Cisco 870-Series Router Manual PDF (Setup & Configuration Guide)

Home

Manuals

Cisco

870-Series

Page 166 / 196 Scroll up to view Page 161 - 165

B-2

Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide

OL-5332-01

Appendix B

Concepts

SHDSL

SHDSL is a technology based on the G.SHDSL (G.991.2) standard that allows both data and voice to be

transmitted over the same line. SHDSL is a packet-based network technology that allows high-speed

transmission over twisted-pair copper wire between a network service provider (NSP) central office and

a customer site, or on local loops created within either a building or a campus.

G.SHDSL devices can extend the reach from central offices and remote terminals to approximately

26,000 feet (7925 m), at symmetrical data rates from 72 kbps up to 2.3 Mbps. In addition, it is repeatable

at lower speeds, which means there is virtually no limit to its reach.

SHDSL technology is symmetric in that it allows equal bandwidth between an NSP central office and a

customer site. This symmetry, combined with always-on access (which eliminates call setup), makes

SHDSL ideal for LAN access.

Network

Protocols

Network protocols enable the network to pass data from its source to a specific destination over LAN or

WAN links. Routing address tables are included in the network protocols to provide the best path for

moving the data through the network.

The best-known Transmission Control Protocol/Internet Protocol (TCP/IP) at the internetwork layer is

IP, which provides the basic packet delivery service for all TCP/IP networks. In addition to the physical

node addresses, the IP protocol implements a system of logical host addresses called IP addresses. The

IP addresses are used by the internetwork and higher layers to identify devices and to perform

internetwork routing. The Address Resolution Protocol (ARP) enables IP to identify the physical address

that matches a given IP address.

IP is used by all protocols in the layers above and below it to deliver data, which means that all TCP/IP

data flows through IP when it is sent and received regardless of its final destination.

IP is a connectionless protocol, which means that IP does not exchange control information (called a

handshake

) to establish an end-to-end connection before transmitting data. In contrast, a

connection-oriented protocol exchanges control information with the remote computer to verify that it

is ready to receive data before sending it. When the handshaking is successful, the computers have

established a connection. IP relies on protocols in other layers to establish the connection if

connection-oriented services are required.

Internet Packet Exchange (IPX) exchanges routing information using Routing Information Protocol

(RIP), a dynamic distance-vector routing protocol. RIP is described in more detail in the following

subsections.

Routing Protocol Options

Routing protocols include the following:

•

Routing Information Protocol (RIP)

•

Enhanced Interior Gateway Routing Protocol (Enhanced IGRP)

Page 167 / 196

B-3

Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide

OL-5332-01

Appendix B

Concepts

PPP Authentication Protocols

RIP and Enhanced IGRP differ in several ways, as shown in

Table B-1

RIP and Enhanced IGRP Comparison

Protocol

Ideal Topology

Metric

Routing Updates

RIP

Suited for topologies with

15 or fewer hops.

Hop count. Maximum hop

count is 15. Best route is one

with lowest hop count.

By default, every 30 seconds.

You can reconfigure this value

and also use triggered

extensions to RIP.

Enhanced

IGRP

Suited for large topologies

with 16 or more hops to

reach a destination.

Distance information. Based

on a successor, which is a

neighboring router that has a

least-cost path to a

destination that is

guaranteed to not be part of

a routing loop.

Hello packets sent every

5 seconds, as well as

incremental updates sent

when the state of a destination

changes.

RIP

RIP is an associated protocol for IP, and is widely used for routing protocol traffic over the Internet. RIP

is a distance-vector routing protocol, which means that it uses distance (hop count) as its metric for route

selection.

Hop count

is the number of routers that a packet must traverse to reach its destination. For

example, if a particular route has a hop count of 2, then a packet must traverse two routers to reach its

destination.

