Chapter 2 Point-to-Point Connections.pdf

Full Transcript

7/9/2024

Connecting Networks v6.0

Chapter 2
Point-to-Point Connections

H.Swaih
1

Chapter 2 - Sections & Objectives
2.1 Serial Point-to-Point Overview
Configure HDLC encapsulation.
Explain the fundamentals of point-to-point serial communication across a WAN.
Configure HDLC encapsulation on a point-to-point serial link.
2.2 PPP Operation
Explain how PPP operates across a point-to-point serial link.
Compare PPP and HDLC.
Explain the PPP-layered architecture and the functions of LCP and NCP.
Explain how PPP establishes a session.

H.Swaih 2

1
 7/9/2024

Chapter 2 - Sections & Objectives (Cont.)
2.3 PPP Implementation
Configure PPP encapsulation.
Configure PPP encapsulation on a point-to-point serial link.
Configure PPP authentication.
2.4 Troubleshoot WAN Connectivity
Troubleshoot PPP.
Troubleshoot PPP using show and debug commands.

H.Swaih 3

Serial Point-to-Point Overview

H.Swaih 4

2
 7/9/2024

Serial Communications
Serial and Parallel Ports

Serial Point-to-Point Connection

A WAN is owned by a service provider and a LAN is typically owned by an organization.
Point-to-point connections are used to connect LANs to service provider WANs.
– Also referred to as a serial connection or leased-line connection.
Pay for a continuous connection between two remote sites
Reserved circuit

H.Swaih 5

Serial Communications
Serial and Parallel Ports (Cont.)

Serial Communication  On most PCs, parallel ports and
RS-232 serial ports have been
 Method of data transmissions in which the bits are transmitted
replaced by the higher speed
sequentially (i.e one bit at a time) over a single channel. serial Universal Serial Bus
parallel communication (USB) interfaces.
 parallel communication transmits multiple bits simultaneously
over multiple wires.
H.Swaih 6

3
 7/9/2024

Serial Communications
Serial and Parallel Ports (Cont.)
Serial vs Parallel Communications
Serial Communication
– They use a lower data transfer rate.
– Serial ports require fewer wires, often only 3 (Tx, Rx, Ground).
While it's true that the core serial communication only requires 3 signals - transmit (Tx), receive (Rx), and
ground (GND) - the physical serial port connectors typically have more pins.
The most common serial port standard is RS-232, which typically has the following pin configuration:
9-pin D-sub connector:
– Pin 1: DCD (Data Carrier Detect) , Pin 2: RxD (Receive Data), Pin 3: TxD (Transmit Data), Pin 4: DTR (Data
Terminal Ready), Pin 5: GND (Ground), Pin 6: DSR (Data Set Ready), Pin 7: RTS (Request to Send), Pin 8:
CTS (Clear to Send),Pin 9: RI (Ring Indicator)
– Common uses include connecting modems, mice, and older computer peripherals.
– Examples include RS-232, RS-422, and RS-485 serial port standards.
 parallel communication

ꟷ They have a higher data transfer rate, typically up to several megabits per second.

– Parallel ports require more wires, often 8 or more data lines.
– Common uses include connecting printers, scanners, and other high-speed peripherals.
H.Swaih 7

Serial Communications
Point-to-Point Communication Links
 Point-to-point link

 Used when permanent dedicated
connections are required
 Provides a single, pre-established
WAN communications path
 Path goes from the customer
premises, through the provider
network, to a remote destination,
as shown in the figure
 Can connect two geographically distant sites, such as a corporate office in New York and a regional
office in London
 Not limited to connections that cross land (undersea fiber-optics)
 Usually more expensive than shared services
 Constant availability is essential for some applications such as VoIP or video over IP.
H.Swaih 8
Voice Over IP

4
 7/9/2024

Serial Communications
Serial Bandwidth
 Bandwidth  In North America, expressed as a digital signal
 Refers to the rate at which data is transferred
level number (DS0, DS1, etc.), which refers to
over the communication link. the rate and format of the signal (See next sildes
9 & 10).
 Carrier technology will dictate how much
 Most fundamental line speed is 64 kb/s, or
bandwidth is available.
DS0. one channel
 North American (T-carrier) specification
 24 DS0s can be bundled to get a DS1 line (T1
 European (E-carrier) system line).
 U.S. Optical Carrier (OC) bandwidth points  28 DS1s can be bundled to get a DS3 line (T3
line).
 OC transmission rates are a set of standardized 28*24=672channel
each one 64kb/s
specifications for the transmission of digital bandwidth=672*64k=43Mb/s
signals carried on SONET fiber-optic networks.

