Beruflich Dokumente
Kultur Dokumente
High-Level Data Link Control (HDLC) protocol, Point to Point Protocol (PPP)
The demarcation point is also called the “demark” the point where responsibility of the service
provider or telcom ends.
HDLC is the default encapsulation used by cisco routers over serial links
Cisco’s HDLC is proprietary it wont communicate with any other vendors HDLC implementation.
If we have a cisco router connected to a Bay router we have to use PPP encapsulation
Corporate
Router>enable
Router#config t
Router(config)#hostname Corp
Corp(config)#interface serial 0
Corp(config-if)#ip address 10.1.1.1 255.255.255.0
Corp(config-if)#no shutdown
Corp(config-if)#exit
Corp(config)#exit
Corp#
Branch
Router>enable
Router#config t
Router(config)#hostname Branch
Branch(config)#interface serial 0
Branch(config-if)#ip address 10.1.1.2 255.255.255.0
Branch(config-if)#no shutdown
Branch(config-if)#exit
Branch(config)#exit
Branch#
If you do a show running-config on a Cisco router, your serial interfaces (by default) won’t
have any encapsulation. This is because they are configured to the default of HDLC.
If you do a show interface serial 0/0, you’ll see that you are running HDLC.
PPP is a data-link protocol that you can use over either asynchronous serial (dial-up) or
synchronous serial (ISDN) media. It uses the Link Control Protocol (LCP) to build and maintain
data-link connections.
If we have a Cisco router and a non-Cisco router connected with a serial connection we must
configure PPP or another encapsulation method, such as frame relay because HDLC won't work.
Cisco Bay
The basic purpose of PPP is to transport Layer 3 packets across a Data Link Layer
PPP uses
LCP A method of establishing, configuring, maintaining and terminating the point to point
connection
NCP A method of establishing and configuring different network layer protocols. The Network
Control Protocol allows the simultaneous use of multiple protocols e.g. IPCP and IPXCP
The PPP stack is specified at the Physical and Data Link Layers only. NCP is used to allow
communication of multiple Network layer protocols by encapsulating the protocols across a PPP
data link.
PPP Authentication Methods
PAP - less secure. Passwords sent in clear text and PAP is performed only upon the initial link
establishment. Peer in control of attempts.
CHAP - used at the initial start-up of the link and at periodic checkups to ensure the router is
communicating with the same host.
PPP Callback
Used after successful authentication using PAP or CHAP, a calling router will contact a remote
router, authenticate, the remote router (server) will then terminate the connection and reinitiate
the connection to the calling router (client). Both routers must be configured for callback.
Question
Which protocol should be chosen to support WAN connectivity in a multi-vendor system and
provide strong security through authentication?
PAP Example
PPP encapsulation must be enabled on both interfaces connected to a serial line to work.
RouterA#config t
RouterA(config)#username RouterB password cisco
RouterA(config)#int s0
RouterA(config-if)#encapsulation ppp
RouterA(config-if)#ppp authentication chap
RouterA(config-if)#ppp authentication pap
RouterA(config-if)#^Z
RouterB#config t
RouterB(config)#username RouterA password cisco
RouterB(config)#int s0
RouterB(config-if)#encapsulation ppp
RouterB(config-if)#ppp authentication chap
RouterB(config-if)#ppp authentication pap
RouterB(config-if)#^Z
If both authentication methods are configured as shown here then only the first method will be
used during link negotiation –the 2nd is backup if the first method fails.
The username is the hostname of the remote router connecting to your router which is case
sensitive. The password on both routers must be the same – a plain text password that you can
see with a show run command.
You can encrypt the password by using the command service password-encryption.
Question
The serial PPP link between the Left and Right routers is configured as shown in the diagram.
Which configuration issue explains why the link is unable to establish a PPP session?
Answer B
Explanation
Newcomers to ppp sometimes put the local router name in for the username; remember that the
remote router name is the username.
