Google Analytics

Search This Blog

Thursday, April 06, 2006

Cisco - Wan Technologies

WAN Technology (Theory):
- Connections between remote sites.
- What is the limitation of ADSL (Streamyx) ?
+ Topology (need to be 5 km from the nodes)
Leased LIne = T1, T2, T3
+ Encapsulation: HDLC (High data link control) - Vendor proprietary. HDLC is preferred for leased line because both ends will use similar equipments' brand.
PPP (point to point protocol) - industry standard
SLIP (outdated)
Packet Switched = Like Streamyx. Connect to streamyx and they help you to foward the packets around.
+ Encapsulation: X.25
Frame Relay
ATM
Circuit Switched = PPP (Preferred)
Menara Telekom, Brickfields, Putrajaya --> Central office for streamyx.
Demarcation point = Deciding whose responbility is for.
Customer demarcation point = CPE (customer premises equipment)
DCE End (from ISP) = Clock rate will be set.
DTE End (customer side)
CSU & DSU -
V.35 faster connector.

Point to Point (Theory) :
- By default, CISCO equipment use HDLC.
- PPP:
1. Builds a tunnel.
1a. LCP (Link-control protocol) - subset of PPP (layer 2).
+ Both ends' LCP must be opened. --> Bring up the data-link (layer 2)
1b. NCP (network control protocol) - (layer 3)
+ Both ends' NCP must be able to communicate

2. PPP offers the following which HDLC doesn't provide.
2a. Authentication
2b. Compression --> Discussed more in BCRAN
2c. Error Detection
2d. Multi-link
- Logical bundling. Take two links (64K) and combine into one link. --> Become a faster link (128K)

3. PPP establishment steps.
3a. Link establishment. --> LCP phase
3b. Authentication phase (optional)
PAP (only for CCNP) - must have username and password registered in the router.
CHAP (Challenge handshake authentication protocol) -
+ using Hash
+ Mandatory for both side to authenticate.
3c. Network communication --> NCP phase

CHAP (Practical):
1. Find out what encapsulation u r using ?
HDLC and PPP cannot be established on Ethernet interface; only on serial interface.
"sh int serial [number]
Serial0 is up, line protocol is up
Hardware is HD64570
Internet address is 1.0.0.254/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation HDLC, loopback not set -------> HDLC by default.

2. Select a serial interface.

3. Set to "PPP" Encapsulation

4. Three reaons for unstable link (going up an down)
4a. Clock rate not set
4b. Encapsulation is wrong
4c. Keep-alive.

5. "sh int serial 0"
Serial0 is up, line protocol is down
Hardware is HD64570
Internet address is 1.0.0.254/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, loopback not set
Keepalive set (10 sec)
LCP REQsent ---> Sending request.

6. Change all serial interfaces to PPP. Then all serial interfaces would be "up" and thus LCP will be working.
Serial0 is up, line protocol is up
Hardware is HD64570
Internet address is 1.0.0.254/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, loopback not set
Keepalive set (10 sec)
LCP Open
Open: IPCP, CDPCP

7. Apply authentication to PPP.
callback Authenticate remote on callback only
+ someone call me via PPP. I can disconnect it and then callback.
callin Authenticate remote on incoming call only
+ allow someone to call in.
callout Authenticate remote on outgoing call only
+ only allow someone to call out but not call in.
ms-chap Microsoft Challenge Handshake Authentication Protocol (MS-CHAP)
optional Allow peer to refuse to authenticate
pap Password Authentication Protocol (PAP)
ISDN = can also run PPP.

8. All serial interfaces will come down again. Because there is no password applied to it.
LabD#sh ip int brie
Interface IP-Address OK? Method Status Protocol
BRI0 unassigned YES NVRAM administratively down down
BRI0:1 unassigned YES unset administratively down down
BRI0:2 unassigned YES unset administratively down down
Ethernet0 unassigned YES NVRAM administratively down down
Serial0 1.0.0.254 YES NVRAM up down --> Already down.
Serial1 1.0.1.1 YES NVRAM up down --> Already down.

9. Create username(s) and password(s) for your neighbors to log into your routers.

10. But you don't know who your neighbors are because you can't do "sh cdp neighbors".
The only way is to guess the "terminal name", such as LabD.

i.e
LabD#conf t
Enter configuration commands, one per line. End with CNTL/Z.
LabD(config)#encapsulation ppp
LabD(config)#int serial 0
LabD(config-if)#encapsulation ppp
LabD(config-if)#ppp authentication chap --> apply for all serial links
LabD(config)#username labA password cisco --> Create authentication for labA
LabD(config)#username labG password cisco
LabD#debug ppp authentication --> turn on events driven debugging features
Authentication messages for debug:
06:06:35: Se1 CHAP: O CHALLENGE id 232 len 25 from "LabD" ---> Challenging
06:06:35: Se1 CHAP: I CHALLENGE id 228 len 25 from "LabG" ---> Challenging
06:06:35: Se1 CHAP: O RESPONSE id 228 len 25 from "LabD"
06:06:35: Se1 CHAP: I RESPONSE id 232 len 25 from "LabG"
06:06:35: Se1 CHAP: O SUCCESS id 232 len 4
06:06:35: Se1 CHAP: I SUCCESS id 228 len 4

If you remove your authentication, it will stop sending the keepalive with authentication informaiton.
Serial0 is up, line protocol is up
Hardware is HD64570
Internet address is 1.0.0.254/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, loopback not set
Keepalive set (10 sec) --> Keepalive here!

Sample Questions:
LabO:
+ username = LabJ
+ password = s3cUr0
LabJ
+ username = LabO
+ password = s3CUr0
Why authentication fails ?
--> Because password has to be case sensitive.

Difference between router and switches:
Router (for OSPF) always look for the lowest priority in selection for DR and BDR.
Switches always look for the lowest priority in selection for root bridge.

5 comments:

Anonymous said...

I like the notes , keep it up ...guys ! good luck in your ccna exam !

Brandon Teoh said...

Trainpro did a good job on the lecture.. (the trainer Nick is good)

However, I learnt that using just this notes, you can't pass the exam. Have to read the book published by Sybex. The fact everything asked in the exam will be coming from the book and nothing more.

http://www.trainpro.com.my/

Anonymous said...

Excellent, love it! » » »

Anonymous said...

What a great site here

Linkon Khan said...

Great job buddy. I think that kind of coding must be needed. Thanks for this kind of post.
wan leased line