Cem Kemal Erbaş Cem Kemal Erbaş
HDLC ve PPP Konfigürasyonu Huawei
- Genel isim ve ip address yapılandırması
system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname Router1
[Router1]interface Serial 0/0/1
[Router1-Serial0/0/1]ip address 10.0.12.1 24
system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname Router2
[Router2]interface Serial 0/0/1
[Router2-Serial0/0/1]ip address 10.0.12.2 24
[Router2-Serial0/0/1]quit
[Router2]interface Serial 0/0/2
[Router2-Serial0/0/2]ip address 10.0.23.2 24
system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname Router3
[Router3]interface serial 0/0/2
[Router3-Serial0/0/2]ip address 10.0.23.3 24 - HDLC protokolünü serial interface’lerde aktifleştirelim.
[Router1]interface Serial 0/0/1
[Router1-Serial0/0/1]link-protocol hdlc
Warning: The encapsulation protocol of the link will be changed.Continue? [Y/N]:y
[Router2]interface Serial 0/0/1
[Router2-Serial0/0/1]link-protocol hdlc
Warning: The encapsulation protocol of the link will be changed.Continue? [Y/N]:y
[Router2-Serial0/0/1]quit
[Router2]interface Serial 0/0/2
[Router2-Serial0/0/2]link-protocol hdlc
Warning: The encapsulation protocol of the link will be changed.
Continue? [Y/N]:y
[Router3]interface Serial 0/0/2
[Router3-Serial0/0/2]link-protocol hdlc
Warning: The encapsulation protocol of the link will be changed.Continue? [Y/N]:y
R1 üzerinde HDLC konfigürasyonu yaptığımız interface’in durumunu görüntüleyelim.
[Router1]display interface Serial 0/0/1
Serial0/0/1 current state : UP
Line protocol current state : UP
Last line protocol up time : 2014-12-12 11:34:58 UTC-08:00
Description:
Route Port,The Maximum Transmit Unit is 1500, Hold timer is 10(sec)
Internet Address is 10.0.12.1/24
Link layer protocol is nonstandard HDLC
Last physical up time : 2014-12-12 11:29:56 UTC-08:00
Last physical down time : 2014-12-12 11:29:55 UTC-08:00
Current system time: 2014-12-12 11:39:01-08:00Interface is V35
Last 300 seconds input rate 2 bytes/sec, 0 packets/sec
Last 300 seconds output rate 2 bytes/sec, 0 packets/sec
Input: 4078 bytes, 308 Packets
Ouput: 4150 bytes, 299 Packets
Input bandwidth utilization : 0.02%
Output bandwidth utilization : 0.02%
Fiziksel bağantımızın olup olmadıgını kontrol edelim.
ping 10.0.12.1
PING 10.0.12.1: 56 data bytes, press CTRL_C to break
Reply from 10.0.12.1: bytes=56 Sequence=1 ttl=255 time=30 ms
Reply from 10.0.12.1: bytes=56 Sequence=2 ttl=255 time=60 ms
Reply from 10.0.12.1: bytes=56 Sequence=3 ttl=255 time=1 ms
Reply from 10.0.12.1: bytes=56 Sequence=4 ttl=255 time=30 ms
Reply from 10.0.12.1: bytes=56 Sequence=5 ttl=255 time=10 ms
— 10.0.12.1 ping statistics —
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 1/26/60 ms
ping 10.0.23.3
PING 10.0.23.3: 56 data bytes, press CTRL_C to break
Reply from 10.0.23.3: bytes=56 Sequence=1 ttl=255 time=20 ms
Reply from 10.0.23.3: bytes=56 Sequence=2 ttl=255 time=30 ms
Reply from 10.0.23.3: bytes=56 Sequence=3 ttl=255 time=40 ms
Reply from 10.0.23.3: bytes=56 Sequence=4 ttl=255 time=10 ms
Reply from 10.0.23.3: bytes=56 Sequence=5 ttl=255 time=50 ms
— 10.0.23.3 ping statistics —
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 10/30/50 ms
3.RIPv2 konfigürasyonu
Router1 ve Router3 arasındaki haberleşmenin saglanması için RIP konfigürasyonu oluşturalım.
