CCNA Complete Course: wan

Showing posts with label wan. Show all posts

Thursday, 14 November 2019

What is NAT and how does it work ?

This section explains What is NAT(Network Address Translation) and how does it work, as well as its characteristics. All public IPv4 addresses used on the Internet must be registered in a regional Internet registry (RIR). Organizations can lease public addresses from an SP, but only the registered owner of a public Internet address can assign that address to a network device.
However, with a theoretical maximum of 4300 million addresses, the IPv4 address space is very limited. When Bob Kahn and Vint Cerf first developed the TCP / IP protocol suite that included IPv4 in 1981, they never imagined what the Internet could become.
With the proliferation of personal computing devices and the arrival of the World Wide Web, it soon became clear that the 4300 million IPv4 addresses would not be enough. The long-term solution was the IPv6 protocol, but more immediate solutions were needed. In the short term, the IETF implemented several solutions, including translation of network addresses (NAT) and private IPv4 addresses defined in RFC 1918 .

PRIVATE IPV4 ADDRESS SPACE

There are not enough public IPv4 addresses to assign a unique address to each device connected to the Internet. Networks are usually implemented through the use of private IPv4 addresses, as defined in RFC 1918. The following table shows the range of addresses included in RFC 1918.

Table of private IPv4 addresses.
Class	Internal Address Range RFC 1918	CIDR prefix
TO	10.0.0.0 to 10.255.255.255	10.0.0.0/8
B	172.16.0.0 to 172.31.255.255	172.16.0.0/12
C	192.168.0.0 to 192.168.255.255	192.168.0.0/16

These private addresses are used within an organization or a site to allow devices to communicate locally. However, since these addresses do not identify individual companies or organizations, private IPv4 addresses cannot be routed over the Internet .
To allow a device with a private IPv4 address to access resources and devices outside the local network, the private address must first be translated into a public address .
NAT provides the translation of private addresses to public addresses. This allows a device with a private IPv4 address to access resources outside its private network, such as those found on the Internet.
A single public IPv4 address can be shared among hundreds or even thousands of devices, each configured with an exclusive private IPv4 address.

WHAT IS NAT?

NAT (Network Address Translation) has many uses, but the main one is to keep public IPv4 addresses . This is achieved by allowing networks to use private IPv4 addresses internally and by providing translation to a public address only when necessary.
NAT has the additional benefit of providing some degree of privacy and additional security to a network, since it hides the internal IPv4 addresses of external networks.
Routers with NAT enabled can be configured with one or more valid public IPv4 addresses. These public addresses are known as " NAT set ".
When an internal device sends out-of-network traffic, the router with NAT enabled translates the device's internal IPv4 address to a public address in the NAT set. For external devices, all incoming and outgoing network traffic appears to have a public IPv4 address from the set of addresses provided.

In general, NAT routers work at the border of an internal route network. An internal route network is one that has a single connection to its neighboring network, an entrance to the network and an exit from it. In the example in Image 2, R2 is a border router. Viewed from the ISP, R2 forms a network of internal routes.
When a device within the internal route network wishes to communicate with a device outside its network, the packet is forwarded to the border router. The border router performs the NAT process, that is, it translates the internal private address of the device to a public, external and routable address.

NAT TERMINOLOGY

According to NAT terminology, the internal network is the set of networks subject to translation. The external network refers to all other networks.
When using NAT, IPv4 addresses are designated differently, depending on whether they are on the private network or on the public network (Internet), and whether the traffic is inbound or outbound.
NAT includes four types of addresses:

Internal Local Address
Global Global Address
External local address
Global external address

When determining what type of address is used, it is important to remember that NAT terminology is always applied from the perspective of the device with the translated address:

Inside Local address : the address of the device that is translated through NAT.
Inside Global address : the address of the destination device.

NAT uses the concepts of local or global in relation to addresses:

Outside Local address : any address that appears in the internal portion of the network.
outside Global address : any address that appears in the outer portion of the network.

In the illustration, PC1 has the internal local address 192.168.10.10. From the perspective of PC1, the web server has the external address 209.165.201.1. When packets from PC1 are sent to the global web server address, the internal local address of PC1 is translated to 209.165.200.226 (internal global address). In general, the external device address is not translated (usually public IPv4 address).

PC1 has different local and global addresses, while the web server has the same public IPv4 address in both cases. From the perspective of the web server, the traffic originating in PC1 seems to come from 209.165.200.226 (internal global address).
The NAT (R2) router is the demarcation point between internal and external networks; and, local and global addresses.