H.Swaih 9

Serial Communications
Serial Bandwidth
T -1 C ircu it
Digital Hierarchy
D S -0 chan nels 1 thro ugh 2 4

1 2 3 4 5 6 7 ………… 24 Fram ing
… Inform ation
6 4 kb ps 64 k bp s 6 4 k bp s 6 4 kb ps 64 kbps 64 kbp s 64 kbps 64 k bps 6 4 kbp s 8 kb ps

DS-1 Frame 1.544 Mb/s
 ------------------------------------------------------------ D S -1 Fram e (1.544 M bp s) -----------
---------------------------------------------------

TDM (Time Division Multiplexing) is a communication process that transmits multiple digital signals
(channels) over a common medium.
T-1 (or really DS-1) is part of a hierarchy of standards known as the Digital Services Hierarchy.
The term T-1 was originated by the phone company as a specific type of equipment.
The term DS-1 refers to the actual signaling rate of 1.544Mbps.
– 8 bits per channel x 8,000 channels per second = 64,000 bps
Over the years the term T-1 has generally become synonymous with DS-1.

H.Swaih 10

5
 7/9/2024

N o r th A m e r ic a D S H ie r a r c h y
D ig ita l D a ta R a te N um ber of C o r r e s p o n d in g
S e r v ic e s D S -0 ’s T r a n s m is s io n S e r v ic e
D S -0 64 kbps 1 D S - 0 o r s w itc h e d 6 4 K
D S -1 1.5 4 4 M b p s 24 T -1
D S -2 3.1 5 2 M b p s 96 T -2
D S -3 4 4.7 3 6 M b p s 672 T -3
D S -4 2 7 4.1 7 6 M b p s 4 ,0 3 2 T -4

S O N E T ’s O C (O p tic a l C a r r ie r S ta n d a r d s )
Standards
D ig ita l S e r v ic e T r a n s m is s io n R a te
L evel  North American (T-carrier) specification
O C -1 5 1.8 4 0 M b p s
O C -3 1 5 5.5 2 M b p s  European (E-carrier) system
O C -1 2 6 2 2.0 8 M b p s
O C -2 4 1.2 4 4 G b p s  U.S. Optical Carrier (OC) bandwidth points
O C -3 6 1.8 6 6 G b p s
O C -4 8 2.4 8 8 G b p s OC transmission are standardized transmission for digital
O C –192 9.6 G b p s
signals carried on SONET fiber-optic networks.
C C I T T D ig it a l H ie r a r c h y - I n te r n a tio n a l S ta n d a r d s
D ig ita l D a ta R a te N um ber of C o r r e s p o n d in g
S e r v ic e s c h a n n e ls T r a n s m is s io n S e r v ic e
1 2.0 4 8 M b p s 30 E -1
2 8.4 4 8 M b p s 120 E -2
3 3 4.3 6 8 M b p s 480 E -3
4 1 3 9.2 6 4 M b p s 1 ,9 2 0 E -4
5 5 6 5.1 4 8 M b p s 7 ,6 8 H.Swaih
0 E -5 11

HDLC Encapsulation
WAN Encapsulation Protocols Layer 2 WAN Protocols
HDLC (High-Level Data Link Control) - Default
Synchronous circuit encapsulation on point-to-point connections,
dedicated links, and circuit-switched
connections when the link uses two Cisco
devices.
PPP - Provides router-to-router and host-to-
Asynchronous circut
network
Has built-in security mechanisms such
as PAP and CHAP
In terms of data transmission, synchronous
("with time" - a common timing signal is used
Serial Line Internet Protocol (SLIP) - Displaced by PPP between hosts) and asynchronous ("without
respect to time" - no clock or timing source is
needed - PSTN).

H.Swaih 12

6
 7/9/2024

HDLC Encapsulation
WAN Encapsulation Protocols
Synchronous Data Transmission:
In synchronous transmission, a common timing signal or clock is shared between the communicating hosts.
This shared clock allows the data to be transmitted and received in a synchronized manner, "in time" with the clock.
Synchronous transmission is commonly used for dedicated leased lines, ISDN, and other WAN links that provide a
dedicated timing source.
Synchronous protocols like Cisco HDLC and frame relay rely on this shared timing to ensure reliable, high-speed
data transfer.
Asynchronous Data Transmission:
Asynchronous transmission does not require a shared clock or timing signal between the hosts.
Each host transmits data independently, without any specific timing requirements.
This makes asynchronous transmission well-suited for dial-up connections, like those used in the public switched
telephone network (PSTN).
Asynchronous protocols like the original serial PPP implementation are designed to work without any common
timing source between the endpoints.
Key Differences:
Synchronous transmission is generally faster and more efficient
Asynchronous transmission is more flexible, as it does not require a dedicated timing source, making it better suited
for dial-up and lower-speed connections.
PPP can operate in both synchronous and asynchronous modes, providing flexibility to work with different WAN link
types and requirements. H.Swaih 13