Configuring CHAP
CHAP requires you to configure a username / password combination for any remote device that
will be involved in authentication. (We're assuming that the routers have already been configured
with their names via the global hostname command.) Both routers will use the password CISCO .
R1
R2
Chap Example
CHAP Example
Troubleshooting PPP
If we have PPP encapsulation enabled here’s how you would verify that it’s up and running with
the show interface command.
RouterA#show int s0
Serial0 is up. Line protocol is up
Hardware is HD64570
Internet address is 172.16.20.1/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, rely
Encapsulation PPP, loopback not set, keepalive set (10s)
LCP Open
The version of HDLC used by Cisco routers is the default encapsulation type on Serial interfaces,
verifiable with the show interface serial command
R1#show interface serial 1
Serial1 is up, line protocol is up
Hardware is HD64570
Internet address is 172.12.13.1/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation HDLC, loopback not set
At this point, each partner in the PTP link can ping the other.
R1#ping 172.12.13.3
R3#ping 172.12.13.1
If one of the routers is running another encapsulation type, the physical interfaces will still be up,
but the line protocol will go down and IP connectivity will be lost. To illustrate, I'll change the
encapsulation type on R3's Serial1 interface to the Point-To-Point Protocol (PPP).
R3(config-if)#exit
R3(config)#int serial 1
R3(config-if)#encapsulation ppp
show interface serial 1 on both routers verifies that the physical interface is up, but the line
protocol is down. IP connectivity is lost.
R3#ping 172.12.13.1
R1#ping 172.12.13.3
The encapsulation mismatch has brought the line protocol down, and to bring it back up, we
simply need to make the encapsulation types match again.
Question
A two router network is running PPP over the serial interfaces that connect them. The enable
password on the Denim router is "gateway". The Denim router also has a locally configured
authentication password for the Plaid router which is "fortress". Which command must be
executed on the Plaid router to allow Denim to authenticate to the Plaid router using CHAP?
Answer D
Question
Refer to the output of the show interface Serial0/0 command in the graphic. How many NCPs
have been established?
A. 1
B. 2
C. 3
D. 4
Answer B
IPCP, CDPCP
Question
Interface is Serial0/0, electrical interface is UNKNOWN.
What can be concluded about the Serial 0/0 interface? (Choose three.)
A. Serial0z0 is down, line protocol is down
B. Serial0/0 is down, line protocol is up
C. Serial0/0 is up, line protocol is down
D. The interface is neither DCE or DTE.
E. The interface hardware may be faulty.
F. The cabling may be improperly connected.
Answer A, E, F
Serial0z0 is down, line protocol is down, The interface hardware may be faulty, The cabling may
be improperly connected.
Question
Which of the following is a reason for using such protocols as PAP and CHAP?
A. to establish a PPP session
B. to provide error checking on a WAN link
C. to restrict access to networks connected by serial and ISDN links
D. to provide a backup hostname and privilege mode password on the router
Answer C
Question
Several tasks must occur before a link between two routers can pass data using PPP. Which of
the following are required to establish and maintain a PPP session between two routers?
A. configure each host with a PPP address
B. configure authentication between the two routers
C. send LCP and NCP frames to negotiate configuration parameters
D. send hostname and password information between the two routers
Answer C
Question
Which of the following describes the High-Level Data Link Control protocol? (Choose three.)
A. HDLC provides flow and error control.
B. Standard HDLC supports multiple protocols on a single link.
C. HDLC uses sequencing and acknowledgements.
D. HDLC is defined as the default encapsulation on Cisco LAN interfaces.
E. Cisco implemented a proprietary version of HDLC.
Answer A, C, E
HDLC provides flow and error control, HDLC uses sequencing and acknowledgements, Cisco
implemented a proprietary version of HDLC.
Incorrect Answers
B. Pt-2-Pt not multipoint
D. Default Encapsulation on WAN interfaces
Question
Which authentication protocol can be spoofed to allow playback attacks?
