Wednesday 26 June 2013

WAN Protocols

WAN PROTOCOLS HDLC PPP FRAME REALLY NAT PAT

WANs are most often charge-for-service networks, providing the means for users to access resources across a wide geographic area. Some services are considered Layer 2 connections between your remote locations, typically provided by a telephone company (telco) over its WAN switches. Some of these technologies include a serial point-to-point (leased line) connection and Frame Relay connections.
Other connections leverage the Internet infrastructure, a Layer 3 alternative, to interconnect the remote locations of an organization. To provide security across the public Internet, you can implement a virtual private network (VPN) solution.
This section introduces the components of a VPN solution for WAN connectivity, explains how to configure a PPP connection, and describes Frame Relay operation, configuration, and troubleshooting.
In this section we would cover following CCNA objectives
  • Describe the uses of VPNs for site-to-site and remote-user access
  • Connect to a service provider over a network and describe the operation and configuration of PPP
  • Connect to a service provider over a network and describe the operation and the basic configuration of Frame Relay
  • Identify an approach for troubleshooting common Frame Relay problems and offer solutions

Wan Terms Definitions and Encapsulation method

A WAN is a data communications network that operates beyond the geographical scope of a LAN.
WANs use facilities provided by a service provider, or carrier, such as a telephone or cable company. They connect the locations of an organization to each other, to locations of other organizations, to external services, and to remote users. WANs generally carry a variety of traffic types, such as voice, data, and video.
WAN connections are made up of many types of equipment and components.
data communications equipment (DCE) terminates a connection between two sites and provides clocking and synchronization for that connection; it connects to data termination equipment (DTE). 
A DTE is an end-user device, such as a router or PC, which connects to the WAN via the DCE.
TermDefinition
Customer premises equipment (CPE)
Your network's equipment, which includes the DCE (modem, NT1, CSU/ DSU) and your DTE (router, access server)
Demarcation point
Where the responsibility of the carrier is passed on to you; this could be inside or outside your local facility; note that this is a logical boundary, not necessarily a physical boundary
Local loop
The connection from the carrier's switching equipment to the demarcation point
Central office (CO) switch
The carrier's switch within the toll network
Toll network
The carrier's internal infrastructure for transporting your data

Customer premises equipment (CPE)
Customer premises equipment (CPE) is equipment that's owned by the subscriber and located on the subscriber's premises.
Demarcation point
The demarcation point is the precise spot where the service provider's responsibility ends and the CPE begins. It's generally a device in a telecommunications closet owned and installed by the telecommunications company (telco). It's your responsibility to cable (extended demarc) from this box to the CPE, which is usually a connection to a CSU/DSU or ISDN interface.
Local loop
The local loop connects the demarc to the closest switching office, which is called a central office.
Central office (CO)
This point connects the customer's network to the provider's switching network.
Toll network
The toll network is a trunk line inside a WAN provider's network. This network is a collection of switches and facilities owned by the ISP. Definitely familiarize yourself with these terms because they're crucial to understanding WAN technologies.

Synchronous V/s asynchronous

Synchronous serial connection allows you to simultaneously send and receive information without having to wait for any signal from the remote side. Nor does a synchronous connection need to indicate when it is beginning to send something or the end of a transmission. These two things, plus how clocking is done, are the three major differences between synchronous and asynchronous connections—asynchronous connections are typically used for dialup connections, such as modems.
wide-area networking can be broken into three categories:
  • Leased line
  • Circuit switched
  • Packet switched

Leased-Line Connections

In lease line, you get your very own piece of wire from your location to the service provider's network. This is good because no other customer can affect your line, as can be the case with other WAN services. You have a lot of control over this circuit to do things such as Quality of Service and other traffic management. The downside is that a leased line is expensive and gets a lot more expensive if you need to connect offices that are far apart.
These are usually referred to as a point-to-point or dedicated connection. A leased line is a pre-established WAN communications path that goes from the CPE through the DCE switch, then over to the CPE of the remote site.
  • The distance between the two sites is small, making them cost-effective.
  • You have a constant amount of traffic between two sites and need to guarantee bandwidth for certain applications

Circuit-Switched Connections

A circuit-switched WAN uses the phone company as the service provider, either with analog dial-up or digital ISDN connections. With circuit-switching, if you need to connect to the remote LAN, a call is dialed and a circuit is established; the data is sent across the circuit, and the circuit is taken down when it is no longer needed. Circuit-switched connections include the following types:
Asynchronous serial connections
These include analog modem dialup connections and the standard telephone system, which is commonly referred to as Plain Old Telephone Service (POTS) by the telephone carriers.
Synchronous serial connections
These include digital ISDN BRI and PRI dialup connections; they provide guaranteed bandwidth.