INTERNAL, EXTERNAL, GLOBAL AND LOCAL TERMS

The terms "internal" and "external" are combined with the terms "global" and "local" to refer to specific addresses. In the illustration, router R2 was configured to provide NAT. This has a set of public addresses to assign to internal hosts.

Inside local address : the source address seen from inside the network. In the illustration, IPv4 address 192.168.10.10 was assigned to PC1. This is the internal local address of PC1.
Inside Global address: the source address seen from the external network. In the illustration, when traffic from PC1 is sent to the web server on 209.165.201.1, R2 translates the internal local address to an internal global address. In this case, R2 changes the source IPv4 address from 192.168.10.10 to 209.165.200.226. According to NAT terminology, the internal local address 192.168.10.10 is translated to the internal global address 209.165.200.226.
Outside Global address: the destination address seen from the external network. It is a globally routable IPv4 address and assigned to a host on the Internet. For example, the web server can be reached at IPv4 address 209.165.201.1. In general, global and local external addresses are the same.
Outside local address : the address of the destination seen from the internal network. In this example, PC1 sends traffic to the web server at IPv4 address 209.165.201.1. While it is rare, this address may be different from the globally routable address of the destination.

The illustration shows how traffic that is sent from an internal computer is directed to an external web server through the router with NAT enabled. It also shows how return traffic is directed and translated initially.

HOW DOES NAT WORK?

In this example, PC1 with private address 192.168.10.10 wishes to communicate with an external web server with public address 209.165.201.1.

PC1 sends a packet addressed to the web server. R1 forwards the packet to R2.
When the packet arrives at R2, the router with NAT enabled for the network, R2 reads the source IPv4 address of the packet to determine if it meets the criteria specified for translation.
In this case, the source IPv4 address meets the criteria and translates from 192.168.10.10 (internal local address) to 209.165.200.226 (internal global address). R2 adds this local to global address assignment to the NAT table.
R2 sends the packet with the translated source address to the destination.
The web server responds with a packet addressed to the internal global address of PC1 (209.165.200.226).
The R2 receives the packet with the destination address 209.165.200.226. Review the NAT table and find an entry for this assignment. R2 uses this information and translates the internal global address (209.165.200.226) to the internal local address (192.168.10.10), and the packet is forwarded to PC1.

How to Configure Frame Relay On Cisco Router

You learn about How to Configure Frame Relay On Cisco with serial interface of a router. You also learn how to configure point-to-point sub-interfaces.

Basic Frame Relay Configuration Commands

Frame Relay is configured on a Cisco router from the Cisco IOS command line interface (CLI) . The following table shows the mandatory and optional steps to configure Frame Relay .

Frame Relay configuration tasks.
Type of Task	Description
Required Tasks	Enable Frame Relay encapsulation in an interface. Configure dynamic or static address assignment.
Optional tasks	Configure the LMI. SVC Frame Relay configuration. Configure Frame Relay traffic modeling. Customize Frame Relay for the network. Control and maintain Frame Relay connections.

Below is the topology of three routers that is used in this section, although the initial focus is on the Frame Relay link between R1 and R2, the 10.1.1.0/24 network.

STEP 1. SET THE IP ADDRESS IN THE INTERFACE

On a Cisco router, Frame Relay is generally supported on synchronous serial interfaces. Use the ip address command to set the IPv4 address of the interface.
In the link between R1 and R2, address 10.1.1.1/24 was assigned to S0 / 0/1 of R1 and IPv4 address 10.1.1.2/24 to S0 / 0/1 of R2.
With the ipv6 address command , routers R1 and R2 were also configured with the following IPv6 addresses:

R1 was configured with the global unicast IPv6 address 2001: DB8: CAFE: 1 :: 1/64 and the static link-local address FE80 :: 1.
The R2 was configured with the global unicast IPv6 address 2001: DB8: CAFE: 1 :: 2/64 and the static link-local address FE80 :: 2.

Note : By default, the Cisco IOS uses EUI-64 to automatically generate the link-local IPv6 address on an interface.

STEP 2. CONFIGURE ENCAPSULATION

The encapsulation frame-relay interface configuration command [ cisco | ietf ] enables Frame Relay encapsulation and allows Frame Relay processing on the supported interface.

The cisco encapsulation type is the default Frame Relay encapsulation enabled on the supported interfaces. Use this option if you connect to another Cisco router.

Many non-Cisco devices also support this type of encapsulation. It uses a 4-byte header, with 2 bytes to identify the DLCI and 2 bytes to identify the type of packet.

