2. PPP
PPP (Point-to-Point Protocol) is the successor of SLIP (Serial Line IP protocol), which provides router-to-router and host-to-network connections across synchronous and asynchronous circuits.
CHAP (Challenge Handshake Authentication Protocol) and PAP (Password Authentication Protocol) (PAP) are usually used to provide security authentication on serial lines encapsulated by PPP. Using CHAP and PAP authentication, each router is identified by name, which can prevent unauthorized access.
CHAP and PAP are detailed on RFC 1334.
1. Related Commands
Port Settings
Task Command
Set up PPP encapsulation ppp1
Set authentication method ppp authentication {chap | chap pap | pap chap | pap} [if-needed] [list-name | default] [callin]
Specify password username name password secret
Set the DCE terminal line speed clockrate speed
Note: 1. To use CHAP/PAP, you must use PPP encapsulation. When connecting to non-Cisco routers, PPP packaging is generally used, and routers from other manufacturers generally do not support Cisco's HDLC packaging protocol.
2. Give an example
The S0 ports of routers Router1 and Router2 both encapsulate the PPP protocol and use CHAP as authentication. A user should be established in Router1, and the host name of the peer router should be used as the user name, that is, the user name should be router2. At the same time, a user should be established in Router2, and the host name of the peer router should be used as the user name, that is, the user name should be router1. The passwords of the two users created must be the same.
Settings are as follows:
Router1:
hostname router1
username router2 password xxx
interface Serial0
ip address 192.200.10.1 255.255.255.0
clockrate 1000000
ppp authentication chap
!
Router2:
hostname router2
username router1 password xxx
interface Serial0
ip address 192.200.10.2 255.255.255.0
ppp authentication chap
!
Return to the directory
III. x.25
1. X25 technology
The X.25 specification corresponds to the OSI layer three, and the third layer of X.25 describes the format of packets and the process of packet exchange. The second layer of X.25 is implemented by LAPB (Link Access Procedure, Balanced), which defines the frame format for DTE/DCE connections. The first layer of X.25 defines electrical and physical port characteristics.
X.25 network equipment is divided into data terminal equipment (DTE), data circuit terminal equipment (DCE) and packet switching equipment (PSE). DTE is an X.25 end system, such as a terminal, computer or network host, which is generally located on the user side, and the Cisco router is a DTE device. DCE devices are dedicated communication devices such as modems and packet switches. PSE is the backbone switch of the public network.
X.25 defines a telephone network for data communication. Each x.25 port assigned to the user has an x.121 address. When the user applies for an SVC (switched virtual circuit), when the user on one end of the x.25 first calls the other party's x.121 address when accessing the user on the other end, and then one end of the receiving call can accept or reject it. If the request is accepted, the connection is established to realize data transmission. When there is no data transmission, the entire call process is similar to when we make a normal call. The difference is that x.25 can realize a point-to-multipoint connection. Among them, the x.121 address and htc must be the same parameters as the x.25 service provider. X.25 PVC (permanent virtual circuit), no call process, similar to DDN dedicated line.
2. Related commands:
Task Command
Set up X.25 package encapsulation x25 [dce]
Set X.121 address x25 address x.121-address
Set the address mapping of remote sites x25 map protocol address [protocol2 address2[...[protocol9 address9]]] x121-address [option]
Set the maximum number of bidirectional virtual circuits x25 htc citcuit-number1
Set the number of virtual circuits that can be established at the same time in one connection x25 nvc count2
Set the waiting period for x25 before clearing idle circuits x25 idle minutes
Restart x25, or clear an svc, and start a pvc-related parameter clear x25 {serial number | cmns-interface mac-address} [vc-number] 3
Clear x25 virtual circuit clear x25-vc
Display interfaces and x25 related information show interfaces serial show x25 interface show x25 map show x25 vc
Note: 1. The virtual circuit number is from 1 to 4095. The default Cisco router is 1024, and the domestic allocation is 16.
2. The count of virtual circuits is from 1 to 8, and the default is 1.
3. After changing the relevant parameters of each layer of x.25, you should restart x25 (using clear x25 {serial number | cmns-interface mac-address} [vc-number] or clear x25-vc command), otherwise the newly set parameters may not take effect. At the same time, the relevant parameters of the router should be configured according to the service provider's settings for the x.25 switch port. If the parameter mismatch occurs, it may lead to connection failure or other unexpected situations.
3. Example:
3.1. In the following example, each of the two routers is connected through SVC.
The router settings are as follows:
Router1:
interface Serial0
encapsulation x25
ip address 192.200.10.1 255.255.255.0
x25 address 110101
x25 htc 16
x25 nvc 2
x25 map ip 192.200.10.2 110102 broadcast
x25 map ip 192.200.10.3 110103 broadcast
!