[Router1]rip
[Router1-rip-1]version 2
[Router1-rip-1]network 10.0.0.0
[Router2]rip
[Router2-rip-1]version 2
[R2-rip-1]network 10.0.0.0
[Router3]rip
[Router3-rip-1]version 2
[Router3-rip-1]network 10.0.0.0
Yaptığımız RIP konfigürasyonuna route tablosuna bakarak kontrol edelim.
display ip routing-table
Route Flags: R – relay, D – download to fib
——————————————————————————
Routing Tables: PublicDestinations : 5 Routes : 5
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.12.0/24 Direct 0 0 D 10.0.12.1 Serial0/0/1
10.0.12.1/32 Direct 0 0 D 127.0.0.1 Serial0/0/1
10.0.23.0/24 RIP 100 1 D 10.0.12.2 Serial0/0/1
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
Router1’in Router3 ile haberleştiğini görebilmek için Router1’den Router3’e ping atalım.
ping 10.0.23.3
PING 10.0.23.3: 56 data bytes, press CTRL_C to break
Reply from 10.0.23.3: bytes=56 Sequence=1 ttl=254 time=60 ms
Reply from 10.0.23.3: bytes=56 Sequence=2 ttl=254 time=50 ms
Reply from 10.0.23.3: bytes=56 Sequence=3 ttl=254 time=80 ms
Reply from 10.0.23.3: bytes=56 Sequence=4 ttl=254 time=50 ms
Reply from 10.0.23.3: bytes=56 Sequence=5 ttl=254 time=70 ms
— 10.0.23.3 ping statistics —
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 50/62/80 ms
4.PPP konfigürasyonu
Router1 ve Router2 arasında, Router2 ve Router3 arasında PPP konfigürasyonu yapalım. Bağlantının her iki ucuda aynı encapsulation modunda olması gerekli. Farklı encapsule modunda kullanılması durumunda interfaceler ‘DOWN’ durumunda gözükür.
[Router1]interface Serial 0/0/1
[Router1-Serial0/0/1]link-protocol ppp
Warning: The encapsulation protocol of the link will be changed.Continue? [Y/N]:y
[Router2]interface Serial 0/0/1
[Router2-Serial0/0/1]link-protocol ppp
Warning: The encapsulation protocol of the link will be changed.Continue? [Y/N]:y
[Router2-Serial0/0/1]quit
[Router2]interface Serial 0/0/2
[Router2-Serial0/0/2]link-protocol ppp
Warning: The encapsulation protocol of the link will be changed.
Continue? [Y/N]:y
[Router3]interface Serial 0/0/2
[Router3-Serial0/0/2]link-protocol ppp
Warning: The encapsulation protocol of the link will be changed.Continue? [Y/N]:y
Konfigürasyonu test edelim.
ping 10.0.12.1
PING 10.0.12.1: 56 data bytes, press CTRL_C to break
Reply from 10.0.12.1: bytes=56 Sequence=1 ttl=255 time=30 ms
Reply from 10.0.12.1: bytes=56 Sequence=2 ttl=255 time=30 ms
Reply from 10.0.12.1: bytes=56 Sequence=3 ttl=255 time=50 ms
Reply from 10.0.12.1: bytes=56 Sequence=4 ttl=255 time=50 ms
Reply from 10.0.12.1: bytes=56 Sequence=5 ttl=255 time=30 ms
— 10.0.12.1 ping statistics —
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 30/38/50 ms
ping 10.0.23.3
PING 10.0.23.3: 56 data bytes, press CTRL_C to break
Reply from 10.0.23.3: bytes=56 Sequence=1 ttl=255 time=20 ms
Reply from 10.0.23.3: bytes=56 Sequence=2 ttl=255 time=10 ms
Reply from 10.0.23.3: bytes=56 Sequence=3 ttl=255 time=50 ms
Reply from 10.0.23.3: bytes=56 Sequence=4 ttl=255 time=50 ms
Reply from 10.0.23.3: bytes=56 Sequence=5 ttl=255 time=30 ms
— 10.0.23.3 ping statistics —
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 10/32/50 ms
Ping işlemi başarısız olursa, interfacelerin durumunu kontrol edelim ve bağlantı katmanının protokol türünün dogru olup olmadıgına bakalım.
