Skip to main content

CCIE PPP over Frame-Relay

first I would like to start by explaining why we need it and how it is going to take our simple frame-relay to another level of connection, as we all know Frame-Relay is Layer 2 Technology design to reduce wide band use by sharing connections and grunting or not grunting link speed, today as you probably know the frame-relay has become obsolete by other technology's such like ADSL, Cable, Metro Ethernet and others.

ppp (point to point protocol) another layer 2 protocol design to give a better solution to hdlc (high level data link control) used to control and transport ip traffic in a reliable and secure way.


now people taught how do we give the old frame-relay more features without developing a new frame-relay, they said why not take the good old ppp and join them in a "holy matrimony" just kidding, but really why not take them both and enjoy both benefits one with sharing bandwidth and traffic shaping options and one with link integrity and security features.


so now I come to our scenario where you can see I have setup 2 routers, one with 1 serial dividing it to 2 sub interfaces and the other one with 2 serial joining them together to one multilink interface making them load balance packets and also secure using chap authentication.
the multilink is needed here only to enable load balancing and interleaving, you can do without but it is less efficient and way less cooler :-)

This is the show run on router 2:

!

username Rack1R1 password 0 cisco

!

!

interface Multilink1

ip address 192.168.1.2 255.255.255.0

ppp multilink

ppp multilink group 1

!

interface Serial1/0

no ip address

encapsulation frame-relay

serial restart-delay 0

no frame-relay inverse-arp

!

interface Serial1/0.203 point-to-point

frame-relay interface-dlci 203 ppp Virtual-Template1

!

interface Serial1/0.213 point-to-point

frame-relay interface-dlci 213 ppp Virtual-Template1

!

!

interface Virtual-Template1
no ip address

ppp authentication chap

ppp multilink group 1

!

that is the show run on router 1:

!
username Rack1R2 password 0 cisco
!
!
interface Multilink1
ip address 192.168.1.1 255.255.255.0
ppp multilink
ppp multilink group 1
!
interface Serial1/0
no ip address
encapsulation frame-relay
serial restart-delay 0
no frame-relay inverse-arp
!
interface Serial1/0


no ip address

encapsulation frame-relay

serial restart-delay 0

frame-relay interface-dlci 302 ppp Virtual-Template1

no frame-relay inverse-arp

!

interface Serial1/1

no ip address

encapsulation frame-relay

serial restart-delay 0

frame-relay interface-dlci 312 ppp Virtual-Template1

no frame-relay inverse-arp

!
!interface Virtual-Template1
no ip address
ppp authentication chap
ppp multilink group 1
!

Verify:

sh ppp multilink

Multilink1, bundle name is Rack1R1
.
.
.
Member links: 2 active,....
Vi1, since 07:53:31
Vi2, since 07:53:31

and good old ping:

ping 192.168.1.2

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 174.1.23.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 24/82/128 ms



Post a Comment

Popular posts from this blog

Step By Step MPLS – Basic MPLS Setup

Initial configuration , very basic with no MPLS, connectivity only to directly connected interfaces.R1R2R3R4!
!
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
!
interface FastEthernet0/0
ip address 10.0.31.1 255.255.255.0
duplex auto
speed auto
!
!
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
ip address 10.0.42.2 255.255.255.0
duplex auto
speed auto
!
!
!
interface Loopback0
ip address 3.3.3.3 255.255.255.255
no clns route-cache
!
interface FastEthernet0/0
ip address 10.0.31.3 255.255.255.0
duplex auto
speed auto
  no clns route-cache
!
interface Serial1/0
ip address 10.0.43.3 255.255.255.0
  serial restart-delay 0
no clns route-cache
!
!
!
interface Loopback0
ip address 4.4.4.4 255.255.255.255
no clns route-cache
!
interface FastEthernet0/0
ip address 10.0.42.4 255.255.255.0
duplex auto
speed auto
!
interface Serial1/0
ip address 10.0.43.4 255.255.255.0
  serial restart-delay 0
no clns route-cache
!
adding to the following configuration MPLS labels we will start wi…

VRF Maximum Routes

Maximum routes under customer vrf, if the service provider had unlimited resources he would not have needed that!
however normally resources are limited and expensive, and Service provider would like to make money from his available resources. maximum routes configured under VRF provide a mean of controlling PE local resource and abuse avoidance from the CE side.I have vrf called DC_EXTRANET, you can see that I have 16 routes, I have configured 10 maximum routes under that vrf however I did not want to be aggressive so I have set the warning only option. See that immediately I get a notice that I have more routes then the maximum, however no action is taken other then alerting and sending a syslog. ! PE_ashdod_otherisp.n(config-vrf)# maximum routes 10 warning-only % The current number of routes in the routing table is equal to, or exceeds the configured warning limit PE_ashdod_otherisp.n(config-vrf)# *Nov 26 20:39:41.175: %IPRT-3-ROUTELIMITWARNING: IP routing table limit warning - DC_…

What is about to change in CISSP from Apr 2018

Change have arrived and like with other professional certification there is almost a standard time before certification gets its update, with most anywhere it is between 3 - 4 years, CISSP is no different and since last update was on 2015 the change is arriving here as well.

For the people that wish to see the official existing and new outline

I have decided to write this post as the new out line is more of a list of Domain and Sections within the domain without hint or indication to what was modified actually and I could not find anyone else that done that comparison, I had to take the task and do the comparison, please be advised that I have done it for my own "pleasure" so apologies if I missed something :-)
Lets start with the obvious change:
CISSP - Before Apr 2018CISSP - from Apr 20181. Security and Risk Management16%15%2. Asset Security10%10%3. Security Engineering12%13%4. Communications and Network Security12%14%5. Identity and Access Management13%13%6. …