HDLC Encapsulation
Legacy Layer 2 WAN Protocols
WAN Encapsulation Protocols
X.25/Link Access Procedure,
Balanced (LAPB) - Predecessor to
Frame Relay.
– Within the X.25 protocol suite,
the data link layer protocol used
is called LAPB (Link Access
Procedure, Balanced).
Frame Relay - Data link layer
protocol that handles multiple
virtual circuits. After X.25
ATM - International standard for cell
relay in which devices send multiple
Serial Serial
service types, such as voice, video,
or data, in fixed-length (53-byte)
cells. Takes advantage of high-speed
transmission media such as E3,
Replaced by other Packet Switching technologies such as MPLS SONET, and T3..
H.Swaih 14

7
 7/9/2024

HDLC Encapsulation
 HDLC is a synchronous data link layer
HDLC Encapsulation protocol developed by the International
Organization for Standardization (ISO).
Standard HDLC to Cisco HDLC.  Defines a Layer 2 framing structure

 Default serial encapsulation on Cisco
routers.

 Protocol field makes it possible for a
single serial link to accommodate
multiple network-layer protocols.

ꟷ By including the Protocol field,
HDLC enables the multiplexing of
multiple network protocols over a
single serial link.
Uses a frame delimiter, or With an added protocol type field,
flag, to mark beginning and Cisco HDLC can only work with ꟷ The receiver can then demultiplex
end of each frame. other Cisco devices.
the incoming frames based on the
Protocol field value and pass them
to the appropriate network-layer
H.Swaih protocol stack. 15

HDLC Encapsulation
Configuring HDLC Encapsulation
 Use Cisco HDLC as a point-to-point protocol on leased lines between two Cisco devices.
 If connecting non-Cisco devices, use synchronous PPP.
 If the default encapsulation method has been changed, use the encapsulation hdlc command in
interface
R1 configuration mode to re-enable HDLC. R2

R1(config)# interface serial 0/0/0
R1(config-if)# encapsulation hdlc

R2(config)# interface serial 0/0/0
R2(config-if)# encapsulation hdlc
H.Swaih 16

8
 7/9/2024

HDLC Encapsulation
Troubleshooting a Serial Interface
 The show interfaces serial x/x/x command displays information specific to serial
interfaces.
 When HDLC is configured, “encapsulation HDLC” should be reflected in the output as
highlighted in the figure.
 “Serial 0/0/0 is up, line protocol is up”, indicates that the line is up and functioning.

H.Swaih 17

HDLC Encapsulation
Troubleshooting a Serial Interface (Cont.)

Serial interface issues
associated with state, and
how to troubleshoot the
issue.

H.Swaih 18

9
 7/9/2024

HDLC Encapsulation
Troubleshooting a Serial Interface (Cont.)
Show controllers command output indicates the state of the interface channels and
whether a cable is attached to the interface
– In the figure, interface serial 0/0/0 has a V.35 DCE cable attached.
“UNKNOWN” instead of “V.35”, “EIA/TIA-449”, or some other electrical interface type,
the likely problem is an improperly connected cable.

H.Swaih 19

PPP Operations: LCP and NCP

H.Swaih 20

10
 7/9/2024

Benefits of PPP
Introducing PPP
PPP encapsulates data frames for transmission over Layer 2 physical links.
PPP establishes a direct connection using a variety of physical media and communication
links, including: serial cables, phone lines, trunk lines, cellular telephones, specialized radio
links, or fiber-optic links.