display interface Serial 0/0/1
Serial0/0/1 current state : UP
Line protocol current state : UP
Last line protocol up time : 2014-12-12 11:53:07 UTC-08:00
Description:
Route Port,The Maximum Transmit Unit is 1500, Hold timer is 10(sec)
Internet Address is 10.0.12.1/24Link layer protocol is PPP
LCP opened, IPCP opened
Last physical up time : 2014-12-12 11:52:15 UTC-08:00
Last physical down time : 2014-12-12 11:52:15 UTC-08:00
Current system time: 2014-12-12 12:04:49-08:00Interface is V35
Last 300 seconds input rate 4 bytes/sec, 0 packets/sec
Last 300 seconds output rate 2 bytes/sec, 0 packets/sec
Input: 13054 bytes, 605 Packets
Ouput: 9966 bytes, 557 Packets
Input bandwidth utilization : 0.05%
Output bandwidth utilization : 0.02%
- Route değişikliklerini inceleyelim.
PPP konfigürasyonu tamamlandıktan sonra, router’lar bağlantıyı kuracak ve veri akışı başlayacaktır. Local(pc, vb.) cihazımız route’u peer cihaza gönderir. Gönderdiği route, interface ip adresini ve 32-bit mask’ini yollar.
Router1 ve Router3’un routing bilgilerini aşagıdaki Router2 tablosunda bulunan bilgilere bakarak görebiliriz.
display ip routing-table
Route Flags: R – relay, D – download to fib
——————————————————————————
Routing Tables: PublicDestinations : 8 Routes : 8
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.12.0/24 Direct 0 0 D 10.0.12.2 Serial0/0/1
10.0.12.1/32 Direct 0 0 D 10.0.12.1 Serial0/0/1
10.0.12.2/32 Direct 0 0 D 127.0.0.1 Serial0/0/1
10.0.23.0/24 Direct 0 0 D 10.0.23.2 Serial0/0/2
10.0.23.2/32 Direct 0 0 D 127.0.0.1 Serial0/0/2
10.0.23.3/32 Direct 0 0 D 10.0.23.3 Serial0/0/2
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
PAP authentication Router1 ve Router2 arasında aktifleştirelim.
PPP PAP authenticator’ı Router1’e PAP’için Konfigüre edelim.
[Router1]interface Serial 0/0/1
[Router1-Serial0/0/1]ppp authentication-mode pap
[Router1-Serial0/0/1]quit
[Router1]aaa
[Router1-aaa]local-user huawei password cipher huawei
Info: Add a new user.
[Router1-aaa]local-user huawei service-type ppp
PAP authentication’ı Router2 ‘de PAP authenticated device olacak şekilde konfigüre edelim..
[Router2]interface Serial 0/0/1
[Router2-Serial0/0/1]ppp pap local-user huawei password cipher huawei
Router2 Router1 ‘e request gönderir; Router1 Router2 ’ye response mesajı yollar; Router2 ‘nin PAP authentication kullanmak için request paketi içinde parola gönderir.
Router1 ve Router2 arasında ki bağlantıya bakalım.
debugging ppp pap packet
terminal debugging
display debugging
PPP PAP packets debugging switch is on
system-view
Enter system view, return user view with Ctrl+Z.
[Router1]interface Serial 0/0/1
[Router1-Serial0/0/1]shutdown
[Router1-Serial0/0/1]undo shutdown
Now 10 2014 14:44:22.440.1+00:00 Router1PPP/7/debug:
PPP Packet:
Serial0/0/1 Input PAP(c023) Pkt , Len 22
State ServerListen, code Request(01 ) id 1 , len 18
Host Len: 6 Name :huawei
Now 10 2014 14:44:22.440.1+00:00 Router1PPP/7/debug:
PPP Packet:
Serial0/0/1 Output PAP(c023) Pkt , Len 52
State WaitAAA, code Ack(02 ) id 1 , len 48
Msg Len: 43 msg :…………
[Router1-Serial0/0/1]return
undo debugging all
Info: All possible debugging has been turned off.
- Router2 ve Router3 arasında CHAP authentication aktifleştirelim.
Router3 authenticator olacal şekilde konfigüre edelim. Router2 , Router3’e request mesajı yollarken , Router3 Router2’ye response mesajı yollar, Router2 Router3’e request göndererek CHAP authentication’ı oluşturur. Konfigürasyonu yapalım.
