Network type --- Divide according to the protocol used in the data link layer

Network type --- It is divided according to the protocol used in the data link layer , MA--- Multipoint access network BMA --- Broadcast multipoint access network NBMA--- Non broadcast multipoint intervention network

P2P--- Point to point networks

Ethernet protocol --- Need to use MAC Address distinguishes and identifies different host devices . Why Ethernet is needed MAC Address for data addressing , Mainly because the layer-2 network that uses Ethernet components can contain multiple ( Two or more )） The interface of , Each Ethernet interface can carry out layer-2 communication by means of interactive Ethernet frames .（BMA）

When a network can only contain two devices , Then such a network does not need to be used MAC Address address , Such networks are called P2P The Internet .

Transmission medium

Ethernet ： Coaxial cable ,RJ-45 Twisted pair ,RJ-11 Telephone line , Optical fiber

String line

T1 North American standards 1.544Mbps

E1 European standards 2.048Mbps

Frequency division technology

On the same transmission medium, different frequency bands send different information without interference , Realize data parallel transmission

The higher the frequency is. , Less penetrating

Protocols used in serial network

HDLC（ Advanced data link control protocol ）

Compatibility is poor （ Both sides must use the same standard ）

The standard HDLC: ISO Those that meet industrial standards issued by the organization HDLC edition （ from IBM Of SDLC modified ）

Non standard HDLC: Major manufacturers based on Standards HDLC The agreement has been improved

By default , The encapsulation protocol used in the serial network of Cisco device components is HDLC, Huawei uses PPP agreement .

[r1]display interface Serial 4/0/o --- View the second level characteristics of a specific interface

[r1-Serial4/0/0]link-protocol hdlc --- Modify the protocol type of layer 2 （ It needs to be changed on both sides ）

PPP（ Point to point agreement ）

Strong compatibility , There is a unified version , And as long as it supports full duplex serial lines , You can use PPP Protocol encapsulation .

It has strong portability pppoE Dial-up Internet access （ppp The protocol is ported to Ethernet ）

Support authentication and authorization

PPP The protocol and TCP The agreement is similar to , Before transmitting data , Need to establish PPP Conversation .

1. Link establishment phase LCP establish LCP For an agreement

2. Authentication phase optional

3. Network layer protocol negotiation stage NCP agreement NCP An agreement is a collection of agreements .

PPP It has a series of membership agreements

LCP Link control protocol （ One ）

NCP Network control protocol （ a pile ） IPCP agreement

F Flag 01111110 A address 11111111 C control 00000011

agreement Indicates the protocol type used by the upper layer

FCS Frame check sequence Ensure data integrity

Link establishment phase LCP establish

MRU PPP The maximum number of bytes allowed to be carried in the data part of the frame （1500 byte ）

Whether certification is required in the second stage and the certification method

It's two-way

Authentication phase optional

PPP Usually by calling aaa Platform to complete the certification process

PPP Both one-way authentication and two-way authentication are supported in

PPP The session in is one-time

PAP Password authentication protocol

The authenticated party sends the user name and password to the authenticator in clear text , If the authentication is successful , Then the certifier replies ACK; Otherwise reply NAK.（ Bidirectional isomorphism ）

PAP Authentication configuration

Certifier

1, Create user information [r1-aaa]local-user admin password cipher 123456

[r1-aaa]local-user admin service-type ppp

2, Configure authentication mode [r1-Serial4/o/o]ppp authentication-mode pap

Certified party

[r2-Serial4/o/0]ppp pap local-user admin password cipher 123456

chap Challenge the handshake agreement

safer , No longer send plaintext directly for authentication , Instead, authentication is performed by comparing the summary values .

CHAP Authentication configuration

Certifier : 1, Create user information [r1-aaa]local-user admin password cipher 123456

[r1-aaa]local-user admin service-type ppp

2, Configure authentication mode [r1-Serial4/0/0]ppp authentication-mode chap

Certified party : [r2-Serial4/0/0]ppp chap user admin

[r2-Serial4/0/0]

hash（ Hash function ） Convert input of any length into output of fixed length .