Router2:
interface Serial0
encapsulation x25
ip address 192.200.10.2 255.255.255.0
x25 address 110102
x25 htc 16
x25 nvc 2
x25 map ip 192.200.10.1 110101 broadcast
x25 map ip 192.200.10.3 110103 broadcast
!
Router:
interface Serial0
encapsulation x25
ip address 192.200.10.3 255.255.255.0
x25 address 110103
x25 htc 16
x25 nvc 2
x25 map ip 192.200.10.1 110101 broadcast
x25 map ip 192.200.10.2 110102 broadcast
!
Related debugging commands:
clear x25-vc
show interfaces serial
show x25 map
show x25 route
show x25 vc
3.2. In the following example, router routers router1 and router2 are both connected to router through svc, but router1 and router2 are not directly connected through svc. The serial ports of these three routers run the RIP routing protocol and use the concept of sub-interfaces. Because of the use of sub-interfaces, router1 and router2 both learn the path to access the other party's LAN. If the sub-interfaces are not used, router1 and router2 will not learn the route to the other party's LAN.
A subinterface is multiple virtual interfaces on a physical interface, which can be used to connect multiple networks on the same physical interface. We know that to avoid routing loops, the router supports the split horizon rule, which only allows routing updates to be allocated to other interfaces of the router, and will not assign routing updates to the interfaces where this route is received.
In any case, when using connection-based interfaces (like X.25 and Frame Relay) in a WAN environment, when the same interface connects multiple remote routers through virtual circuits (vc), routing update information from the same interface cannot be sent back to the same interface unless a separate physical interface is forced to connect to different routers. Cisco provides subinterfaces as separate interfaces. You can logically connect the router to different subinterfaces of the same physical interface, so that routing updates from different subinterfaces can be assigned to other subinterfaces while meeting the split horizon law.
Router1:
interface Serial0
encapsulation x25
ip address 192.200.10.1 255.255.255.0
x25 address 110101
x25 htc 16
x25 nvc 2
x25 map ip 192.200.10.3 110103 broadcast
!
router rip
network 192.200.10.0
!
Router2:
interface Serial0
encapsulation x25
ip address 192.200.11.2 255.255.255.0
x25 address 110102
x25 htc 16
x25 nvc 2
x25 map ip 192.200.11.3 110103 broadcast
!
router rip
network 192.200.11.0
!
Router:
interface Serial0
encapsulation x25
x25 address 110103
x25 htc 16
x25 nvc 2
!
interface Serial0.1 point-to-point
ip address 192.200.10.3 255.255.255.0
x25 map ip 192.200.10.1 110101 broadcast
!
interface Serial0.2 point-to-point
ip address 192.200.11.3 255.255.255.0
x25 map ip 192.200.11.2 110102 broadcast
!
router rip
network 192.200.10.0
network 192.200.11.0
!
Return to the directory
Frame relay is a high-performance WAN protocol that runs on the physical and data link layers of the OSI reference model. It is a packet switching technology and is a simplified version of X.25. It omits some of the powerful functions of X.25, such as providing windowing technology and data retransmission technology, but relies on high-level protocols to provide error correction functions. This is because frame relay works on better WAN devices, which have more reliable connection services and higher reliability than X.25's WAN devices. It strictly corresponds to the lowest layer 2 of the OSI reference model, while X.25 also provides third layer services, so frame relay has higher performance and more efficient transmission efficiency than X.25.
The equipment of the frame relay wide area network is divided into data terminal equipment (DTE) and data circuit terminal equipment (DCE), and the Cisco router is used as the DTE equipment.
Frame relay technology provides communication to a connected data link layer, where a defined communication link exists between each pair of devices, and the link has a link identification code. This service is implemented through frame relay virtual circuits, each frame relay virtual circuit identifying itself with a Data Link Identification Code (DLCI). The value of DLCI is generally specified by the frame relay service provider. Frame relay supports PVC and SVC.
The Frame Relay Local Management Interface (LMI) is an extension to the basic frame relay standard. It is a signaling standard between routers and frame relay switches, providing a frame relay management mechanism. It provides many features for managing complex Internet networks, including global addressing, virtual circuit status messages, and multi-mesh transmission.
