WAN Technologies

Cisco WAN Technologies

dr.ing. Florin D r ban

Oradea, June-July 2011

1

Index
I. Introduction 1.1 Wide-Area Network (WAN) 1.2 WAN Devices 1.3 WAN Standards 1.4 Circuit-switched Networks. Packet-switched Networks 1.5 WAN Links Options 1.6 WAN Technologies 1.6.1 Analog Dialup 1.6.2 ISDN 1.6.3 Leased Lines 1.6.4 X.25 1.6.5 Frame Relay (FR) 1.6.6 ATM 1.6.7 DSL 1.6.8 Cable II. HDLC and PPP 2.1 Introduction 2.2 HDLC 2.3 PPP 2.4 PAP 2.5 CHAP 2.6 Configuration of serial WAN with HDLC/PPP 2.7 Verifying of serial WAN with HDLC/PPP configuration 2.8 Troubleshooting of serial WAN with HDLC/PPP configuration III. ISDN 3.1 ISDN Concepts 3.2 Configuration of ISDN 3.3 Verifying ISDN configuration 3.4 Troubleshooting ISDN configuration IV. FR 4.1 FR Concepts 4.2 Bandwith and Flow Control 4.3 Address mapping and topology 4.4 LMI 4.5 Configuration of Frame Relay 4.6 Reachability issues with routing updates. Subinterfaces 4.7 Verifying FR configuration 4.8 Troubleshooting FR configuration

I. Introduction
1.1. Wide-Area Network (WAN) As the enterprise grows beyond a single location, it is necessary to interconnect the LANs in the various branches to form a Wide-Area Network (WAN). There are many options currently available today for implementing WAN solutions. They differ in technology, speed (bandwith) and cost. A WAN is a data communications network that operates beyond the geographic scope of a LAN. One primary difference between a WAN and a LAN is that a company must subscribe to an outside WAN service provider in order to use WAN carrier network services. A WAN uses data links provided by WAN carrier network services to access the Internet and connect the locations of a company to each other, to locations of other companies, to external services and to remote users. WANs generally carry a variety of traffic types, such as voice, data and video. Devices on the subscriber premises are called Customer Premises Equipment (CPE). The subscriber owns the CPE or leases the CPE from the service provider. A copper cable or fiber cable connects the CPE to the service providers nearest exchange or Central Office (CO). This cabling is often called the local loop or "last-mile".

3
Fig. 1 Local loop.

Devices that put data on the local loop are called Data Circuit-terminating Equipment or Data Communications Equipment (DCE). The customer devices that pass the data to the DCE are called Data Terminal Equipment (DTE). The DCE primarily provides an interface for the DTE into the communication link on the WAN cloud. The DTE/DCE interface uses various physical layer protocols, such as HSSI (High-Speed Serial Interface), X.21, V.35 or EIA/TIA-232. These protocols establish the codes and electrical parameters the devices use to communicate with each other. WAN links are provided at various speeds measured in bits per second (bps), kilobits per second (kbps or 1000 bps), megabits per second (Mbps or 1000 kbps) or gigabits per second (Gbps or 1000 Mbps). The bps values are generally full duplex.

4
Fig. 2 DTE and DCE.

Table 1 Examples for the WAN links bandwith.

1.2 WAN Devices WANs are groups of LANs connected together with communications links from a service provider. Because the communications links cannot plug directly into the LAN, it is necessary to identify the various pieces of interfacing equipment: -a) router, -b) switch, -c) modem (CSU=Channel Service Unit/DSU=Digital Service Unit), -d) communication server.

5
Fig. 3 WAN Equipments.

-a) LAN-based computers with data to transmit send data to a router that contains both LAN and WAN interfaces. The router will use the L3 address information to deliver the data on the appropriate WAN interface. Routers are active and intelligent network devices and therefore can participate in network management. Routers manage networks by providing dynamic control over resources and supporting the tasks and goals for networks. Some of these goals are connectivity, reliable performance, management control and flexibility.

Fig. 4 Router.

-b) The communications link needs signals in an appropriate format. For digital lines, a Channel Service Unit (CSU) and a Data Service Unit (DSU) are required. The 2 are often combined into a single piece of equipment, called the CSU/DSU. The CSU/DSU may also be built into the interface card in the router. When ISDN is used as the communications link, all equipment attached to the ISDN bus must be ISDN-compatible. Compatibility is generally built into the computer interface for direct dial connections or the router interface for LAN to WAN connections. Older equipment without an ISDN interface requires an ISDN Terminal Adapter (TA) for ISDN compatibility.

Fig. 5 CSU/DSU.

-c) A modem is needed if the local loop is analog rather than digital. Modems transmit data over voice-grade telephone lines by modulating and demodulating the signal. The digital signals are superimposed on an analog voice signal that is modulated for transmission. The modulated signal can be heard as a series of whistles by turning on the internal modem speaker. At the receiving end the analog signals are returned to their digital form, or demodulated.

Fig. 6 Modem.

