|
|
This chapter describes how to configure asynchronous interfaces for telecommuting applications using Serial Line Internet Protocol (SLIP) and Point-to-Point Protocol (PPP) encapsulation. See the Access and Communication Servers Command Reference publication for a complete description of the commands listed in this chapter.
Refer to the Cisco Access Connection Guide for information about EXEC user commands and establishing SLIP and PPP connections.
SLIP and PPP define methods of sending Internet Protocol (IP) packets over standard RS-232 asynchronous serial lines with minimum line speeds of 1200 baud.
Using SLIP or PPP encapsulation over asynchronous lines is an inexpensive way of connecting PCs to a network. SLIP and PPP over asynchronous dial-up modems allow a home computer to be connected to a network without the cost of a leased line. Dial-up SLIP and PPP links can also be used for remote sites that need only occasional telecommuting or backup connectivity. Both public-domain and vendor-supported SLIP and PPP implementations are available for a variety of computer applications.
The communication server concentrates a large number of SLIP or PPP PC or workstation client hosts onto a network interface allowing the PCs to communicate with any host on the network. The communication server can support any combination of SLIP or PPP lines and lines dedicated to normal asynchronous devices such as terminals and modems. Refer to RFC 1055 for more information about SLIP, and RFCs 1331 and 1332 for more information about PPP.
PPP is a newer, more robust protocol than SLIP and it contains protocols that can detect or prevent misconfiguration. SLIP is an older protocol that is supported on more machines.
Figure 15-1 illustrates a typical asynchronous SLIP or PPP telecommuting configuration.
There is an asynchronous BOOTP server in your communication server. This means that SLIP and PPP clients can send BOOTP requests to the communication server, and the communication server will respond with information about the network. For example, the client can send a BOOTP request to find out what its IP address is and where the boot file is located, and the communication server can respond with the information.
BOOTP allows a client machine to discover its own IP address, the address of the communication server, and the name of a file to be loaded into memory and executed. There are typically two phases to using BOOTP: first, the client's address is determined and the bootfile is selected; then the file is transferred, typically using TFTP.
BOOTP compares to RARP as follows: Reverse Address Resolution Protocol (RARP) is an older protocol that allows a client to determine its IP address if it knows its hardware address. (Refer to the chapters "Configuring IP" and "Configuring IP Routing Protocols," later in this publication, for more information about RARP.) However, RARP is a hardware link protocol, so it can only be implemented on hosts that have special kernel or driver modifications that allow access to these raw packets. BOOTP does not require kernel modifications.
BOOTP supports the extended BOOTP requests specified in RFC 1084 and works for both SLIP and PPP encapsulation.
Line configuration commands configure a connection to a terminal or a modem. Interface configuration (async) commands described in the "Configuring SLIP and PPP" chapter of this publication configure a line as an asynchronous network interface over which networking functions are performed.
Your communication server also supports IP routing connections for communication that requires connecting one network to another.
Beginning with IOS Release 10.3, your communication server supports protocol translation for SLIP and PPP between other network devices running Telnet, LAT, or X.25. The IOS software also supports translation for byte-oriented traffic to and from a packet assembler/disassembler (PAD). For example, you can send IP packets across a public X.25 PAD network using SLIP or PPP encapsulation when SLIP or PPPprotocol translation is enabled. For more information, refer to the chapter "Configuring Protocol Translation:" in this publication.
If asynchronous dynamic routing is enabled, you can enable routing at the user level by using the routing keyword with the slip or ppp EXEC command.
Asynchronous interfaces offer both dedicated and dynamic address assignment, configurable hold queues and IP packet sizes, extended BOOTP requests, and permit and deny conditions for controlling access to lines. Figure 15-2 shows a sample asynchronous routing configuration.
Communication servers recognize a variety of IP broadcast addresses. When a communication server receives an IP packet from an asynchronous client, it rebroadcasts the packet onto the network without changing the IP header. The communication server does not alter the packet's broadcast address to match the form of broadcast address it prefers.
The communication server receives a copy of asynchronous client broadcasts, and responds to BOOTP requests with the current IP address assigned to the asynchronous interface on which the request was received. This facility allows the asynchronous client software to automatically determine its own IP address.
