CCIE RS – L2 WAN Circuit Technology – MLPPP

Multilink PPP

  • Provides load balancing functionality over multiple WAN links
  • RFC 1990
  • Allows packets to be fragmented and sent at same time over multiple p2p links

Link Fragmentation and Interleaving (LFI)

  • Type of Cisco QoS
  • Prevent small delay sensitive packets from having to wait on longer, delay insensitive packets to be completely serialized out an interface
  • Fragments larger packets
  • Ppp multilink interleave
  • Ppp multilink fragment-delay [#]

Configuration

Interface multilink [#]
Ip address
Ppp multilink
Ppp multilink group [#]

CCIE RS – L2 WAN Circuit Technologies – PPPoE

Point to Point Protocol over Ethernet

Virtualizes Ethernet into multiple p2p sessions between clients and server

RFC 2516

  • • Adds 8 bytes of overhead
    • 2 bytes PPP
    • 6 bytes PPPoE
  • Change MTU on interface to 1492
  • MSS is changes to 1452 bytes
    • Allows for 40 bytes of TCP and IP header and 8 byte PPPoE header
  • Uses dialer interface
    • Pppoe-client dial-pool-number [#]

Configuration Example

Client

Int [wan]
 Pppoe enable
 Pppoe-client dial-pool-number [#]
Int dialer [#]
 Mtu 1492
 Ip tcp adjust-mss 1452
 Encapsulation ppp
 Ip address negotiated (optional), can config with an address
 (optional) - ppp authentication - see above
 Dialer pool [#]
 Dialer-group 1

Server

Bba-group pppoe global
Virtual-template [#]
Int [wan]
 Pppoe enable group global
Int virtual-template [#]
 Ip unnumbered [wan]
 Mtu 1492
 Peer default ip address pool PPPOEPOOL
 Ip local pool PPPOEPOOL [ip range]
  1. Client negotiates PPPoE using PADo, PADi and PADr with the server, both client and server move into PPP–>LCP phase
  2. Client/Server negotiate authentication, other parameters
  3. Server asks the client for a username/password (using pap, as pap is configured before chap)
  4. Client sends out a username/password configured in it’s dialer
  5. Server authenticates this username/password against its global username/password list (alternatively a AAA/Radius server)
  6. Client and Server both move on to IPCP phase
  7. Client sends an ip address of 0.0.0.0 (asking for an ip address from the Server)
  8. Server hands out an IP address from its pool (in this case pppoepool)
  9. Client/Server finish IPCP phase and the link comes up

 

  • PADI – PPPoE Active Discovery Initiation
    • Multicast message from client to server to MAC ffff.ffff.ffff
  • PADO – PPPoE Active Discovery Offer
    • Reply to a PADI
    • Contains MAC of the server and it’s hostname
  • PADR – PPPoE Active Discovery Request
    • Response from client to server of a PADO
    • Confirms acceptance of the offer
  • PADS – PPPoE Active Discovery Session-confirmation
    • Response server to client of PADR
    • Session ID is given in this response
  • PADT – PPPoE Active Discovery Terminate
    • Termination of connection
    • Can be sent by either client or server

CCIE RS – L2 WAN Circuit Technologies – Authentication (PAP, CHAP)

CHAP – Challenge Handshake Authentication Protocol

  • RFC 1994
    • Verify identity of peer
    • Uses 3way handshake
  • After LCP phase is complete,
    • CHAP is negotiated, authenticator sends a challenge message to peer
    • Peer responds with value calculated through 1 way hash (MD5)
    • Authenticator checks the response against its own calculation

Configuration

PPP must be enabled on the interface

Interface > ppp authentication chap

Configure username and password
Username [username] password [password]

Default username sent is hostname of the peer router

Default username can be changed under the interface

PPP chap username

Passwords must match on both ends
PPP chap passowrd

PAP – Password Authentication Protocol

  • RFC 1334
  • Simple method for authentication
    • 2 way handshake after LCP completes
    • Username and password are sent in clear text across link
  • Not a secure authentication protocol

Home Automation – Part 1, Lights

I’ve been playing around slowly with some home automation. I didn’t dive straight into this when things started coming out because there wasn’t a good eco-system for connecting the different systems together. Now that there seems to be 3 clear choices, Amazon, Google and Apple, I’ve made the dive in.