-d) Communication servers concentrate dial-in user communication and remote access to a LAN. They may have a mixture of analog and digital (ISDN) interfaces and support hundreds of simultaneous users. 1.3 WAN standards WANs use the OSI reference model, but focus mainly on L1 and L2. WAN standards typically describe both physical layer delivery methods and data link layer requirements, including physical addressing, flow control and encapsulation. WAN standards are defined and managed by a number of recognized authorities: ITU (International Telecommunications Union), IETF (Internet Engineering Task Force), ISO (International Organization for Standartization), EIA (Electronic Industries Association), TIA Telecommunications Industries Association. -L1) The physical layer protocols describe how to provide electrical, mechanical, operational and functional connections to the services provided by a communications service provider. Some of the common physical layer standards are: -EIA/TIA-232, -EIA/TIA-449, -EIA/TIA-530 -EIA/TIA-613 (HSSI), -V.35, -X.21. -L2) The data link layer protocols define how data is encapsulated for transmission to remote sites and the mechanisms for transferring the resulting frames. A variety of different technologies are used, such as: -ISDN=Integraded Services Digital Network (Circuit-Switched), -X.25 (Packet-Switched), -Frame Relay (FR), (Packet-Switched), -Asynchronous Transfer Mode (ATM) (Packet-Switched). These protocols use the same basic framing mechanism HDLC (High-Level Data Link Control) (Cisco Default) or one of its sub-sets or variants : -LAPM (Link Access Procedure Modems) and PPP (Point-to-Point Protocol) (for Dial-up connections), -LAPD (Link Access Procedure D-channel) (for ISDN connections), -LAPB (Link Access Procedure Balanced) (for X.25 connections), -LAPF (Link Access Procedure Frame) (for FR connections).

Data from the network layer (L3) is passed to the data link layer (L2) for delivery on a physical link, which is normally point-to-point on a WAN connection. The data link layer builds a frame around the network layer data so the necessary checks and controls can be applied. Each WAN connection type uses a L2 protocol to encapsulate traffic while it is crossing the WAN link. The choice of encapsulation protocol depends on the WAN technology and the equipment. Most framing is based on the HDLC standard. HDLC framing gives reliable delivery of data over unreliable lines and includes signaling mechanisms for flow and error control.

10
Fig. 7 HDLC frame.

1.4 Circuit-switched Networks. Packet-switched Networks 1) Circuit-switched Networks - When a subscriber makes a telephone call, the dialed number is used to set switches in the exchanges along the route of the call so that there is a continuous circuit from the originating caller to that of the called party. Because of the switching operation used to establish the circuit, the telephone system is called a Circuit-switched Network. If the telephones are replaced with modems, then the switched circuit is able to carry computer data. The internal path taken by the circuit between exchanges is shared by a number of conversations. Time Division Multiplexing (TDM) is used to give each conversation a share of the connection in turn. TDM assures that a fixed capacity connection is made available to the subscriber. If the circuit carries computer data, the usage of this fixed capacity may not be efficient. For example, if the circuit is used to access the Internet, there will be a burst of activity on the circuit while a web page is transferred. This could be followed by no activity while the user reads the page and then another burst of activity while the next page is transferred. This variation in usage between none and maximum is typical of computer network traffic. Because the subscriber has sole use of the fixed capacity allocation, switched circuits are generally an expensive way of moving data.

11
Fig. 8 Circuit-switched Network.

-2) Packet-switched Networks were developed to overcome the expense of public circuit-switched networks and to provide a more cost-effective WAN technology. An alternative is to allocate the capacity to the traffic only when it is needed and share the available capacity between many users. With a circuit-switched connection, the data bits put on the circuit are automatically delivered to the far end because the circuit is already established. If the circuit is to be shared, there must be some mechanism to label the bits so that the system knows where to deliver them. It is difficult to label individual bits, therefore they are gathered into groups called cells (ATM), frames (FR) or packets (X.25) . The packet passes from switch to switch for delivery through the provider network. Networks that implement this system are called Packet-switched Networks. Data on packet-switched networks are subject to unpredictable delays when individual packets wait for other subscriber packets to be transmitted by a switch.

12
Fig. 9 Packet-switched Network.

The switches in a packet-switched network determine, from addressing information in each packet, which link the packet must be sent on next. There are 2 approaches to this link determination: -a) Connectionless systems (such as the Internet) carry full addressing information in each packet. Each switch must evaluate the address to determine where to send the packet. -b) Connection-oriented systems (such as the FR or X.25) predetermine the route for a packet and each packet need only carry an identifier. In the case of FR these are called Data Link Control Identifiers (DLCI). The switch determines the onward route by looking up the identifier in tables held in memory. The set of entries in the tables identifies a particular route or circuit through the system. If this circuit is only physically in existence while a packet is traveling through it, it is called a Virtual Circuit (VC). -The table entries that constitute a VC can be established by sending a connection request through the network. In this case the resulting circuit is called a Switched Virtual Circuit (SVC). Data that is to travel on SVCs must wait until the table entries have been set up. Once established, the SVC may be in operation for hours, days or weeks. -Where a circuit is required to be always available, a Permanent Virtual Circuit (PVC) will be established. Table entries are loaded by the switches at boot time so the PVC is always available.