The ietf encapsulation type complies with RFC 1490 and RFC 2427. Use this option if you connect to a non-Cisco router.

STEP 3. SET THE BANDWIDTH

Use the bandwidth command to set the bandwidth of the serial interface. Specify the bandwidth in kb / s. This command notifies the routing protocol that the bandwidth was statically configured on the link. The EIGRP and OSPF routing protocols use the bandwidth value to calculate and determine the link metric.

STEP 4. SET THE TYPE OF LMI (OPTIONAL)

Manual configuration of the LMI type is optional, since Cisco routers automatically detect the type of LMI by default. Remember that Cisco supports three types of LMI: Cisco, ANSI Annex D and Q933-A Annex A. The default LMI type for Cisco routers is Cisco.
R1 Configuration Example:
R1 (config) # interface Serial0 / 0/1
R1 (config-if) # bandwidth 64
R1 (config-if) # ip address 10.1.1.1 255.255.255.0
R1 (config-if) # ipv6 address 2001: db8: cafe: 1 :: 1/64
R1 (config-if) # ipv6 address fe80 :: 1 link-local
R1 (config-if) # encapsulation frame-relay
The show interfaces serial command verifies the configuration, including Frame Relay layer 2 encapsulation and the default LMI type cisco.

Note that this command shows the IPv4 address, but does not include any of the IPv6 addresses. Use the show ipv6 interface command or the show ipv6 interface brief command to verify IPv6.

Note : The no encapsulation frame-relay command eliminates Frame Relay encapsulation on the interface and returns the interface to the default HDLC encapsulation.

2. SETTING UP A STATIC FRAME RELAY MAP
Cisco routers support all network layer protocols using Frame Relay, such as IPv4, IPv6, IPX and AppleTalk. Address assignment to DLCI is achieved by dynamic or static address assignment.

The dynamic assignment is performed by the inverse ARP feature . Because reverse ARP is enabled by default, no additional commands are required.

The static assignment is manually configured on a router (following the topology of Image 1). The establishment of static allocation depends on the needs of the network.

To assign between a next hop protocol address and a DLCI destination address, use the command:

frame-relay map protocol protocol-address dlci [ broadcast ]

Frame-relay map command parameters
Parameter	Description
protocol	Define the supported protocol, bridge or logical link control: ip (IPv4), ipv6, AppleTalk, decnet, dlsw, ipx, llc2, rsrb, vines and xns.
protocol-address	Defines the network layer address of the destination router interface.
dlci	Defines the local DLCI that is used to connect to the remote protocol address.
broadcast	(Optional) Allows broadcast and multicast transmissions through the virtual circuit. This allows the use of dynamic routing protocols in the VC.

THE BROADCAST PARAMETER

Frame Relay, ATM and X.25 are multiaccess networks without broadcast (NBMA). NBMA networks only allow the transfer of data from one computer to another through a VC or a switching device. This requires that you play the packages manually to all destinations.
The use of the broadcast keyword is a simplified way to resend routing updates. It allows IPv4 broadcasts and broadcasts to spread to all nodes. It also allows IPv6 multicasting through PVC. When the keyword is enabled, the router converts broadcast and multicast traffic to unicast traffic.
Image shows how to use keywords when configuring static address assignments. Note that the first assignment of Frame Relay IPv6 to a global unicast address does not include the broadcast keyword.

However, the broadcast keyword is used in the assignment to the link-local address. IPv6 routing protocols use link-local addresses for multicast routing updates. Therefore, only the link-local address map requires the broadcast keyword to resend multicast packets.

VERIFICATION OF A STATIC FRAME RELAY MAP

To verify the Frame Relay assignment, use the show frame-relay map command .

Note that there are three Frame Relay assignments. There is an assignment for IPv4 and two for IPv6, one for each of the IPv6 addresses.

PROBLEMS AND CONNECTION SOLUTION

By default, most Frame Relay networks provide NBMA connectivity between remote sites using a hub-and-spoke topology.
In a NBMA Frame Relay topology, when a single multipoint interface must be used to interconnect multiple sites, connection problems may arise from routing updates. With distance vector routing protocols, split horizon connection problems may arise, as well as multicast and broadcast reproduction. With link state routing protocols, problems with choosing the DR / BDR can cause connection problems.

SPLIT HORIZON

The split horizon rule is a loop prevention mechanism for distance vector routing protocols such as EIGRP and RIP. This rule reduces routing loops by preventing a routing update that is received on an interface from being forwarded from the same interface.

