Wide Area Network

Chapter 15

powered by DJ 1

Chapter ObjectivesAt the end of this Chapter you will be

able to:Describe different methods for connecting to a WANConfigure and verify a basic WAN serial connectionDescribe VPN technology (including: importance, benefits, role, impact, components)

powered by DJ 2

Introduction to Wide Area Networks

Typically, LAN connections are within a company and WAN connections allow you to connect to remote sites. Typically, you don’t own the infrastructure for WAN connections—another company, such as a telephone company, provides the infrastructure.

WAN connections are usually slower than LAN connections.

One of the major factors when choosing a WAN or MAN provider is cost. These connections are billed in multiple ways: flat monthly lease cost, per-packet cost, per-minute cost, and many other methods.

powered by DJ 3

Equipment and Components

Equipments and Components of a WANpowered by DJ 4

Defining WAN Terms

Customer premises equipment (CPE)

Customer premises equipment (CPE) is equipment that’s owned by the subscriber and located on the subscriber’s premises.

Demarcation point

The demarcation point is the precise spot where the service provider’s responsibility ends and the CPE begins. It’s generally a device in a telecommunications closet owned and installed by the telecommunications company (telco). It’s your responsibility to cable (extended demarc) from this box to the CPE, which is usually a connection to a CSU/DSU or ISDN interface.

powered by DJ 5

Local loop

The local loop connects the demarc to the closest switching office, which is called a central office.

Central office (CO)

This point connects the customer’s network to the provider’s switching network. Good to know is that a central office (CO) is sometimes referred to as a point of presence (POP)

Toll network

The toll network is a trunk line inside a WAN provider’s network. This network is a collection of switches and facilities owned by the ISP.

powered by DJ 6

WAN Connection Types

Different type of WAN Connectionspowered by DJ 7

Leased Lines

These are usually referred to as a point-to-point or dedicated connection. A leased line is a pre-established WAN communications path that goes from the CPE through the DCE switch, then over to the CPE of the remote site. The CPE enables DTE networks to communicate at any time with no cumbersome setup procedures to muddle through before transmitting data. When you’ve got plenty of cash, this is really the way to go because it uses synchronous serial lines up to 45Mbps.

powered by DJ 8

Circuit Switching

When you hear the term circuit switching, think phone call. The big advantage is cost—you only pay for the time you actually use. No data can transfer before an end-to-end connection is established. Circuit switching uses dial-up modems or ISDN and is used for low-bandwidth data transfers.

Packet Switching

This is a WAN switching method that allows you to share bandwidth with other companies to save money.

powered by DJ 9

Introduction to WAN Protocolsmost prominently known WAN protocols used today: Frame Relay, ISDN, LAPB, LAPD, HDLC, PPP, PPPoE, Cable, DSL, MPLS, and ATM.

Frame Relay

A packet-switched technology that made its debut in the early 1990s, Frame Relay is a high-performance Data Link and Physical layer specification.

Another Frame Relay benefit is that it provides features for dynamic bandwidth allocation and congestion control.

powered by DJ 10

ISDN

Integrated Services Digital Network (ISDN) is a set of digital services that transmit voice and data over existing phone lines. ISDN offers a cost effective solution for remote users

LAPB

Link Access Procedure, Balanced (LAPB) was created to be a connection-oriented protocol at the Data Link layer for use with X.25, but it can also be used as a simple data link transport.

LAPD

Link Access Procedure, D-Channel (LAPD) is used with ISDN at the Data Link layer (layer 2) as a protocol for the D (signaling) channel.

powered by DJ 11

HDLC

High-Level Data-Link Control (HDLC) was derived from Synchronous Data Link Control (SDLC), which was created by IBM as a Data Link connection protocol. HDLC works at the Data Link layer and creates very little overhead compared to LAPB.

PPP

Point-to-Point Protocol (PPP) uses a Network Control Protocol field in the Data Link header to identify the Network layer protocol and allows authentication and multilink connections to be run over asynchronous and synchronous links.

powered by DJ 12

PPPoE

Point-to-Point Protocol over Ethernet encapsulates PPP frames in Ethernet frames and is usually used in conjunction with ADSL services. It gives you a lot of the familiar PPP features like authentication, encryption, and compression.

Cable

DSL

Digital subscriber line is a technology used by traditional telephone companies to deliver advanced services (high-speed data and sometimes video) over twisted-pair copper telephone wires.

powered by DJ 13

MPLS

MultiProtocol Label Switching (MPLS) is a data-carrying mechanism that emulates some properties of a circuit-switched network over a packet-switched network. MPLS is a switching mechanism that imposes labels (numbers) to packets and then uses those labels to forward packets.

ATM

Asynchronous Transfer Mode (ATM) was created for time-sensitive traffic, providing simultaneous transmission of voice, video, and data. ATM uses cells that are a fixed 53 bytes long instead of packets.

powered by DJ 14

Data Terminal Equipment and Data Communication Equipment

By default, router interfaces are data terminal equipment (DTE), and they connect into data communication equipment (DCE) like a channel service unit/data service unit (CSU/DSU).

The CSU/DSU then plugs into a demarcation location (demarc) and is the service provider’s last responsibility. Most of the time, the demarc is a jack that has an RJ-45 (8-pin modular) female connector located in a telecommunications closet.

Figure below shows a typical DTE-DCE-DTE connection and the devices used in the network

powered by DJ 15

DTE-DCE-DTE WAN Connection

powered by DJ 16

Virtual Private Networks

Introduction

A virtual private network (VPN) allows the creation of private networks across the Internet, enabling privacy and tunneling of non-TCP/IP protocols.

Types of VPNs are named based upon the role they play in a business. There are three different categories of VPNs:

Remote access VPNs Remote access VPNs allow remote users like telecommuters to securely access the corporate network wherever and whenever they need to.

.

powered by DJ 17

Site-to-site VPNs Site-to-site VPNs, or intranet VPNs, allow a company to connect its remote sites to the corporate backbone securely over a public medium like the Internet instead of requiring more expensive WAN connections like Frame Relay.

Extranet VPNs Extranet VPNs allow an organization’s suppliers, partners, and customers to be connected to the corporate network in a limited way for business-to-business (B2B) communications

powered by DJ 18

Configuring VPNs/IPSec Using the SDM

I selected Create a Site to Site VPN and then clicked Launch the Selected Task to get the Site to Site VPN screen.

powered by DJ 19

I clicked View Defaults and took a peek at what the router was going to configure:powered by DJ 20

After clicking Close, I clicked Next to receive the VPN Connection Information screen:

powered by DJ 21

I added the static IP address of my peer router (R3), added a pre-shared key, chose my source address of the Corp router, and the destination address, which happens to be the same address as my peer router (R3). I then clicked Next.

powered by DJ 22

I received a summary of the VPN configuration running IPSecpowered by DJ 23

Test VPN confirmation

powered by DJ 24

VPN Debugging in actionpowered by DJ 25

Congratulation Message

powered by DJ 26

THANK YOU

powered by DJ 27