Sybex CCNA 640-802 Chapter 12: Security Instructor & Todd Lammle.
Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.
-
Upload
isabella-atkins -
Category
Documents
-
view
249 -
download
10
Transcript of Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.
![Page 1: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/1.jpg)
Sybex CCNA 640-802 Chapter 16: Wide Area Networks
Instructor & Todd Lammle
![Page 2: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/2.jpg)
Chapter 14 Objectives
The CCNA Topics Covered in this chapter include:
• Introduction to WAN’s• HDLC• PPP• Frame Relay• Introduction to VPN’s
2
![Page 3: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/3.jpg)
Defining WAN Terms
• Customer Premises Equipment (CPE)• Demarcation (demarc)• Local loop• Central Office (CO)• Toll network
![Page 4: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/4.jpg)
WAN Connection Bandwidth• Digital Signal 0 (DS0) This is the basic digital signaling rate of 64Kbps, equivalent to one channel.
Europe uses the E0 and Japan uses the J0 to reference the same channel speed. Typically used in a T-carrier transmission, this is the generic term used by several multiplexed digital carrier systems. This is the smallest capacity digital circuit. 1 DS0 = 1 voice/data line.
• T1 Also referred to as a DS1, this contains 24 DS0 circuits bundled together with a total bandwidth of 1.544Mbps.
• E1 European equivalent of the T1. Contains 30 DS0 circuits bundled together with a bandwidth of 2.048Mbps.
• T3 Referred to as a DS3, this has 28 DS1s bundled together, or 672 DS0s, with a bandwidth of 44.736Mbps.
• OC-3 Optical Carrier (OC) 3, uses fiber, is made up of three DS3s bundled together, and contains 2,016 DS0s with a total bandwidth of 155.52Mbps.
• OC-12 Optical Carrier 12 is make up of four OC-3s bundled together and contains 8,064 DS0s with a total bandwidth of 622.08Mbps.
• OC-48 Optical Carrier 48 is made up of four OC12s bundled together and contains 32,256 DS0s with a total bandwidth of 2488.32Mbps.
![Page 5: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/5.jpg)
WAN Connection Types
![Page 6: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/6.jpg)
WAN Support
• Frame Relay• ISDN• LAPB• LAPD• HDLC• PPP• ATM• PPPoE• Cable • DSL• MPLS• DWDM
![Page 7: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/7.jpg)
Cable and DSL
Comparisons– Speed– Security– Popularity– Customer satisfaction
![Page 8: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/8.jpg)
Cable Terms• Headend• Distribution network
• DOCSIS (Data Over Cable Service
Interface Specification)
![Page 9: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/9.jpg)
Digital Subscriber Line (DSL)• Symmetrical DSL
• Asymmetrical DSL
![Page 10: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/10.jpg)
ADSL
• PPPoE
• RFC1483 Routing
• PPPoA
![Page 11: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/11.jpg)
PPPoE with ADSL
![Page 12: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/12.jpg)
DTE-DCE-DTE
![Page 13: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/13.jpg)
HDLC Protocol
• Bit-oriented Data Link layer ISO standard protocol
• Specifies a data encapsulation method
• No authentication can be used
![Page 14: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/14.jpg)
HDLC Frame Format
![Page 15: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/15.jpg)
Point-to-Point Protocol (PPP)
• Purpose:– Transport layer-3 packets across a
Data Link layer point-to-point link
• Can be used over asynchronous serial (dial-up) or synchronous serial (ISDN) media– Uses Link Control Protocol (LCP)
• Builds & maintains data-link connections
![Page 16: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/16.jpg)
Point-to-Point Protocol Stack
![Page 17: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/17.jpg)
PPP Main Components
• EIA/TIA-232-C– Intl. Std. for serial communications
• HDLC– Serial link datagram encapsulation method
• LCP– Used in P-t-P connections:
• Establishing• Maintaining• Terminating
• NCP– Method of establishing & configuring Network
Layer protocols– Allows simultaneous use of multiple Network
layer protocols
![Page 18: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/18.jpg)
LCP Configuration Options
• Authentication– PAP– CHAP
• Compression– Stacker– Predictor
• Error detection– Quality– Magic Number
• Multilink– Splits the load for PPP over 2+ parallel
circuits; a bundle
![Page 19: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/19.jpg)
PPP Session Establishment
• Link-establishment phase
• Authentication phase
• Network-layer protocol phase
![Page 20: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/20.jpg)
PPP Session Establishment
![Page 21: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/21.jpg)
PPP Authentication Methods
• Password Authentication Protocol (PAP)– Passwords sent in clear text– Remote node returns username &
password