H.Swaih 21

Benefits of PPP
Introducing PPP
PPP contains three main
components:
– HDLC-like framing for
transporting multiprotocol
packets over point-to-point links.
– Network Control Protocols
(NCPs) for establishing and
configuring different network
layer protocols (IPv4 and IPv6
Control Protocol).
– Extensible Link Control Protocol
(LCP) for establishing, configuring,
and testing the data-link
connection.
H.Swaih 22

11
 7/9/2024

Benefits of PPP
Advantages of PPP
PPP includes many features not available in HDLC:
– The link quality management feature (LQM) monitors the quality of the link.
If the error percentage falls below the configured threshold,
– Link is taken down
– Packets are rerouted or dropped.
– PPP supports authentication with:
PAP (Password Authentication Protocol)
CHAP (Challenge Handshake Authentication Protocol)

H.Swaih 23

LCP and NCP
PPP Layered Architecture
The figure maps the layered
architecture of PPP against the
Open System Interconnection (OSI)
model.
PPP and OSI share the same
physical layer, but PPP distributes
the functions of LCP and NCP
differently.
PPP requires a full-duplex circuit,
either dedicated or switched, that
can operate in an asynchronous or
synchronous bit-serial mode.
Most of the work done by PPP
happens at the data link and
network layers, by LCP and NCPs.
H.Swaih 24

12
 7/9/2024

LCP and NCP
PPP – Link Control Protocol (LCP)
PPP defines the Link Control Protocol (LCP).
The job of the LCP is to establish, configure, and test the data-link
connection. In other words, LCP is responsible for negotiating and
establishing the initial PPP connection between the link partners.
– Handling varying limits on packet size: 1500 byte
LCP allows the link partners to negotiate the maximum
transmission unit (MTU) size that can be supported over the
link.
– Detecting common misconfiguration errors:
LCP can identify and report configuration errors that may
occur during the negotiation process.
– Terminating the link:
LCP provides mechanisms to gracefully terminate the PPP
connection when needed.
– Determining when a link is functioning properly or when it is
failing:
LCP monitors the status of the link and can detect when the
connection is experiencing issues. H.Swaih 25

LCP and NCP
PPP – Link Control Protocol (LCP)
These packets (LCP packets) allow link partners to
dynamically negotiate link options:
– Authentication:
LCP supports authentication protocols like PAP and
CHAP to verify the identities of the link partners.
– Compression (Stacker or Predictor):
LCP can negotiate the use of data compression
algorithms, such as Stacker or Predictor, to optimize
bandwidth utilization.
– Multilink PPP:
LCP enables the use of Multilink PPP, which allows
the aggregation of multiple physical links into a
single logical link.
– Callback:
LCP supports the callback feature, where one link
partner can request the other to initiate a callback
connection.
H.Swaih 26

13
 7/9/2024

LCP and NCP
PPP – Network Control Protocol (NCP)
Once the LCP establishes the Layer 2 connection, the
Network Control Protocol (NCP) takes over.
Link partners exchange NCP packets to establish and
configure different network-layer protocols including
IPv4 or IPv6
– PPP permits multiple network layer protocols to
operate on the same communications link.
Each Layer 3 protocol has its own NCP, as shown in the figure. IPv4 uses IP Control Protocol and IPv6 uses IPv6
Control Protocol.
NCPs include functional fields containing standardized codes to indicate the network layer protocol that PPP
encapsulates.
– Value 0x8021 = IPCP
– Value 0x8057 = IPv6CP
– Value 0x8033 - Password Authentication Protocol (PAP)
– Value 0xC023 - Challenge Handshake Authentication Protocol (CHAP)
When a host requests that the connection be terminated:
– NCP tears down the Layer 3 sessions
– Then the LCP tears down the data link H.Swaih 27

H.Swaih 28

14
 7/9/2024

LCP and NCP
PPP Frame Structure
size byte

PPP Frame Fields

Flag - A single byte that indicates the beginning or end of a frame. The Flag field consists of the binary
sequence 01111110.
Address - A single byte that contains the binary sequence 11111111, the standard broadcast address
Control - A single byte that contains the binary sequence 00000011, which calls for transmission of
user data in an unsequenced frame.
Protocol - Two bytes that identify the protocol encapsulated in the data field of the frame.
Data - Zero or more bytes that contain the datagram for the protocol specified in the protocol field.
Frame Check Sequence (FCS) – This is normally 16 bits (2 bytes). If the receiver’s calculation of the
FCS does not match the FCS in the PPP frame, the PPP frame is silently discarded

H.Swaih 29

PPP Sessions
Establishing a PPP Session
Phase 1: Link establishment and configuration
negotiation - Before PPP exchanges any network layer
datagrams, such as IP, the LCP must first open the
connection and negotiate configuration options.
Phase 2: Link quality determination (optional) - The LCP
tests the link to determine whether the link quality is
sufficient to bring up network layer protocols.
– This may involve running various tests and
measurements to evaluate the link's characteristics,
such as error rates, throughput, and reliability.
– If the link quality is deemed insufficient, the PPP
session may be terminated or the negotiation may
be retried with different configuration options.
Phase 3: Network layer protocol configuration
negotiation - NCP can separately configure the network
layer protocols, and bring them up and take them down
at any time.
H.Swaih 30

