Professional Documents
Culture Documents
1.1 ARP l g
ARP l phng thc phn gii a ch ng gia a ch lp network v a ch lp datalink. Qu trnh thc hin bng cch: mt thit b IP trong mng gi mt gi tin broadcast n ton mng yu cu thit b khc gi tr li a ch phn cng ( a ch lp datalink ) ca mnh. Ban u ARP ch c s dng trong mng Ethernet phn gii a ch IP v a ch MAC. Nhng ngy nay ARP c ng dng rng ri v dng trong cc cng ngh khc da trn lp hai.
1.2 C ch hot ng
Qu trnh thc hin ARP c bt u khi mt thit b ngun trong mt mng IP c nhu cu gi mt gi tin IP. Trc ht thit b phi xc nh xem a ch IP ch ca gi tin c phi nm cng trong mng ni b ca mnh hay khng. Nu ng vy th thit b s gi trc tip gi tin n thit b ch. Nu a ch IP ch nm trn mng khc, th thit b s gi gi tin n mt trong cc router nm cng trn mng ni b router ny lm nhim v forward gi tin. C hai trng hp ta u thy c l thit b phi gi tin IP n mt thit b IP khc trn cng mng ni b. Ta bit rng vic gi gi tin trong cng mng thng qua Switch l da vo a ch MAC hay a ch phn cng ca thit b. Sau khi gi tin oc ng gi th mi bt u c chuyn qua qu trnh phn gii a ch ARP v c chuyn i. ARP v c bn l mt qu trnh 2 chiu request/response gia cc thit b trong cng mng ni b. Thit b ngun request bng cch gi mt bn tin broadcast trn ton mng. Thit b ch response bng mt bn tin unicast n thit b ngun
1. Source Device Checks Cache : Trong bc ny, thit b s kim tra cache ( b m ) ca mnh. Nu c a ch IP ch tng ng vi MAC no ri th lp tc chuyn ln bc 9 2. Source Device Generates ARP Request Message : Bt u khi to gi tin ARP Request vi cc trng a ch nh trn 3. Source Device Broadcasts ARP Request Message : Thit b ngun qung b gi tin ARP Request trn ton mng 4. Local Devices Process ARP Request Message : Cc thit b trong mng u nhn c gi tin ARP Request. Gi tin c x l bng cch cc thit b u nhn vo trng a ch Target Protocol Address. Nu trng vi a ch ca mnh th tip tc x l, nu khng th hy gi tin 5. Destination Device Generates ARP Reply Message : Thit b vi IP trng vi IP trong trng Target Protocol Address s bt u qu trnh khi to gi tin ARP Reply bng cch ly cc trng Sender Hardware Address v Sender Protocol Address trong gi tin ARP nhn c a vo lm Target trong gi tin gi i. ng thi thit b s ly a ch datalink ca mnh a vo trng Sender Hardware Address 6. Destination Device Updates ARP Cache : Thit b ch ( thit b khi to gi tin ARP Reply ) ng thi cp nht bng nh x a ch IP v MAC ca thit b ngun vo bng ARP cache ca mnh gim bt thi gian x l cho cc ln sau 7. Destination Device Sends ARP Reply Message : Thit b ch bt u gi gi tin Reply c khi to n thit b ngun. Gi tin reply l gi tin gi unicast 8. Source Device Processes ARP Reply Message : Thit b ngun nhn c gi tin reply v x l bng cch lu trng Sender Hardware Address trong gi reply nh a ch phn cng ca thit b ch 9. Source Device Updates ARP Cache : Thit b ngun update vo ARP cache ca mnh gi tr tng ng gia a ch network v a ch datalink ca thit b ch. Ln sau s khng cn cn ti request.