By default, RIP routing updates are broadcast every 30 seconds. You can reconfigure the interval at

which the routing updates are broadcast. You can also configure triggered extensions to RIP so that

routing updates are sent only when the routing database is updated. For more information on triggered

extensions to RIP, see the Cisco IOS Release 12.3 documentation set.

Enhanced IGRP

Enhanced IGRP is an advanced Cisco proprietary distance-vector and link state routing protocol, which

means it uses a metric more sophisticated than distance (hop count) for route selection. Enhanced IGRP

uses a metric based on a successor, which is a neighboring router that has a least-cost path to a

destination that is guaranteed not to be part of a routing loop. If a successor for a particular destination

does not exist but neighbors advertise the destination, the router must recompute a route.

Each router running Enhanced IGRP sends hello packets every 5 seconds to inform neighboring routers

that it is functioning. If a particular router does not send a hello packet within a prescribed period,

Enhanced IGRP assumes that the state of a destination has changed and sends an incremental update.

Because Enhanced IGRP supports IP, you can use one routing protocol for multiprotocol network

environments, minimizing the size of the routing tables and the amount of routing information.

PPP Authentication Protocols

The Point-to-Point Protocol (PPP) encapsulates network layer protocol information over

point-to-point links.

Page 168 / 196

B-4

Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide

OL-5332-01

Appendix B

Concepts

PPP Authentication Protocols

PPP originally emerged as an encapsulation protocol for transporting IP traffic over point-to-point links.

PPP also established a standard for the assignment and management of IP addresses, asynchronous

(start/stop) and bit-oriented synchronous encapsulation, network protocol multiplexing, link

configuration, link quality testing, error detection, and option negotiation for such capabilities as

network-layer address negotiation and data-compression negotiation. PPP supports these functions by

providing an extensible Link Control Protocol (LCP) and a family of Network Control Protocols (NCPs)

to negotiate optional configuration parameters and facilities.

The current implementation of PPP supports two security authentication protocols to authenticate a PPP

session:

•

Password Authentication Protocol (PAP)

•

Challenge Handshake Authentication Protocol (CHAP)

PPP with PAP or CHAP authentication is often used to inform the central site which remote routers are

connected to it.

PAP

PAP uses a two-way handshake to verify the passwords between routers. To illustrate how PAP works,

imagine a network topology in which a remote office Cisco router is connected to a corporate office

Cisco router. After the PPP link is established, the remote office router repeatedly sends a configured

username and password until the corporate office router accepts the authentication.

PAP has the following characteristics:

•

The password portion of the authentication is sent across the link in clear text (not scrambled or

encrypted).

•

PAP provides no protection from playback or repeated trial-and-error attacks.

•

The remote office router controls the frequency and timing of the authentication attempts.

CHAP

CHAP uses a three-way handshake to verify passwords. To illustrate how CHAP works, imagine a

network topology in which a remote office Cisco router is connected to a corporate office Cisco router.

After the PPP link is established, the corporate office router sends a challenge message to the remote

office router. The remote office router responds with a variable value. The corporate office router checks

the response against its own calculation of the value. If the values match, the corporate office router

accepts the authentication. The authentication process can be repeated any time after the link is

established.

CHAP has the following characteristics:

•

The authentication process uses a variable challenge value rather than a password.

•

CHAP protects against playback attack through the use of the variable challenge value, which is

unique and unpredictable. Repeated challenges limit the time of exposure to any single attack.

•

The corporate office router controls the frequency and timing of the authentication attempts.

Note

We recommend using CHAP because it is the more secure of the two protocols.

Page 169 / 196

B-5

Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide

OL-5332-01

Appendix B

Concepts

TACACS+

Cisco 850 and Cisco 870 series routers support the Terminal Access Controller Access Control

System Plus (TACACS+) protocol through Telnet. TACACS+ is a Cisco proprietary authentication

protocol that provides remote access authentication and related network security services, such as event

logging. User passwords are administered in a central database rather than in individual routers.