I started the journey into this back on Amazon Prime Day where there was a deal on an Echo Dot and the Philips Hue starter kit. I started with the Philip Hues lights because it looked to the the easiest place to start and Philips works with the Alexa (Amazon) and Siri (Apple).

What drove me towards choosing Philips Hues over some of its competitors because of it closed wireless ecosystem. I didn’t want to deal with the headache of everytime I needed to add a new lightbulb into the house that I’d have to join it to my home wireless network.

The setup the Philips Hue was very easy. I unboxed the wireless bridge, connected it to my wired network and powered it on. Downloaded the app to my phone and went through the easy setup. I then went down a rabit hole of creating every room in the house within the app before adding light bulbs. Adding the light bulbs was easy, take out the old light bulb, put in the philips hue bulb and power the light back on. The bulb connects back to the bridge and then shows up in the app on the phone. Place the bulb into a room and you can now turn on or off the bulb from your phone.

Setting up the bulbs to be controlled is cool, but to make it even better I integrated it with the Apple Homekit and Amazon Echo. I created routines in the homekit to turn on and off lights at certain times of the day and utilize Alexa to turn on/off or dim/bright lights with my voice.

As I expanded the lights within the house, staying only on the first floor I’ve found a few issues.

  1. If a room does not have Alexa and my Apple Watch isn’t fast enough it’s slow to turn on the lights. My office was an example of this. My resolution to it until I purchase another Alexa device is the use the dimmer switch and place it near the light switch
  2. Need to know which light switches need to stay on. I could buy the tab to keep to protect against this, but haven’t gotten around to it yet
  3. Not all areas make sense for the lights yet. Hallways and bathrooms as example. I believe I will change these rooms into philips hue bulbs, but not sure how I want them controlled for turning on and off. Something I’ve been thinking about is using the motion sensors for this
  4. The bulbs are not supported outdoors. I’m still looking for options on how to automate my outside lights
  5. Price… I only have bought the normal white lights because the cost of the full color lights cannot be justified
  6. Bulb choices. Some of my lights need a smaller bulb

I plan on expanding the bulbs to every room slowly over time, bedrooms will be interesting. After a storm came through the area and I lost power for 3 days, when the power comes back on, every light will turn on, and stay on. The bridge does not remember the last state of the light before the power loss, which makes sense, how would the bridge know it was a power outage vs someone hitting the switch. My hesitation with the bedrooms is, if we lose power at night, I don’t need to lights turning on in the middle of the night when the power comes back on.

If anyone has suggestions around automating lights in their home I’d like to hear about it.

CCIE RS – L2 WAN Circuit Technology – Implement and Troubleshoot PPP

Point to Point Protocol

  • Layer 2 protocol for p2p links
  • Adds capabilities for authentication, multilink
  • Provides standard method for transporting mutli-protocol datagrams over p2p links
  • Link Control Protocol (LCP) – Establishing, configuring and testing the data link connectivity
  • Network Control Protoocols (NCP) – establishing and configuring different network layer protocols

IPCP (IP Configuration Protocol)

  • Sub-protocol of PPP
  • Assign IP from a PPP server
  • IP address negotiated

RFC 1661

Phase diagram

Configuration

Interface [#]
 Encapsulation ppp

Debug ppp negotiation
PPP Compression

Config
Compress > under interface

CCIE RS – Written – L2 WAN – Implement and Troubleshoot HDLC

High-Level Data Link Control

 

  • Bit-oriented code transparent synchronous data link layer protocol
  • Developed by ISO
  • Provides connection-oriented and connectionless service
  • Can be p2p or p2m
  • Framing
    • Synchronous serial communication
    • Asynchronous serial communication
  • Link Configurations
    • Normal Response Mode
    • Asynchronous Response Mode
    • Asyncruonous Balanced Mode

 

Cisco HDLC control protocol – Serial Line Address Resolution Protocol (SLARP) to maintain serial link keepalives.

HDLC is the default for data encapsulation for serial interfaces

https://www.cisco.com/c/en/us/td/docs/routers/access/800M/software/800MSCG/serconf.html


https://en.wikipedia.org/wiki/High-Level_Data_Link_Control