In the Frame Relay hub-and-spoke topology, the remote router R2 (a spoke router) sends an update to the central office router R1 (the router hub).
The R1 connects several PVCs through a single physical interface.
R1 receives multicast on its physical interface; however, the split horizon cannot forward that routing update through the same interface to other remote routers (spoke).

Note : The split horizon is not a problem if only one PVC (a single remote connection) was configured on a physical interface. This type of connection is point to point.

MULTICAST AND BROADCAST PLAYBACK

As shown in the figure, due to the split horizon, when a router supports multipoint connections through a single interface, the router must reproduce the broadcast and multicast packets.

In the case of routing updates, the updates must be reproduced and sent on each PVC to the remote routers. These reproduced packets consume bandwidth and cause significant latency variations in user traffic.

NEIGHBOR DISCOVERY: DR AND BDR

Link state routing protocols, such as OSPF, do not use the split horizon rule to avoid loops. However, connection problems with the DR / BDR may arise.
In NBMA networks, OSPF operates in network mode without broadcast by default, and neighbors are not discovered automatically. Neighbors can be statically configured. However, make sure that the router hub becomes a DR.

Remember that an NBMA network behaves like Ethernet, and in Ethernet a DR is needed to exchange routing information between all routers in a segment. Therefore, only the router hub can function as a DR, because it is the only router that has PVC with the rest of the routers.

TROUBLESHOOTING CONNECTION ISSUES

There are several ways to solve the routing connection problem:
Disable the split horizon : a method to solve the connection problems caused by the split horizon can be to deactivate the split horizon. However, disabling the split horizon increases the chances of routing loops forming in the network. In addition, only IP allows you to disable the split horizon; IPX and AppleTalk do not allow it .
Full mesh topology: This topology increases costs.
Subinterfaces : In a Hub-and-spoke Topology of Frame Relay, the router hub can be configured with logically assigned interfaces called "subinterfaces".

FRAME RELAY SUBINTERFACES

Frame Relay can divide a physical interface into several virtual interfaces called "subinterfaces."

A subinterface is simply a logical interface that is directly associated with a physical interface. Therefore, a Frame Relay subinterface can be configured for each of the PVCs entering a physical serial interface.
To enable the forwarding of broadcast routing updates on a Frame Relay network, you can configure the router with logically assigned subinterfaces.

When using a subinterface configuration, each VC can be configured as a point-to-point connection.
A partial mesh network can be divided into several smaller, full-mesh, point-to-point networks.
A unique network address can be assigned to each point-to-point subnet. This allows each subinterface to work similarly to a leased line.
Using a point-to-point Frame Relay subinterface, each pair of point-to-point routers is in its own subnet. This allows packets received in a subinterface to be sent through another subinterface, even if the packets are forwarded by the same physical interface.

FRAME RELAY SUBINTERFACES CONFIGURATION

Frame Relay subinterfaces can be configured in mode:

Point-to-point : A single point-to-point subinterface establishes a PVC connection to another physical interface or subinterface in a remote router. In this case, each pair of point-to-point routers is in its own subnet, and each point-to-point subinterface has a single DLCI. In a point-to-point environment, each subinterface functions as a point-to-point interface. For each point-to-point VC, there is a different subnet. Therefore, routing update traffic is not subject to the split horizon rule.

Multipoint : A single multipoint subinterface establishes several PVC connections to several physical interfaces or subinterfaces on remote routers. All the interfaces that participate are in the same subnet. The subinterface functions as an NBMA Frame Relay interface, so routing update traffic is subject to the split horizon rule. All multipoint VCs belong to the same subnet.

When configuring subinterfaces, the encapsulation frame-relay command is assigned to the physical interface. All other configuration items, such as the network layer address and the DLCIs, are assigned to the subinterface.

SUBINTERFACE CONFIGURATION

Subinterfaces address the limitations of Frame Relay networks by providing a way to subdivide a partial mesh Frame Relay network into a number of smaller full-mesh or point-to-point subnets. Each subnet is assigned its own network number and appears before the protocols as if it could be reached through a different interface.