TACACS+ also provides support for separate modular authentication, authorization, and accounting

(AAA) facilities that are configured at individual routers.

Network Interfaces

This section describes the network interface protocols that Cisco 850 and Cisco 870 series routers

support. The following network interface protocols are supported:

•

Ethernet

•

ATM for DSL

Ethernet

Ethernet is a baseband LAN protocol that transports data and voice packets to the WAN interface using

carrier sense multiple access collision detect (CSMA/CD). The term is now often used to refer to all

CSMA/CD LANs. Ethernet was designed to serve in networks with sporadic, occasionally heavy traffic

requirements, and the IEEE 802.3 specification was developed in 1980 based on the original Ethernet

technology.

Under the Ethernet CSMA/CD media-access process, any host on a CSMA/CD LAN can access the

network at any time. Before sending data, CSMA/CD hosts listen for traffic on the network. A host

wanting to send data waits until it detects no traffic before it transmits. Ethernet allows any host on the

network to transmit whenever the network is quiet. A collision occurs when two hosts listen for traffic,

hear none, and then transmit simultaneously. In this situation, both transmissions are damaged, and the

hosts must retransmit at some later time. Algorithms determine when the colliding hosts should

retransmit.

ATM for DSL

Asynchronous Transfer Mode (ATM) is a high-speed multiplexing and switching protocol that supports

multiple traffic types, including voice, data, video, and imaging.

ATM is composed of fixed-length cells that switch and multiplex all information for the network. An

ATM connection is simply used to transfer bits of information to a destination router or host. The ATM

network is considered a LAN with high bandwidth availability. Unlike a LAN, which is connectionless,

ATM requires certain features to provide a LAN environment to the users.

Each ATM node must establish a separate connection to every node in the ATM network that it needs to

communicate with. All such connections are established through a permanent virtual circuit (PVC).

Page 170 / 196

B-6

Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide

OL-5332-01

Appendix B

Concepts

Dial Backup

PVC

A PVC is a connection between remote hosts and routers. A PVC is established for each ATM end node

with which the router communicates. The characteristics of the PVC that are established when it is

created are set by the ATM adaptation layer (AAL) and the encapsulation type. An AAL defines the

conversion of user information into cells. An AAL segments upper-layer information into cells at the

transmitter and reassembles the cells at the receiver.

Cisco routers support the AAL5 format, which provides a streamlined data transport service that

functions with less overhead and affords better error detection and correction capabilities than AAL3/4.

AAL5 is typically associated with variable bit rate (VBR) traffic and unspecified bit rate (UBR) traffic.

ATM encapsulation is the wrapping of data in a particular protocol header. The type of router that you

are connecting to determines the type of ATM PVC encapsulation.

The routers support the following encapsulation types for ATM PVCs:

•

LLC/SNAP (RFC 1483)

•

VC-MUX (RFC 1483)

•

PPP (RFC 2364)

Each PVC is considered a complete and separate link to a destination node. Users can encapsulate data

as needed across the connection. The ATM network disregards the contents of the data. The only

requirement is that data be sent to the ATM subsystem of the router in a manner that follows the specific

AAL format.

Dialer Interface

A dialer interface assigns PPP features (such as authentication and IP address assignment method) to a

PVC. Dialer interfaces are used when configuring PPP over ATM.

Dialer interfaces can be configured independently of any physical interface and applied dynamically as

needed.

Dial Backup

Dial backup provides protection against WAN downtime by allowing a user to configure a backup

modem line connection. The following can be used to bring up the dial backup feature in Cisco IOS

software:

•

Backup Interface

•

Floating Static Routes

•

Dialer Watch

Backup Interface

A backup interface is an interface that stays idle until certain circumstances occur, such as WAN

downtime, at which point it is activated. The backup interface can be a physical interface such as a Basic

Rate Interface (BRI), or an assigned backup dialer interface to be used in a dialer pool. While the primary

Rate

Popular Cisco Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share