• Challenge Authentication Protocol (CHAP)– Done at start-up & periodically– Challenge & Reply
• Remote router sends a one-way hash ~ MD5
![Page 22: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/22.jpg)
Configuring PPPon Router A to talk to Router B
• Step #1: Configure PPP RouterA#config t
RouterA(config)#int s0
RouterAconfig-if)#encapsulation ppp
RouterA(config-if)#^Z
• Step #2: Define the username & password RouterA(config)#username RouterB password cisco
RouterB(config)#username RouterA password cisco
NOTE: (1) Username maps to the remoteremote router
(2) Passwords must match
• Step #3: Choose Authentication type for each router; CHAP/PAPRouterA(Config)#int s0
RouterA(config-if)#ppp authentication chap
RouterA(config-if)#ppp authentication pap
RouterA(config-if)#^Z
![Page 23: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/23.jpg)
PPP Example 1
![Page 24: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/24.jpg)
PPP Example 2
![Page 25: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/25.jpg)
PPP Example 3
![Page 26: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/26.jpg)
PPP Example 4
![Page 27: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/27.jpg)
Frame Relay
• Background– High-performance WAN encapsulation
method– OSI Physical & data Link layer– Originally designed for use across ISDN
• Supported Protocols– IP, DECnet, AppleTalk, Xerox Network
Service (XNS), Novell IPX, Banyan Vines, Transparent Bridging, & ISO
![Page 28: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/28.jpg)
Frame Relay
• Purpose– Provide a communications
interface between DTE & DCE equipment
– Connection-oriented Data Link layer communication
• Via virtual circuits• Provides a complete path from the
source to destination before sending the first frame
![Page 29: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/29.jpg)
Before Frame Relay
![Page 30: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/30.jpg)
After Frame Relay
![Page 31: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/31.jpg)
Frame Relay Terminology
• Committed Information Rate (CIR)• Access rate
![Page 32: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/32.jpg)
Committed Information Rate (CIR)
• Definition: Provision allowing customers to purchase amounts of bandwidth lower than what they might need– Cost savings– Good for bursty traffic– Not good for constant amounts of
data transmission
![Page 33: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/33.jpg)
Frame Relay Encapsulation
• Specified on serial interfaces• Encapsulation types:
– Cisco (default encapsulation type)– IETF (used between Cisco & non-
Cisco devices)
RouterA(config)#int s0
RouterA(config-if)#encapsulation frame-relay ?
ietf Use RFC1490 encapsulation
<cr>
![Page 34: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/34.jpg)
Data Link Connection Identifiers (DLCIs)
• Frame Relay PVCs are identified by DLCIs• IP end devices are mapped to DLCIs
– Mapped dynamically or mapped by IARP
• Global Significance: – Advertised to all remote sites as the same PVC
• Local Significance: – DLCIs do not need to be unique
• ConfigurationRouterA(config-if)#frame-relay interface-dlci ?
<16-1007> Define a DLCI as part of the current
subinterface
RouterA(config-if)#frame-relay interface-dlci 16
![Page 35: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/35.jpg)
DLCI’s are Locally Significant
![Page 36: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/36.jpg)
Local Management Interface (LMI)
• Background
• Purpose
• LMI Messages– Keepalives– Multicasting– Multicast addressing– Status of virtual circuits
![Page 37: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/37.jpg)
LMI Types
• Configuration:RouterA(config-if)#frame-relay lmi-type ? cisco ansi q933a
– Beginning with IOS ver 11.2+ the LMI type is auto-sensed
– Default type: cisco
• Virtual circuit status:– Active– Inactive– Deleted
![Page 38: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/38.jpg)
Congestion Control
• Discard Eligibility (DE)
• Forward-Explicit Congestion Notification (FECN)
• Backward-Explicit Congestion Notification (BECN)
![Page 39: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/39.jpg)
Frame Relay Implementation Single Interface
![Page 40: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/40.jpg)
Partial Meshed Networks
![Page 41: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/41.jpg)
Sub-interfaces
• Definition– Multiple virtual circuits on a single
serial interface– Enables the assignment of different
network-layer characteristics to each sub-interface
• IP routing on one sub-interface• IPX routing on another
– Mitigates difficulties associated with:• Partial meshed Frame Relay networks• Split Horizon protocols
![Page 42: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/42.jpg)
Creating Sub-interfaces
Configuration:#1: Set the encapsulation on the serial interface
#2: Define the subinterfaceRouterA(config)#int s0
RouterA(config)#encapsulation frame-relay
RouterA(config)#int s0.?
