Network Bulls
www.networkbulls.com
Best Institute for CCNA CCNP CCSP CCIP CCIE Training in India
M-44, Old Dlf, Sector-14 Gurgaon, Haryana, India
Call: +91-9654672192
This section focuses on a branch office router configuration using DSL and the services
that must be configured to support Internet traffic. The discussion starts with a little more
background about DSL concepts, followed by some sample configurations.
Understanding DSL Concepts
DSL uses the Telco local loop: the phone line that runs between the phone company’s
nearby facility (called the central office, or CO) and the customer site. In other words,
DSL uses the same phone line that runs to most people’s homes and to most office buildings.
The phone company has used these types of lines for the better part of a century to
carry analog electrical signals for voice traffic, but DSL uses other frequency ranges to
carry a digital signal for the purpose of sending data.
From the customer premise perspective, the customer can still use the same old analog
phones, which still use frequencies below 4000 Hz. The DSL router connects to another
RJ-11 socket in the wall, just as if it were just another analog telephone. However, the
router sends digital signals at frequencies above 4000 Hz, which does not interfere with
the voice traffic. So, both the voice and DSL electrical signals flow over the same cable, at
the same time, just at different frequencies.
Note: Although the human voice generates frequencies below 4000 Hz, the human ear
can hear some higher frequencies, so some DSL installations require the use of filters on
the lines connected to the phones. These filters prevent humans from hearing some of the
higher frequency DSL tones.
From the telco perspective, the Telco has to separate the voice and DSL signals. To do so,
the Telco uses a device called a DSL Access Multiplexor (DSLAM). It splits the analog
signal off to the switch that handles traditional analog voice calls and splits the digital
traffic to a router. Figure 19-7 shows these ideas, both for the customer premise and central
office.
At Layer 1, the DSL uses digital signals that use some encoding that does not matter to
the discussions in this book. However, at Layer 2, DSL uses two different data link protocols:
Asynchronous Transfer Mode (ATM) and Point-to-Point Protocol (PPP).
DSL uses ATM in the traditional role of a data link protocol, and PPP for several reasons,
but particularly for its CHAP authentication. For DSL, ATM controls the use of the Layer
1 medium so that data can be successfully sent over the link and to the right device. ATM
defines the headers used on the link, the data link addresses, and the rules for passing
Layer 3 data up and down the protocol stack. For instance, the ATM cell headers enable
the DSLAM to know where to send the data received from a customer over a DSL link
Step 4. The router’s segmentation and reassembly (SAR) chip segments the frame from
the previous step into 48-byte segments.
Step 5. The SAR chip encapsulates these segments inside 5-byte cell headers and
sends the cells over the DSL link.
The DSLAM then receives the cells and forwards them on to the router. The router at the
other end of the PVC reassembles the cells–the finishing touch on the ATM SAR process.
The receiving router can then begin interpreting the various headers and de-encapsulate
the packet.
Briefly, note that the encapsulation process also adds a PPP header to the IP packet before
sending the data over the DSL link. The routers use the PPP header for several reasons, including
PPP authentication with CHAP, and for dynamic address assignment and discovery.
This convention to use both PPP and ATM protocols together is called PPP over ATM
(PPPoA).
Configuring DSL
DSL configuration–even ignoring related services like DHCP and NAT–requires several
steps. The goal of this section is to give you a general idea of the configuration by showing
one example, just to give you a sense of the configuration pieces.
To appreciate the sample configuration, first consider that DSL is a switched connection.
Most people think DSL (and cable) provide an always on or leased Internet connection,
because typically the user does not need to do anything to start and stop the connection.
However, a router can start and stop the DSL connection–or using the traditional terms,
the router can dial and hang-up the connection. The idea that DSL routers do something to
dial the connection means that the connection is actually switched.
www.CareerCert.info
662 CCNP ROUTE 642-902 Official Certification Guide
Because cable and DSL connections use switched logic, IOS implements DSL configuration
using some older switched network commands, including dialer interfaces and virtual
templates. The option used in this section’s example, the dialer interface, has been
around IOS for a long time as a place to configure the logic and features related to a dialed
connection.
The main pieces of the DSL configuration as shown in this section are as follows:
■ The configuration creates a dialer interface.
■ The Layer 3 and PPP configuration related to DSL is applied to the dialer interface.
■ The ATM configuration is applied to the physical ATM interface.
■ The ATM interface is linked to the dialer interface.
■ An IP route forwards traffic out the dialer interface, which triggers the DSL encapsulation
process, as shown in Figure 19-8.