1.6.1 Static and Dynamic ARP Cache Entries ARP Cache c dng ging nh mt bng tng ng gia a ch hardware v a ch IP. C hai cch a cc thnh phn tng ng vo bng ARP : Static ARP Cache Entries: y l cch m cc thnh phn tng ng trong bng ARP c a vo ln lt bi ngi qun tr. Cng vic c tin hnh mt cch th cng Dynamic ARP Cache Entries: y l qu trnh m cc thnh phn a ch hardware/IP c a vo ARP cache mt cch hon ton t ng bng phn mm sau khi hon tt qu trnh phn gii a ch. Chng c lu trong cache trong mt khong thi gian v sau s c xa i Dynamic Cache c s dng rng ri hn v tt c cc qu trnh din ra t ng v khng cn n s tng tc ca ngi qun tr. Tuy nhin static cache vn c phm vi ng dng nht nh ca n. l trng hp m cc workstation nn c static ARP entry n router v file server nm trong mng. iu ny s hn ch vic gi cc gi tin thc hin qu trnh phn gii a ch. Tuy nhin ngoi hn ch ca vic phi nhp bng tay, static cache cn thm hn ch na l khi a ch IP ca cc thit b trong mng thay i th s dn n vic phi thay i ARP cache. 1.6.2 Qu trnh xa thng tin trong cache Ta xt trng hp bng cache ca mt thit b A, trong c cha thng tin v thit b B trong mng. Nu cc thng tin trong cache c lu mi mi, s c mt s vn nh sau xy ra :
a ch phn cng thit v oc thay i : y l trng hp khi thit b B c thay i card mng hay thit b giao tip, lm thay i a ch MAC ca thit b. iu ny lm cho cc thng tin trong cache ca A khng cn ng na a ch IP ca thit b c thay i : Ngi qun tr hay nh cung cp thay i a ch IP ca B, cng lm cho thng tin trong cache ca A b sai lch Thit b c rt ra khi mng : Khi B c rt ra khi mng nhng A khng c bit, v gy lng ph v ti nguyn ca A lu thng tin khng cn thit v tn thi gian tm kim. trnh c nhng vn ny, cc thng tin trong dynamic cache s c t ng xa sau mt khong thi gian nht nh. Qu trnh ny c thc hin mt cch hon ton t ng khi s dng ARP vi khong thi gian thng l 10 hoc 20 pht. Sau mt khong thi gian nht nh c lu trong cache , thng tin s c xa i. Ln s dng sau, thng tin s c update tr li.
hnh proxy, to nguy c v gi mo a ch Do vy, gii php tt nht l thit k li topo mng ch mt router kt ni ti hai LAN nm trong mt mng IP.
2.2 c im cu trc giao thc RARP. 2.2.1 Cu trc ca RARP RARP nm trn lp th hai ca m hnh OSI (Data Link) Mt gi tin RARP c dng nh sau:
Trong : Hardware type: Dng phn cng l loi no ( V d Ethernet th c gi tr l 1) Protocol type: Dng phng thc mng s dng l loi no ( y l IPv4 nn c gi tr l 0x0800) Hardware address length: Kch thc a ch phn cng Ethernet c gi tr l 6. Protocol address length: rng ca a ch IPv4 c gi tr l 4. Source hardware address (Sender hardware address): a ch phn cng ni gi gi tin ( V d Ethernet chim 6 bytes).
Source protocol address (Sender protocol address): a ch ca loi giao thc ti ni gi. (V d vi IP chim 4 bytes). Destination hardware address( Target hardware address): a ch phn cng ca ni cn gi gi tin (V d Ethernet chim 6 bytes). Destination protocol address ( Target protocol address): a ch ca loi giao thc ti ni gi gi tin n. Opcode: Trng thi ang hot ng ca gi tin RARP. RARP request tr v gi tr 3, RARP reply tr v gi tr 4. Di y l v d v RARP ( Encapsulation of RARP packet)
2.2.2 c im ca RARP Giao thc ny xut hin u tin trong vic gii quyt nhim v nh x t a ch vt l sang a ch logic. S dng trong cc h thng Diskless workstation. S dng nhiu trong cc mng LAN qui m nh, c bit trong mng Ethernet. Hin ti RARP khng cn s dng na m thay th bng giao thc khc l BOOTP v DHCP. RARP cng vi ARP nm trn lp lin kt d liu ca m hnh OSI 2.2.3 Hot ng k thut ca RARP
Qu trnh thc hin RARP c bt u khi mt gi tin mun gi i n mt my khc, lm c iu ny trc tin l gi tin phi xc nh a ch IP ca mng m my ang tn ti trong . Nh chng ta bit vic gi gi tin trong cng 1 mng thong qua Switch l da vo a ch MAC tuye nhin bit c chng c cng trong 1 mng hay khng th cn xc nh IP ca mng , RARP lm nhim v ny. Khi mt my trng mng cc b gi yu cu xc nh a ch IP t cng ca my ch ARP th chng s kim tra ti cc bng hoc b nh m (Cache) ti . Mt ngi qun tr mng ( Network Administrator) c trch nhim to ra bng ti cng nh hng ca mng cc b ny. Bng ny s nh x a ch MAC ca my sang a ch IP tng ng.