2. Related commands:
Port Settings
Task Command
Set Frame Relay encapsulation frame-relay[ietf] 1
Set Frame Relay LMI type frame-relay lmi-type {ansi | cisco | q933a}2
Setting up subinterface interface interface-type -number [multipoint|point-to-point]
Mapping protocol address and DLCI frame-relay map protocol protocol-address dlci [broadcast]3
Set FR DLCI number frame-relay interface-dlci dlci [broadcast]
Note: 1. If the Cisco router is connected to other manufacturer routing devices, use the frame relay encapsulation format specified by the Internet Engineering Task Force (IETF).
2. Starting from Cisco IOS version 11.2, the software supports "automatic feeling" for the local management interface (LMI). "automatic feeling" enables the interface to determine the LMI type supported by the switch, and users can not clearly configure the LMI interface type.
Options allow routing broadcast information to be transmitted on the frame relay network.
3. Frame relay point to point configuration example:
Router1:
interface serial 0
encapsulation frame-relay
!
interface serial 0.1 point-to-point
ip address 172.16.1.1 255.255.255.0
frame-reply interface-dlci 105
!
interface serial 0.2 point-to-point
ip address 172.16.2.1 255.255.255.0
frame-reply interface-dlci 102
!
interface serial 0.3 point-to-point
ip address 172.16.4.1 255.255.255.0
frame-reply interface-dlci 104
!
Router2:
interface serial 0
encapsulation frame-relay
!
interface serial 0.1 point-to-point
ip address 172.16.2.2 255.255.255.0
frame-reply interface-dlci 201
!
interface serial 0.2 point-to-point
ip address 172.16.3.1 255.255.255.0
frame-reply interface-dlci 203
!
Related debugging commands:
show frame-relay lmi
show frame-relay map
show frame-relay pvc
show frame-relay route
show interfaces serial
go top
4. Frame Relay Multipoint Configuration Example:
Router1:
interface serial 0
encapsulation frame-reply
!
interface serial 0.1 multipoint
ip address 172.16.1.2 255.255.255.0
frame-reply map ip 172.16.1.1 201 broadcast
frame-reply map ip 172.16.1.3 301 broadcast
frame-reply map ip 172.16.1.4 401 broadcast
!
Router2:
interface serial 0
encapsulation frame-reply
!
interface serial 0.1 multipoint
ip address 172.16.1.1 255.255.255.0
frame-reply map ip 172.16.1.2 102 broadcast
frame-reply map ip 172.16.1.3 102 broadcast
frame-reply map ip 172.16.1.4 102 broadcast
PPP (Point-to-Point Protocol) is the successor of SLIP (Serial Line IP protocol), which provides router-to-router and host-to-network connections across synchronous and asynchronous circuits.
CHAP (Challenge Handshake Authentication Protocol) and PAP (Password Authentication Protocol) (PAP) are usually used to provide security authentication on serial lines encapsulated by PPP. Using CHAP and PAP authentication, each router is identified by name, which can prevent unauthorized access.
CHAP and PAP are detailed on RFC 1334.
1. Related Commands
Port Settings
Task Command
Set up PPP encapsulation ppp1
Set authentication method ppp authentication {chap | chap pap | pap chap | pap} [if-needed] [list-name | default] [callin]
Specify password username name password secret
Set the DCE terminal line speed clockrate speed
Note: 1. To use CHAP/PAP, you must use PPP encapsulation. When connecting to non-Cisco routers, PPP packaging is generally used, and routers from other manufacturers generally do not support Cisco's HDLC packaging protocol.
2. Give an example
The S0 ports of routers Router1 and Router2 both encapsulate the PPP protocol and use CHAP as authentication. A user should be established in Router1, and the host name of the peer router should be used as the user name, that is, the user name should be router2. At the same time, a user should be established in Router2, and the host name of the peer router should be used as the user name, that is, the user name should be router1. The passwords of the two users created must be the same.
Settings are as follows:
Router1:
hostname router1
username router2 password xxx
interface Serial0
ip address 192.200.10.1 255.255.255.0
clockrate 1000000
ppp authentication chap
!
Router2:
hostname router2
username router1 password xxx
interface Serial0
ip address 192.200.10.2 255.255.255.0
ppp authentication chap
!
Return to the directory
III. x.25
1. X25 technology
The X.25 specification corresponds to the OSI layer three, and the third layer of X.25 describes the format of packets and the process of packet exchange. The second layer of X.25 is implemented by LAPB (Link Access Procedure, Balanced), which defines the frame format for DTE/DCE connections. The first layer of X.25 defines electrical and physical port characteristics.
X.25 network equipment is divided into data terminal equipment (DTE), data circuit terminal equipment (DCE) and packet switching equipment (PSE). DTE is an X.25 end system, such as a terminal, computer or network host, which is generally located on the user side, and the Cisco router is a DTE device. DCE devices are dedicated communication devices such as modems and packet switches. PSE is the backbone switch of the public network.