A. MD5
B. CHAP
C. PAP
D. NCP
Answer C
PAP
Question
You are configuring a PPP CHAP connection between two routers. The hostnames are
SNOWBALL1 and SNOWBALL2. The SNOWBALL1 router has already been configured. You
are responsible for configuring SNOWBALL2. The password configured on SNOWBALL1 is
cisco. Which of the following is the correct username syntax that you will need to configure on
SNOWBALL2?
Answer B
Explanation
We must allow SNOWBALL2 access to SNOWBALL1. We should therefore specify the username
and the password of the hosting router: the peer router. The username of the peer router is
SNOWBALL1) and the password is cisco.
Incorrect Answers
A. We should use the peer username, not the local username
C, D. We must use the password of the peer, not the local password.
Question
Point-to-Point protocol (PPP) is used as a WAN encapsulation between two routers. Which one
of the following is true regarding PPP?
Answer C
Explanation
PPP provide router-to-router and host-to-network connections over synchronous and
asynchronous circuits.
Incorrect Answers
A. PPP supports both IP and IPX.
B. PPP is causing SLIP to be phased out.
D. PPP was not designed as a standard for packet-switched data networks.
Question
Which of the following WAN encapsulations support multiple upper layer protocols? (Choose
Two)
A. PPP
B. LAPD
C. ISDN
D. HDLC
Answer A, D
Explanation
Cisco has a proprietary HDLC. This Cisco HDLC frame uses a proprietary type field that acts as
protocol field, which makes it possible for multiple network later protocols to share the same serial
link.
PPP is not a proprietary protocol. As result, it is most often used to connect devices of different
vendors. In addition, it encapsulates network layer protocol information that makes it possible to
support multiple upper layer protocols.
Incorrect Answers
B. LAPB is a layer 2 protocol but LAPD is not.
C. ISDN is a Layer 1 (Physical) layer protocol, not Layer 2(data link).
Question
The ABC network is implementing dialup services for their remote employees. ABC uses several
different Layer 3 protocols on the network. Authentication of the users connecting to the network
is required for security. Additionally, some employees will be dialing long distance and will need
callback support. Which protocol is the best choice for these remote access services?
A. 802.1
B. Frame relay
C. HDLC
D. PPP
E. SLIP
F. PAP
Answer D
Explanation
PPP is the Point to Point Protocol, and is used in the majority of dial-up connections. PPP
includes support for numerous features, including caller ID check, PPP callback, and security
support. For security, either CHAP or PAP can be used, although CHAP is normally used as it is
more secure. PPP is a layer 2 protocol that can support any layer 3 protocols.
Question
Which PPP subprotocol negotiates authentication options?
A. NCP
B. ISDN
C. SLIP
D. LCP
E. DLCI
Answer D
Explanation
LCP: A method of establishing, configuring, maintaining, and terminating the point-to-point
connection. Link-establishment phase LCP packets are sent by each PPP device to configure
and test the link. These packets contain a field called the Configuration Option that allows each
device to see the size of the data, compression, and authentication. If no Configuration Option
field is present, then the default configurations are used.
Question
A network administrator needs to configure a serial link between the main office and a remote
location. The router at the remote office is a non-Cisco router. How should the network
administrator configure the serial interface of the main office router to make the connection?
Answer B
Explanation: The default encapsulation on a serial interface is the Cisco proprietary HDLC. When
connecting to routers from another vendor, we will need to use the standards based PPP, which
is correctly defined in choice B.
Incorrect Answers
A. This is not a correct answer because no encapsulation is defined, so the default HDLC will be
used, which is a Cisco proprietary protocol.
C. CHAP authentication is only used by PPP, not HDLC.
D. IETF itself is not an encapsulation option on an interface; it is used in frame relay networks,
where the encapsulation can be frame relay IETF, but not simply IETF alone.