HDLC ve PPP Konfigürasyonu


Bu bölümde serial linkler üzerinde HDLC ve PPP konfigürasyonu ve PAP/CHAP authentication konfigürasyonu yapmayı göreceğiz.
 wan
1. Genel isim ve ip address yapılandırması
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname CLIGURU-R1
[CLIGURU-R1]interface Serial 0/0/1
[CLIGURU-R1-Serial0/0/1]ip address 10.0.12.1 24
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname CLIGURU-R2
[CLIGURU-R2]interface Serial 0/0/1
[CLIGURU-R2-Serial0/0/1]ip address 10.0.12.2 24
[CLIGURU-R2-Serial0/0/1]quit
[CLIGURU-R2]interface Serial 0/0/2
[CLIGURU-R2-Serial0/0/2]ip address 10.0.23.2 24
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname CLIGURU-R3
[CLIGURU-R3]interface serial 0/0/2
[CLIGURU-R3-Serial0/0/2]ip address 10.0.23.3 24
 2. HDLC protokolünü serial interface’lerde aktifleştirelim.
[CLIGURU-R1]interface Serial 0/0/1
[CLIGURU-R1-Serial0/0/1]link-protocol hdlc
Warning: The encapsulation protocol of the link will be changed.Continue? [Y/N]:y
[CLIGURU-R2]interface Serial 0/0/1
[CLIGURU-R2-Serial0/0/1]link-protocol hdlc
Warning: The encapsulation protocol of the link will be changed.Continue? [Y/N]:y
[CLIGURU-R2-Serial0/0/1]quit
[CLIGURU-R2]interface Serial 0/0/2
[CLIGURU-R2-Serial0/0/2]link-protocol hdlc
Warning: The encapsulation protocol of the link will be changed.
Continue? [Y/N]:y
[CLIGURU-R3]interface Serial 0/0/2
[CLIGURU-R3-Serial0/0/2]link-protocol hdlc
Warning: The encapsulation protocol of the link will be changed.Continue? [Y/N]:y
R1 üzerinde HDLC konfigürasyonu yaptığımız interface’in durumunu görüntüleyelim.
[CLIGURU-R1]display interface Serial 0/0/1
Serial0/0/1 current state : UP
Line protocol current state : UP
Last line protocol up time : 2014-12-12 11:34:58 UTC-08:00
Description:
Route Port,The Maximum Transmit Unit is 1500, Hold timer is 10(sec)
Internet Address is 10.0.12.1/24
Link layer protocol is nonstandard HDLC
Last physical up time   : 2014-12-12 11:29:56 UTC-08:00
Last physical down time : 2014-12-12 11:29:55 UTC-08:00
Current system time: 2014-12-12 11:39:01-08:00Interface is V35
Last 300 seconds input rate 2 bytes/sec, 0 packets/sec
Last 300 seconds output rate 2 bytes/sec, 0 packets/sec
Input: 4078 bytes, 308 Packets
Ouput: 4150 bytes, 299 Packets
Input bandwidth utilization : 0.02%
Output bandwidth utilization : 0.02%
Fiziksel bağantımızın olup olmadıgını kontrol edelim.
<CLIGURU-R2>ping 10.0.12.1
PING 10.0.12.1: 56 data bytes, press CTRL_C to break
Reply from 10.0.12.1: bytes=56 Sequence=1 ttl=255 time=30 ms
Reply from 10.0.12.1: bytes=56 Sequence=2 ttl=255 time=60 ms
Reply from 10.0.12.1: bytes=56 Sequence=3 ttl=255 time=1 ms
Reply from 10.0.12.1: bytes=56 Sequence=4 ttl=255 time=30 ms
Reply from 10.0.12.1: bytes=56 Sequence=5 ttl=255 time=10 ms
— 10.0.12.1 ping statistics —
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 1/26/60 ms
<CLIGURU-R2>ping 10.0.23.3
PING 10.0.23.3: 56 data bytes, press CTRL_C to break
Reply from 10.0.23.3: bytes=56 Sequence=1 ttl=255 time=20 ms
Reply from 10.0.23.3: bytes=56 Sequence=2 ttl=255 time=30 ms
Reply from 10.0.23.3: bytes=56 Sequence=3 ttl=255 time=40 ms
Reply from 10.0.23.3: bytes=56 Sequence=4 ttl=255 time=10 ms
Reply from 10.0.23.3: bytes=56 Sequence=5 ttl=255 time=50 ms
— 10.0.23.3 ping statistics —
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 10/30/50 ms
 
3.RIPv2 konfigürasyonu
CLIGURU-R1 ve CLIGURU-R3 arasındaki haberleşmenin saglanması için RIP konfigürasyonu oluşturalım.