Figure 19-9 shows the configuration, with some notes about the interactions of the various
pieces of the configuration.
First examine the ATM interface. The configuration defines the VPI/VCI as 0/42; the ISP
needs to match this value, or more likely, dictates the value to the customer. The
encapsulation command defines that PPP will also be used (as shown in Step 2 of Figure
19-8’s encapsulation), and it defines the style of ATM header added at Step 3 of that
hostname BO1
interface ATM 0/0
no ip-address
pvc 0/42
encapsulation aal5mux ppp dialer
dialer pool-member 1
interface dialer 2
encapsulation ppp
ip address negotiated
dialer pool 1
ppp authentication chap callin
ppp chap password reallysecret
!
!
ip route 0.0.0.0 0.0.0.0 dialer 2
Chap-Related
Commands
Use PPP to Ask
ISP the IP
Address to Use
Figure 19-9 DSL Configuration on Router BO1
www.CareerCert.info
Chapter 19: Routing over Branch Internet Connections 663
same figure (AAL5MUX). The encapsulation aal5mux ppp dialer command’s dialer parameter
defines that this PVC will use the logic of a dialer interface. Finally, the dialer
pool-member 1 command associates the ATM interface with the dialer interface as noted
in the figure.
The dialer interface has five subcommands in this case, including three related to PPP. One
command tells the router to use PPP to learn its IP address from the ISP (ip address negotiated).
The dialer pool 1 command tells the dialer interface that when it needs to signal a
new connection, look for interfaces with dialer pool-member 1 configured, such as interface
ATM 0/0.
Finally, the static default route sends traffic out the dialer interface. Packets forwarded out
this DSL connection will match this route, causing IOS to try to forward the packet using
the dialer interface, triggering the encapsulation and logic described in Figure 19-8.
Configuring NAT
When the branch router receives a packet over the LAN interface, it has several options of
how to process the packet. For instance, using the medium-sized branch from Figure 19-1,
which has a leased line into the Enterprise plus a DSL Internet connection, the router
could do the following:
■ Forward the packet out the serial interface, unchanged, to the rest of the Enterprise
network.
■ Forward the packet out the tunnel, changed somewhat (encrypted, encapsulated, and
so on), to the rest of the Enterprise network.
■ Forward the packet over the Internet link (the DSL dialer interface), after using NAT
to change the source private address to a public address, to some public IP destination
address.
Only the third option requires NAT. Thankfully, NAT configuration easily supports the
concept of performing NAT for traffic going to Internet destinations and not performing
NAT for traffic in the tunnel. Example 19-1 shows a sample configuration, again using
Router BO1. This configuration assumes that BO1 was already configured, as shown in
Figure 19-9.
Example 19-1 NAT Configuration for Router BO1
interface fastethernet 0/0
ip address 10.99.1.9 255.255.255.0
ip nat inside
interface dialer 2
ip nat outside
ip nat inside source list local-lan interface dialer2 overload
ip access-list extended local-lan
permit ip 10.99.1.0 0.0.0.255 any
www.CareerCert.info
664 CCNP ROUTE 642-902 Official Certification Guide
The configuration shows NAT overload, using a single public IP address–namely, dialer2’s
dynamically learned IP address. ACL local-lan matches all packets whose source IP address
is from the branch’s local LAN subnet (10.99.1.0/24). The ACL, referenced by the ip
nat inside global command, tells the router to NAT traffic permitted by this ACL. The
traffic going through the tunnel will already be encapsulated in a new IP header, and no
longer have a source address from the LAN subnet, so only traffic destined for Internet
destinations will have NAT applied. Finally, the interface subcommands ip nat inside and
ip nat outside tell the interfaces on which to attempt the translation.
Configuring DHCP Server
The branch router also may need to act as the DHCP server. If so, the router needs to have
a pool of IP addresses appropriate for the local branch LAN. It needs to know the IP addresses
of the DNS servers–both inside the Enterprise and the ISP’s DNS server. It also
needs to assign a default gateway, typically that same branch router’s LAN IP address.
Example 19-2 continues the same configuration.
Example 19-2 DHCP Configuration for Router BO1
ip dhcp pool fred
network 10.99.1.0 255.255.255.0
default-router 10.99.1.9
ip dhcp exclude-address 10.99.1.9
dns-server 10.2.2.2 128.107.2.1
Note that no interface configuration is needed on the LAN interface–the router notices
the incoming interface of the DHCP request, compares the connected subnets to the pool,
and picks a pool that matches the correct address range.
No comments:
Post a Comment