15
 7/9/2024

PPP Sessions
LCP Operation Link Establishment

LCP operation includes provisions for 3
classes of LCP frames:
– Link-establishment frames establish
and configure a link (Configure-
Request, Configure-Ack, Configure-
Nak, and Configure-Reject). Responder processes the request:
– Link-maintenance frames manage Options not acceptable or not recognized: Responder
and debug a link (Code-Reject,
sends Configure-Nak or Configure-Reject message.
Protocol Reject, Echo-Request, Echo-
Reply, and Discard-Request). Options are acceptable: Responder sends with a
– Link-termination frames terminate Configure-Ack message
a link (Terminate-Request and ꟷ Goes to the authentication stage.
Terminate-Ack). ꟷ The operation of the link is handed over to the NCP.
Link establishment - LCP opens the
ꟷ When NCP has completed all necessary configurations,
connection and negotiates the
configuration parameters.
including validating authentication, the line is available
for data transfer. During the exchange of data, LCP
Initiating device sends Configure-
Request frame.
transitions into link maintenance.
H.Swaih 31

PPP Sessions
LCP Operation (Cont.)

During link maintenance, LCP can use
messages to provide feedback and test
the link.
– Echo-Request, Echo-Reply, and
Discard-Request - These frames can
be used for testing the link.
– Code-Reject and Protocol-Reject -
These frame types provide feedback
when one device receives an invalid
frame.
The sending device will resend the
packet. Link Maintenance

H.Swaih 32

16
 7/9/2024

PPP Sessions
LCP Operation (Cont.)
Link Termination
– After the transfer of data at the
network layer completes, the LCP
terminates the link.
– NCP only terminates the network
layer and NCP link.
The link remains open until the LCP
terminates it.
PPP terminates the link because of
– loss of the carrier
– authentication failure
– link quality failure
– expiration of an idle-period timer Device initiating the shutdown sends a Terminate-
– administrative closing of the link Request message. Other device replies with a
The LCP closes the link by exchanging Terminate-Ack.
H.Swaih 33
Terminate packets.

PPP Sessions
PPP Configuration Options

 Authentication using either
PAP or CHAP
 Compression using either
Stacker or Predictor
 Multilink that combines two
or more channels to increase
the WAN bandwidth

H.Swaih 34

17
 7/9/2024

PPP Sessions
NCP Explained

After LCP has established the link, the routers
exchange IPCP messages, negotiating options
specific to IPv4.

IPCP (IPv6CP) is responsible for configuring,
enabling, and disabling the IP modules on both
ends of the link.

IPCP (IPv6CP) negotiates two options:
Compression - devices to negotiate an algorithm to
compress TCP and IP headers.

IP-Address - initiating device specifies an IP address
to use for routing IP over the PPP link, or to request
an IP address for the responder.

After the NCP process is complete, the link goes
into the open state and LCP takes over again in a
H.Swaih link maintenance phase. 35

PPP Implementation
(Configuring PPP Encapsulation)

H.Swaih 36

18
 7/9/2024

Configure PPP
PPP Configuration Options

 Authentication – Two authentication choices are Password Authentication Protocol
(PAP) and Challenge Handshake Authentication Protocol (CHAP).
 Compression – Increases the effective throughput on PPP connections by reducing the
amount of data in the frame that must travel across the link. The protocol
decompresses the frame at its destination. Two compression protocols available in
Cisco routers are Stacker and Predictor.
 Error detection – Identifies fault conditions. The Quality and Magic Number options
help ensure a reliable, loop-free data link. The Magic Number field helps in detecting
links that are in a looped-back condition. Magic numbers are generated randomly at
each end of the connection.

Configure PPP
PPP Configuration Options

 PPP Callback – PPP callback is used to enhance security. With this LCP option, a Cisco
router can act as a callback client or a callback server. The client makes the initial call,
requests that the server call it back, and terminates its initial call. The callback router
answers the initial call and makes the return call to the client based on its configuration
statements.
 Multilink – This alternative provides load balancing over the router interfaces that PPP
uses. Multilink PPP provides a method for spreading traffic across multiple physical WAN
links while providing packet fragmentation and reassembly, proper sequencing,
multivendor interoperability, and load balancing on inbound and outbound traffic.