POINT-TO-POINT SUBINTERFACES CONFIGURATION

To create a subinterface, use the command:

router (config-if) # interface serial number.subinterface-number { multipoint | point-to-point }
To simplify troubleshooting, use the DLCI as a subinterface number. You must also specify whether the interface is point-to-multipoint or point-to-point with the multipoint or point-to-point keyword, since there is no default value. These keywords are defined in the table:

Parameters of the serial interface command.
Parameter	Description
subinterface-number	The subinterface number must be in the range of 1 to 4294967293. The interface number that precedes the point (.) Must match the physical interface number to which this subinterface belongs.
multipoint	Select this option if all routers are in the same subnet.
point-to-point	Select this option so that each pair of point-to-point routers have their own subnet. Point-to-point links typically use a 255.255.255.252 subnet mask

The following command creates a point-to-point subinterface for PVC 103 through R3:
R1 (config-if) # interface serial 0/0 / 0.103 point-to-point

DLCI CONFIGURATION

If the subinterface is configured as point-to-point, the local DLCI of the subinterface must also be configured to distinguish it from the physical interface. DLCI is also required for multipoint subinterfaces with reverse ARP enabled for IPv4. Not required for multipoint subinterfaces configured with static route maps.
The Frame Relay service provider assigns the DLCI numbers. These numbers range from 16 to 992 and, in general, only have local importance. The interval varies depending on the LMI used.
The frame-relay interface-dlci command configures the local DLCI in the subinterface, as shown in Figure 2:
router (config-subif) # frame-relay interface-dlci dlci-number

Parameters of the frame-relay interface-dlci command.
Parameter	Description
dlci-number	Defines the local DLCI number that links to the subinterface. This is the only way to link a DLCI derived from LMI with a subinterface, since LMI does not know the subinterfaces. Use the frame-relay interface-dlci command only in subinterfaces.

R1 (config-subif) # frame-relay interface-dlci 103

EXAMPLE: POINT-TO-POINT SUBINTERFACE CONFIGURATION

The previous topology is shown, but with point-to-point subinterfaces. Each PVC is a different subnet. The physical interfaces of the router are divided into subinterfaces, with each subinterface in a different subnet.

In Image, R1 has two point-to-point subinterfaces. Subinterface s0 / 0 / 1,102 is connected to R2, and subinterface s0 / 0 / 1,103 is connected to R3. Each subinterface is in a different subnet.

To configure subinterfaces in a physical interface, the following steps are required:

Step 1 . Remove any network layer address assigned to the physical interface. If the physical interface has an address, local subinterfaces do not receive frames.
Step 2 . Configure Frame Relay encapsulation on the physical interface using the encapsulation frame-relay command .
Step 3 . Create a logical subinterface for each of the defined PVCs. Specify the port number, followed by a period (.) And the subinterface number. To simplify problem solving, it is suggested that the subinterface number match the DLCI number.
Step 4 . Configure an IP address for the interface and set the bandwidth.
Step 5 . Configure the local DLCI in the subinterface using the frame-relay interface-dlci command. Remember that the Frame Relay service provider assigns the DLCI numbers.

Wednesday, 13 November 2019

Virtual Circuit in Frame Relay

The operation of Virtual Circuit in Frame Relay and the bandwidth control mechanisms are explained in this article.

What is Virtual Circuit?

The connection through a Frame Relay network between two DTEs is a VC. The circuits are virtual because there is no direct electrical connection from end to end.
The connection is logical, and the data is transferred from end to end without a direct electrical circuit. With VCs, Frame Relay shares bandwidth among multiple users, and any individual site can communicate with any other individual site without using several dedicated physical lines.
There are two ways to establish VC:

Switched virtual circuits (SVC) : they are established dynamically by sending signaling messages to the network (CALL SETUP, DATA TRANSFER, IDLE, CALL TERMINATION).
Permanent virtual circuits (PVC) : the service provider preconfigures them and, once established, they only work in IDLE and DATA TRANSFER modes. Note that, in some publications, PVCs are called “private VCs”.

Note : PVCs are implemented more frequently than SVCs.

VCs provide a two-way communication path from one device to another. VCs are identified by DLCIs, as shown in Image 1. Typically, the Frame Relay service provider assigns DLCI values .

Multiple Virtual Circuits Frame Relay

SEVERAL VC

Frame Relay is multiplexed statistically, which means that it only transmits one frame at a time, but many logical connections can coexist on a single physical line.
The Frame Relay access device (FRAD) or the router connected to the Frame Relay network can have several VCs that connect it to the various terminals. Several VCs on a single physical line are distinguished because each VC has its own DLCI. Remember that the DLCI has only local importance and may be different at each end of a VC.
Below is an example of two VCs on a single access line, each with its own DLCI, that connect to a router (R1).

This capability usually reduces the complexity of the network and the equipment required to connect several devices, which makes it a very cost-effective replacement for a mesh of access lines. With this configuration, each terminal needs only a single line and access interface.

COST BENEFITS OF HAVING SEVERAL VCS

With Frame Relay, customers pay for the bandwidth they use. In effect, they pay for a Frame Relay port. When the client increases the number of ports, it pays for more bandwidth, but does not pay for more equipment , because the ports are virtual. There are no changes in the physical infrastructure. Compare this to the acquisition of more bandwidth through dedicated lines.