[Router3]interface Serial 0/0/2
[Router3-Serial0/0/2]ppp authentication-mode chap
[Router3-Serial0/0/2]quit
[Router3]aaa
[Router3-aaa]local-user huawei password cipher huawei
Info: A new user added
[Router3-aaa]local-user huawei service-type ppp
[Router3-aaa]quit
[Router3]interface Serial 0/0/2
[Router3-Serial0/0/2]shutdown
[Router3-Serial0/0/2]undo shutdown
Router2 de CHAP’ı client olarak yapılandıralım.
[Router2]interface Serial 0/0/2
[Router2-Serial0/0/2]ppp chap user huawei
[Router2-Serial0/0/2]ppp chap password cipher huawei
Konfigürasyonu oluşturduktan sonra baglantımızında oldugunu kontrol edelim.
[Router2]ping 10.0.23.3
PING 10.0.23.3: 56 data bytes, press CTRL_C to break
Reply from 10.0.23.3: bytes=56 Sequence=1 ttl=255 time=50 ms
Reply from 10.0.23.3: bytes=56 Sequence=2 ttl=255 time=30 ms
Reply from 10.0.23.3: bytes=56 Sequence=3 ttl=255 time=10 ms
Reply from 10.0.23.3: bytes=56 Sequence=4 ttl=255 time=1 ms
Reply from 10.0.23.3: bytes=56 Sequence=5 ttl=255 time=50 ms
— 10.0.23.3 ping statistics —
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 1/28/50 ms
7.PPP ve CHAP debugging.
Router2 ve Router3 arasında PPP bağlantısı görüntülemek için debug komutunu çalıştırın. PPP bağlantısı CHAP kullanılarak kurulmuştu. Router2 üzerinde interface S 0/0/2 kapattıktan sonra , debug komutunu çalıştırın, ve Router2 üzerinde interface S0/0/02 etkinleştirin.
[Router2]interface Serial 0/0/2
[Router2-Serial0/0/2]shutdown
Debugging bilgilerini görüntülemek için debugging ppp chap all ve terminal debugging komutlarını kullanın.
[Router2-Serial0/0/2]return
debugging ppp chap all
terminal debugging
Info: Current terminal debugging is on.
display debuggingPPP
CHAP packets debugging switch is onPPP CHAP events debugging switch is on
PPP CHAP errors debugging switch is on
PPP CHAP state change debugging switch is on
Debugging prosesini devre dışı bırakalım.
[Router2]return
undo debugging all
Info: All possible debugging has been turned off.
Final konfigürasyonu . . .
display current-configuration
#
sysname Router1
#
aaaa
uthentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher OOCM4m($F4ajUn1vMEIBNUw#
local-user admin service-type http
local-user huawei password cipher n$qS(S=3x<3IF$’:[285*n#
local-user huawei service-type ppp
#
interface Serial0/0/1
link-protocol ppp
ppp authentication-mode pap
ip address 10.0.12.1 255.255.255.0
#
rip 1
version 2
network 10.0.0.0
#
user-interface con 0
user-interface vty 0 4
user-interface vty 16 20
#
return
<Router2>display current-configuration
#
sysname Router2
#
aaa
authentication-scheme defaul
tauthorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher OOCM4m($F4ajUn1vMEIBNUw#
local-user admin service-type http
#
interface Serial0/0/1
link-protocol ppp
ppp pap local-user huawei password cipher NC55QK<=/Q=^QMAF4<1!!
ip address 10.0.12.2 255.255.255.0
#
interface Serial0/0/2
link-protocol ppp
ppp chap user huawei
ppp chap password cipher NC55QK<=/Q=^Q`MAF4<1!!
ip address 10.0.23.2 255.255.255.0
#
rip 1
version 2
network 10.0.0.0
#
user-interface con 0
user-interface vty 0 4
user-interface vty 16 20
#
Return
display current-configuration
#
sysname Router3
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher OOCM4m($F4ajUn1vMEIBNUw#
local-user admin service-type http
local-user huawei password cipher ^>v”+^Ij(HZypQCee$t3k@J#
local-user huawei service-type ppp
#
interface Serial0/0/2
link-protocol ppp
ppp authentication-mode chap
ip address 10.0.23.3 255.255.255.0
#
rip 1
version 2
network 10.0.0.0
#
user-interface con 0
user-interface vty 0 4
user-interface vty 16 20
#
return