19
 7/9/2024

Configure PPP
PPP Basic Configuration Command
 Remember that if PPP is not configured on a Cisco router, the default
encapsulation for serial interfaces is HDLC.
 PPP is a Layer 2 encapsulation that supports various Layer 3 protocols
including IPv4 and IPv6.
R1 R2

R1(config)# interface serial 0/0/0
R1(config-if)# ip add 10.0.1.1 255.255.255.252
R1(config-if)# ipv6 add 2001:db8:cafe:1::1/64
R1(config-if)# encapsulation ppp

R2(config)# interface serial 0/0/0
R2(config-if)# ip add 10.0.1.2 255.255.255.252
R2(config-if)# ipv6 add 2001:db8:cafe:1::2/64
R2(config-if)# encapsulation ppp
H.Swaih 39

Configure PPP
PPP Link Quality Monitoring Command

 The ppp quality percentage command ensures that the
link meets the set quality requirement; otherwise, the
link closes down
R1 R2
 The percentages are calculated for both incoming and
outgoing directions.
 The outgoing quality is calculated by comparing the total
number of packets and bytes sent, to the total number of
packets and bytes received by the destination node.
 The incoming quality is calculated by comparing the total
number of packets and bytes received to the total
number of packets and bytes sent by the destination
node.

H.Swaih 40

20
 7/9/2024

Configure PPP
PPP Link Quality Monitoring Command
 Configuration ppp quality 80, as shown in the below, sets
minimum quality to 80%

R1 R2
R1(config)# interface serial 0/0/0
R1(config-if)# ip add 10.0.1.1 255.255.255.252
R1(config-if)# ipv6 add 2001:db8:cafe:1::1/64
R1(config-if)# encapsulation ppp
R1(config-if)# ppp quality 80

LQM maintains a count of the number
R2(config)# interface serial 0/0/0
of packets and octets transmitted and
R2(config-if)# ip add 10.0.1.2 255.255.255.252
successfully received, and periodically
R2(config-if)# ipv6 add 2001:db8:cafe:1::2/64
transmits this information to its peer
R2(config-if)# encapsulation ppp
in a Link Quality Report packet.
R2(config-if)# ppp quality 80
H.Swaih 41

Configure PPP
PPP Compression Commands
 Point-to-point software compression on serial interfaces
can be configured after PPP encapsulation is enabled.
 Because this option invokes a software compression
process,
R1 it can affect system performance. If the traffic R2
already consists of compressed files, such as.zip,.tar, or.mpeg, do not use this option.

PPP compress Command

*LZS: Lempel Ziv-Stac
H.Swaih 42

21
 7/9/2024

Configure PPP
PPP Compression Commands

R1(config)# interface serial 0/0/0
R1(config-if)# ip add 10.0.1.1 255.255.255.252
R1 R2
R1(config-if)# ipv6 add 2001:db8:cafe:1::1/64
R1(config-if)# encapsulation ppp
R1(config-if)# compress { predictor | stacker }

R2(config)# interface serial 0/0/0
R2(config-if)# ip add 10.0.1.2 255.255.255.252
R2(config-if)# ipv6 add 2001:db8:cafe:1::2/64
R2(config-if)# encapsulation ppp
R1(config-if)# compress { predictor | stacker }

H.Swaih 43

Configure PPP
PPP Multilink Commands
 Multilink PPP provides a method for spreading traffic across multiple physical WAN links.
 Configuring MPPP requires two steps:
Step 1. Create a multilink bundle.
ꟷ Use the interface multilink number global configuration command to create the multilink interface.
ꟷ In interface configuration mode, assign an IPv4 and/or IPv6 address to the multilink interface.
ꟷ Use the ppp multilink interface configuration command to enable multilink PPP.
ꟷ Use the ppp multilink group number interface configuration command to assign the multilink group
number.
Step 2. Assign each physical interface to the multilink bundle.
ꟷ Use the ppp encapsulation interface configuration command to enable PPP.
ꟷ Use the ppp multilink interface configuration command to enable multilink PPP.
ꟷ Use the ppp multilink group number interface configuration command to assign the multilink group
number.

H.Swaih 44

22
 7/9/2024

Configure PPP
PPP Multilink Commands
 To disable PPP multilink, use the no ppp multilink command on each of the bundled
interfaces.
 Multilink PPP (also referred to as MP, MPPP, MLP, or Multilink) provides a method
 for spreading traffic across multiple physical WAN links.
 MPPP allows packets to be fragmented and sends these fragments simultaneously
 over multiple point-to-point links to the same remote address.

