Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking

Chapter 21

advertisement 
CCNA Routing and
Switching Study Guide
Chapter 21: Wide Area
Networks
Instructor & Todd Lammle
Chapter 21 Objectives
The ICND2 Topics Covered in this chapter
include:
• IP Routing Technologies
–
•
Configure and verify operation status of a Serial interface.
WAN Technologies
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
Identify different WAN Technologies
Metro Ethernet
VSAT
Cellular 3G / 4G
MPLS
T1 / E1
ISDN
DSL
Frame relay
Cable
VPN
Configure and verify a basic WAN serial connection
Configure and verify a PPP connection between Cisco routers
2
Configure and verify Frame Relay on Cisco routers
Implement and troubleshoot PPPoE
Chapter 21 Objectives (con’t)
The ICND2 Topics Covered in this chapter
include:
• Troubleshooting
– Troubleshoot and Resolve WAN implementation
issues
– Serial interfaces
– PPP
– Frame relay
3
WAN terms
WAN connection types
Broadband access using
cable or DSL
Cable network and terms
xDSL connection from
home user to central
office. All types of DSL are
layer 1 technologies.
PPPoE with ADSL
DTE-DCE-DTE WAN
DTE-DCE-DTE WAN connection: Clocking is typically provided
by the DCE network to routers. In nonproduction
environments, a DCE network is not always present.
Cisco’s HDLC frame format:
Each vendor’s HDLC has a proprietary data field to support
multiprotocol environments.
Configuring Cisco’s HDLC
proprietary WAN encapsulation
Corp(config)#int s0/0
Corp(config-if)#ip address 172.16.10.1 255.255.255.252
Corp(config-if)#no shut
Corp#sh int s0/0
Serial0/0 is up, line protocol is up
Hardware is PowerQUICC Serial
Internet address is 172.16.10.1/30
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation HDLC, loopback not set
Keepalive set (10 sec)
PPP protocol stack compared
to the OSI reference model.
PPP session establishment
PPP authentication
example
Failed PPP authentication
Mismatched WAN
encapsulations
Mismatched IP addresses
Before Frame Relay
After Frame Relay
DLCIs are local to your
router
RouterA uses DLCI 100 to send data to RouterB.
Configuring Subinterfaces
Corp(config)#int s0/0
Corp(config-if)#no shut
Corp(config-if)#encapsulation frame-relay
Corp(config-if)#int s0/0.102 ?
multipoint
Treat as a multipoint link
point-to-point Treat as a point-to-point link
Corp(config-if)#int s0/0.102 point-to-point
Corp(config-subif)#ip address 10.1.12.1 255.255.255.0
Corp(config-subif)#frame-relay interface-dlci 102
Corp(config-subif)#int s0/0.103
Corp(config-subif)#ip address 10.1.13.1 255.255.255.0
Corp(config-subif)#frame-relay interface-dlci 103
Frame Relay mappings
So why can’t RouterA talk to RouterB across the Frame Relay
network in the Figure. To find that out, take a close look at the
frame-relay map statement. See the problem now? You cannot use
a remote DLCI to communicate to the Frame Relay switch; you must
use your DLCI number! The mapping should have included DLCI 100
instead of DLCI 200.
Frame Relay routing
problems
The correct line for RouterA would look like this:
frame-relay map ip 172.16.100.1 100 broadcast
Frame Relay OSPF routing
problems
Since Frame Relay nonbroadcast multi-access (NBMA) networks won’t
allow broadcasts or multicasts, an OSPF router will not attempt to
dynamically discover any OSPF neighbors on the Frame-Relay interface.
Also, since this means that elections won’t be allowed, you’d have to
statically configure OSPF neighbors, plus the Corp router would need to
be configured as a DR. But the easiest way to fix this problem is to use
the command ip ospf network point-to-multipoint on all router FrameRelay interfaces.
Frame Relay EIGRP routing
problems
The hosts behind the Corp router can communicate to all hosts in all
remote networks, but hosts in SF, LA, and NY cannot communicate to
each other.
Let’s take a look at the configuration of the Corp router:
interface Serial0/0
ip address 192.168.10.1 255.255.255.0
encapsulation frame-relay
frame-relay interface-dlci 101
frame-relay interface-dlci 102
frame-relay interface-dlci 103
We can solve this problem
with subinterfaces.
Take a look at the Corp router’s new configuration with
subinterfaces, which solves the split horizon issues. Here are the
steps to take:
1. Remove the IP address and interface-dlci commands from under the
physical interface.
2. Create a subinterface (logical interface) for each PVC.
3. Design and implement a separate subnet (address space) for each
subinterface.
4. Add the command frame-relay interface-dlci dlci under each
subinterface.
interface Serial0/0
no ip address (notice there is no IP address on the physical interface!)
encapsulation frame-relay
!
interface Serial0/0.101 point-to-point
ip address 192.168.10.1 255.255.255.252
frame-relay interface-dlci 101
!
interface Serial0/0.102 point-to-point
ip address 192.168.10.5 255.255.255.252
frame-relay interface-dlci 102
!
interface Serial0/0.103 point-to-point
ip address 192.168.10.9 255.255.255.252
frame-relay interface-dlci 103
!
Example of using a VPN
Benefits of VPNs
Security
VPNs can provide very good security by using advanced encryption and
authentication protocols, which will help protect your network from
unauthorized access. IPsec and SSL fall into this category. Secure Sockets Layer
(SSL) is an encryption technology used with web browsers, which has native
SSL encryption, and are known as Web VPN. You can also use the Cisco
AnyConnect SSL VPN client installed on you PC to provide a SSL VPN solution,
as well as the Clientless Cisco SSL VPN.
Cost Savings
By connecting the corporate remote offices to their closest Internet provider,
and then creating a VPN tunnel with encryption and authentication, I gain a
huge savings over opting for traditional leased point-to-point lines. This also
permits higher bandwidth links and security, all for far less money than
traditional connections.
Scalability
VPNs scale very well to quickly bring up new offices or have mobile users
connect securely while traveling or when connecting from home.
Compatibility with broadband technology
For remote and traveling users and remote offices, any Internet access can
provide a connection to the corporate VPN. This allows users to take
advantage of the high-speed Internet access of DSL or cable modems.
Generic Routing Encapsulation
(GRE) tunnel structure
Written Labs and Review
Questions
– Read through the Exam Essentials section
together in class
– Open your books and go through all the
written labs and the review questions.
– Review the answers in class.
31
Related documents
Chapter21
Chapter21
SM Development Corporation Two E-Com Center
SM Development Corporation Two E-Com Center
Immigration in the early 20th century
Immigration in the early 20th century
course objectives
course objectives
Frame Relay
Frame Relay
C H A B O T O L L E G E
C H A B O T O L L E G E
Download
advertisement