<0-4294967295> Serial interface number
RouterA(config)#int s0.16 ?
multipoint Treat as a multipoint link
point-to-point Treat as a point-to-point link
![Page 43: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/43.jpg)
Mapping Frame Relay
Necessary to IP end devices to communicate– Addresses must be mapped to
the DLCIs– Methods:
• Frame Relay map command• Inverse-arp function
![Page 44: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/44.jpg)
Using the map command
RouterA(config)#int s0
RouterA(config-if)#encap frame
RouterA(config-if)#int s0.16 point-to-point
RouterA(config-if)#no inverse-arp
RouterA(config-if)#ip address 172.16.30.1 255.255.255.0
RouterA(config-if)#frame-relay map ip 172.16.30.17 16 ietf broadcast
RouterA(config-if)#frame-relay map ip 172.16.30.18 17 broadcast
RouterA(config-if)#frame-relay map ip 172.16.30.19 18
![Page 45: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/45.jpg)
Using the inverse arp command
RouterA(config)#int s0.16 point-to-point
RouterA(config-if)#encap frame-relay ietf
RouterA(config-if)#ip address 172.16.30.1 255.255.255.0
![Page 46: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/46.jpg)
Monitoring Frame Relay
RouterA>sho frame ?
ip show frame relay IP statistics
lmi show frame relay lmi statistics
map Frame-Relay map table
pvc show frame relay pvc statistics
route show frame relay route
traffic Frame-Relay protocol statistics
RouterA#sho int s0
RouterB#show frame map
Router#debug frame-relay lmi
![Page 47: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/47.jpg)
Troubleshooting Frame Relay
Why can’t RouterA talk to RouterB?Why can’t RouterA talk to RouterB?
![Page 48: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/48.jpg)
Troubleshooting Frame Relay
Why is RIP not sent across the PVC?Why is RIP not sent across the PVC?
![Page 49: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/49.jpg)
Introduction to VPN’s
• VPNs are used daily to give remote users and disjointed networks connectivity over a public medium like the Internet instead of using more expensive permanent means.
49
![Page 50: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/50.jpg)
Types of VPN’s
• REMOTE ACCESS VPNSRemote access VPNs allow remote users like telecommuters to securely
access the corporate network wherever and whenever they need to.
• SITE-TO-SITE VPNSSite-to-site VPNs, or, intranet VPNs, allow a company to connect its remote
sites to the corporate backbone securely over a public medium like the Internet instead of requiring more expensive WAN connections like Frame Relay.
• EXTRANET VPNSExtranet VPNs allow an organization’s suppliers, partners, and customers to
be connected to the corporate network in a limited way for business-to-business (B2B) communications.
50
![Page 51: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/51.jpg)
Cisco IOS IPsec
• IPSec Transforms specify a single security protocol with its corresponding security algorithm
• Security Protocols–Authentication Header (AH)–Encapsulating Security Payload (ESP)
51
![Page 52: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/52.jpg)
IpSec benefits
• Confidentiality
• Data origin authentication and connectionless integrity
• Anti-replay service
• Traffic flow
52
![Page 53: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/53.jpg)
Encryption
• Symmetric encryption
• Asymmetric Encryption
• Private keys
• Public keys
53
![Page 54: Sybex CCNA 640-802 Chapter 16: Wide Area Networks Instructor & Todd Lammle.](https://reader036.fdocuments.net/reader036/viewer/2022062314/56649e1b5503460f94b08f2d/html5/thumbnails/54.jpg)
Written Labs and Review Questions
– Open your books and go through all the written labs and the review questions.
– Review the answers in class.
54