Khi nim RARP Server: Tt c nh x gia a ch vt l (MAC) vi a ch logic (IP) ca cc host th u c lu tr vo tp cu hnh ca 1 host no trong mng. Host ny c gi l RARP Server. Host ny p ng tt c cc yu cu ca RARP Request. Cn tp cu hnh ny nm trn vng a cng ca RARP Server. RARP Client: L mt h thng my tnh (Host), ni pht ra cc yu cu xc nh IP ca Host vi u v l MAC. Hot ng: Xy ra hai qu trnh chnh RARP Client pht i yu cu nm trong gi RARP vi a ch MAC ca n. RARP Server tr li li yu cu t gi tin RARP ca RARP Client gi ti Khi mt h thng Diskless workstation khi ng, n pht i mt gi yu cu RARP vi a ch MAC ca n. Gi tin ny c nhn bi tt c cc Host trong mng v c gi l gi Broadcast. Khi RARP Server nhn c gi tin
ny n nhn ln a ch MAC trong tp cu hnh v xc inh IP tng ng. Sau n gi a ch IP trong gi tr li tin RARP (RARP Reply) v ch gi t mt host ch cn ti v vy gi l gi Unicast. H thng Diskless workstation bn u nhn c gi tin ny v a ch IP. Mt gi tin RARP Request thng c to ra trong qu trnh khi ng ca Host. Khi RARP Server nhn c gi RARP Request, n thc hin cc bc sau: a ch MAC trong gi tin yu cu c tm kim trong tp cu hnh, v c nh x sang a ch IP tng ng. Nu vic nh x khng tm thy th gi tin s b loi Nu vic nh x c tm thy, mt gi tin RARP Request c to ra vi a ch MAC v IP. Sau gi ny c gi tr li Host m a ra gi RARP Request. Lc ny Host nhn c RARP Reply, n nhn c a ch IP t gi tin RARP ban u v hon tt qu trnh khi ng (boot), a ch IP c s dng giao tip vi cc Host khc trong mng cho n khi n khi ng li.
Kch thc ca mt gi tin RARP l 28 bytes. c im ca gi RARP Requuest v RARP Reply l cng mt s trng hp xy ra qu trnh gi v nhn: Trong Ethernet: i vi gi RARP Request, a ch ngun l a ch MAC ca Host m n gi gi tin RARP Request, a ch ch l a ch MAC ca Broadcast Ethernet (FF:FF:FF:FF:FF:FF) v ng gi trong trng 0x8035 i vi RARP Reply, a ch ngun ca gi l a ch MAC ca RARP Server, a ch ch l a ch MAC ca Host m n gi gi RARP Request n v n cng c ng gi trong trng 0x8035. Cc gi tin nh dng RARP Request ging vi nh dng ca gi tin RARP Reply. Cc thao tc trong gi tin RARP thng c s dng phn bit gia RARP Request v RARP Reple.Trong khi gi RARP Reply: a ch IP ngun l a ch IP ca RARP Server, cn a ch ch l a ch IP ca Host m n gi gi RARP Request. Nu c nhiu hn 1 trm phc v RARP Server cho mt yu cu t RARP Request th Host m pht ra RARP request s ch nhn mt gi tin RARP Reply u tin m n nhn c, cc gi RARP Reply n t cc RARP Server no trong mng s b hy. Trong trng hp Host khng nhn c gi RARP Reply no trong mt khong thi gian hp l th Host khng th hon thnh qu trnh t khi ng ca n kt ni vi mng. Tuy nhin thng thng cc Host s c gng gi li mt gi RARP Request thc hin li qu trnh sau mt khong thi gian no , ngi ta gi l Timeout.