To configure your communication server to support telecommuting, you must perform the first task in the following list on your asynchronous interfaces. Perform the rest of the tasks to customize the asynchronous interface for your particular network environment and to monitor asynchronous connections:
The steps to perform these tasks are described in the following sections. See the "Asynchronous Interface Configuration Examples" section at the end of this chapter for examples of asynchronous configuration files. Tasks are performed in global configuration mode unless otherwise specified.
To configure your communication server to support telecommuting, configure basic functionality on your asynchronous interfaces, and then customize the interfaces for your environment. Basic configuration tasks include the following:
To specify an asynchronous interface, perform the following task in global configuration mode.
| Task | Command |
|---|---|
Specify an asynchronous interface. | interface async unit |
SLIP and PPP are methods of encapsulating datagrams and other network-layer protocol information over point-to-point links. To configure the default encapsulation on an asynchronous interface, perform the following task in interface configuration mode.
| Task | Command |
|---|---|
Configure PPP or SLIP encapsulation on an asynchronous line. | encapsulation {ppp | slip} |
In order to use SLIP or PPP, the communication server must be configured with an IP routing protocol or with the ip host-routing command. This configuration is done automatically if you are using old-style slip address commands, but you must configure it manually if you configure SLIP or PPP via the interface async command.
When an asynchronous interface is encapsulated with PPP or SLIP, IP fast switching is enabled. For more information on IP fast switching, refer to the "Enable Fast Switching" section later in this chapter.
You can configure one or more asynchronous interfaces on your communication server to be in dedicated network interface mode. In dedicated mode, an interface is automatically configured for SLIP or PPP connections. There is no user prompt or EXEC level, and no end-user commands are required to initiate telecommuting connections. If you want a line to be used only for SLIP or PPP connections, configure the line for dedicated mode.
In interactive mode, a line can be used to make any type of connection, depending on the EXEC command entered by the user. For example, depending on its configuration, the line could be used for Telnet or XRemote connections, or SLIP or PPP encapsulation. The user is prompted for an EXEC command before a connection is initiated.
This section describes the following tasks:
You can configure an asynchronous interface to be in dedicated network mode. When the interface is configured for dedicated mode, the end user cannot change the encapsulation method, address, or other parameters.
To configure an interface for dedicated network mode, perform the following task in interface configuration mode.
| Task | Command |
|---|---|
Place the line into dedicated asynchronous network mode. |
Refer to the chapter "Managing the System," earlier in this publication, for more information about automatic dialing using DTR.
After a line has been placed in dedicated mode, perform the following task in interface configuration mode to return it to interactive mode.
| Task | Command |
|---|---|
Return the line to interactive mode. |
By default, no asynchronous mode is configured. In this state, the line is not available for inbound networking because the SLIP and PPP connections are disabled.
You can control whether addressing is dynamic (the user specifies the address at the EXEC level when making the connection), or whether default addressing is used (the address is forced by the system). If you specify dynamic addressing, the communication server must be in interactive mode and the user will enter the address at the EXEC level.
It is common to configure an asynchronous interface to have a default address and to allow dynamic addressing. With this configuration, the choice between the default address or a dynamic addressing is made by the user when they enter the slip or ppp EXEC command. If the user enters an address, it is used, and if the user enters the default keyword, the default address is used.
This section describes the following tasks:
Perform the following task in interface configuration mode to assign a permanent default asynchronous address:
| Task | Command |
|---|---|
Assign a default IP address to an asynchronous interface. |
Use the no form of this command to disable the default address. If the server has been configured to authenticate asynchronous connections, you are prompted for a password after entering the SLIP or PPP EXEC command before the line is placed into asynchronous mode.
The assigned default address is implemented when the user enters the slip default or ppp default EXEC command. The transaction is validated by the TACACS server (when enabled) and the line is put into network mode using the address that is in the configuration file.
Configuring a default address is useful when the user is not required to know the IP address to gain access to a system; for example, users of a server that is available to many students on a campus. Instead of requiring each user to know an IP address, they need only enter the slip default or ppp default EXEC command and let the server select the address to use. See the Cisco Access Connection Guide for more information about the slip and ppp EXEC commands.
When a line is configured for dynamic assignment of asynchronous addresses, the user enters the slip or ppp EXEC command and is prompted for an address or logical host name. The address is validated by the Terminal Access Controller Access System (TACACS), when enabled, and the line is assigned the given address and put into asynchronous mode. Assigning asynchronous addresses dynamically is also useful when you want to assign set addresses to users. For example, an application on a personal computer that automatically dials in using SLIP and polls for electronic mail messages can be set up to dial in periodically and enter the required IP address and password.