Packet-Switched Connections

Packet-switched WAN services allow you to connect to the provider's network in much the same way as a PC connects to a hub: When connected, your traffic is affected by other customers' and theirs by you. This can be an issue sometimes, but it can be managed. The advantage of this shared-bandwidth technology is that with a single physical connection from your router's serial port, you can establish virtual connections to many other locations around the world. Packet-switched connections use logical circuits to make connections between two sites. These logical circuits are referred to as virtual circuits (VCs). So if you have a lot of branch offices and they are far away from the head office, a packet-switched solution is a good idea.
X.25
The oldest of these four technologies is X.25, which is an ITU-T standard. X.25 is a network layer protocol that runs across both synchronous and asynchronous physical circuits, providing a lot of flexibility for your connection options. X.25 was actually developed to run across unreliable medium. It provides error detection and correction, as well as flow control, at both the data link layer (by LAPB) and the network layer (by X.25). In this sense, it performs a function similar to what TCP, at the transport layer, provides for IP. Because of its overhead, X.25 is best delegated to asynchronous, unreliable connections. If you have a synchronous digital connection, another protocol, such as Frame Relay or ATM, is much more efficient.
Frame Relay
Frame Relay is a digital packet-switched service that can run only across synchronous digital connections at the data link layer. Because it uses digital connections (which have very few errors), it does not perform any error correction or flow control as X.25 does. Frame Relay will, however, detect errors and drops bad frames. It is up to a higher layer protocol, such as TCP, to resend the dropped information.
ATM
ATM is also a packet-switched technology that uses digital circuits. Unlike Frame Relay and X.25, however, this service uses fixed-length (53 byte) packets, called cells, to transmit information. Therefore, this service is commonly called a cell-switched service. It has an advantage over Frame Relay in that it can provide guaranteed throughput and minimal delay for a multitude of services, includingvoice, video, and data. However, it does cost more than Frame Relay services. ATM (sort of an enhanced Frame Relay) can offer a connection guaranteed bandwidth, limited delay, limited number of errors, Quality of Service (QoS), and more. Frame Relay can provide some minimal guarantees to connections, but not to the degree of precision that ATM can. Whereas Frame Relay is limited to 45 Mbps connections, ATM can scale to very high speeds: OC-192 (SONET), for instance, affords about 10 Gbps of bandwidth.

Encapsulation method

With each WAN solution, there is an encapsulation type. Encapsulations wrap an information envelope around your data that is used to transport your data traffic. If you use leased line as your wide-area networking choice, you can encapsulate your data inside a High-Level Data-Link Control (HDLC) frame, PPP frame, or Serial Line IP (SLIP) frame. For packet-switched networks, you can encapsulate or package your data in X.25 frames, Frame Relay, or Asynchronous Transfer Mode (ATM) frames.

HDLC

Based on ISO standards, the HDLC (High-Level Data Link Control) protocol can be used with synchronous and asynchronous connections and defines the frame type and interaction between two devices at the data link layer. Cisco's HDLC is a proprietary protocol and will not work with other company's router.

PPP

PPP (the Point-to-Point Protocol) is based on an open standard.
PPP has two main components:
  • LCP (Link Control Protocol)
  • NCP (Network Control Protocol)
NCP is responsible for supporting multiple Layer 3 protocols. Each protocol has its own NCP, such as the IPCP for IP communication and IPXCP for IPX communication. Think of NCP as the "packager"; it is responsible for packaging, or encapsulating, your packets into a control protocol that is readable by PPP.
The link control protocol is used for establishing the link and negotiating optional settings. These options include
  • Compression— You can compress your data to conserve bandwidth across your WAN. Options for compression are Stacker and Predictor.
  • Callback— With callback, you dial into a router using a modem or ISDN and then disconnect. The other router then calls you back at a predefined number. This option is used for centralized billing and security reasons.
  • Multilink— Multilink allows you to bundle together more than one link to create more bandwidth. (Traffic will load balance across the links.) For example, you can bundle two 64K channels together to get a combined 128K.
  • Authentication— You can use authentication to verify a router's identity when it is connecting into your router. Options for authentication include CHAP and PAP.

PPP Authentication

PAP goes through a two-way handshake process. In this process, the source sends its username (or hostname) and password, in clear text, to the destination. The destination compares this information with a list of locally stored usernames and passwords. If it finds a match, the destination sends back an accept message. If it doesn't find a match, it sends back a reject message.
pap
CHAP uses a three-way handshake process to perform the authentication. The source sends its username (not its password) to the destination. The destination sends back a challenge, which is a random value generated by the destination. used by the source to find the appropriate password to use for authentication Both sides then take the source's username, the matching password, and the challenge and run them through the MD5 hashing function. The source then takes the result of this function and sends it to the destination. The destination compares this value to the hashed output that it generated—if the two values match, then the password used by the source must have been the same as was used by the destination, and thus the destination will permit the connection.
chap

No comments:

Post a Comment