H.Swaih 45

Configure PPP
PPP Multilink Commands
R3 and R4 PPP Multilink Configuration
R3(config)# interface Multilink 1 R4(config)# interface Multilink 1
R3(config-if)# ip address 10.0.1.1 R4(config-if)# ip address 10.0.1.2
255.255.255.252 255.255.255.252
R3(config-if)# ipv6 address R4(config-if)# ipv6 address
2001:db8:cafe:1::1/64 2001:db8:cafe:1::2/64
R3(config-if)# ppp multilink R4(config-if)# ppp multilink
R3(config-if)# ppp multilink group 1 R4(config-if)# ppp multilink group 1
R3(config-if)# interface Serial 0/1/0 R4(config-if)# interface Serial 0/0/0
R3(config-if)# no ip address R4(config-if)# no ip address
R3(config-if)# encapsulation ppp R4(config-if)# encapsulation ppp
R3(config-if)# ppp multilink R4(config-if)# ppp multilink
R3(config-if)# ppp multilink group 1 R4(config-if)# ppp multilink group 1
R3(config-if)# interface Serial 0/1/1 R4(config-if)# interface Serial 0/0/1
R3(config-if)# no ip address R4(config-if)# no ip address
R3(config-if)# encapsulation ppp R4(config-if)# encapsulation ppp
R3(config-if)# ppp multilink R4(config-if)# ppp multilink
R3(config-if)# ppp multilink group 1 R4(config-if)# ppp multilink group 1 46
H.Swaih

23
 7/9/2024

Configure PPP
Verifying PPP Configuration Verifying the Serial PPP Encapsulation Configuration
R2# show interfaces serial 0/0/0
 Use the show interfaces Serial0/0/0 is up, line protocol is up
serial command to verify Hardware is GT96K Serial
the proper configuration Internet address is 10.0.1.2/30
of HDLC or PPP MTU 1500 bytes, BW 1544 Kbit/sec, DLY 20000 usec,
encapsulation. The reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Open
command output in
Open: IPCP, IPV6CP, CCP, CDPCP, loopback not set
Figure shows a PPP Keepalive set (10 sec)
configuration. CRC checking enabled
Last input 00:00:02, output 00:00:02, output hang never
Last clearing of "show interface" counters 01:29:06
Input queue: 0/75/0/0 (size/max/drops/flushes); Total
output drops: 0
……
omitted
……
R2# H.Swaih 47

Configure PPP
Verifying PPP Configuration Verifying PPP Multilink Configuration
R3# show ppp multilink
The show interfaces Multilink1
command displays statistics Bundle name: R4
for all interfaces configured Remote Endpoint Discriminator: R4
on the router Any Name
Local Endpoint Discriminator: R3
The show ppp multilink
Bundle up for 00:01:20, total bandwidth 3088, load 1/255
command verifies that PPP
Receive buffer limit 24000 bytes, frag timeout 1000 ms
multilink is enabled on R3,
as shown in the figure. The 0/0 fragments/bytes in reassembly list
output indicates the 0 lost fragments, 0 reordered
interface Multilink 1, the 0/0 discarded fragments/bytes, 0 lost received
hostnames of both the local 0x2 received sequence, 0x2 sent sequence
and remote endpoints, and Member links: 2 active, 0 inactive (max 255, min not set)
the serial interfaces Se0/1/1, since 00:01:20
assigned to the multilink Se0/1/0, since 00:01:06
bundle. No inactive multilink interfaces
R3#

H.Swaih 48

24
 7/9/2024

Configure PPP Authentication
PPP Authentication Protocols
 PAP is a very basic two-way process with no
encryption.
 The username and password are sent in
plaintext. If it is accepted, the
connection is allowed.
 CHAP is more secure than PAP.

 It involves a three-way exchange of a
shared secret.
 The authentication phase of a PPP session is
optional.
 After LCP establishes the link and
chooses the authentication protocol.
 Before the network layer protocol
(NCP) configuration phase. H.Swaih 49

Configure PPP Authentication
Password Authentication Protocol (PAP)

Initiating PAP – R1 Sends its PAP username and
password to R3.

Note: PAP is not a strong authentication
Completing PAP – R3 Evaluates R1’s username
protocol. Using PAP, passwords are sent across
and password against its local database.
the link in plaintext and there is no protection
If it matches, it accepts the connection.
from playback or repeated trial-and-error
If not, it rejects the connection.
attacks.
H.Swaih 50

25
 7/9/2024

Configure PPP Authentication
Password Authentication Protocol (PAP)

PAP may be used in the following environments:
 A large installed base of client applications that do not support CHAP
 Incompatibilities between different vendor implementations of CHAP
 Situations in which a plaintext password must be available to simulate a login
at the remote host

H.Swaih 51

Configure PPP Authentication
Challenge Handshake Authentication Protocol (CHAP)

#1 R3 initiates the 3-way handshake and
sends a challenge message to R1.