To assign asynchronous addresses dynamically, perform the following task in interface configuration mode:
| Task | Command |
|---|---|
Allow the IP address to be assigned when the protocol is initiated. |
The dynamic addressing features of the internetwork allow packets to get to their destination and back regardless of the communication server or network they are sent from. For example, if a host such as a laptop computer moves from place to place it can keep the same address no matter where it is dialing in from.
Logical host names are first converted to uppercase and then sent to the TACACS server for authentication.
The local address is set using the ip address or ip unnumbered command.
IP addresses identify locations to which IP datagrams can be sent. You must assign each router interface an IP address. See the Internetworking Technology Overview publication for detailed information on IP addresses.
To assign an IP address to a network interface on the communication server, perform the following task in interface configuration mode:
| Task | Command |
|---|---|
Set an IP address for an interface. | ip address address mask [secondary] |
A subnet mask identifies the subnet field of a network address. Subnets are described in the Internetworking Technology Overview publication.
When asynchronous routing is enabled, you might find it necessary to conserve network addresses by configuring the asynchronous interfaces as unnumbered. An unnumbered interface does not have an address. Network resources are therefore conserved because fewer network numbers are used and routing tables are smaller.
To configure an unnumbered interface, perform the following task in interface configuration mode.
| Task | Command |
|---|---|
Configure the asynchronous interface to be unnumbered. |
Whenever the unnumbered interface generates a packet (for example, a routing update), it uses the address of the specified interface as the source address of the IP packet. It also uses the address of the specified interface to determine which routing processes are sending updates over the unnumbered interface.
You can use the IP unnumbered feature on the communication server whether or not the system on the other end of the asynchronous link supports this feature. The IP unnumbered feature is transparent to the other end of the link because each system bases its routing activities on information in the routing updates it receives and on its own interface address on the link.
To route IP packets, perform the following task in interface configuration mode to enable routing protocols IGRP, RIP, and OSPF, on an interface.
| Task | Command |
|---|---|
Configure an asynchronous interface for routing. |
When the user makes a connection, they must specify /routing on the SLIP or PPP command line.
The Cisco IOS software permits you to configure asynchronous protocol features, such as SLIP and PPP, on virtual terminal lines. SLIP and PPP normally function only on asynchronous interfaces, and not on virtual terminal lines. When you configure a virtual terminal line to support asynchronous protocol features, you are creating virtual asynchronous interfaces on the virtual terminal lines. One practical benefit of virtual asynchronous interfaces is the ability to tunnel SLIP and PPP inside of X.25, TCP, or LAT on virtual terminal lines. You tunnel SLIP and PPP using the protocol translation facility. For more information, refer to the chapter "Configuring Protocol Translation" in this publication.
Perform the tasks in the following sections to configure and use virtual asynchronous interfaces. The first task is required; the remaining tasks are optional.
To create a virtual asynchronous interface, perform the following task in global configuration mode:
| Task | Command |
|---|---|
Configure all virtual terminal lines to support asynchronous protocol features. |
One practical benefit of enabling virtual asynchronous interfaces is the ability to tunnel SLIP and PPP over X.25, thus extending remote node capability into the X.25 area. You can also tunnel SLIP and PPP over Telnet or LAT on virtual terminal lines. You can tunnel SLIP and PPP over X.25, LAT, or Telnet, but you do so by using the protocol translation feature in the IOS software. Refer to the "Configuring Protocol Translation" chapter in this publication for more information about protocol translation.
To tunnel incoming dial-up SLIP or PPP connections over X.25, LAT, or TCP to an IP network, you can use one-step protocol translation or two-step protocol translation, as follows:
To make a connection to a network device using any supported protocol, refer to the Cisco Access Connection Guide.
For an example of tunneling SLIP across X.25 PAD to an IP network, refer to the "Configuring Protocol Translation" chapter in this publication.
To route IP packets using the IGRP, RIP, and OSPF routing protocols on virtual asynchronous interfaces, perform the following task in global configuration mode:
| Task | Command |
|---|---|
Enable dynamic routing of IP packets on all virtual terminal lines. |
When you make a connection, you must specify the routing keyword on the SLIP or PPP command line.
