Download presentation
Presentation is loading. Please wait.
1
© 1999, Cisco Systems, Inc. 12-1 第十二章 建立串行的点对点连接
2
© 1999, Cisco Systems, Inc. www.cisco.com ICND—12-2 通过本章的学习,您应该掌握以下内容: 在广域网的串行口上配置 HDLC 和 PPP 协议 在一个 PPP 连接内配置 PAP 和 CHAP 验证 查看点到点的 HDLC 和 PPP 协议配置情况 本章目标
3
© 1999, Cisco Systems, Inc. www.cisco.com ICND—12-3 WAN 概述 Service Provider 广域网连接的场所 根据用户不同的需求提供不同的连接方案
4
© 1999, Cisco Systems, Inc. www.cisco.com ICND—12-4 专线 同步串口 Telephone Company 电路交换 异步串口 Service Provider 包交换 同步串口 广域网连接类型 : 物理层
5
© 1999, Cisco Systems, Inc. www.cisco.com ICND—12-5 Point-to-point or circuit-switched connection CO Switch Customer Premises Equipment Demarcation Local Loop WAN service provider toll network Trunks and switches 广域网的服务提供 服务商给用户分配线路的参数 SS SSS SS
6
© 1999, Cisco Systems, Inc. www.cisco.com ICND—12-6 Router connections Network connections at the CSU/DSU EIA/TIA-232EIA/TIA-449EIA-530V.35X.21 CSU/ DSU End user device Service Provider DTE DCE PPP 的串口连接
7
© 1999, Cisco Systems, Inc. www.cisco.com ICND—12-7 专线 包交换 PPP, SLIP, HDLC HDLC, PPP, SLIP 电路交换 X.25, Frame Relay, ATM 广域网连接类型 : 数据链路层 Telephone Company Service Provider
8
© 1999, Cisco Systems, Inc. www.cisco.com ICND—12-8 FlagAddressControlDataFCSFlag HDLC 支持单一的协议环境 FlagAddressControlProprietaryDataFCSFlag Cisco HDLC HDLC 帧格式 Cisco 的 HDLC 具有 proprietary 字节提供对多协议环境的支持
9
© 1999, Cisco Systems, Inc. www.cisco.com ICND—12-9 HDLC 命令 Router(config-if)#encapsulation hdlc 启用 HDLC 封装 HDLC 是同步串口的缺省封装格式
10
© 1999, Cisco Systems, Inc. www.cisco.com ICND—12-10 PPP Encapsulation TCP/IP Novell IPX AppleTalk Multiple protocol encapsulations using NCPs in PPP PPP 可以通过 NCP 携带多个协议的数据包 PPP 可以通过 LCP 建立和控制连接 Link setup and control using LCP in PPP PPP 综述
11
© 1999, Cisco Systems, Inc. www.cisco.com ICND—12-11 Synchronous or Asynchronous Physical Media Link Control Protocol Authentication, other options Network Control Protocol PPP Data Link Layer Physical Layer Network Layer IPCPIPXCP Many Others IPIPXLayer 3 Protocols PPP 分层结构 PPP—A data link with network-layer services
12
© 1999, Cisco Systems, Inc. www.cisco.com ICND—12-12 Feature How It OperatesProtocol Authentication PAP CHAPPerform Challenge Handshake Require a password Compression Compress data at source; reproduce data at destination Stacker or Predictor Error Detection Avoid frame looping Monitor data dropped on link Magic Number Multilink Load balancing across multiple links Multilink Protocol (MP) PPP LCP 配置选项
13
© 1999, Cisco Systems, Inc. www.cisco.com ICND—12-13 PPP 验证概述 两种 PPP 验证协议 : PAP 和 CHAP PPP 会话的建立 1 链路建立 2 验证阶段 3 网路层协议连接 Dialup or Circuit-Switched Network
14
© 1999, Cisco Systems, Inc. www.cisco.com ICND—12-14 密码明文传输 验证两端是同等的 选择 PPP 验证协议 Remote Router (SantaCruz) Central-Site Router (HQ) Hostname: santacruz Password: boardwalk username santacruz password boardwalk PAP 2-Way Handshake “santacruz, boardwalk” Accept/Reject
15
© 1999, Cisco Systems, Inc. www.cisco.com ICND—12-15 选择 PPP 验证协议 Remote Router (SantaCruz) Central-Site Router (HQ) Hostname: santacruz Password: boardwalk username santacruz password boardwalk CHAP 3-Way Handshake Challenge Response Accept/Reject 密码是加密的
16
© 1999, Cisco Systems, Inc. www.cisco.com ICND—12-16 配置 PPP 验证总述 Service Provider Verify who you are. Router to Be Authenticated (The router that initiated the call.) ppp encapsulation hostname username / password ppp authentication Authenticating Router (The router that received the call.) ppp encapsulation hostname username / password ppp authentication Enabling PPP Enabling PPP Authentication Enabling PPP Enabling PPP Authentication
17
© 1999, Cisco Systems, Inc. www.cisco.com ICND—12-17 配置 PPP Router(config-if)#encapsulation ppp 激活 PPP 验证
18
© 1999, Cisco Systems, Inc. www.cisco.com ICND—12-18 配置 PPP 验证 Router(config)#hostname name 给路由器命名 Router(config)#username name password password 提供需要验证的路由器的名称和密码
19
© 1999, Cisco Systems, Inc. www.cisco.com ICND—12-19 配置 PPP 验证 Router(config-if)#ppp authentication {chap | chap pap | pap chap | pap} 激活 PAP 或 CHAP 验证