13

1.5 WAN link options -a) Circuit-switched networks establishes a dedicated physical connection for voice or data between a sender and receiver. Before communication can start, it is necessary to establish the connection by setting the switches. This is done by the Plain Old Telephone System (POTS), using the dialed number. Examples of circuit-switched connections include POTS and ISDN. -b) To avoid the delays associated with setting up a connection, telephone service providers also offer permanent circuits. These dedicated lines or leased lines offer higher bandwidth than is available with a switched circuit. -c) Many WAN users do not make efficient use of the fixed bandwidth that is available with dedicated lines or switched circuits because the data flow fluctuates. Communications providers have packet-switched networks available to more appropriately service these users. In these networks, the data is transmitted in labeled cells, frames or packets through a packet-switched network. Because the internal links between the switches are shared between many users, the costs of packet-switching are lower than those of circuit-switching. Delays (latency) and variability of delay (jitter) are greater in packet-switched than in circuit-switched networks. This is because the links are shared and packets must be entirely received at one switch before moving to the next. Despite the latency and jitter inherent in shared networks, modern technology allows satisfactory transport of voice and even video communications on these networks. Packet-switched networks may establish routes through the switches for particular end-to-end connections. -Routes established when the switches are started are PVCs. -Routes established on demand are SVCs. -If the routing is not pre-established and is worked out by each switch for each packet, the network is called connectionless. -If the routing is pre-established the network is called connection-oriented. Examples of packet-switched or cell-switched connections include X.25, Frame Relay, ATM, SMDS (Switched Multimegabit Data Service).

14

Fig. 10 WAN link options.

15

1.6 WAN Technologies 1.6.1 Analog Dialup When intermittent, low-volume data transfers are needed, modems and analog dialed telephone lines provide low capacity and dedicated switched connections. Traditional telephony uses a copper cable, called the local loop, to connect the telephone handset in the subscriber premises to the Public Switched Telephone Network (PSTN). The signal on the local loop during a call is a continuously varying electronic signal that is a translation of the subscriber voice. The local loop is not suitable for direct transport of binary computer data, but a modem can send computer data through the voice telephone network. The modem modulates the binary data into an analog signal at the source and demodulates the analog signal at the destination to binary data. The physical characteristics of the local loop and its connection to the PSTN limit the rate of the signal. The upper limit is around 33 kbps. The rate can be increased to around 56 kbps if the signal is coming directly through a digital connection. For small businesses, this can be adequate for the exchange of sales figures, prices, routine reports and email. Using automatic dialup at night or on weekends for large file transfers and data backup can take advantage of lower off-peak tariffs (line charges). Tariffs are based on the distance between the endpoints, time of day and the duration of the call. The advantages of modem and analog lines are simplicity, availability and low implementation cost. The disadvantages are the low data rates and a relatively long connection time. The dedicated circuit provided by dialup will have little delay or jitter for point-to-point traffic, but voice or video traffic will not operate adequately at relatively low bit rates.

Fig. 11 Analog Dialup.

16

1.6.2 ISDN The internal connections (or trunks) of the PSTN have changed from carrying analog Frequency-Division Multiplexed (FDM) signals to Time-Division Multiplexed (TDM) digital signals. An obvious next step is to enable the local loop to carry digital signals that result in higher capacity switched connections. Integrated Services Digital Network (ISDN) turns the local loop into a TDM digital connection. The connection uses 64 kbps Bearer channels (B) for carrying voice or data and a signaling Delta channel (D) for call set-up and other purposes. Basic Rate Interface (BRI) ISDN is intended for the home and small enterprise and provides two 64 kbps B channels and one 16 kbps D channel (2B+D). For larger installations, Primary Rate Interface (PRI) ISDN is available. PRI delivers twentythree 64 kbps B channels and one 64 kbps D channel (23B+D) in North America, for a total bit rate of up to 1.544 Mbps (including synchronization overhead). In Europe, Australia and other parts of the world, ISDN PRI provides thirty B channels and one D channel (30B+D) for a total bit rate of up to 2.048 Mbps (including synchronization overhead). In North America the rate of ISDN PRI corresponds to a T1 connection. The rate of international ISDN PRI corresponds to an E1 connection. The BRI D channel is underutilized, as it has only two B channels to control. Some providers allow the D channel to carry data at low bit rates such as X.25 connections at 9.6 kbps. a) For small WANs, the BRI ISDN can provide an ideal connection mechanism. BRI has a call setup time that is less than a second and its 64 kbps B channel provide greater capacity than an analog modem link. If greater capacity is required, a second B channel can be activated to provide a total of 128 kbps. Although inadequate for video, this would permit several simultaneous voice conversations in addition to data traffic. Another common application of ISDN is to provide additional capacity as needed on a leased line connection. The leased line is sized to carry average traffic loads while ISDN is added during peak demand periods. ISDN is also used as a backup in the case of a failure of the leased line. ISDN tariffs are based on a per-B channel basis and are similar to those of analog voice connections. b) With PRI ISDN, multiple B channels can be connected between two endpoints. This allows for video conferencing and high bandwidth data connections with no latency or jitter. Multiple connections can become very expensive over long distances.

Fig. 12 ISDN.

17

1.6.3 Leases Lines When permanent dedicated connections are required, Leased Lines (LL) are used with capacities ranging from 56 kbps up to 2.5 Gbps. A point-to-point link provides a pre-established WAN communications path from the customer premises through the provider network to a remote destination. Point-to-point lines are usually leased from a carrier and are called leased lines. Leased lines are available in different capacities. These dedicated circuits are generally priced based on bandwidth required and distance between the two connected endpoints. The cost of leased-line solutions can become significant when they are used to connect many sites. There are times when cost of the leased line is outweighed by the benefits. The dedicated capacity gives no latency or jitter between the endpoints. Constant availability is essential for some applications such as electronic commerce. A router serial port is required for each leased-line connection. A CSU/DSU and the actual circuit from the service provider are also required. Leased lines are used extensively for building WANs and give permanent dedicated capacity. They have been the traditional connection of choice but have a number of disadvantages. WAN traffic is often variable and leased lines have a fixed capacity. This results in the bandwidth of the line seldom being exactly what is needed. In addition, each endpoint would need an interface on the router which would increase equipment costs. Any changes to the leased line generally require a site visit by the carrier to change capacity. Leased lines provide direct point-to-point connections between enterprise LANs and connect individual branches to a packetswitched network. Several connections can be multiplexed over a leased line, resulting in shorter links and fewer required interfaces.