You can compress the headers on TCP/IP packets on virtual asynchronous interfaces to reduce their size and increase performance. This feature only compresses the TCP header, so it has no effect on UDP packets or other protocol headers. The TCP header compression technique, described fully in RFC 1144, is supported on virtual asynchronous interfaces using SLIP and PPP encapsulation. You must enable compression on both ends of the connection.
You can optionally specify outgoing packets to be compressed only if TCP incoming packets on the same virtual terminal line are compressed. If you do not specify this option, the communication server will compress all traffic. The default is no compression. This option is valid for SLIP.
To compress the headers of outgoing TCP packets on virtual asynchronous interfaces, perform the following task in global configuration mode:
| Task | Command |
|---|---|
Enable header compression on IP packets on all virtual terminal lines. | vty-async header-compression [passive] |
Keepalives are enabled on all virtual asynchronous interfaces by default. To change the keepalive timer or disable it on virtual asynchronous interfaces, perform the following task in global configuration mode:
| Task | Command |
|---|---|
Specify the frequency with which the IOS software sends keepalive messages to the other end of an asynchronous serial link. | vty-async keepalive [seconds] |
The default interval is 10 seconds. It is adjustable in one-second increments from 0 to 32,767 seconds. To turn off keepalive updates, set the value to 0. A connection is declared down after three update intervals have passed without receiving a keepalive packet.
Virtual terminal lines have very low bandwidth. When adjusting the keepalive timer, large packets can delay the smaller keepalive packets long enough to cause the session to disconnect. You might need to experiment to determine the best value.
The maximum transmission unit (MTU) refers to the size of an IP packet. You might want to change to a smaller MTU size for IP packets transmitted on a virtual asynchronous interface for any of the following reasons:
To specify the maximum IP packet size, perform the following task in interface configuration mode:
| Task | Command |
|---|---|
Specify the size of the largest IP packet that the virtual asynchronous interface can support. |
The default MTU size is 1500 bytes. Possible values are 64 bytes to 1,000,000 bytes.
TCP running on the device to which the communication server is connected can have a different MTU size than what is configured on the communication server. Because the communication server performs IP fragmentation of packets larger than the specified MTU. Do not change the MTU size unless the SLIP or PPP implementation running on the host at the other end of the asynchronous line supports reassembly of IP fragments.
You can enable Challenge Handshake Authentication Protocol (CHAP) or Password Authentication Protocol (PAP) for authentication of PPP on virtual asynchronous interfaces.
Access control using Challenge Handshake Authentication Protocol (CHAP) is available on all virtual asynchronous interfaces configured for PPP encapsulation. The authentication feature reduces the risk of security violations on your communication server.
When CHAP is enabled, a remote device (a PC, workstation, or communication server) attempting to connect to the local communication server is requested, or "challenged," to respond.
The challenge consists of an ID, a random number, and either the host name of the local communication server or the name of the user on the remote device. This challenge is transmitted to the remote device.
The required response consists of two parts:
When the local communication server receives the challenge response, it verifies the secret by looking up the name given in the response and performing the same encryption operation. The secret passwords must be identical on the remote device and the local communication server.
By transmitting this response, the secret is never transmitted, thus preventing other devices from stealing it and gaining illegal access to the system. Without the proper response, the remote device cannot connect to the local communication server.
CHAP transactions occur only when a link is established. The local communication server does not request a password during the rest of the session. (The local communication server can, however, respond to such requests from other devices during a session.)
To use CHAP on virtual asynchronous interfaces for PPP, perform the following task in global configuration mode:
| Task | Command |
|---|---|
Enable CHAP on all virtual asynchronous interfaces. |
CHAP is specified in RFC 1334. It is an additional authentication phase of the PPP Link Control Protocol.
Once you have enabled CHAP, the local communication server requires a response from the remote devices. If the remote device does not support CHAP, no traffic is passed to that device.
Access control using the Password Authentication Protocol (PAP) is available on all virtual asynchronous interfaces configured for PPP encapsulation. The authentication feature reduces the risk of security violations on your communication server.
To use PAP, perform the following task in interface configuration mode:
| Task | Command |
|---|---|
Enable PAP on all virtual asynchronous interfaces. |
Access control using the Terminal Access Controller Access Control System (TACACS) is available on all virtual asynchronous interfaces configured for PPP encapsulation. The authentication feature reduces the risk of security violations on your communication server.