20
© 1999, Cisco Systems, Inc. www.cisco.com ICND—12-20 CHAP 配置举例 hostname left username right password sameone ! int serial 0 ip address 10.0.1.1 255.255.255.0 encapsulation ppp ppp authentication CHAP hostname left username right password sameone ! int serial 0 ip address 10.0.1.1 255.255.255.0 encapsulation ppp ppp authentication CHAP hostname right username left password sameone ! int serial 0 ip address 10.0.1.2 255.255.255.0 encapsulation ppp ppp authentication CHAP hostname right username left password sameone ! int serial 0 ip address 10.0.1.2 255.255.255.0 encapsulation ppp ppp authentication CHAP Left router Right router PSTN/ISDN
21
© 1999, Cisco Systems, Inc. www.cisco.com ICND—12-21 查看 HDLC 和 PPP 的封装 Router#show interface s0 Serial0 is up, line protocol is up Hardware is HD64570 Internet address is 10.140.1.2/24 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, rely 255/255, load 1/255 Encapsulation PPP, loopback not set, keepalive set (10 sec) LCP Open Open: IPCP, CDPCP Last input 00:00:05, output 00:00:05, output hang never Last clearing of "show interface" counters never Queueing strategy: fifo Output queue 0/40, 0 drops; input queue 0/75, 0 drops 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 38021 packets input, 5656110 bytes, 0 no buffer Received 23488 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 38097 packets output, 2135697 bytes, 0 underruns 0 output errors, 0 collisions, 6045 interface resets 0 output buffer failures, 0 output buffers swapped out 482 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up
22
© 1999, Cisco Systems, Inc. www.cisco.com ICND—12-22 利用 debug ppp authentication 命令 查看 PPP 验证 4d20h: %LINK-3-UPDOWN: Interface Serial0, changed state to up 4d20h: Se0 PPP: Treating connection as a dedicated line 4d20h: Se0 PPP: Phase is AUTHENTICATING, by both 4d20h: Se0 CHAP: O CHALLENGE id 2 len 28 from ”left" 4d20h: Se0 CHAP: I CHALLENGE id 3 len 28 from ”right" 4d20h: Se0 CHAP: O RESPONSE id 3 len 28 from ”left" 4d20h: Se0 CHAP: I RESPONSE id 2 len 28 from ”right" 4d20h: Se0 CHAP: O SUCCESS id 2 len 4 4d20h: Se0 CHAP: I SUCCESS id 3 len 4 4d20h: dialer Protocol up for Se0 4d20h: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to up 4d20h: %LINK-3-UPDOWN: Interface Serial0, changed state to up 4d20h: Se0 PPP: Treating connection as a dedicated line 4d20h: Se0 PPP: Phase is AUTHENTICATING, by both 4d20h: Se0 CHAP: O CHALLENGE id 2 len 28 from ”left" 4d20h: Se0 CHAP: I CHALLENGE id 3 len 28 from ”right" 4d20h: Se0 CHAP: O RESPONSE id 3 len 28 from ”left" 4d20h: Se0 CHAP: I RESPONSE id 2 len 28 from ”right" 4d20h: Se0 CHAP: O SUCCESS id 2 len 4 4d20h: Se0 CHAP: I SUCCESS id 3 len 4 4d20h: dialer Protocol up for Se0 4d20h: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to up Left router Right router Service Provider
23
© 1999, Cisco Systems, Inc. www.cisco.com ICND—12-23 可视化目标 podro’s s0 A10.140.1.2 B10.140.2.2 C10.140.3.2 D10.140.4.2 E10.140.5.2 F10.140.6.2 G10.140.7.2 H10.140.8.2 I10.140.9.2 J10.140.10.2 K10.140.11.2 L10.140.12.2 s1/0 - s2/3 10.140.1.1 … 10.140.12.1 core_ server 10.1.1.1 wg_sw_a 10.2.2.11 wg_sw_l 10.13.13.11 wg_pc_a 10.2.2.12 wg_pc_l 10.13.13.12 wg_ro_a e0/1 e0/2 e0/1 e0 fa0/23 core_sw_a 10.1.1.2 wg_ro_l core_ro 10.1.1.3 fa0/24fa0/0 LL s0 10.140.1.2... 10.13.13.3 s0 10.140.12.2 PPP with CHAP 10.2.2.3
24
© 1999, Cisco Systems, Inc. www.cisco.com ICND—12-24 完成本章的学习后,你应该能够掌握: 在广域网的串行口上配置 HDLC 和 PPP 协 议 在一个 PPP 连接内配置 PAP 和 CHAP 验 证 查看点到点的 HDLC 和 PPP 协议配置情 况 本章总结
25
© 1999, Cisco Systems, Inc. www.cisco.com ICND—12-25 1. 在 Cisco 路由器上有哪三中广域网连接类型 ? 2.PPP 有哪两种封装协议,它们有哪些优、缺点 ? 3.PPP LCP 有哪些选项 ? 问题回顾
Similar presentations
![首 页 首 页 上一页 下一页 本讲内容 投影法概述三视图形成及其投影规律平面立体三视图、尺寸标注 本讲内容 复习: P25~P31 、 P84~P85 作业: P7, P8, P14[2-32(2) A3 (1:1)]](/12/3353742/big_thumb.jpg "首 页 首 页 上一页 下一页 本讲内容 投影法概述三视图形成及其投影规律平面立体三视图、尺寸标注 本讲内容 复习: P25~P31 、 P84~P85 作业: P7, P8, P14[2-32(2) A3 (1:1)]>")