[CLIGURU-R1]rip
[CLIGURU-R1-rip-1]version 2
[CLIGURU-R1-rip-1]network 10.0.0.0
[CLIGURU-R2]rip
[CLIGURU-R2-rip-1]version 2
[R2-rip-1]network 10.0.0.0
[CLIGURU-R3]rip
[CLIGURU-R3-rip-1]version 2
[CLIGURU-R3-rip-1]network 10.0.0.0
Yaptığımız RIP konfigürasyonuna route tablosuna bakarak kontrol edelim.
<CLIGURU-R1>display ip routing-table
Route Flags: R – relay, D – download to fib
——————————————————————————
Routing Tables: PublicDestinations : 5       Routes : 5
Destination/Mask   Proto   Pre Cost     Flags NextHop         Interface
10.0.12.0/24 Direct 0   0           D   10.0.12.1       Serial0/0/1
10.0.12.1/32 Direct 0   0           D   127.0.0.1       Serial0/0/1
10.0.23.0/24 RIP     100 1           D   10.0.12.2       Serial0/0/1
127.0.0.0/8   Direct 0   0           D   127.0.0.1       InLoopBack0
127.0.0.1/32 Direct 0   0           D   127.0.0.1       InLoopBack0
CLIGURU-R1’in CLIGURU-R3 ile haberleştiğini görebilmek için CLIGURU-R1’den CLIGURU-R3’e ping atalım.
<CLIGURU-R1>ping 10.0.23.3
PING 10.0.23.3: 56 data bytes, press CTRL_C to break
Reply from 10.0.23.3: bytes=56 Sequence=1 ttl=254 time=60 ms
Reply from 10.0.23.3: bytes=56 Sequence=2 ttl=254 time=50 ms
Reply from 10.0.23.3: bytes=56 Sequence=3 ttl=254 time=80 ms
Reply from 10.0.23.3: bytes=56 Sequence=4 ttl=254 time=50 ms
Reply from 10.0.23.3: bytes=56 Sequence=5 ttl=254 time=70 ms
— 10.0.23.3 ping statistics —
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 50/62/80 ms
 4.PPP konfigürasyonu
CLIGURU-R1 ve CLIGURU-R2 arasında, CLIGURU-R2 ve CLIGURU-R3 arasında PPP konfigürasyonu yapalım. Bağlantının her iki ucuda aynı encapsulation modunda olması gerekli. Farklı encapsule modunda kullanılması durumunda interfaceler ‘DOWN’ durumunda gözükür.
[CLIGURU-R1]interface Serial 0/0/1
[CLIGURU-R1-Serial0/0/1]link-protocol ppp
Warning: The encapsulation protocol of the link will be changed.Continue? [Y/N]:y
[CLIGURU-R2]interface Serial 0/0/1
[CLIGURU-R2-Serial0/0/1]link-protocol ppp
Warning: The encapsulation protocol of the link will be changed.Continue? [Y/N]:y
[CLIGURU-R2-Serial0/0/1]quit
[CLIGURU-R2]interface Serial 0/0/2
[CLIGURU-R2-Serial0/0/2]link-protocol ppp
Warning: The encapsulation protocol of the link will be changed.
Continue? [Y/N]:y
[CLIGURU-R3]interface Serial 0/0/2
[CLIGURU-R3-Serial0/0/2]link-protocol ppp
Warning: The encapsulation protocol of the link will be changed.Continue? [Y/N]:y
Konfigürasyonu test edelim.