To use TACACS with either CHAP or PAP, perform the following task in global configuration mode:
| Task | Command |
|---|---|
Enable TACACS on all virtual asynchronous interfaces. |
To configure the communication server to allow a PPP or SLIP session to start automatically, perform the following tasks in line configuration mode
| Task | Command |
|---|---|
Configure a line to automatically start an ARA, PPP or SLIP session. |
| 1This command is documented in the "Terminal Line and Modem Support Commands" chapter of the Access and Communication Servers Command Reference publication. |
The autoselect command permits the communication server to allow an appropriate process to start automatically when a starting character is received. The communication server detects either a Return character, which is the start character for an EXEC session, or the start character for the ARA protocol. By using the optional during login argument, the username or password prompt is displayed without pressing the Return key. While the Username or Password name is presented, you can choose to answer these prompts or to start sending packets from an autoselected protocol. Refer to the end of this chapter for configuration examples.
You can configure IPX to run over PPP on synchronous serial and asynchronous serial interfaces. To enable IPX over PPP, perform the following tasks starting in global configuration mode. The first five tasks are required. The last task is optional:
| Task | Command |
|---|---|
Step 1. Enable IPX routing on the communication server. | ipx routing [node] |
Step 2. Enter interface configuration mode. | interface type number |
Step 3. Enable PPP encapsulation on the interface. | encapsulation ppp |
Step 4. Enable interactive mode on an asynchronous interface. | async mode interactive |
Step 5. Enable IPX routing on the interface. | ipx network network1 |
Step 6. Turn off SAP updates to optimize bandwidth on asynchronous interfaces. | ipx sap-interval 0 |
| 1Every interface must have a unique ipx network number. |
If you are configuring IPX/PPP on asynchronous interfaces, you should filter routing updates on the interface. Most asynchronous serial links have very low bandwidth, and routing updates take up a great deal of bandwidth. To filter routing updates, refer to the section "Create Filters for Updating the Routing Table" in the "Configuring Novell IPX" chapter of this publication.
To tune IP performance, complete the tasks in the following sections:
You can compress the headers of your TCP/IP packets in order to reduce their size, thereby increasing performance. Header compression is particularly useful on networks with a large percentage of small packets, such as those supporting many Telnet connections. This feature only compresses the TCP header, so it has no effect on UDP packets or other protocol headers. The TCP header compression technique, described fully in RFC 1144, is supported on serial lines using HDLC or PPP encapsulation. You must enable compression on both ends of a serial connection.
You can optionally specify outgoing packets to be compressed only if TCP incoming packets on the same interface are compressed. If you do not specify this option, the communication server will compress all traffic. The default is no compression.
You can also specify the total number of header compression connections that can exist on an interface. You should configure one connection for each TCP connection through the specified interface.
To enable compression, perform either of the following optional tasks in interface configuration mode:
| Task | Command |
|---|---|
Enable TCP header compression. | ip tcp header-compression [passive] |
Specify the total number of header compression connections that can exist on an interface. | ip tcp compression-connections number1 |
| 1This command is documented in the "IP Commands" chapter of the Access and Communication Servers Command Reference publication. |
You can set the amount of time the communication server will wait to attempt to establish a TCP connection. In previous versions of communication server software, the system would wait a fixed 30 seconds when attempting to do so. This amount of time is not sufficient in networks that have dial-up asynchronous connections, such as a network consisting of dial-on-demand links that are implemented over modems because it will affect your ability to Telnet over the link (from the communication server) if the link must be brought up.
Because the connection attempt time is a host parameter, it does not pertain to traffic going through the communication server, just to traffic originated at the communication server.
To set the TCP connection attempt time, perform the following task in global configuration mode:
| Task | Command |
|---|---|
Set the amount of time the communication server will wait to attempt to establish a TCP connection. |
| 1This command is documented in the "IP Commands" chapter of the Access and Communication Servers Command Reference publication. |
Fast switching involves the use of a high-speed switching cache for IP routing. With fast switching, destination IP addresses are stored in the high-speed cache so that some time-consuming table lookups need not be done. Our communication servers generally offer better packet transfer performance when fast switching is enabled.
To enable or disable fast switching, perform the following tasks in interface configuration mode:
| Task | Command |
|---|---|
Enable fast-switching (use of a high-speed route cache for IP routing). | |
Disable fast switching and enable load balancing on a per-packet basis. | no ip route-cache1 |
| 1These commands are documented in the "IP Commands" chapter of the Access and Communication Servers Command Reference publication. |
The high-speed route cache used by IP fast switching is invalidated when the IP routing table changes. By default, the invalidation of the cache is delayed slightly to avoid excessive CPU load while the routing table is changing.
