串线RARB pc1pc2
实验的主要命令
link-protocol ppp ppp pap local-user rta password simple rta ppp authentication-mode pap ppp pap local-user username password { cipher | simple } password
实验总结
PPP协议是H3C路由器的缺省封装。PPP提供了两种可选的身份认证方法:口令验证协议PAP(PasswordAuthenticationProtocol,PAP)和质询握手协议CHAP(ChallengeHandshakeAuthenticationProtocol,CHAP)。如果双方协商达成一致,也可以不使用任何身份认证方法。PAP是一个简单的、实用的协议。既可以单向认证,也可以配置为双向认证。
常见问题
有时分不清哪个是主验证方,哪个是被验证方。
实验3.2 PPP协议配置(CHAP验证)
实验目的
掌握MP协议的配置方法和用途
实验设备
1台H3C AR28-11路由器,1台H3C AR28-12路由器; 1台H3C S2126交换机、1台H3C E328交换机;
2台计算机,Windiwos XP操作系统,安装超级终端程序; 1条Cosole电缆(RJ45-DB9型); 4条直通双绞线;
1条路由器背靠背连接电缆(1条V35DCE,1条V35DTE)。
实验拓扑图
- 15 -
串线RARB pc1pc2
实验的主要命令
link-protocol ppp ppp authentication-mode chap ppp chap user rta
实验总结
PPP协议是H3C路由器的缺省封装。单向CHAP验证时,RouterB需要对RouterA送过来的帐号口令进行CHAP验证,验证通过后line protocol才会up。RouterA不需要对RouterB进行验证。双向CHAP验证时,RouterB需要对RouterA送过来的帐号口令进行CHAP验证,验证通过后line protocol才会up。RouterA需要对RouterB送过来的帐号口令进行CHAP验证,验证通过后line protocol才会up。此实验要求我们应当掌握ppp协议的正确使用。
常见问题
不能把主验证方和被验证方弄错了。
实验3.3 MP协议配置
实验目的
在模拟的点到点链路上配置PPP协议(CHAP验证)。
实验设备
2台H3C AR28-12路由器(各2个Serial口)
2台H3C E328交换机;
2台计算机,Windiwos XP操作系统,安装超级终端程序; 1条Cosole电缆(RJ45-DB9型); 4条直通双绞线;
2条路由器背靠背连接电缆(2条V35DCE,2条V35DTE)。
实验拓扑图
- 16 -
串线串线RARB pc1pc2
实验的主要命令
Interface mp-group number ppp mp mp-group number
显示信息
[R1]disp ip r
[R1]disp ip routing-table Routing Table: public net
Destination/Mask Protocol Pre Cost Nexthop Interface 10.10.18.0/24 DIRECT 0 0 10.10.18.1 Ethernet0/0 10.10.18.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0 10.10.20.0/24 DIRECT 0 0 10.10.20.1 Mp-group1 10.10.20.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0 10.10.20.2/32 DIRECT 0 0 10.10.20.2 Mp-group1 127.0.0.0/8 DIRECT 0 0 127.0.0.1 InLoopBack0 127.0.0.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0 [R1]dis cur sysname R1 cpu-usage cycle 1min radius scheme system domain system local-user R
password simple R service-type ppp local-user admin
password cipher .]@USE=B,53Q=^Q`MAF4<1!! service-type telnet terminal level 3
service-type ftp interface Aux0 async mode flow interface Bri3/0
- 17 -
link-protocol ppp
interface Ethernet0/0
ip address 10.10.18.1 255.255.255.0 interface Ethernet0/1 ip address dhcp-alloc interface Serial0/0 clock DTECLK1 link-protocol ppp
ppp authentication-mode pap
ppp pap local-user R1 password simple R1 ip address dhcp-alloc interface Serial0/1
link-protocol ppp
ppp authentication-mode pap
ppp pap local-user R1 password simple R1 ppp mp Mp-group 1
ip address dhcp-alloc interface Mp-group1
ip address 10.10.20.1 255.255.255.0 interface GigabitEthernet1/0 ip address dhcp-alloc interface NULL0 rip
network 10.0.0.0 FTP server enable user-interface con 0 user-interface aux 0 user-interface vty 0 4 authentication-mode scheme Return
[R1]dis int s0/0
Serial0/0 current state :UP
Line protocol current state :UP Description : Serial0/0 Interface
The Maximum Transmit Unit is 1500, Hold timer is 10(sec) Internet protocol processing : disabled Link layer protocol is PPP
LCP initial
Output queue : (Urgent queuing : Size/Length/Discards) 0/50/0 Output queue : (Protocol queuing : Size/Length/Discards) 0/500/0 Output queue : (FIFO queuing : Size/Length/Discards) 0/75/0 Physical layer is synchronous,
Interface is DTE, Cable type is V35 Last clearing of counters: Never
- 18 -
Last 300 seconds input rate 17.13 bytes/sec, 137 bits/sec, 0.24 packets/sec Last 300 seconds output rate 16.00 bytes/sec, 128 bits/sec, 0.24 packets/sec Input: 934 packets, 47660 bytes 102 broadcasts, 0 multicasts 2 errors, 0 runts, 1 giants 0 CRC, 0 align errors, 0 overruns 0 dribbles, 0 aborts, 0 no buffers 1 frame errors
Output:950 packets, 45290 bytes
0 errors, 0 underruns, 0 collisions 0 deferred
DCD=UP DTR=UP DSR=UP RTS=UP CTS=UP [R1]dis int s0/1
Serial0/1 current state :UP Line protocol current state :UP Description : Serial0/1 Interface
The Maximum Transmit Unit is 1500, Hold timer is 10(sec) Internet protocol processing : disabled
Link layer protocol is PPP LCP closed
Output queue : (Urgent queuing : Size/Length/Discards) 0/50/0 Output queue : (Protocol queuing : Size/Length/Discards) 0/500/0 Output queue : (FIFO queuing : Size/Length/Discards) 0/75/0 Physical layer is synchronous,Baudrate is 64000 bps Interface is DCE, Cable type is V35 Last clearing of counters: Never
Last 300 seconds input rate 6.86 bytes/sec, 54 bits/sec, 0.26 packets/sec Last 300 seconds output rate 10.20 bytes/sec, 81 bits/sec, 0.31 packets/sec Input: 853 packets, 37765 bytes 78 broadcasts, 0 multicasts 0 errors, 0 runts, 0 giants
0 CRC, 0 align errors, 0 overruns 0 dribbles, 0 aborts, 0 no buffers 0 frame errors
Output:923 packets, 41189 bytes 0 errors, 0 underruns, 0 collisions 0 deferred
DCD=UP DTR=UP DSR=UP RTS=UP CTS=UP
实验总结
MP的实现方式主要有两种:一是通过配置虚拟模版接口VT实现;另一种则是利用MP-Group接口实现。PPP允许将多个链路绑定在一起,形成一个捆绑,当作一个逻辑链路使用。这种技术就叫做MP。MP的主要功能有:一提供更高的带宽;二结合DCC(Dial Control Center,拨号控制中心)实现动态增加或减小带宽;三实现多条链路的负载分担;四多条链
- 19 -