FRAME RELAY ENCAPSULATION

Frame Relay takes data packets from a network layer protocol, such as IPv4 or IPv6, encapsulates them as the data portion of a Frame Relay frame and then passes the frame to the physical layer for cable delivery.
To understand how this works, it is convenient to understand how it relates to the lower levels of the OSI model. Frame Relay encapsulates data for transport and drops it to the physical layer for delivery:

First, Frame Relay accepts a packet from a network layer protocol, such as IPv4.
It then wraps it with an address field that contains the DLCI and a checksum value.
Indicator fields are added to indicate the beginning and end of the frame.
The indicator fields mark the beginning and end of the plot, and are always the same.
The indicators are represented as the hexadecimal number 7E or as the binary number 01111110.
Once the package is encapsulated, Frame Relay passes the frame to the physical layer for transport.

FRAME RELAY HEADER

The CPE router encapsulates each layer 3 packet within a header and a Frame Relay trailer before sending it through the VC. The header and trailer are defined in the bearer services specification for the link access procedure for Frame Relay (LAPF), ITU Q.922-A.

ADDRESS FIELD

As shown in Image 4, the Frame Relay header (address field) contains:

DLCI : The 10-bit DLCI is one of the most important fields in the Frame Relay header. This value represents the virtual connection between the DTE device and the switch.
C / R : is the bit that follows the most important DLCI byte in the address field. The C / R bit is not currently defined.
Extended Address (EA) : If the value of the EA field is 1, it is determined that the current byte is the last octet of the DLCI. The eighth bit of each byte in the Address field indicates the EA.
Congestion control : consists of 3 bits of Frame Relay congestion notification. They are specifically referred to as "explicit forward congestion notification bit" (FECN), "explicit backward congestion notification bit" (BECN) and "eligible discard bit".

Typically, the physical layer is EIA / TIA-232, 449 or 530, V.35 or X.21. The Frame Relay frame is a subset of the HDLC frame type; therefore, it is delimited with indicator fields.
The 1-byte indicator uses bit pattern 01111110. The FCS determines if errors occurred in the Layer 2 address field during transmission.
The sending node calculates the FCS before transmission, and the result is inserted in the FCS field. At the far end, a second value of FCS is calculated and compared to the FCS in the frame. If the results are the same, the plot is processed. If there is a difference, the plot is discarded.
Frame Relay does not notify the source when a frame is discarded. Error control is reserved for the upper layers of the OSI model.

What is Frame Relay & Its Benifits

This chapter is on What is Frame Relay & Its Benifits. Frame Relay is an alternative to dedicated WAN leased lines, which are more expensive. This section describes the benefits of Frame Relay. Frame Relay is a high performance WAN protocol that works on the physical and data link layers of the OSI reference model. While more modern services such as broadband and metropolitan Ethernet reduced the need for Frame Relay in many locations, Frame Relay is still a viable option in many sites around the world.

FRAME RELAY TECHNOLOGY

Leased lines provide permanent dedicated capacity and are widely used to build WAN networks. They are the traditional connection of preference, but have a number of disadvantages.
A disadvantage is that customers pay for leased lines with a fixed capacity . However, WAN traffic usually varies, and some of the capacity remains unused. In addition, each terminal needs an individual physical interface on the router, which increases equipment costs. In general, any change in the leased line requires that the staff of the service provider visit the site.
Frame Relay is a high performance WAN protocol that works on the physical and data link layers of the OSI reference model. Unlike leased lines, Frame Relay only requires a single access circuit to the Frame Relay service provider to communicate with other sites connected to the same provider. The capacity between two sites may vary.
Eric Scace, a Sprint International engineer, invented Frame Relay as a simpler version of the X.25 protocol for use through the integrated services digital network (ISDN) interfaces. Currently, it is also used in other types of network interfaces. When Sprint implemented Frame Relay in its public network, it used StrataCom switches. The acquisition of StrataCom by Cisco in 1996 marked its entry into the market of service providers.

FRAME RELAY USEs

Network service providers implement Frame Relay to support voice and data traffic between LAN networks through a WAN. Each end user obtains a private line, or a leased line, to a Frame Relay node.
The Frame Relay network handles transmission through a frequently changing route, transparent to all end users. As shown in Image, Frame Relay provides a solution to allow communications between several sites through a single access circuit to the provider.