Phn I: Tm hiu CDP - CDP l mt giao thc dng khm ph thit b, giao thc ny hot ng layer 2 (Layer Data Link) trn tt c cc thit b ca hng Cisco (nh: router, bridge, access server, v switch) v cho php cc ng dng qun l mng c th tm ra nhng thit b ca Cisco, nhng thit b ny l nhng thit b hng xm bit. Vi CDP, nhng ng dng qun l mng c th hc c cc loi thit b v a ch SNMP agent ca thit hng xm ang chy layer bn di, nhng giao thc truyn d liu. Tnh nng ny cho php nhng ng dng gi cc SNMP queries n cc thit b hng xm. - CDP chy trn tt c cc mi trng mng c h tr Sunetwork Access Protocol (SNAP). Bi v CDP chy trn mt layer duy nht l Layer Data-link, hai h thng c kh nng h tr nhng giao thc khc nhau ca layer network c th hc c thng tin v thit b ca nhau. - Mi mt thit b cu hnh CDP s gi cc thng ip theo chu k di dng a ch multicast, qung b t nht mt a ch m n c th nhn cc SNMP message. Qu trnh qung b cng cha time-to-live (TTL), hoc thng tin holdtime, holdtime l thi gian m mt thit b nhn c mt thng tin CDP v mt thit b khc v lu tr chng trc khi quyt nh hy thng tin i. Mi thit b cng lun lng nghe nhng message c gi bi nhng thit b khc hc thng tin v hng xm ca nhng thit b . - Trn mt switch, CDP enable Network Assistant hin th mt bn v mt mng no . Switch s dng CDP tm kim nhng cluster candidate v duy tr nhng thng tin v cc thnh vin ca cluster . - Cc switch c kh nng h tr CDP version 2. Phn II: Cu hnh CDP - Phn cu hnh CDP s bao gm nhng ch sau: + Cu hnh CDP mc nh + Cu hnh cc thng s ca CDP + Disable v Enable CDP + Disable v Enable CDP trn mt interface. 1. Cu hnh CDP mc nh - Bng 1.1 hin th cc thng s cu hnh mc nh ca CDP.
2. Cu hnh cc thng s ca CDP. - Bn c th cu hnh li thi gian update cc CDP message, v thi gian lu tr nhng thng tin trc khi quyt nh hy thng tin i. - Bt u cu hnh ch Privileged EXEC trn switch, bn s thc hin cc bc sau cu hnh li CDP timer, holdtime v advertisement type. example: Switch_3560_VNE# configure terminal Switch_3560_VNE(config)# cdp timer 50 Switch_3560_VNE(config)# cdp holdtime 120 Switch_3560_VNE(config)# cdp advertise-v2 Switch_3560_VNE(config)# end Switch_3560_VNE# show cdp Switch_3560_VNE# copy run start - S dng t kha no trc cc cu lnh ca CDP tr v nhng tham s mc nh. 3. Disable v Enable CDP. - CDP c enable theo mc nh. - Cc bn c th thc hin nhng bc sau disable CDP. example: Switch_3560_VNE# configure terminal Switch_3560_VNE(config)# no cdp run Switch_3560_VNE(config)# end - enable CDP tr li hot ng, bn s dng nhng cu lnh di y: example: Switch_3560_VNE# configure terminal Switch_3560_VNE(config)# cdp run Switch_3560_VNE(config)# end 4. Disable v Enable CDP trn mt interface. - CDP c enable mc nh trn tt c cc interface gi v nhn cc thng tin CDP.