<CLIGURU-R2>ping 10.0.12.1
PING 10.0.12.1: 56 data bytes, press CTRL_C to break
Reply from 10.0.12.1: bytes=56 Sequence=1 ttl=255 time=30 ms
Reply from 10.0.12.1: bytes=56 Sequence=2 ttl=255 time=30 ms
Reply from 10.0.12.1: bytes=56 Sequence=3 ttl=255 time=50 ms
Reply from 10.0.12.1: bytes=56 Sequence=4 ttl=255 time=50 ms
Reply from 10.0.12.1: bytes=56 Sequence=5 ttl=255 time=30 ms
— 10.0.12.1 ping statistics —
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 30/38/50 ms
<CLIGURU-R2>ping 10.0.23.3
PING 10.0.23.3: 56 data bytes, press CTRL_C to break
Reply from 10.0.23.3: bytes=56 Sequence=1 ttl=255 time=20 ms
Reply from 10.0.23.3: bytes=56 Sequence=2 ttl=255 time=10 ms
Reply from 10.0.23.3: bytes=56 Sequence=3 ttl=255 time=50 ms
Reply from 10.0.23.3: bytes=56 Sequence=4 ttl=255 time=50 ms
Reply from 10.0.23.3: bytes=56 Sequence=5 ttl=255 time=30 ms
— 10.0.23.3 ping statistics —
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 10/32/50 ms
Ping işlemi başarısız olursa, interfacelerin durumunu kontrol edelim ve bağlantı katmanının protokol türünün dogru olup olmadıgına bakalım.
<CLIGURU-R1>display interface Serial 0/0/1
Serial0/0/1 current state : UP
Line protocol current state : UP
Last line protocol up time : 2014-12-12 11:53:07 UTC-08:00
Description:
Route Port,The Maximum Transmit Unit is 1500, Hold timer is 10(sec)
Internet Address is 10.0.12.1/24Link layer protocol is PPP
LCP opened, IPCP opened
Last physical up time   : 2014-12-12 11:52:15 UTC-08:00
Last physical down time : 2014-12-12 11:52:15 UTC-08:00
Current system time: 2014-12-12 12:04:49-08:00Interface is V35
Last 300 seconds input rate 4 bytes/sec, 0 packets/sec
Last 300 seconds output rate 2 bytes/sec, 0 packets/sec
Input: 13054 bytes, 605 Packets
Ouput: 9966 bytes, 557 Packets
Input bandwidth utilization : 0.05%
Output bandwidth utilization : 0.02%
 5. Route değişikliklerini inceleyelim.
PPP konfigürasyonu  tamamlandıktan sonra, router’lar bağlantıyı kuracak ve veri akışı başlayacaktır. Local(pc, vb.) cihazımız route’u peer cihaza gönderir. Gönderdiği route, interface ip adresini ve 32-bit mask’ini yollar.
CLIGURU-R1 ve CLIGURU-R3’un  routing  bilgilerini aşagıdaki CLIGURU-R2 tablosunda bulunan bilgilere bakarak görebiliriz.
<CLIGURU-R2>display ip routing-table
Route Flags: R – relay, D – download to fib
——————————————————————————
Routing Tables: PublicDestinations : 8       Routes : 8
Destination/Mask   Proto   Pre Cost     Flags NextHop         Interface
10.0.12.0/24 Direct 0   0           D   10.0.12.2       Serial0/0/1
10.0.12.1/32 Direct 0   0           D   10.0.12.1      Serial0/0/1
10.0.12.2/32 Direct 0   0           D   127.0.0.1       Serial0/0/1
10.0.23.0/24 Direct 0   0           D   10.0.23.2       Serial0/0/2
10.0.23.2/32 Direct 0   0           D   127.0.0.1       Serial0/0/2
10.0.23.3/32 Direct 0   0           D   10.0.23.3       Serial0/0/2
127.0.0.0/8   Direct 0   0           D   127.0.0.1       InLoopBack0
127.0.0.1/32 Direct 0   0           D   127.0.0.1       InLoopBack0
 PAP authentication CLIGURU-R1 ve CLIGURU-R2 arasında aktifleştirelim.