Fig. 13 Leased Line.

18

1.6.4 X.25 In response to the expense of leased lines, telecommunications providers introduced packet-switched networks using shared lines to reduce costs. The first of these packet-switched networks was standardized as the X.25 group of protocols. X.25 provides a low bit rate shared variable capacity, with a maximum of 48 kbps, that may be either switched or permanent. X.25 is a network-layer (L3) protocol and subscribers are provided with a network address. Virtual Circuits (VC) can be established through the network with call request packets to the target address. The resulting SVC is identified by a channel number. Data packets labeled with the channel number are delivered to the corresponding address. Multiple channels can be active on a single connection. X.25 networks can also have pre-established channels between subscribers that provide a PVC. Subscribers connect to the X.25 network with either leased lines or dialup connections. X.25 can be very cost effective because tariffs are based on the amount of data delivered rather than connection time or distance. Data can be delivered at any rate up to the connection capacity. This provides some flexibility. X.25 networks are usually low capacity, with a maximum of 48 kbps. In addition, the data packets are subject to the delays typical of shared networks. Typical X.25 applications are Point-Of-Sale (POS) card readers. These readers use X.25 in dialup mode to validate transactions on a central computer. Some enterprises also use X.25 based Value-Added Networks (VAN) to transfer Electronic Data Interchange (EDI) invoices, bills of lading and other commercial documents. For these applications, the low bandwidth and high latency are not a concern, because the low cost makes the use of X.25 affordable. In US, X.25 technology is no longer widely available as a WAN technology. Frame Relay has replaced X.25 at many service provider locations.

Fig. 14 X.25.

19

1.6.5 Frame Relay With increasing demand for higher bandwidth and lower latency packet switching, communications providers introduced Frame Relay (FR). Although the network layout appears similar to that for X.25, available data rates are commonly up to 4 Mbps, with some providers offering even higher rates. FR differs from X.25 in several aspects. Most importantly, it is a much simpler protocol that works at the data link layer (L2) rather than the network layer (L3). FR implements no error or flow control. The simplified handling of frames leads to reduced latency and measures taken to avoid frame build-up at intermediate switches help reduce jitter. Most FR connections are PVCs rather than SVCs. The connection to the network edge is often a leased line but dialup connections are available from some providers using ISDN lines. The ISDN D channel is used to set up an SVC on one or more B channels. FR tariffs are based on the capacity of the connecting port at the network edge. Additional factors are the agreed capacity and Committed Information Rate (CIR) of the various PVCs through the port. FR provides permanent shared medium bandwidth connectivity that carries both voice and data traffic. FR is ideal for connecting enterprise LANs. The router on the LAN needs only a single interface, even when multiple VCs are used. The short-leased line to the Frame Relay network edge allows cost-effective connections between widely scattered LANs.

Fig. 15 FR.

20

1.6.6 ATM Communications providers saw a need for a permanent shared network technology that offered very low latency and jitter at much higher bandwidths. Their solution was Asynchronous Transfer Mode (ATM). ATM has data rates beyond 155 Mbps. As with the other shared technologies, such as X.25 and Frame Relay, diagrams for ATM WANs look the same. ATM is a technology that is capable of transferring voice, video and data through private and public networks. It is built on a cellbased architecture rather than on a frame-based architecture. ATM cells are always a fixed length of 53 bytes. The 53 byte ATM cell contains a 5 byte ATM header followed by 48 bytes of ATM payload. Small, fixed-length cells are well suited for carrying voice and video traffic because this traffic is intolerant of delay. Video and voice traffic do not have to wait for a larger data packet to be transmitted. The 53 byte ATM cell is less efficient than the bigger frames and packets of FR and X.25. Furthermore, the ATM cell has at least 5 bytes of overhead for each 48-byte payload. When the cell is carrying segmented network layer packets, the overhead will be higher because the ATM switch must be able to reassemble the packets at the destination. A typical ATM line needs almost 20% greater bandwidth than FR to carry the same volume of network layer data. ATM offers both PVCs and SVCs, although PVCs are more common with WANs. As with other shared technologies, ATM allows multiple VCs on a single leased line connection to the network edge.

Fig. 16 ATM.