#3 The local router checks the response against its own
calculation of the expected hash value.
If the values match, the initiating node
acknowledges the authentication.
#2 The remote node responds with a
value that is calculated using a one-way Note: CHAP provides protection against a playback attack by
using a variable challenge value that is unique and
hash function. This is typically Message
unpredictable. CHAP conducts periodic challenges to make
Digest 5 (MD5) based on the password sure that the remote node still has a valid password value.
and challenge message H.Swaih 52

26
 7/9/2024

Configure PPP Authentication
PPP Authentication Command
 To specify the order in which the CHAP or PAP protocols are requested on the interface,
use the ppp authentication interface configuration command. Use the no form of the
command to disable this authentication.
 PAP, CHAP, or both can be enabled. If both methods are enabled, the first method
specified is requested during link negotiation. If the peer suggests using the second
method or simply refuses the first method, the second method should be tried.

H.Swaih 53

Configuring PAP

DTE 172.25.3.0/24 DCE.2/S0 Serial.1/S0
hostname SantaCruz hostname HQ
username HQ password HQpass username SantaCruz password SantaCruzpass

interface Serial0 interface Serial0
ip address 172.25.3.2 255.255.255.0 ip address 172.25.3.1 255.255.255.0
encapsulation ppp encapsulation ppp
must ppp authentication pap ppp authentication pap
ppp pap sent-username SantaCruz ppp pap sent-username HQ
password SantaCruzpass password HQpass

H.Swaih 54

27
 7/9/2024

1
PAP PPP establish link

2
Configuration Request: PAP

3
4 Configuration ACK
SantaCruz looks up sent-
username and password for this
interface: sent-username SantaCruz and 6
5
password SantaCruzpass HQ looks up username SantaCruz
ppp pap sent-username and retrieves the password:
SantaCruz password
Yes, generate ACK username SantaCruz password
SantaCruzpass
message. SantaCruzpass
Same?

No, generate NACK
message.

H.Swaih 55

Configuring CHAP

DTE 172.25.3.0/24 DCE.2/S0 Serial.1/S0
hostname SantaCruz hostname HQ
username HQ password boardwalk username SantaCruz password boardwalk

interface Serial0 interface Serial0
ip address 172.25.3.2 255.255.255.0 ip address 172.25.3.1 255.255.255.0
encapsulation ppp encapsulation ppp
ppp authentication chap ppp authentication chap

Same shared password

H.Swaih 56

28
 7/9/2024

1
CHAP SantaCruz initiates call

2
3
Challenge labeled from HQ
SantaCruz looks up username HQ
(authentication name)
and retrieves the password:
username HQ password boardwalk

4 MD5 Hash Hash Value sent with 6
5 authentication name SantaCruz
Password fed HQ looks up username SantaCruz
Hash Value and retrieves the password:
into MD5 Hash
and generates a username SantaCruz password
Hash value boardwalk
Password fed
Yes, generate SUCCESS MD5 Hash into MD5 Hash
message. Same? and generates a
Hash Value Hash value
No, generate FAILURE
message. H.Swaih 57

Troubleshoot WAN Connectivity

H.Swaih 58

29
 7/9/2024

Troubleshooting PPP Serial Encapsulation

 debug command
must not be used
as a monitoring
tool

 meant to be used
for a short period
of time for
troubleshooting

 can consume a
significant amount
of resources

 MPPC (Microsoft
Point-to-Point
Compression)
H.Swaih 59

Troubleshoot PPP
Debug PPP

Use the debug ppp negotiation command to verify PPP negotiation.
Four possible points of failure in PPP negotiation:
– No response from the remote device.
– Link Control Protocol (LCP) not open.
– Authentication failure.
– IP Control Protocol (IPCP) failure. H.Swaih 60

30
 7/9/2024

Troubleshoot PPP
Debug PPP

Verify that the CHAP username and password are correct using debug ppp negotiation command.

H.Swaih 61

Troubleshoot PPP
Troubleshooting a PPP Configuration with Authentication

 In the last line, the code 4 means that a failure has occurred.

 Other code values are as follows:

 1 – Challenge 2 – Response 3 – Success 4 – Failure
 The last line also displays the ID number of the LCP packet (that is, id – 3) and its packet length (that is, len – 48) without
H.Swaih 62
the header.

31