HDLC和PPP原理?

串口封裝協(xié)議:

HDLC?

配置：

interface Serial1/0/0

link-protocol hdlc? -------------默認為PPP，修改為HDLC

PPP ----------點到點的協(xié)議?

兩個組成：

LCP? ----------------鏈路控制協(xié)議（各種鏈路層的協(xié)商）

LCP參數(shù)協(xié)商

MRU

認證

魔術字

LCP四個報文

Request

Ack

Nak

Reject

NCP-----------------網絡控制協(xié)議（IPV4 V6? IPX? APPLETALK）

配置PPP

[AR1-Serial1/0/0]link-protocol? ppp?

Warning: The encapsulation protocol of the link will be changed. Continue? [Y/N]:Y

檢查：

[AR1]display? interface? Serial1/0/0

Serial1/0/0 current state : UP

Line protocol current state : DOWN

Description:HUAWEI, AR Series, Serial1/0/0 Interface

Route Port,The Maximum Transmit Unit is 1500, Hold timer is 10(sec)

Internet Address is 12.1.1.1/24

Link layer protocol is PPP

LCP opened, IPCP opened

Last physical up time? : 2019-08-06 21:05:26 UTC-08:00

Last physical down time : 2019-08-06 21:05:25 UTC-08:00

Current system time: 2019-08-06 21:05:49-08:00

Physical layer is synchronous, Virtualbaudrate is 64000 bps

Interface is DTE, Cable type is V11, Clock mode is TC

Last 300 seconds input rate 4 bytes/sec 32 bits/sec 0 packets/sec

Last 300 seconds output rate 2 bytes/sec 16 bits/sec 0 packets/sec

PPP認證：

PAP認證 -------------密碼認證協(xié)議

二次握手，明文認證

單向認證配置思路：

認證方:

第一步：配置數(shù)據庫------給被認證方使用

aaa

local-user huawei password cipher? huawei---------------------定義用戶名和密碼

local-user huawei service-type ppp -----------------------------開啟PPP協(xié)議

第二步：接口開啟PPP PAP認證

interface Serial1/0/0

link-protocol ppp ---------------------前提條件，必須是PPP封裝

ppp authentication-mode pap ----------開啟PPP認證

如果被認證沒有配置PPP認證，報錯如下：

Aug? 6 2019 21:15:12-08:00 AR1 %%01PPP/4/RESULTERR(l)[6]:On the interface Serial

1/0/0, LCP negotiation failed because the result cannot be accepted.

-----------------------------------------------------------------------

被認證方：

interface Serial1/0/0

link-protocol ppp

ppp pap local-user huawei password simple huawei? -----------發(fā)送用戶名和密碼到認證方

CHAP認證 ------------挑戰(zhàn)握手認證協(xié)議

三次握手，MD5認證

單向認證配置思路：

認證方:

第一步：配置數(shù)據庫------給被認證方使用

aaa

local-user huawei password cipher? huawei---------------------定義用戶名和密碼

local-user huawei service-type ppp -----------------------------開啟PPP協(xié)議

第二步：接口開啟PPP PAP認證

interface Serial1/0/0

link-protocol ppp ---------------------前提條件，必須是PPP封裝

ppp authentication-mode chap ----------開啟PPP認證

被認證方：

interface Serial1/0/0

link-protocol ppp

ppp? chap user? huawei -----------發(fā)送用戶名給認證方

ppp? chap password? simple? huawei -----發(fā)送密碼給認證方

PPPOE （PPP Over Ethernet ）

工作原理：

兩個階段：

1.發(fā)現(xiàn)階段

2.會話階段

配置思路;

PPPOE服務端(不需要配置）

第一步：配置DHCP地址池

ip pool DHCP

gateway-list 172.16.1.1

network 172.16.1.0 mask 255.255.255.0

第二步：配置數(shù)據庫（AAA）

aaa

local-user huawei password cipher %$%$bom7Uph7"$epS$*lH/eH62Os%$%$

local-user huawei service-type ppp

第三步：創(chuàng)建虛模板

interface Virtual-Template1

ppp authentication-mode chap

remote address pool DHCP

ip address 172.16.1.1 255.255.255.0?

第四步：物理接口調用

interface GigabitEthernet0/0/0

pppoe-server bind Virtual-Template 1

------------------------------------------------

客戶端采用路由器

第一步: 配置撥號規(guī)則

dialer-rule

dialer-rule 1 ip permit

第二步：創(chuàng)建撥號接口

interface Dialer1

link-protocol ppp

ppp chap user 02554208366 ------------------------------ PPP CHAP認證

ppp chap password cipher? 123456

ip address ppp-negotiate ----------------IP是協(xié)商的

dialer user test? ------------------------撥號用戶名稱

dialer bundle 1? ------------------------撥號綁定

第三步：物理接口調用

interface GigabitEthernet0/0/0

pppoe-client dial-bundle-number 1

第四步：檢查

[AR2]display? interface? Dialer? 1

Dialer1 current state : UP

Line protocol current state : UP (spoofing)

Description:HUAWEI, AR Series, Dialer1 Interface

Route Port,The Maximum Transmit Unit is 1500, Hold timer is 10(sec)

Internet Address is negotiated, 172.16.1.254/32

Link layer protocol is PPP

LCP initial

Physical is Dialer

Current system time: 2019-08-08 20:25:07-08:00

? ? Last 300 seconds input rate 0 bits/sec, 0 packets/sec

? ? Last 300 seconds output rate 0 bits/sec, 0 packets/sec

? ? Realtime 0 seconds input rate 0 bits/sec, 0 packets/sec

? ? Realtime 0 seconds output rate 0 bits/sec, 0 packets/sec

? ? Input: 0 bytes

? ? Output:0 bytes

? ? Input bandwidth utilization? :? ? 0%

? ? Output bandwidth utilization :? ? 0%

Bound to Dialer1:0:

Dialer1:0 current state : UP ,

Line protocol current state : UP

Link layer protocol is PPP

LCP opened, IPCP opened

Packets statistics:

? Input packets:0,? 0 bytes

? Output packets:0, 0 bytes

? FCS error packets:0

? Address error packets:0

? Control field control error packets:0

[AR2]display? pppoe-client? session? summary?

PPPoE Client Session:

ID? Bundle? Dialer? Intf? ? ? ? ? ? Client-MAC? ? Server-MAC? ? State

1? ? 1? ? ? 1? ? ? GE0/0/0? ? ? ? ? 00e0fc7f4716? 00e0fc985844? UP? ?

[AR2]

[AR2]display? ip int brief

*down: administratively down

^down: standby

(l): loopback

(s): spoofing

The number of interface that is UP in Physical is 3

The number of interface that is DOWN in Physical is 2

The number of interface that is UP in Protocol is 2

The number of interface that is DOWN in Protocol is 3

Interface? ? ? ? ? ? ? ? ? ? ? ? IP Address/Mask? ? ? Physical? Protocol?

Dialer1? ? ? ? ? ? ? ? ? ? ? ? ? 172.16.1.254/32? ? ? up? ? ? ? up(s)? ?

GigabitEthernet0/0/0? ? ? ? ? ? ? unassigned? ? ? ? ? up? ? ? ? down? ? ?

GigabitEthernet0/0/1? ? ? ? ? ? ? unassigned? ? ? ? ? down? ? ? down? ? ?

GigabitEthernet0/0/2? ? ? ? ? ? ? unassigned? ? ? ? ? down? ? ? down? ? ?

NULL0? ? ? ? ? ? ? ? ? ? ? ? ? ? unassigned? ? ? ? ? up? ? ? ? up(s)? ?

[AR2] e