ppp
12.1.1.0/24
lo0 1.1.1.1/32 R1 s1/0 --------------s2/0 R2 lo0 2.2.2.2/32
r1:
en
config t
hostname R1
no ip domain-lookup
lin 0
exec-timeout 0 0
logging syn
exit
int lo 0
ip add 1.1.1.1 255.255.255.255
exit
int s1/0
ip add 12.1.1.1 255.255.255.0
no shutdown
exit
r2:
en
config t
hostname R2
no ip domain-lookup
lin 0
exec-timeout 0 0
logging syn
exit
int lo 0
ip add 2.2.2.2 255.255.255.255
exit
int s1/0
ip add 12.1.1.2 255.255.255.0
no shutdown
exit
R1#show int s1/0
Serial1/0 is administratively down, line protocol is down
Hardware is M4T
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation HDLC :看它的封裝是hdlc
R2#show int s2/0
Serial2/0 is administratively down, line protocol is down
Hardware is M4T
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation HDLC,看它的封裝
r1 config t
int s1/0
encapsulation ppp
end
R1#show int s1/0
Serial1/0 is administratively down, line protocol is down
Hardware is M4T
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP,LCP Closed,看到現在是封裝 PPP 但LCP層是關閉的
r1 config t
int s1/0
no shutdown
end
R1#debug ppp negotiation 看看他們的協商
PPP protocol negotiation debugging is on
r2 config t
int s2/0
no shutdown
end
*Feb 27 17:45:17.283: %LINK-3-UPDOWN: Interface Serial2/0,
changed state to up 物理層up
r1
*Feb 27 17:46:32.651: Se1/0 LCP: O CONFREQ [REQsent] id 87 len 10
全部是sent出去的包 沒有回來的
R1# show int s1/0
Serial1/0 is up, line protocol is down
Hardware is M4T
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Listen,看它LCP屬於偵聽listen.原因是它兩邊
的封裝協議不一樣
r1 unde all
R2# show ip int bri
Interface IP-Address OK? Method Status
Protocol
Ethernet0/0 unassigned YES unset
administratively down down
Serial1/0 unassigned YES unset
administratively down down
Serial2/0 unassigned YES unset up
down 協議是dawn的
R2#config t
Enter configuration commands, one per line. End with CNTL/Z.
R2 int s2/0
R2 encapsulation ppp
end
R2#debug ppp negotiation
PPP protocol negotiation debugging is on
R2#show int s2/0
Serial2/0 is up, line protocol is up
Hardware is M4T
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Open
r1 show cdp nei
r1 config t
int s1/0
ip add 12.1.1.1 255.255.255.0
end
r2 config t
int s2/0
ip add 12.1.1.2 255.255.255.0
end
R1#
*Feb 27 18:43:43.719: %SYS-5-CONFIG_I: Configured from console by
console
R1#
*Feb 27 18:47:26.363: Se1/0 IPCP(第三層路由 IP ICMP): I CONFREQ
[Listen] id 1 len 10
*Feb 27 18:47:26.363: Se1/0 IPCP: Address 12.1.1.2
(0x03060C010102)
*Feb 27 18:47:26.363: Se1/0 IPCP: O CONFREQ [Listen] id 2 len 10
*Feb 27 18:47:26.363: Se1/0 IPCP: Address 12.1.1.1
(0x03060C010101)
*Feb 27 18:47:26.363: Se1/0 IPCP: O CONFACK [Listen] id 1 len 10
*Feb 27 18:47:26.363: Se1/0 IPCP: Address 12.1.1.2
(0x03060C010102)
*Feb 27 18:47:26.371: Se1/0 IPCP: I CONFACK [ACKsent] id 2 len 10
*Feb 27 18:47:26.371: Se1/0 IPCP: Address 12.1.1.1
(0x03060C010101)
*Feb 27 18:47:26.371: Se1/0 IPCP: State is Open
*Feb 27 18:47:26.371: Se1/0 IPCP: Install(路由表裏安裝) route to
12.1.1.2
r2 show ip route
C 12.1.1.1/32(路由表不準IP地址的 給32位做主機路由) is
directly connected, Serial2/0
r1 show ip route
C 12.1.1.2/32 is directly connected, Serial1/0 同上32位
r1 config t
int s1/0
no peer neighbor-route
end
r2 config t
int s2/0
no peer neighbor-route
end
r1 clear ip route *
r1 show ip route
r2 clear ip route *
r2 show ip route
r1 debug ppp packet
R1#show int s1/0
Serial1/0 is up, line protocol is up
Hardware is M4T
Internet address is 12.1.1.1/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Open
Open: IPCP, CDPCP, crc 16, loopback not set
Keepalive set (10 sec) 保持存活時間
r1 config t
interface s1/0
keepalive 1 (只是做實驗亂設的 現實不要改)
end
----------------------------------------------------------------
PPP 認證(authentication)PAP(兩次認/握手) CHAP
r1 config t
int s1/0
encapsulation ppp
shutdown
int s1/0
ppp authentication ?
ppp authentication pap
r2 config t
int s2/0
encapsulation ppp
shutdown
int s2/0
ppp authentication ?
ppp authentication pap
r1 ppp pap send-username abc password abc
end
r1 int s1/0
no shutddown
end
r1 debug ppp authentication
end
r2 int s2/0
no shutdown
end
r1 debug all
r1 config t
username xyz password xyz
end
r2 config t
int s2/0
ppp pap sent-username xyz password xyz
end
r2 config t
username abc password abc
end
r1 show run int s1/0
r1 debug ppp authentication
r1 config t
int s1/0
shutdown
exit
r2 config t
int s2/0
shutdown ( 觸發一個全新的認證)
exit
r1 int s1/0
no shutdown
exit
------------------------------------------------------
來一次完整的認證
r2 int s2/0
shutdown
exit
r1 int s1/0
no shutdown
exit
r2 int s2/0
shutdown
exit
r1 show run interface s1/0
r1 config t
int s1/0
no ppp authentication pap
no ppp pap sent-username abc password abc
end
r2 config t
int s2/0
no ppp authentication pap
no ppp pap sent-username xyz password xyz
end
r1 config t
int s1/0
ppp authentication pap
ppp pap sent-username abc password abc
end
r2 config t
int s2/0
ppp authentication pap 單項認證它不需要再發username
password
end
r2 debug ppp authentication
r1 debug ppp authentication
再把接口打開
r1 config t
int s1/0
no shutdown
end
r2 config t
int s2/0
no shutdown
end
r1 show ip interface bri (看看兩個UP了沒有)
r2 show ip interface bri (看看兩個UP了沒有)
-----------------------------------------------------------------------------------------
1.lcp 2.lcp的認證(authentication)PAP CHAP 3.ncp
ppp 是用在遠程接入 點到點 會自動分配地址
ppp 分兩層 lcp控制鏈路的建立 ncp:控制網絡協議(ip ipx..)
PPP 是唯一二層協議支持authentication
二層的封裝 :ppp hdlc(cisco) 以太網是多點接入