unsequenced frame.Frame format: Protocol2 bytes that identify theprotocol encapsulated inthe data field of the frame.PPP frame format: Protocol types••••••••0021: Internet Protocol0029: Appletalk002B: Novell IPX8021: Internet Protocol Control Protocol8029: Appletalk Control Protocol802B: Novell IPX Control ProtocolC021: Link Control ProtocolC023: Authentication ProtocolFrame format: DataContain the datagram for the protocolspecified in the protocol field.The default maximum length of thedata field is 1,500 bytes.Frame format: FCSNormally 16 bits (2 bytes).
Refersto the extra characters added to aframe for error control purposes.4 phases of a PPP session1.2.3.4.Link establishment and configuration negotiationLink quality determinationNetwork layer protocol configuration negotiationLink terminationLCP FramesThere are three classes of LCP frames:• Link establishment frames: Used toestablish and configure a link.• Link termination frames: Used to terminatea link.• Link maintenance frames: Used to manageand debug a link.Phase I: Link establishment••••An originating PPP node sends LCPframes to configure and establish the datalink.LCP packets contain a configuration optionfields: MTU, compression, and linkauthentication protocol.LCP must first open the connection andnegotiate the configuration parameters.This phase is complete when aconfiguration acknowledgment frame hasbeen sent and received.LCP Configuration OptionsPhase II (Optional): Authentication••••The link is tested to determine whether thelink quality is good enough to bring upnetwork-layer protocols.Then, the client or user workstation can beauthenticated.Authentication takes place before thenetwork-layer protocol configuration phasebegins.PPP supports two authentication protocols:PAP and CHAP.Phase III: Network layer protocol•••The PPP devices send NCP packets tochoose and configure one or more networklayer protocols (such as IP).When each of the chosen network-layerprotocols has been configured, datagramsfrom each network-layer protocol can be sentover the link.You can check LCP and NCP states by usingthe show interfaces command.Phase IV: Link termination••••LCP can terminate the link at any time.This is usually done at the request of a user.Can happen because of a physical event,such as the loss of a carrier or a timeout.If LCP closes the link, it informs the networklayer protocols so that they can takeappropriate action.PPP Authentication: PAPPPP Authentication: PAP••••PAP provides a simple method for a remotenode to establish its identity, using a twoway handshake.PAP is not a strong authentication protocol.Passwords are sent across the link in cleartext.There is no protection from playback orrepeated trial-and-error attacks.PPP Authentication: CHAPPPP Authentication: CHAP••••CHAP is used to periodically verify the identity of theremote node, using a three-way handshake.CHAP offers features such as periodic verification toimprove security; this makes CHAP more effective thanPAP.The remote node responds with a value calculated usinga one-way hash function, which is typically MessageDigest 5 (MD5).CHAP provides protection against playback attacksthrough the use of a variable challenge value that isunique and unpredictable.CHAP processCHAP processCHAP processCHAP processCHAP processConfiguring PPPPPP compression and error detectionPPP MultilinkConfiguring PPP authenticationPPP authentication: PAPConnect toServerClient# hostname LAB_A# interface serial 0# encapsulation ppp# ppp pap sent-username R_Apassword CISCO_A# hostname LAB_B# username R_A password CISCO_A# interface serial 0# encapsulation ppp# ppp authentication papPPP authentication: CHAPConnect toClient# hostname LAB_A# interface serial 0# encapsulation ppp# ppp chap hostname R_A# ppp chap passwordCISCO_AServer# hostname LAB_B# username R_A password CISCO_A# interface serial 0# encapsulation ppp# ppp authentication chapPPP 2-way PAP authenticationConnectServerClient# hostname LAB_A# username R_B passwordCISCO_B# interface serial 0# encapsulation ppp# ppp authentication pap# ppp pap sent-username R_Apassword CISCO_A# hostname LAB_B# username R_A password CISCO_A# interface serial 0# encapsulation ppp# ppp authentication pap# ppp pap sent-username R_Bpassword CISCO_BConfiguring PPP Multilinkinterface Multilink1ip address 1.1.1.2 255.255.255.0ppp multilinkinterface Serial0/0no ip addressencapsulation pppclockrate 64000ppp multilinkppp multilink group 1interface Serial0/1no ip addressencapsulation pppppp multilinkppp multilink group 1S0/0S0/1S0/0S0/1Verifying the serial PPP encapsulationconfigurationTroubleshooting the serial encapsulationconfiguration• The debug ppp command is used to displayinformation about the operation of PPP.
The noform of this command disables debugging output.Router#debug ppp {authentication | packet |error | chap}negotiation |Debug ppp authenticationSummary•••••••Characteristics of point-to-point linksHDLC encapsulation protocolParts of PPP and functions of LCP and NCP.Phases of PPP sessionDifferences between PAP and CHAPPPP authentication configuration and verificationTroubleshooting problems with PPPLab1 TopologyLab1 Requirements• Routing: make sure the two ASes can connectto each other and the Internet• PPP authentication:– on a link between 2 routers, the left one uses PAP toauthenticate, the right one uses CHAP to authenticate– To access router Westx, use username pppwestx andpassword Pr1ntx– To access router Eastx, use username pppeastx andpassword Pr1ntxLab2 TopologyLab2 Requirements1.
PPP Multilink•••Use multilink to connect each link Site-CenterUse EIGRP as routing protocol AS 100IP address 172.20.0.0/16. Each Ethernet andLoopback network requires 60 IPs.2. PPP Authentication:•One physical link use PAP authentication, theother use CHAP authentication, both withusername bundlepx, and password 4eveRxCCNA4 – Module3.
Характеристики
Тип файла PDF
PDF-формат наиболее широко используется для просмотра любого типа файлов на любом устройстве. В него можно сохранить документ, таблицы, презентацию, текст, чертежи, вычисления, графики и всё остальное, что можно показать на экране любого устройства. Именно его лучше всего использовать для печати.
Например, если Вам нужно распечатать чертёж из автокада, Вы сохраните чертёж на флешку, но будет ли автокад в пункте печати? А если будет, то нужная версия с нужными библиотеками? Именно для этого и нужен формат PDF - в нём точно будет показано верно вне зависимости от того, в какой программе создали PDF-файл и есть ли нужная программа для его просмотра.
![](https://s.studizba.com/z.php?f=/templates/si/i/noavatar.png&w=100&h=100&t=1"){kind=avatar}
