< Free Open Study > |
Lab 11: Configuring PPP, CHAP, and LQM over Synchronous Links ”Part IILab WalkthroughAttach two routers in a back-to-back fashion, using either a V.35 cable or CSU/DSUs with a crossover cable, as depicted in Figure 4-10. To configure skynet_lab, you can preserve most of your configuration from the previous lab. Here, you essentially configure PPP over the interface, enable CHAP, and enforce LQM. First, configure the serial interfaces for PPP by changing the encapsulation type to PPP. At this time, also set a username for the remote router, isp_router, and set the password to 2diablo2: skynet_lab(config)# username ips_router password 2diablo2 skynet_lab(config)# int s0 skynet_lab(config-if)# encapsulation ppp skynet_lab(config-if)# ppp authentication chap Normally, this would be all that is required for a PPP connection over a serial link; however, you still want to enable and enforce LQM and DNS. To enable LQM on the interface to tolerate a loss of no more then 40 percent, use the ppp quality percentage_of_successful_traffic command. The PPP quality is measured in a percentage of successful traffic, so you should set this value to 60. Moving over to the ISP router, you configure that router in much the same way that you configured the Skynet router. Example 4-25 demonstrates the commands needed on the ISP router. Example 4-25 Configuration of the ISP PPP Connectionisp_router(config)# username skynet_lab password 2diablo2 isp_router(config)# int s0 isp_router(config-if)# ip address 196.128.128.6 255.255.255.0 isp_router(config-if)# encapsulation ppp isp_router(config-if)# ppp authentication chap isp_router(config-if)# clock rate 2000000 isp_router(config-if)# ppp quality 60 isp_router(config-if)# ^Z You can verify the functionality of the serial links by performing a ping of the remote serial interface from both routers. If you enable debug ppp negotiation and debug ppp authentication, you see LQM messages being exchanged on the link, as well as PPP CHAP authentication being performed. The last step is to configure the router for both the ISP and Skynet. Skynet will have only one route out of the network at this time, so you should use a default route pointing all outbound traffic to the ISP's serial interface. Three commands work together to accomplish this:
The ip classless command tells the router to forward any traffic destined toward a subnet not found in its routing table. Without this command, the router will not forward any traffic if the router does not have a route to the destination. The ip default-network commands set the default route to 0.0.0.0, and the ip route command is a static route pointing to the 0.0.0.0 catchall network. All traffic will be forwarded to the next -hop address entered here. For the ISP, you should be more specific about the routing. Here, you should simply make one static route pointing toward the remote network: ip route 172.16.1.0 255.255.255.0 196.128.128.5 After this is complete, ensure that you have two-way connectivity by issuing extended ping s, sourced from each router's Ethernet port. If you perform show ip route on Skynet, you should see the default route set, as demonstrated in Example 4-26. Example 4-26 show ip route of Skynet and the IP Router ”Note the Default Route Setskynet_lab# show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default U - per-user static route, o - ODR T - traffic engineered route Gateway of last resort is 196.128.128.6 to network 0.0.0.0 Default route set C 201.201.201.0/24 is directly connected, Loopback0 196.128.128.0/24 is variably subnetted, 2 subnets, 2 masks C 196.128.128.4/30 is directly connected, Serial0 C 196.128.128.6/32 is directly connected, Serial0 172.16.0.0/24 is subnetted, 1 subnets C 172.16.1.0 is directly connected, Ethernet0 192.168.1.0/30 is subnetted, 1 subnets C 192.168.1.4 is directly connected, Async8 S* 0.0.0.0/0 [1/0] via 196.128.128.6 IP next hop of default route skynet_lab# isp_router# show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default U - per-user static route, o - ODR Gateway of last resort is not set 128.200.0.0/24 is subnetted, 1 subnets C 128.200.1.0 is directly connected, Ethernet0 172.16.0.0/24 is subnetted, 1 subnets S 172.16.1.0 [1/0] via 196.128.128.5 route to Skynet 196.128.128.0/24 is variably subnetted, 2 subnets, 2 masks C 196.128.128.5/32 is directly connected, Serial0 C 196.128.128.0/24 is directly connected, Serial0 isp_router# The stage is optional, and it allows the forwarding of DNS requests to a DNS server. To forward DNS requests , two commands are needed:
The ip name-server command tells the router the IP address of the DNS server, whereas the ip domain-lookup command forwards the UDP DNS packets. Example 4-27 demonstrates the configuration and use of the DNS server at the ISP. This example was taken from a real ISP router; note that the lab has no "real" connection to the Internet, so these statements are shown only for reference and will not be present in Example 4-28. Example 4-27 Configuration and Use of DNS Services on a Routeskynet_lab(config)# ip name-server 204.221.151.248 skynet_lab(config)# ip domain-lookup skynet_lab(config)# ^Z skynet_lab#ping www.cisco.com Translating "www.cisco.com"...domain server (204.221.151.248) [OK] Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 198.133.219.25, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 112/114/116 ms skynet_lab# If you have problems with DNS, ensure that you have IP connectivity to the DNS server, and also make sure that the router's UDP packets are being forwarded. Example 4-28 shows the router configurations in their entirety. Example 4-28 Router Configurations for Skynet and the ISP Routeskynet_lab# show running-config Building configuration... Current configuration: ! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname skynet_lab ! enable password cisco ! username JP password 0 trashman username isp_router 0 2diablo2 ip subnet-zero ! interface Ethernet0 ip address 172.16.1.1 255.255.255.0 no ip directed-broadcast ! interface Serial0 ip address 196.128.128.5 255.255.255.252 no ip directed-broadcast encapsulation ppp no ip mroute-cache no fair-queue ppp quality 60 ! interface Serial1 no ip address no ip directed-broadcast shutdown ! interface Async8 ip address 192.168.1.5 255.255.255.252 no ip directed-broadcast encapsulation ppp no ip mroute-cache dialer in-band dialer idle-timeout 600 dialer-group 8 async mode interactive peer default ip address 192.168.1.6 compress mppc no cdp enable ppp authentication pap ! ip classless ip default-network 0.0.0.0 ip route 0.0.0.0 0.0.0.0 196.128.128.6 ! dialer-list 8 protocol ip permit ! line con 0 exec-timeout 0 0 transport input none line 1 7 transport input all line 8 autoselect during-login autoselect ppp login local modem InOut modem autoconfigure type default transport input all speed 115200 line 9 16 line aux 0 line vty 0 4 login local ! end skynet_lab# _______________________________________________________________ isp_router# show running-config Building configuration... Current configuration: ! version 11.2 no service password-encryption no service udp-small-servers no service tcp-small-servers ! hostname isp_router ! !username skynet_lab password 2diablo2 ! interface Ethernet0 ip address 128.200.1.1 255.255.255.0 ! interface Serial0 ip address 196.128.128.6 255.255.255.0 encapsulation ppp clockrate 2000000 ppp quality 60 ! interface Serial1 no ip address shutdown ! interface BRI0 no ip address shutdown ! no ip classless ip route 172.16.1.0 255.255.255.0 196.128.128.5 ! line con 0 exec-timeout 0 0 line aux 0 line vty 0 4 login ! end isp_router# |
< Free Open Study > |