To control route cache invalidation, perform the following tasks in global configuration mode as needed for your network:
| Task | Command |
|---|---|
Allow immediate invalidation of the cache. | no ip cache-invalidate-delay1 |
Delay invalidation of the cache. | ip cache-invalidate-delay [minimum maximum quiet threshold]1 |
| 1These commands are documented in the "IP Commands" chapter of the Access and Communication Servers Command Reference publication. |
Asynchronous lines have relatively low bandwidth and can easily be overloaded, resulting in slow traffic across these lines.
To optimize available bandwidth, perform any of the following tasks:
One way to optimize available bandwidth is by using TCP header compression. Van Jacobson TCP header compression (defined by RFC 1144) can increase bandwidth availability between two and five times when compared to lines not using header compression. Theoretically, it can improve bandwidth availability by a ratio of seven to one.
To configure header compression, perform the following task in interface configuration mode:
| Task | Command |
|---|---|
Configure Van Jacobson TCP header compression on the asynchronous link. |
On SLIP interfaces, you can force header compression at the EXEC prompt on a line on which header compression has been set to passive. This allows more efficient use of the available bandwidth and does not require entering privileged configuration mode.
To implement header compression, perform the following task in interface configuration mode:
| Task | Command |
|---|---|
Allow status of header compression to be assigned at the user level. | ip tcp header compression passive |
For PPP interfaces, the passive option functions the same as the on option.
See the Cisco Access Connection Guide for information about the slip and ppp EXEC commands. You cannot force header compression if header compression on the asynchronous interface is off.
The maximum transmission unit (MTU) refers to the size of an IP packet. You might want to change to a smaller MTU size for any of the following reasons:
To specify maximum IP packet size, perform the following task in interface configuration mode:
| Task | Command |
|---|---|
Specify the size of the largest IP packet that the asynchronous line can support. |
The MTU size can be negotiated by TCP, regardless of the asynchronous interface settings. In other words, TCP running on the device to which the communication server is connected can negotiate for a different MTU size than is configured on the communication server. The communication server performs IP fragmentation of packets larger than the specified MTU. Do not change the MTU size unless the SLIP or PPP implementation running on the host at the other end of the asynchronous line supports reassembly of IP fragments. Because each fragment occupies a spot in the output queue, it might also be necessary to increase the size of the SLIP or PPP hold queue, if your MTU size is such that you might have a high amount of fragments of packets in the output queue.
To improve asynchronous PPP performance, use the ppp accm interface command. In instances where devices have minimal PPP stacks that do not negotiate PPP Asynchronous Control Character Maps (ACCM), the RFC standard default of 0xffffffff is often used, resulting in poor performance.
The ppp accm command allows you to set the initial values used by the access or communication server during LCP negotiations with a peer device to alleviate this problem.
| Task | Command |
|---|---|
Set the value used in negotiation for inbound traffic. | ppp accm in number |
(Optional) Set the value used in negotiation for outbound traffic. | ppp accm out number |
(Optional) Use the same value set for inbound traffic. | ppp accm match |
The IP output queue stores packets received from the network that are waiting to be sent to the asynchronous client. You can limit the size of the IP output queue to enhance performance by performing the following task in interface configuration mode:
| Task | Command |
|---|---|
Change the size of the IP output hold queue. |
Access lists allow the system administrator to control the hosts that a PC can access through a communication server. Separate access lists can be defined for asynchronous and for other connections.
The tasks described in this section are as follows:
Refer to the chapter "Configuring IP," later in this publication, for information about defining IP access lists.
To define an access list for packets from the IP host, perform the following task in interface configuration mode:
| Task | Command |
|---|---|
Configure an access list for packets from the IP host. |
To define an access list for packets to the IP host, perform the following task in interface configuration mode:
Configure an access list for packets being sent to the IP host.