PPP PAP authenticator’ı  CLIGURU-R1’e  PAP’için Konfigüre edelim.
[CLIGURU-R1]interface Serial 0/0/1
[CLIGURU-R1-Serial0/0/1]ppp authentication-mode pap
[CLIGURU-R1-Serial0/0/1]quit
[CLIGURU-R1]aaa
[CLIGURU-R1-aaa]local-user huawei password cipher huawei
Info: Add a new user.
[CLIGURU-R1-aaa]local-user huawei service-type ppp
PAP  authentication’ı CLIGURU-R2 ‘de  PAP authenticated device olacak şekilde konfigüre edelim..
[CLIGURU-R2]interface Serial 0/0/1
[CLIGURU-R2-Serial0/0/1]ppp pap local-user huawei password cipher huawei
CLIGURU-R2 CLIGURU-R1 ‘e request gönderir; CLIGURU-R1 CLIGURU-R2 ’ye response mesajı yollar; CLIGURU-R2 ‘nin PAP authentication kullanmak için request paketi içinde parola gönderir.
CLIGURU-R1 ve CLIGURU-R2 arasında ki bağlantıya bakalım.
<CLIGURU-R1>debugging ppp pap packet
<CLIGURU-R1>terminal debugging
<CLIGURU-R1>display debugging
PPP PAP packets debugging switch is on
<CLIGURU-R1>system-view
Enter system view, return user view with Ctrl+Z.
[CLIGURU-R1]interface Serial 0/0/1
[CLIGURU-R1-Serial0/0/1]shutdown
[CLIGURU-R1-Serial0/0/1]undo shutdown

 

Now 10 2014     14:44:22.440.1+00:00 CLIGURU-R1PPP/7/debug:
  PPP Packet:
Serial0/0/1 Input PAP(c023) Pkt , Len 22
State ServerListen, code Request(01 ) id 1 , len 18
Host Len: 6 Name :huawei
Now 10 2014     14:44:22.440.1+00:00 CLIGURU-R1PPP/7/debug:
  PPP Packet:
Serial0/0/1 Output PAP(c023) Pkt , Len 52
State WaitAAA,  code  Ack(02 ) id 1 , len 48
Msg Len: 43  msg  :…………

 

[CLIGURU-R1]interface Serial 0/0/1
[CLIGURU-R1-Serial0/0/1]return
<CLIGURU-R1>undo debugging all
Info: All possible debugging has been turned off.
 6. CLIGURU-R2 ve CLIGURU-R3 arasında CHAP authentication aktifleştirelim.
CLIGURU-R3 authenticator  olacal şekilde konfigüre edelim. CLIGURU-R2 , CLIGURU-R3’e request mesajı yollarken , CLIGURU-R3 CLIGURU-R2’ye response mesajı yollar, CLIGURU-R2 CLIGURU-R3’e request göndererek CHAP authentication’ı oluşturur. Konfigürasyonu yapalım.
[CLIGURU-R3]interface Serial 0/0/2
[CLIGURU-R3-Serial0/0/2]ppp authentication-mode chap
[CLIGURU-R3-Serial0/0/2]quit
[CLIGURU-R3]aaa
[CLIGURU-R3-aaa]local-user huawei password cipher huawei
Info: A new user added
[CLIGURU-R3-aaa]local-user huawei service-type ppp
[CLIGURU-R3-aaa]quit
[CLIGURU-R3]interface Serial 0/0/2
[CLIGURU-R3-Serial0/0/2]shutdown
[CLIGURU-R3-Serial0/0/2]undo shutdown
CLIGURU-R2 de CHAP’ı client olarak yapılandıralım.
[CLIGURU-R2]interface Serial 0/0/2
[CLIGURU-R2-Serial0/0/2]ppp chap user huawei
[CLIGURU-R2-Serial0/0/2]ppp chap password cipher huawei
Konfigürasyonu oluşturduktan sonra baglantımızında oldugunu kontrol edelim.