Historically, Frame Relay was widely used as a WAN protocol because it was economical compared to dedicated leased lines. In addition, configuring the user's equipment in a Frame Relay network is very simple.
Frame Relay connections are created by configuring the routers or other devices on the client's local computer (CPE) so that they communicate with a Frame Relay switch from a service provider. The service provider configures the Frame Relay switch, which minimizes the configuration tasks of the end user.

BENEFITS OF FRAME RELAY WAN TECHNOLOGY

With the advent of broadband services such as DSL and cable modem, Ethernet WAN, VPN and multi-protocol tag switching (MPLS), Frame Relay became a less suitable solution to access the WAN. However, there are still sites in the world that rely on Frame Relay to get connectivity to the WAN.
Frame Relay provides more bandwidth, reliability and resistance than private or leased lines.
Using an example of a large business network helps illustrate the benefits of using a Frame Relay WAN . In the example shown in Image, the SPAN Engineering company has five campuses throughout North America. Like most organizations, SPAN has various bandwidth requirements.

The first thing to keep in mind is the bandwidth requirement of each site . When working in the head office, connecting Chicago to New York requires a maximum speed of 256 kb / s. Three other sites need a maximum speed of 48 kb / s to connect to the central office, while the connection between the New York and Dallas branches requires only 12 kb / s.

REQUIREMENTS OF THE DEDICATED LINE

Through the leased lines, each of the SPAN sites is connected through a switch in the central office (CO) of the local telephone company through the local loop, and then through the entire network.
The Chicago and New York sites use a dedicated T1 line (equivalent to 24 DS0 channels) to connect to the switch, while other sites use ISDN connections (56 kb / s), as shown in Image 3.

Because the Dallas site connects to New York and Chicago, it has two locally leased lines. Network service providers provide SPAN with a DS0 between the respective COs, except for the largest pipeline that connects Chicago and New York, and has four DS0s.
The DS0 have different prices according to the region and are generally offered at a fixed price. These lines are really dedicated, since the network service provider reserves that line for SPAN exclusive use. There is no sharing, and SPAN pays for the end-to-end circuit, regardless of how much bandwidth it uses.

DISADVANTAGES OF DEDICATED LINES

A dedicated line provides few practical opportunities to establish a one-to-many connection without obtaining more lines from the network service provider. In the example, almost all communication must flow through the company's headquarters, simply to reduce the cost of additional lines.

After a more detailed analysis of the bandwidth requirements for each site, it is verified that there is a lack of efficiency:
Of the 24 DS0 channels available on the T1 connection, the Chicago site uses only seven. Some service providers offer fractional T1 connections in increments of 64 kb / s, but this requires a specialized device called a “multiplexer” at the client end to channel the signals. In this case, SPAN opted for the full T1 service.
Similarly, the New York site uses only five of its 24 available DS0s.
Because Dallas must connect to Chicago and New York, there are two lines that connect to each site through the CO.

The leased line design also limits flexibility. Unless the circuits are already installed, connecting new sites usually requires new circuit installations, and implementing it takes a long time. From the point of view of network reliability, imagine the additional costs in money and the complexity of adding redundant replacement circuits.

PROFITABILITY AND FLEXIBILITY OF FRAME RELAY

The SPAN Frame Relay network uses permanent virtual circuits (PVC), as shown in following image.

A PVC is the logical path along a source Frame Relay link, through the network and along a Frame Relay termination link to its final destination. Compare this to the physical path that a dedicated connection uses.
In a network with access through Frame Relay, a PVC defines the route between two terminals exclusively. The concept of virtual circuits (VC) is discussed in more detail later in this section.
SPAN Frame Relay solution provides flexibility and profitability.

FRAME RELAY PROFITABILITY

Frame Relay is a more profitable option for two reasons.

First, with dedicated lines, customers pay for an end-to-end connection that includes the local loop and network link. With Frame Relay, customers only pay for the local loop and acquire the bandwidth of the network service provider.

The distance between the nodes is not important. In a dedicated line model, customers use dedicated lines provided in increments of 64 kb / s, and Frame Relay customers can define their virtual circuit needs with much greater granularity, often in increments as small as 4 kb / s.

The second reason for the profitability of Frame Relay is that it shares bandwidth through a larger customer base. Generally, a network service provider can serve 40 or more clients of 56 kb / s through a T1 circuit.

The use of dedicated lines would require more CSU / DSU (one for each line), as well as more complicated routing and switching. Network service providers save because there is less equipment to acquire and maintain.