1. Same input , Same output ;

2. Irreversibility

3. Avalanche effect

MD5 ---HASH One of the algorithms , Input of any length can be converted into 128 The output of a

Network layer protocol negotiation stage NCP agreement

If the third floor uses IP agreement , You need to use IPCP Protocol to negotiate its parameters

IP Compression format of message

IP Address

Once approved, the other party sends IP Address , Will automatically learn the host route to the address （IP Address ）. Bidirectional , Can not be in a network segment , Exceptions can be given IP Address

obtain IP Address configuration

The acquiring party : [r1-Serial4/0/0]ip address ppp-negotiate Giver : [r2-Serial4/0/0]remote address 1.1.1.1

VPN Virtual private network

The core technology is tunnel technology , The core of tunnel technology is packaging technology

Tunnel technology At both ends of the tunnel, a data channel is established in the public network through encapsulation and de encapsulation , Use this data channel for transmission

GRE Generic routing encapsulation

To configure

GRE Configuration method :

1, Create a tunnel interface [r1]interface tunnel o/o/o

2, Interface configuration IP Address [r1-Tunnelo/0/0]ip address 192.168.3.124

3, Define encapsulation method [r1-Tunnel0/0/0]tunnel-protocol gre

4, Define the content of the package

[r1-Tunnel0/0/0]source 12.0.0.1

[r1-Tunnel0/0/0]destination 23.0.0.2

Only point-to-point , Cannot be dynamic

MGRE Multipoint general use routing encapsulation

NHRP Next hop parsing protocol

NHS Next hop to the resolution server

You need to select a device with a fixed exit physical address in the private network as NHS, All remaining branches should know the tunnel address and physical address of the center . then ,NHRP All branches are required to integrate their own physical interfaces and tunnel interfaces IP The mapping relationship of the address is sent to NHS, If the physical address changes , You need to resend such NHS You can get the mapping relationship of all branch addresses , If communication is needed between branches , You need to apply to the center to obtain the mapping relationship table --- This architecture is called hub - spoke framework .

MGRE To configure

Central configuration

1, Create a tunnel interface [r1]interface tunnel o/o/o

2, Interface configuration IP Address [r1-Tunnelo/0/0]ip address 192.168.3.124

3, Define encapsulation method

[r1-Tunnel0/0/0]tunnel-protocol gre p2mp

4, Define the content of the package [r1-Tunnel0/0/0]source 15.0.0.1

5, establish NHRP Domain [r1-Tunnel0/0/0]nhrp network-id 100

Non central configuration

1, Create a tunnel interface [r2]interface tunnel o/o/o

2, Interface configuration IP Address [r2-Tunnelo/0/0]ip address 192.168.4.124

3, Define encapsulation method

[r2-Tunnel0/0/0]tunnel-protocol gre p2mp

4, Define the content of the package

[r2-TunnelO/0/0]source GigabitEthernet 0/0/1 The interface is fixed , So write the interface

5, Join the center to create NHRP domain

[r2-Tunnel0/0/0]nhrp network-id 100

6, Report information to the center [r2-Tunnelo/0/0]nhrp entry 192.168.5.1 15.0.0.1 register Physical interface address and tunnel address

MGRP Environment when sending data , It is still a point-to-point tunnel , So data transmission is still point-to-point transmission .

[r1-Tunnel0/o/0]display nhrp peer all --- see NHRP Registration of neighbors

RIP Realization MGRE Environmental problems :

1, Only the center gets the routing information of the branch , The branch did not get because MGRE Be similar to NBMA Environment , The solution is to start pseudo broadcasting on the center

[r1-Tunnel0/0/0]nhrp entry multicast dynamic

2, After the center turns on the pseudo broadcast , The branch can only receive the routing information of the center , But there are no branches .

as a result of RIP The horizontal segmentation mechanism of , Can be closed

[r1-Tunnel0/0/0]undo rip split-horizon