X.25 defines a telephone network for data communication. Each x.25 port assigned to the user has an x.121 address. When the user applies for an SVC (switched virtual circuit), when the user on one end of the x.25 first calls the other party's x.121 address when accessing the user on the other end, and then one end of the receiving call can accept or reject it. If the request is accepted, the connection is established to realize data transmission. When there is no data transmission, the entire call process is similar to when we make a normal call. The difference is that x.25 can realize a point-to-multipoint connection. Among them, the x.121 address and htc must be the same parameters as the x.25 service provider. X.25 PVC (permanent virtual circuit), no call process, similar to DDN dedicated line.
2. Related commands:
Task Command
Set up X.25 package encapsulation x25 [dce]
Set X.121 address x25 address x.121-address
Set the address mapping of remote sites x25 map protocol address [protocol2 address2[...[protocol9 address9]]] x121-address [option]
Set the maximum number of bidirectional virtual circuits x25 htc citcuit-number1
Set the number of virtual circuits that can be established at the same time in one connection x25 nvc count2
Set the waiting period for x25 before clearing idle circuits x25 idle minutes
Restart x25, or clear an svc, and start a pvc-related parameter clear x25 {serial number | cmns-interface mac-address} [vc-number] 3
Clear x25 virtual circuit clear x25-vc
Display interfaces and x25 related information show interfaces serial show x25 interface show x25 map show x25 vc
Note: 1. The virtual circuit number is from 1 to 4095. The default Cisco router is 1024, and the domestic allocation is 16.
2. The count of virtual circuits is from 1 to 8, and the default is 1.
3. After changing the relevant parameters of each layer of x.25, you should restart x25 (using clear x25 {serial number | cmns-interface mac-address} [vc-number] or clear x25-vc command), otherwise the newly set parameters may not take effect. At the same time, the relevant parameters of the router should be configured according to the service provider's settings for the x.25 switch port. If the parameter mismatch occurs, it may lead to connection failure or other unexpected situations.
3. Example:
3.1. In the following example, each of the two routers is connected through SVC.
The router settings are as follows:
Router1:
interface Serial0
encapsulation x25
ip address 192.200.10.1 255.255.255.0
x25 address 110101
x25 htc 16
x25 nvc 2
x25 map ip 192.200.10.2 110102 broadcast
x25 map ip 192.200.10.3 110103 broadcast
!
Router2:
interface Serial0
encapsulation x25
ip address 192.200.10.2 255.255.255.0
x25 address 110102
x25 htc 16
x25 nvc 2
x25 map ip 192.200.10.1 110101 broadcast
x25 map ip 192.200.10.3 110103 broadcast
!
Router:
interface Serial0
encapsulation x25
ip address 192.200.10.3 255.255.255.0
x25 address 110103
x25 htc 16
x25 nvc 2
x25 map ip 192.200.10.1 110101 broadcast
x25 map ip 192.200.10.2 110102 broadcast
!
Related debugging commands:
clear x25-vc
show interfaces serial
show x25 map
show x25 route
show x25 vc
3.2. In the following example, router routers router1 and router2 are both connected to router through svc, but router1 and router2 are not directly connected through svc. The serial ports of these three routers run the RIP routing protocol and use the concept of sub-interfaces. Because of the use of sub-interfaces, router1 and router2 both learn the path to access the other party's LAN. If the sub-interfaces are not used, router1 and router2 will not learn the route to the other party's LAN.
A subinterface is multiple virtual interfaces on a physical interface, which can be used to connect multiple networks on the same physical interface. We know that to avoid routing loops, the router supports the split horizon rule, which only allows routing updates to be allocated to other interfaces of the router, and will not assign routing updates to the interfaces where this route is received.
In any case, when using connection-based interfaces (like X.25 and Frame Relay) in a WAN environment, when the same interface connects multiple remote routers through virtual circuits (vc), routing update information from the same interface cannot be sent back to the same interface unless a separate physical interface is forced to connect to different routers. Cisco provides subinterfaces as separate interfaces. You can logically connect the router to different subinterfaces of the same physical interface, so that routing updates from different subinterfaces can be assigned to other subinterfaces while meeting the split horizon law.
Router1:
interface Serial0
encapsulation x25
ip address 192.200.10.1 255.255.255.0
x25 address 110101
x25 htc 16
x25 nvc 2
x25 map ip 192.200.10.3 110103 broadcast
!
router rip
network 192.200.10.0
!