21

1.6.7 DSL Digital Subscriber Line (DSL) technology is a broadband technology that uses existing twisted-pair telephone lines to transport high-bandwidth data to service subscribers. DSL service is considered broadband, as opposed to the baseband service for typical LANs. Broadband refers to a technique which uses multiple frequencies within the same physical medium to transmit data. The term xDSL covers a number of similar yet competing forms of DSL technologies: Asymmetric DSL (ADSL), Symmetric DSL (SDSL), High Bit Rate DSL (HDSL), ISDN (like) DSL (IDSL), Consumer DSL (CDSL, also called DSL-lite or G.lite). DSL technology allows the service provider to offer high-speed network services to customers, utilizing installed local loop copper lines. DSL technology allows the local loop line to be used for normal telephone voice connection and an always-on connection for instant network connectivity. Multiple DSL subscriber lines are multiplexed into a single, high capacity link by the use of a Digital Subscriber Line (DSLAM) at the provider location. The voice channel of a standard consumer telephone covers the frequency range of 330 Hz to 3.3 KHz. A frequency range or window of 4 KHz is regarded as the requirements for any voice transmission on the local loop. DSL technologies place upload (upstream) and download (downstream) data transmissions at frequencies above this 4 KHz window. This technique is what allows both voice and data transmissions to occur simultaneously on a DSL service. The 2 basic types of DSL technologies are asymmetric (ADSL) and symmetric (SDSL). All forms of DSL service are categorized as ADSL or SDSL and there are several varieties of each type. Asymmetric service provides higher download bandwidth to the user than upload bandwidth. Symmetric service provides the same capacity in both directions. Not all DSL technologies allow the use of a telephone. SDSL is called dry copper because it does not have a ring tone and does not offer telephone service on the same line. Therefore a separate line is required for the SDSL service. Current DSL technologies are using sophisticated coding and modulation techniques to achieve data rates up to 52 Mbps. The transfer rates are dependent on the actual length of the local loop and the type and condition of its cabling. For satisfactory service, the loop must be less than 5.5 kilometers (3.5 miles). It is not a popular choice for enterprise computer departments to support home workers. Generally, a subscriber cannot choose to connect to the enterprise network directly, but must first connect to an Internet Service Provider (ISP). From here, an IP connection is made through the Internet to the enterprise. Thus, security risks are incurred. To address security concerns, DSL services provide capabilities for using Virtual Private Network (VPN) connections to a VPN server, which is typically located at the corporate site.

Fig. 17 DSL.

22

1.6.8 Cable Coaxial Cable is widely used in urban areas to distribute television signals. Network access is available from some cable television networks. This allows for greater bandwidth than the conventional telephone local loop. Enhanced cable modems enable two-way, high-speed data transmissions using the same coaxial lines that transmit cable television. Some cable service providers are promising data speeds up to 6.5 times that of T1 leased lines. This speed makes cable an attractive medium for transferring large amounts of digital information quickly, including video clips, audio files and large amounts of data. Information that would take 2 minutes to download using ISDN BRI can be downloaded in 2 seconds through a cable modem connection. Cable modems provide an always-on connection and a simple installation. An always-on cable connection means that connected computers are vulnerable to a security breach at all times and need to be suitably secured with firewalls. To address security concerns, cable modem services provide capabilities for using Virtual Private Network (VPN) connections to a VPN server, which is typically located at the corporate site. A cable modem is capable of delivering up to 30 to 40 Mbps of data on one 6 MHz cable channel. This is almost 500 times faster than a 56 Kbps modem. With a cable modem, a subscriber can continue to receive cable television service while simultaneously receiving data to a personal computer. This is accomplished with the help of a simple one-to-two splitter. Cable modem subscribers must use the ISP associated with the service provider. All the local subscribers share the same cable bandwidth. As more users join the service, available bandwidth may be below the expected rate.

Fig. 18 Cable.

23

Table 2 WAN Technologies WAN Technology LL (Leased Lines) Dialup ISDN (Integrated Services Digital Network) X.25 Charge Distance, capacity Maximum BW unlimited Delay Very Very Low Low Low Jitter Very Very Low Low Low Other Permanent fixed capacity Dialed slow connection Dialed fast connection

Distance, time Distance, capacity

33-56 kbps 64/128 kbps for BRI < 2 Mbps for PRI < 48 kbps

Volume

High

High

Switched or Permanent fixed capacity Switched or Permanent variable capacity Switched or Permanent variable capacity Permanent variable capacity Permanent variable capacity

FR (Frame Relay)

Capacity

ATM (Asynchronous Transfer Mode) DSL (Digital Subscriber Line) Cable

Capacity

< 4 Mbps (<45 Mbps for some service providers) > 155 Mbps

High (lower than X.25) Very Low

High (lower than X.25)

Very Low

Capacity

< 52 Mbps

Low

Low

Capacity

< 40 Mbps

Low

Low

24

II. HDLC and PPP

2.1 Introduction WAN technologies are based on serial transmission at the physical layer. This means that the bits of a frame are transmitted one at a time over the physical medium. The bits that make up the L2 frame are signaled one at a time by physical layer processes onto the physical medium. The signaling methods include NonReturn to Zero Level (NRZ-L), High Density Binary 3 (HDB3) and Alternative Mark Inversion (AMI). These are examples of physical layer encoding standards, similar to Manchester encoding for Ethernet. Among other things, these signaling methods differentiate between one serial communication method and another.

Fig. 1 Serial transmission at the physical layer.

25

Time-Division Multiplexing (TDM) is the transmission of several sources of information using one common channel, or signal, and then the reconstruction of the original streams at the remote end. In the example shown in Figure 2, there are 3 sources of information carried in turn down the output channel. First, a chunk of information is taken from each input channel. The size of this chunk may vary, but typically it is either a bit or a byte at a time. Depending on whether bits or bytes are used, this type of TDM is called bit-interleaving or byte-interleaving. Each of the 3 input channels has its own capacity. For the output channel to be able to accommodate all the information from the 3 inputs, the capacity of the output channel must be no less than the sum of the inputs. In TDM, the output timeslot is always present whether or not the input channel has any information to transmit. TDM is a physical layer concept, it has no regard for the nature of the information that is being multiplexed onto the output channel. TDM is independent of the L2 protocol that has been used by the input channels.

Fig. 2 TDM.