Task
Command
To configure your communication server support to respond to BOOTP requests from client machines, perform the following task in global configuration mode:
| Task | Command |
|---|---|
Specify the communication server network information that will be sent in response to response to BOOTP requests. |
This section describes the following monitoring and maintenance tasks:
To monitor and maintain asynchronous activity, perform one or more of the following tasks in privileged EXEC mode:
| Task | Command |
|---|---|
Return a line to its idle state. | clear line line-number |
Display parameters that have been set for extended BOOTP requests. | |
Display statistics for asynchronous activity. | |
Display the status of asynchronous line connections. | show line [line-number] |
To debug asynchronous interfaces, perform the following task in privileged EXEC mode:
| Task | Command |
|---|---|
Displays errors, changes in interface state, and log input and output. | debug async {framing | state | packets} |
To debug PPP links, perform the following tasks in privileged EXEC mode:
| Task | Command |
|---|---|
Enable debugging of PPP protocol negotiation process. | |
Display PPP protocol errors. | |
Display PPP packets sent and received. | |
Display errors encountered during remote or local system authentication.1 |
| 1Refer to the chapter "Configuring Dial-on-Demand Routing" in this publication for more information about the Challenge Handshake Authentication Protocol (CHAP). |
This section contains asynchronous configuration examples. Each configuration is designed to illustrate different communication requirements.
The following example assigns an IP address to an asynchronous interface and places the line in dedicated network mode. Setting the stop bit to 1 is a performance enhancement.
line 20
location Department PC Lab
stopbits 1
speed 19200
!
interface async 20
async default ip address 182.32.7.51
async mode dedicated
The following example assumes that users are restricted to certain servers designated as asynchronous servers, but that normal terminal users can access anything on the local network.
! access list for normal connections
access-list 1 permit 131.108.0.0 0.0.255.255
!
access-list 2 permit 131.108.42.55
access-list 2 permit 131.108.111.1
access-list 2 permit 131.108.55.99
!
interface async 6
async dynamic address
ip access-group 1 out
ip access-group 2 in
The following example shows a simple configuration that allows routing and dynamic
addressing. With this configuration, if the user specifies /routing in the EXEC slip or ppp command, routing protocols will be sent and received.
interface async 6
async dynamic routing
async dynamic address
The following example configures async interface 7 with a default IP address, allowing header compression if it is specified in the slip or ppp connection command entered by the user or if the connecting system sends compressed packets.
interface async 7
ip address 150.136.79.1
async default ip address 150.136.79.2
ip tcp header-compression passive
The following example shows how to configure your communication server for routing using unnumbered interfaces. The source (local) address is shared between Ethernet 0 and async 6 (128.66.1.1). The default remote address is 128.66.1.2.
interface ethernet 0
ip address 128.66.1.1 255.255.255.0
!
interface async 6
ip unnumbered ethernet 0
async dynamic routing
! default address is on the local subnet
async dynamic address
async default ip address 128.66.1.2
ip tcp header-compression passive
The following example shows how the IP unnumbered configuration works. Although the user assigned an address, the system response shows the interface as unnumbered, and the address typed by the user will be used only in response to BOOTP requests.
cs> slip /compressed 1.1.1.1
Password:
Entering async mode.
Interface IP address is unnumbered, MTU is 1500 bytes.
Header compression is On.
In the following example, the communication server is set up as a dedicated dial-in router. Interfaces are configured as IP unnumbered to conserve network resources, primarily IP addresses.
ip routing
interface ether 0
ip address 1.0.1.1 255.255.255.0
!
interface async 1
ip unnumbered ethernet 0
async dynamic routing
! The addresses assigned with SLIP or PPP EXEC commands are not used except
! to reply to BOOTP requests.
! Normally, the routers dialing in will have their own address
! and not use BOOTP at all.
async default ip address 1.0.2.1
!
interface async 2
ip unnumbered ethernet 0
async default ip address 1.0.5.1
ip tcp header-compression passive
async mode dedicated
!
! run RIP on the asynchronous lines, because few implementations of SLIP
! understand IGRP. Run IGRP on the ethernet (and in the local network).
!
router igrp 109
network 1.0.0.0
! send routes from the asynchronous lines on the production network.
redistribute RIP
! don't send IGRP updates on the async interfaces
passive-interface async 1
!
router RIP
network 1.0.0.0
redistribute igrp
passive-interface ethernet 0
! consider filtering everything except a default route from the routing
! updates sent on the (slow) asynchronous lines
distribute-list 1 out
ip unnumbered async 2
async dynamic routing
In the following example, one of the asynchronous lines is used as the only network interface. The communication server is used primarily as a terminal server, but is at a remote location and dials into the central site for its only network connection.