Router2:
interface Serial0
encapsulation x25
ip address 192.200.11.2 255.255.255.0
x25 address 110102
x25 htc 16
x25 nvc 2
x25 map ip 192.200.11.3 110103 broadcast
!
router rip
network 192.200.11.0
!
Router:
interface Serial0
encapsulation x25
x25 address 110103
x25 htc 16
x25 nvc 2
!
interface Serial0.1 point-to-point
ip address 192.200.10.3 255.255.255.0
x25 map ip 192.200.10.1 110101 broadcast
!
interface Serial0.2 point-to-point
ip address 192.200.11.3 255.255.255.0
x25 map ip 192.200.11.2 110102 broadcast
!
router rip
network 192.200.10.0
network 192.200.11.0
!
Return to the directory
Frame relay is a high-performance WAN protocol that runs on the physical and data link layers of the OSI reference model. It is a packet switching technology and is a simplified version of X.25. It omits some of the powerful functions of X.25, such as providing windowing technology and data retransmission technology, but relies on high-level protocols to provide error correction functions. This is because frame relay works on better WAN devices, which have more reliable connection services and higher reliability than X.25's WAN devices. It strictly corresponds to the lowest layer 2 of the OSI reference model, while X.25 also provides third layer services, so frame relay has higher performance and more efficient transmission efficiency than X.25.
The equipment of the frame relay wide area network is divided into data terminal equipment (DTE) and data circuit terminal equipment (DCE), and the Cisco router is used as the DTE equipment.
Frame relay technology provides communication to a connected data link layer, where a defined communication link exists between each pair of devices, and the link has a link identification code. This service is implemented through frame relay virtual circuits, each frame relay virtual circuit identifying itself with a Data Link Identification Code (DLCI). The value of DLCI is generally specified by the frame relay service provider. Frame relay supports PVC and SVC.
The Frame Relay Local Management Interface (LMI) is an extension to the basic frame relay standard. It is a signaling standard between routers and frame relay switches, providing a frame relay management mechanism. It provides many features for managing complex Internet networks, including global addressing, virtual circuit status messages, and multi-mesh transmission.
2. Related commands:
Port Settings
Task Command
Set Frame Relay encapsulation frame-relay[ietf] 1
Set Frame Relay LMI type frame-relay lmi-type {ansi | cisco | q933a}2
Setting up subinterface interface interface-type -number [multipoint|point-to-point]
Mapping protocol address and DLCI frame-relay map protocol protocol-address dlci [broadcast]3
Set FR DLCI number frame-relay interface-dlci dlci [broadcast]
Note: 1. If the Cisco router is connected to other manufacturer routing devices, use the frame relay encapsulation format specified by the Internet Engineering Task Force (IETF).
2. Starting from Cisco IOS version 11.2, the software supports "automatic feeling" for the local management interface (LMI). "automatic feeling" enables the interface to determine the LMI type supported by the switch, and users can not clearly configure the LMI interface type.
Options allow routing broadcast information to be transmitted on the frame relay network.
3. Frame relay point to point configuration example:
Router1:
interface serial 0
encapsulation frame-relay
!
interface serial 0.1 point-to-point
ip address 172.16.1.1 255.255.255.0
frame-reply interface-dlci 105
!
interface serial 0.2 point-to-point
ip address 172.16.2.1 255.255.255.0
frame-reply interface-dlci 102
!
interface serial 0.3 point-to-point
ip address 172.16.4.1 255.255.255.0
frame-reply interface-dlci 104
!
Router2:
interface serial 0
encapsulation frame-relay
!
interface serial 0.1 point-to-point
ip address 172.16.2.2 255.255.255.0
frame-reply interface-dlci 201
!
interface serial 0.2 point-to-point
ip address 172.16.3.1 255.255.255.0
frame-reply interface-dlci 203
!
Related debugging commands:
show frame-relay lmi
show frame-relay map
show frame-relay pvc
show frame-relay route
show interfaces serial
go top
4. Frame Relay Multipoint Configuration Example:
Router1:
interface serial 0
encapsulation frame-reply
!
interface serial 0.1 multipoint
ip address 172.16.1.2 255.255.255.0
frame-reply map ip 172.16.1.1 201 broadcast
frame-reply map ip 172.16.1.3 301 broadcast
frame-reply map ip 172.16.1.4 401 broadcast
!
Router2:
interface serial 0
encapsulation frame-reply
!
interface serial 0.1 multipoint
ip address 172.16.1.1 255.255.255.0
frame-reply map ip 172.16.1.2 102 broadcast
frame-reply map ip 172.16.1.3 102 broadcast
frame-reply map ip 172.16.1.4 102 broadcast