26

The demarcation point (or "demarc" as it is commonly known) is the point in the network where the responsibility of the service provider (or "telco") ends. In the US, a telco provides the local loop into the customer premises and the customer provides the active equipment such as the CSU/DSU on which the local loop is terminated. This termination often occurs in a telecommunications closet and the customer is responsible for maintaining, replacing or repairing the equipment. In other countries around the world, the NTU (Network Termination Unit) is provided and managed by the telco. This allows the telco to actively manage and troubleshoot the local loop with the demarcation point occurring after the NTU. The customer connects a CPE device, such as a router or Frame Relay Access Device (FRAD), into the NTU using a V.35 or RS-232 serial interface.

Fig. 3 The demarcation point.

27

A serial connection has a Data Terminal Equipment (DTE) device at one end of the connection and a Data Communications Equipment (DCE) device at the other end. The connection between the two DCEs is the WAN service provider transmission network. -The CPE, which is generally a router, is the DTE. Other DTE examples could be a terminal, computer, printer or fax machine. -The DCE, commonly a modem or CSU/DSU, is the device used to convert the user data from the DTE into a form acceptable to the WAN service provider transmission link. This signal is received at the remote DCE, which decodes the signal back into a sequence of bits. This sequence is then signaled to the remote DTE.

Fig. 4 WAN connection.

28

Many standards have been developed to allow DTEs to communicate with DCEs. The DTE/DCE interface for a particular standard defines the following specifications: -Mechanical/physical - Number of pins and connector type. -Electrical - Defines voltage levels for 0 and 1. -Functional - Specifies the functions that are performed by assigning meanings to each of the signaling lines in the interface. -Procedural - Specifies the sequence of events for transmitting data. -a) If two DTEs must be connected together (DTE to DTE connection), like 2 computers or 2 routers, a special cable called a nullmodem cable is necessary to eliminate the need for a DCE. For synchronous connections, where a clock signal is needed, either an external device or one of the DTEs must generate the clock signal. The synchronous serial port on a router is configured as DTE or DCE depending on the attached cable, which is ordered as either DTE or DCE to match the router configuration. If the serial port is configured as DTE (which is the default setting) external clocking is required from the CSU/DSU or other DCE device. -b) The cable for the DTE to DCE connection is a shielded serial transition cable. The router end of the shielded serial transition cable may be a DB-60 connector, which connects to the DB-60 port on a serial WAN interface card. The other end of the shielded serial transition cable is available with the connector appropriate for the standard that is to be used. The WAN provider or the CSU/DSU usually dictates this cable type. Cisco devices support the EIA/TIA-232 (25 pins), EIA/TIA-449 (36 pins), V.35 (34 pins), X.21 (15 pins) and EIA/TIA-530 (36 pins) serial standards. -c) To support higher densities in a smaller form factor, Cisco has introduced a smart serial cable. The router interface end of the smart serial cable is a 26-pin connector significantly more compact than the DB-60 connector.

29

Fig. 5 Serial cables and connectors.

30

2.2 HDLC Initially, serial communications were based on character-oriented protocols. Bit-oriented protocols were more efficient but they were also proprietary. In 1979, the ISO agreed on HDLC (High-Level Data Link Control) as a standard bit-oriented data link layer protocol that encapsulates data on synchronous serial data links. This standardization led to other committees adopting it and extending the protocol. Since 1981, ITU-T has developed a series of HDLC derivative protocols. The following examples of derivative protocols are called Link Access Protocols: -Link Access Procedure for Modems (LAPM) and PPP for modems, -Link Access Procedure on the D channel (LAPD) for ISDN, -Link Access Procedure Balanced (LAPB) for X.25 , -Link Access Procedure for Frame Relay (LAPF) for Frame Relay . HDLC uses synchronous serial transmission providing error-free communication between 2 points. HDLC defines a L2 framing structure that allows for flow control and error control using acknowledgments and a windowing scheme. Each frame has the same format, whether it is a data frame or a control frame.

31
Fig. 6 HDLC frame.

-The frame always starts and ends with an 8-bit flag field, the bit pattern is 01111110. Because there is a likelihood that this pattern will occur in the actual data, the sending HDLC system always inserts a 0 bit after every five 1s in the data field, so in practice the flag sequence can only occur at the frame ends. The receiving system strips out the inserted bits. When frames are transmitted consecutively the end flag of the first frame is used as the start flag of the next frame. -The address field is not needed for WAN links, which are almost always point-to-point. The address field is still present and may be 1 or 2 bytes long. -The control field indicates the frame type, which may be Information, Supervisory, Unnumbered: The control field is normally 1 byte, but will be 2 bytes for extended sliding windows systems. Together the address and control fields are called the frame header. -a) Information frames (I-frames) carry network layer data. -b) Supervisory frames (S-frames) control the flow of information frames and request data retransmission in the event of an error. -c) Unnumbered frames (U-frames) carry line setup messages. The code field identifies the U-frame type. The first one or two bits of the control field serve to identify the frame type. In the control field of an Information frame (I-frame), the send-sequence number N(S) refers to the number of the frame to be sent next. The receive-sequence number N(R) provides the number of the frame to be received next. Both sender and receiver maintain send and receive sequence numbers. Poll/Final (P/F) is a single bit with 2 names. It is called Poll when set by the primary station to obtain a response from a secondary station and Final when set by the secondary station to indicate a response or the end of transmission. In all other cases, the bit is clear. The bit is used as a token that is passed back and forth between the stations. Only one token should exist at a time. The secondary only sends a Final when it has received a Poll from the primary. The primary only sends a Poll when it has received a Final back from the secondary or after a timeout indicating that the bit has been lost. S field indicates S-frames type: 00=RR (Receive Ready), 01=RNR(Receive Not Ready), 10=REJ (REJect), 11=SREJ (Selective REJect). Standard HDLC does not inherently support multiple protocols on a single link, as it does not have a way to indicate which protocol is being carried. Both PPP and the Cisco version of HDLC have an extra field, called Protocol field, in the frame header to identify the network layer protocol of the encapsulated data. This Protocol field enables multiple network layer protocols to share the same serial link. -The encapsulated data follows the control field.