ip default-gateway 1.0.0.2
interface ethernet 0
shutdown
interface async 1
async dynamic routing
ip tcp header-compression on
async default ip address 1.0.5.1
async mode dedicated
ip address 1.0.0.1 255.255.255.0
In the following example, only the IGRP TCP/IP routing protocol is running; it is assumed that the systems that are dialing in to use routing will either support IGRP or have some other method (for example, a static default route) of determining that the communication server is the best place to send most of its packets.
router igrp 109
network 1.0.0.0
interface ethernet 0
ip address 1.0.0.1 255.255.255.0
!
interface async 1
async default ip address 1.0.0.101
async dynamic routing
ip tcp header-compression passive
ip unnumbered ethernet 0
line 1
modem ri-is-cd
The following configuration shows interface and line configuration. The interface is configured with access lists, passive header compression and a default address. The line is configured for TACACS authentication.
interface async 1
ip access-group 1 in
ip access-group 1 out
ip tcp header-compression passive
async default ip address 128.148.176.201
line 1
login tacacs
location 457-5xxx
exec-timeout 20 0
password XXXXXXXX
session-timeout 20
stopbits 1
Figure 15-3 illustrates a simple network configuration comprised of remote PCs with modems connected via modem to a communication server. The cloud is a public switched telephone network (PSTN). The modems are connected via asynchronous lines, and the communication server is connected to a local network.
In this configuration you will need to configure:
This default address indicates the address of the remote PC to the server, unless the user explicitly specifies another when starting the PPP session.
The server is configured for interactive mode with autoselect enabled, which allows the user to automatically begin a PPP session upon detection of a PPP packet from the remote PC; or, the remote PC can explicitly begin a PPP session by typing PPP at the prompt.
The configuration is as follows:
ip routing
!
int ethernet 0
ip address 182.32.7.1 255.255.255.0
!
interface async 1
encapsulation ppp
async mode interactive
async default ip address 182.32.7.51
async dynamic address
ip unnumbered ethernet 0
line 1
autoselect ppp
modem callin
speed 19200
Figure 15-4 illustrates a network configuration that provides routing functionality, allowing routing updates to be passed across the asynchronous lines.
This network is comprised of remote and local PCs connected via modem and network connections to a communication server. This communication server is connected to a second communication server via an asynchronous line running TCP/IP. The second communication server is connected to a local network via modem.
For this scenario, you will need to configure:
The configuration is as follows:
interface async 1
encapsulation ppp
async mode interactive
async default ip address 182.32.7.51
async dynamic address
ip unnumbered ethernet 0
async dynamic routing
If you want to pass IP routing updates across the asynchronous link, issue the following commands:
line 1
autoselect ppp
modem callin
speed 19200
Next, complete these steps to configure the asynchronous lines between the communication servers, starting in global configuration mode:
interface async 2
async default ip address 182.32.7.55
ip tcp header compression passive
Finally, configure routing as described in the Router Products Configuration Guide, using one of the following methods. The server can route packets three different ways:
1. Use ARP, which is the default behavior.
2. Use a default-gateway by issuing the command ip default-gateway x.x.x.x, where x.x.x.x is the IP address of a locally attached router.
3. Run an IP routing protocol (RIP, IGRP, EIGRP, or OSPF).
Figure 15-5 illustrates a scenario where two networks are connected via communication servers on a leased line. Redundancy is provided by a dial-backup line over the public switched telephone network so that if the primary leased line goes down, the dial-backup line will be automatically brought up to restore the connection. This configuration would be useful for using an auxiliary port as the backup port for a synchronous port.
In this scenario, you will need to configure:
The configuration is as follows:
hostname routerA
!
username routerB password cisco
chat-script backup "" "AT" TIMEOUT 30 OK atdt\T TIMEOUT 30 CONNECT \c !
interface Serial0
backup interface Async1
ip address 199.199.199.1 255.255.255.0
!
interface Async1
ip address 131.108.199.1 255.255.255.0
encapsulation ppp
async default ip address 131.108.199.2
async dynamic address
async dynamic routing
async mode dedicated
dialer in-band
dialer map IP 131.108.199.2 name routerB modem-script backup broadcast 3241129
dialer-group 1
ppp authentication chap
!
dialer-list 1 protocol ip permit
!
line aux 0
modem InOut
rxspeed 38400
txspeed 38400
Posted: Mon Oct 21 11:46:56 PDT 2002
All contents are Copyright © 1992--2002 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.