[CLIGURU-R2]ping 10.0.23.3
PING 10.0.23.3: 56 data bytes, press CTRL_C to break
Reply from 10.0.23.3: bytes=56 Sequence=1 ttl=255 time=50 ms
Reply from 10.0.23.3: bytes=56 Sequence=2 ttl=255 time=30 ms
Reply from 10.0.23.3: bytes=56 Sequence=3 ttl=255 time=10 ms
Reply from 10.0.23.3: bytes=56 Sequence=4 ttl=255 time=1 ms
Reply from 10.0.23.3: bytes=56 Sequence=5 ttl=255 time=50 ms
— 10.0.23.3 ping statistics —
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 1/28/50 ms
 7.PPP ve CHAP debugging.
CLIGURU-R2 ve CLIGURU-R3 arasında PPP bağlantısı görüntülemek için debug  komutunu çalıştırın. PPP bağlantısı CHAP kullanılarak kurulmuştu. CLIGURU-R2 üzerinde interface S 0/0/2 kapattıktan sonra , debug komutunu çalıştırın, ve CLIGURU-R2 üzerinde interface S0/0/02 etkinleştirin.
[CLIGURU-R2]interface Serial 0/0/2
[CLIGURU-R2-Serial0/0/2]shutdown
Debugging bilgilerini görüntülemek için debugging ppp chap all ve  terminal debugging komutlarını kullanın.
[CLIGURU-R2-Serial0/0/2]return
<CLIGURU-R2>debugging ppp chap all
<CLIGURU-R2>terminal debugging
Info: Current terminal debugging is on.
<CLIGURU-R2>display debuggingPPP
CHAP packets debugging switch is onPPP CHAP events debugging switch is on
PPP CHAP errors debugging switch is on
PPP CHAP state change debugging switch is on
Debugging prosesini devre dışı bırakalım.
[CLIGURU-R2]return
<CLIGURU-R2>undo debugging all
Info: All possible debugging has been turned off.
Final konfigürasyonu . . .
<CLIGURU-R1>display current-configuration
#
sysname CLIGURU-R1
#
aaaa
uthentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher OOCM4m($F4ajUn1vMEIBNUw#
local-user admin service-type http
local-user huawei password cipher n$qS(S=3x<3IF$’:[285`*n#
local-user huawei service-type ppp
#
interface Serial0/0/1
link-protocol ppp
ppp authentication-mode pap
ip address 10.0.12.1 255.255.255.0
#
rip 1
version 2
network 10.0.0.0
#
user-interface con 0
user-interface vty 0 4
user-interface vty 16 20
#
return
<CLIGURU-R2>display current-configuration
#
sysname CLIGURU-R2
#
aaa
authentication-scheme defaul
tauthorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher OOCM4m($F4ajUn1vMEIBNUw#
local-user admin service-type http
#
interface Serial0/0/1
link-protocol ppp
ppp pap local-user huawei password cipher N`C55QK<`=/Q=^Q`MAF4<1!!
ip address 10.0.12.2 255.255.255.0
#
interface Serial0/0/2
link-protocol ppp
ppp chap user huawei
ppp chap password cipher N`C55QK<`=/Q=^Q`MAF4<1!!
ip address 10.0.23.2 255.255.255.0
#
rip 1
version 2
network 10.0.0.0
#
user-interface con 0
user-interface vty 0 4
user-interface vty 16 20
#
Return
<CLIGURU-R3>display current-configuration
#
sysname CLIGURU-R3
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher OOCM4m($F4ajUn1vMEIBNUw#
local-user admin service-type http
local-user huawei password cipher ^>v”+^Ij(HZypQCee$t3k@J#
local-user huawei service-type ppp
#
interface Serial0/0/2
link-protocol ppp
ppp authentication-mode chap
ip address 10.0.23.3 255.255.255.0
#
rip 1
version 2
network 10.0.0.0
#
user-interface con 0
user-interface vty 0 4
user-interface vty 16 20
#
return