32 -The Frame Check Sequence (FCS) field uses the Cyclic Redundancy Check (CRC) mechanism to establish a 2 or 4 byte field.

2.3 PPP PPP (Point-to-Point Protocol) uses a layered architecture and provides a method for encapsulating multi-protocol datagrams over a point-to-point link and uses the data link layer for testing the connection. Therefore PPP is made up of 2 sub-protocols: 1) Link Control Protocol (LCP) - Used for establishing the point-to-point link. 2) Network Control Protocol (NCP) - Used for configuring the various network layer protocols. PPP can be configured on the following types of physical interfaces: Asynchronous serial, Synchronous serial, High-Speed Serial Interface (HSSI), Integrated Services Digital Network (ISDN).

Fig. 7 PPP layered architecture.

33

1) PPP uses Link Control Protocol (LCP) to establish, configure and test the WAN data link connection. PPP also uses LCP to automatically agree upon encapsulation format options such as: -Authentication - Authentication options require that the calling side of the link enter information to help ensure the user has the network administrator's permission to make the call. Peer routers exchange authentication messages. Two authentication choices are Password Authentication Protocol (PAP) and Challenge Handshake Authentication Protocol (CHAP) (in general CHAP is the preferred protocol) (ppp authentication pap or chap). -Compression - Compression options increase the effective throughput on PPP connections by reducing the amount of data in the frame that must travel across the link. The protocol decompresses the frame at its destination. Two compression protocols available in Cisco routers are Stacker and Predictor (ppp compress stacker or predictor). -Error detection - Error detection mechanisms with PPP enable a process to identify fault conditions. The Quality and Magic Number options help ensure a reliable, loop-free data link (ppp quality <link quality threshold 1-100>). -Multilink - Cisco IOS Release 11.1 and later supports multilink PPP. This alternative provides load balancing over the router interfaces that PPP uses (ppp multilink). -PPP Callback - To further enhance security, Cisco IOS Release 11.1 offers callback over PPP. With this LCP option, a Cisco router can act as a callback client or as a callback server. The callback client makes the initial call, requests that it be called back and terminates its initial call. The callback server answers the initial call and makes the return call to the client based on its configuration statements. LCP will also do the following: handle varying limits on packet size, detect common misconfiguration errors, determine when a link is functioning properly or when it is failing, terminate the link. 2) PPP uses the Network Control Protocol (NCP) component to encapsulate and negotiate options for multiple network layer protocols. PPP permits multiple network layer protocols to operate on the same communications link. For every network layer protocol used, a separate Network Control Protocol (NCP) is provided. For example, Internet Protocol (IP) uses the IP Control Protocol (IPCP), Internetwork Packet Exchange (IPX) uses the Novell IPX Control Protocol (IPXCP), Appletalk uses Appletalk Control Protocol (ACP). NCPs include functional fields containing standardized codes to indicate the network layer protocol type that PPP encapsulates.

34

The fields of a PPP frame are as follows: -Flag - Indicates the beginning or end of a frame and consists of the binary sequence 01111110. -Address - Consists of the standard broadcast address, which is the binary sequence 11111111. PPP does not assign individual station addresses. -Control - 1 byte that consists of the binary sequence 00000011, which calls for transmission of user data in an unsequenced frame. -Protocol - 2 bytes that identify the protocol encapsulated in the data field of the frame (8021=IPCP, 8023=NCP, 8029=ACP, 802b=IPXCP, c021=LCP, c023=PAP, c223=CHAP) -Data - 0 or more bytes that contain the datagram for the protocol specified in the protocol field. The end of the data field is found by locating the closing flag sequence and allowing 2 bytes for the FCS field. The default maximum length of the data field is 1500 bytes. -FCS - Normally 2 bytes added to a frame for error control purposes. PPP session establishment progresses through 3 phases: -1) Link-establishment phase - In this phase each PPP device sends LCP frames to configure and test the data link. LCP frames contain a configuration option field that allows devices to negotiate the use of options such as the Maximum Transmission Unit (MTU), compression of certain PPP fields and the link-authentication protocol. If a configuration option is not included in an LCP packet, the default value for that configuration option is assumed. Before any network layer packets can be exchanged, LCP must first open the connection and negotiate the configuration parameters. This phase is complete when a configuration acknowledgment frame has been sent and received. -2) Authentication phase (optional) - After the link has been established and the authentication protocol decided on, the peer may be authenticated. Authentication, if used, takes place before the network layer protocol phase is entered. As part of this phase, LCP also allows for an optional link-quality determination test. The link is tested to determine whether the link quality is good enough to bring up network layer protocols. -3) Network layer protocol phase - In this phase the PPP devices send NCP frames to choose and configure one or more network layer protocols, such as IP. Once each of the chosen network layer protocols has been configured, packets from each network layer protocol can be sent over the link. If LCP closes the link, it informs the network layer protocols so that they can take appropriate action. The show interfaces command reveals the LCP and NCP states under PPP configuration. The following 3 classes of LCP frames are used in a PPP session: -Link-establishment frames are used to establish and configure a link. -Link-termination frames are used to terminate a link. -Link-maintenance frames are used to manage and debug a link. The PPP link remains configured for communications until either of the following: -LCP or NCP frames close the link, -An inactivity timer expires, -A user intervenes.

