Implementation of Frame Relay Encapsulation and Point To Point Protocol
Encapsulation/Protocols
Frame Relay is an industry standard data link layer protocol able to handle multiple virtual circuits that relies on upper layer protocols such as TCP for error correction and other connectivity issues. The main Frame Relay switching and multiplexing equipment will be located at the Central Office (CO) and service provider (SP) locations to ensure that proper administration can be provided, considering the various demands that the school might place on the lines simultaneously. The CO router will be identified by the DLCI #32 and the router in the MDF of Acacia will employ the DLCI #62 in order for Frame Relay devices to carry local significance and transfer high volumes of traffic as needed.
In addition to Frame Relay encapsulation, the connection between Acacia and the CO/Service Provider will also take advantage of Point to Point Protocol to ensure that data exchanged will not be subject to unauthorized access via CHAP authentication. Frame Relay uses PVC's to exchange data across multiple subinterfaces, therefore CHAP is preffered over PAP in order to periodically verify the integrity of the users transferring data and to protect data being sent or recieved. Administraive data, profiles of students and other critical information can only be viewed by those with Adminisrative access and requires higher measures of security.
Additional protocols such as IGRP will be implemented in order to connect to the Central Office and exchange routing protocols to maintain access between sites. The Acacia school autonomus system (AS) will be indicated by the number 200 and the Central Office's AS number will be identified by 200 as well. Using multiple protocols will enable Administrators between sites to remotely monitor Autonomus Systems when needed.
Access Lists placed on AS 200 routers will permit all TCP/IP access from the CO with administrative passwords required in order to provide services as needed. Access Lists on CO routers, however, will deny access to all beside those with administrative rights to routers at the Central Office. Only network administrators at the Acacia School at designated PC's (because of static IP Adds.) are allowed specific rights to the CO router(s) configuration.
Acacia Router Configuration
Frame Relay Implementation: router(config)# int s0
router(config-if)# encapsulation frame-relay
router(config-if)# bandwidth 1000
router(config-if)# frame-relay inverse-arp
router(config-if)# frame-relay interface-dlci 62
IGRP Implementation:
router(config)# router igrp 200
(config-router)# network 150.100.0.0 255.255.0.0
CHAP Authentication:
router(config-if)# encapsulation ppp
router(config-if)# ppp authentication chap
router(config-if)# ppp chap hostname Acacia
router(config-if)# ppp chap password administration
Access Control Lists:
router(config)# access-list 110 permit tcp 175.100.0.0 0.0.255.255 eq 23
router(config-if)# access-group 1 in
CO ACL:
router(config)# access-list 110 permit tcp 150.100.8.0 0.0.15.255 eq 23
router(config-if)# access-group 110 in
|