THE FLEXIBILITY OF FRAME RELAY

A virtual circuit provides considerable flexibility in network design. By analyzing the illustration, you can see that all SPAN offices connect to the Frame Relay cloud through their respective local loops. At the moment, what happens in the cloud is really not of interest.
The only thing that matters is that when any SPAN office wishes to communicate with any other SPAN office, all it has to do is connect to a virtual circuit that leads to the other office.
In Frame Relay, the end of each connection has a number to identify it called " data link connection identifier " (DLCI). Any station can connect to any other by simply indicating the address of that station and the DLCI number of the line to be used.
In a later section, you will learn that when Frame Relay is configured, all data from all configured DLCIs flow through the same router port. Imagine the same flexibility through dedicated lines. Not only is it difficult, but it also requires many more equipment.

PPP Troubleshooting

This article explains PPP Troubleshooting and how to use the show and debug commands to solve PPP problems .

TROUBLESHOOTING THE SERIAL PPP ENCAPSULATION

Remember that, for troubleshooting, the debug command is used , which is accessed in the privileged EXEC mode of the command line interface.
The debug result shows information about different router operations, related to the traffic generated or received by the router, and any error message. This can consume a considerable amount of resources, and the router is forced to apply the switching of processes to the packets that are purged.
The debug command should not be used as a control tool; instead, it is designed to be used for a brief period for troubleshooting.
Use the debug ppp command to display information about how PPP works.
debug ppp { packet | negotiation | error | authentication | compression | cbcp }
The following table shows the command syntax. Use version no of this command to disable the debug result.

THE DEBUG PPP COMMAND

Debug PPP command.
Parameter	Description
packet	Shows the PPP packets sent and received. (This command shows the downloads of the low level packages).
negotiation	Displays PPP packets sent during PPP startup, when PPP options are negotiated.
error	It shows the protocol errors and error statistics related to the negotiation and operation of the PPP connection.
authentication	Displays authentication protocol messages, including packet exchanges of the signal authentication protocol (CHAP, Challenge Authentication Protocol) and password authentication protocol (PAP).
compression	Shows specific information for exchanging PPP connections using MPPC. This command is useful for obtaining information about the sequence numbers of the incorrect packets when MPPC compression is enabled.
cbcp	It shows the protocol errors and statistics related to PPP connection negotiations through the use of MSCB.

Use the debug ppp command when trying to find the following:

The NCP protocols that are supported at any end of a PPP connection
Any loop that could exist in a PPP internetwork
Nodes that negotiate PPP connections correctly (or not)
The errors that occurred in the PPP connection
Causes for CHAP session failures
Causes for PAP session failures
Specific information on the exchange of PPP connections using the callback protocol (CBCP), used by Microsoft clients
Incorrect packet sequence number information where MPPC compression is enabled

PPP DEBUGGING

In addition to the debug ppp command , there are other commands for troubleshooting a PPP connection.
A good command to use during troubleshooting serial interface encapsulation is the debug ppp packet command , as shown in Image.

In the example in the illustration, packet exchanges are represented during normal PPP operation, including the LCP status, the LQM procedures and the LCP magic number.
Below is the result of the debug ppp negotiation command in a normal negotiation, where both sides agree on the NCP parameters. In this case, the IPv4 and IPv6 protocol types are proposed and confirmed.

The debug ppp negotiation command allows the network administrator to view PPP negotiation transactions, identify the problem or stage at which the error occurs, and develop a solution. The result includes LCP negotiation, authentication, and NCP negotiation.
The debug ppp error command is used to display protocol errors and error statistics regarding the negotiation and operation of PPP connections, as shown in Image.

These messages may appear when the quality protocol option is enabled on an interface that is already running PPP.

TROUBLESHOOTING PPP CONFIGURATION WITH AUTHENTICATION

Authentication is a feature that must be implemented correctly, otherwise the security of the serial connection may be compromised. Always verify the configuration with the show interfaces serial command , in the same way you did without authentication.

In the illustration, an example result of the debug ppp authentication command is shown . The following is an interpretation of the result:

The first line indicates that the router cannot authenticate on the Serial0 interface because the peer did not send any names.
Line 2 indicates that the router could not validate the CHAP response because the pioneer USER NAME was not found .
Line 3 indicates that no password was found for pioneer . Other possible responses in this line could be that no name was received to authenticate, that the name is unknown, that there is no secret for the given name, that the MD5 response received is short or that the MD5 comparison failed.

Finally, in the last line, code 4 means that a fault occurred. The following are other code values:

1 challenge
2 answer
3, successful connection
4 fails
id - 3 is the ID number per LCP packet format
len - 48 is the length of the package without the header