35

2.4 PAP PAP provides a simple method for a remote node to establish its identity, using a two-way handshake. After the PPP link establishment phase is complete, a username/password pair is repeatedly sent by the remote node across the link until authentication is acknowledged or the connection is terminated. PAP is not a strong authentication protocol. Passwords are sent across the link in clear text and there is no protection from playback or repeated trial-and-error attacks. The remote node is in control of the frequency and timing of the login attempts.

Fig. 8 PAP. The hostname on one router must match the username the other router has configured. The passwords must also match.

Fig. 9 Configuring of PAP.

36

2.5 CHAP CHAP is used at the startup of a link and periodically verifies the identity of the remote node using a three-way handshake. CHAP is performed upon initial PPP link establishment and is repeated during the time the link is established. After the PPP link establishment phase is complete, the local router sends a "challenge" message to the remote node. The remote node responds with a value calculated using a one-way hash function, which is typically Message Digest 5 (MD5). This response is based on the password and challenge message. The local router checks the response against its own calculation of the expected hash value. If the values match, the authentication is acknowledged, otherwise the connection is immediately terminated. CHAP provides protection against playback attack through the use of a variable challenge value that is unique and unpredictable. Since the challenge is unique and random, the resulting hash value will also be unique and random. The use of repeated challenges is intended to limit the time of exposure to any single attack. The local router or a third-party authentication server is in control of the frequency and timing of the challenges.

Fig. 10 CHAP a. The hostname on one router must match the username the other router has configured. The passwords must also match.

Fig. 11 Configuration of CHAP.

37

1. Challenge

Calculations

2. Response

Fig. 10 CHAP b.

3. Accept/Reject

38

2.6 Configuration of serial WAN with HDLC/PPP The default encapsulation method used by Cisco devices on synchronous serial lines is Cisco HDLC. If the serial interface is configured with another encapsulation protocol, and the encapsulation must be changed back to HDLC, enter the interface configuration mode of the serial interface. Then enter the encapsulation hdlc command to specify the encapsulation protocol on the interface. Cisco HDLC is a point-to-point protocol that can be used on leased lines between 2 Cisco devices. When communicating with a non-Cisco device, synchronous PPP is a more viable option. Router(config)#interface <type=serial> <no> Router(config-if)#encapsulation hdlc Router(config-if)#exit When the encapsulation ppp command is used, either PAP or CHAP authentication can be optionally added. If no authentication is specified the PPP session starts immediately. If authentication is required the process proceeds through the following steps: -The method of authentication is determined. -The local database or security server, which has a username and password database, is checked to see if the given username and password pair matches. -The process checks the authentication response sent back from the local database. If it is a positive response, the PPP session is started. If negative, the session is terminated. Router(config)#interface <type=serial> <no> Router(config-if)#encapsulation ppp Router(config-if)#exit

Fig. 12 Starting the PPP session.

39

2.7 Verifying of serial WAN with HDLC/PPP configuration -1) The output of the show interfaces serial command displays information specific to serial interfaces. When HDLC is configured, "Encapsulation HDLC" should be reflected in the output. When PPP is configured, "Encapsulation PPP" should be seen in the output. Five possible problem states can be identified in the interface status line of the show interfaces serial display: Serial x is down, line protocol is down Serial x is up, line protocol is down Serial x is up, line protocol is up (looped) Serial x is up, line protocol is down (disabled) Serial x is administratively down, line protocol is down. -2) The show controllers command is another important diagnostic tool when troubleshooting serial lines. The show controllers output indicates the state of the interface channels and whether a cable is attached to the interface (for example, DTE V.35 TX and RX clocks detected). The command syntax varies, depending on platform. For serial interfaces on Cisco 7000 series routers, use the show controllers cbus command. If the electrical interface output is shown as UNKNOWN, instead of V.35, EIA/TIA-449 or some other electrical interface type, an improperly connected cable is the likely problem. A problem with the internal wiring of the card is also possible. If the electrical interface is UNKNOWN, the corresponding display for the show interfaces serial command will show that the interface and line protocol are down. 2.8 Troubleshooting of serial WAN with HDLC/PPP configuration The following are some debug commands that are useful when troubleshooting serial and WAN problems: -debug serial interface - Verifies whether HDLC keepalive packets are incrementing. If they are not, a possible timing problem exists on the interface card or in the network. -debug arp - Indicates whether the router is sending information about or learning about routers (with ARP packets) on the other side of the WAN cloud. Use this command when some nodes on a TCP/IP network are responding, but others are not. -debug ppp negotiation - Shows PPP packets transmitted during PPP startup where PPP options are negotiated. -debug ppp packet - Shows PPP packets being sent and received. This command displays low-level packet dumps. -debug ppp error - Shows PPP errors, such as illegal or malformed frames, associated with PPP connection negotiation and operation. -debug ppp authentication - Shows PPP CHAP and PAP packet exchanges. -debug ppp chap - Shows PPP CHAP packet exchanges. 40