- disable CDP trn mt interface no , s dng nhng cu lnh sau: example: Switch_3560_VNE# configure terminal Switch_3560_VNE(config)# interface fastethernet 0/22 Switch_3560_VNE(config-if)# no cdp enable Switch_3560_VNE(config-if)# end Switch_3560_VNE# copy run start - enable CDP hot ng tr li trn mt interface no , th bn c th dng nhng lnh sau: example: Switch_3560_VNE# configure terminal Switch_3560_VNE(config)# interface fastethernet 0/24 Switch_3560_VNE(config-if)# cdp enable Switch_3560_VNE(config-if)# end Switch_3560_VNE# copy run start 5. Gim st v duy tr CDP. - c th gim st v duy tr s hot ng ca CDP trn thit b ca bn, th bn c th thi hnh mt trong nhng cu lnh sau: example: Switch_3560_VNE# clear cdp counters Switch_3560_VNE# clear cdp table Switch_3560_VNE# show cdp Switch_3560_VNE# show cdp entry Switch_3560_VNE# show cdp interface fa/23 Switch_3560_VNE# show cdp neighbors detail Switch_3560_VNE# show cdp traffic.
Hu ht cc VPN u da vo k thut gi l Tunneling to ra mt mng ring trn nn Internet. V bn cht, y l qu trnh t ton b gi tin vo trong mt lp header (tiu ) cha thng tin nh tuyn c th truyn qua h thng mng trung gian theo nhng "ng ng" ring (tunnel). Khi gi tin c truyn n ch, chng c tch lp header v chuyn n cc my trm cui cng cn nhn d liu. thit lp kt ni Tunnel, my khch v my ch phi s dng chung mt giao thc (tunnel protocol). Giao thc ca gi tin bc ngoi c c mng v hai im u cui nhn bit. Hai im u cui ny c gi l giao din Tunnel (tunnel interface), ni gi tin i vo v i ra trong mng. K thut Tunneling yu cu 3 giao thc khc nhau: - Giao thc truyn ti (Carrier Protocol) l giao thc c s dng bi mng c thng tin ang i qua. - Giao thc m ha d liu (Encapsulating Protocol) l giao thc (nh GRE, IPSec, L2F, PPTP, L2TP) c bc quanh gi d liu gc. - Giao thc gi tin (Passenger Protocol) l giao thc ca d liu gc c truyn i (nh IPX, NetBeui, IP). Ngi dng c th t mt gi tin s dng giao thc khng c h tr trn Internet (nh NetBeui) bn trong mt gi IP v gi n an ton qua Internet. Hoc, h c th t mt gi tin dng a ch IP ring (khng nh tuyn) bn trong mt gi khc dng a ch IP chung (nh tuyn) m rng mt mng ring trn Internet. K thut Tunneling trong mng VPN im-ni im Trong VPN loi ny, giao thc m ha nh tuyn GRE (Generic Routing Encapsulation) cung cp c cu "ng gi" giao thc gi tin (Passenger Protocol) truyn i trn giao thc truyn ti (Carier Protocol). N bao gm thng tin v loi gi tin m bn nag m ha v thng tin v kt ni gia my ch vi my khch. Nhng IPSec trong c ch Tunnel, thay v dng GRE, i khi li ng vai tr l giao thc m ha. IPSec hot ng tt trn c hai loi mng VPN truy cp t xa v im- ni-im. Tt nhin, n phi c h tr c hai giao din Tunnel. Trong m hnh ny, gi tin c chuyn t mt my tnh vn phng chnh qua my ch truy cp, ti router (ti y giao thc m ha GRE din ra), qua Tunnel ti my tnh ca vn phng t xa. K thut Tunneling trong mng VPN truy cp t xa Vi loi VPN ny, Tunneling thng dng giao thc im-ni-im PPP (Point-to-Point Protocol). L mt phn ca TCP/IP, PPP ng vai tr truyn ti cho cc giao thc IP khc khi lin h trn mng gia my ch v my truy cp t xa. Ni tm li, k thut Tunneling cho mng VPN truy cp t xa ph thuc vo PPP. Cc giao thc di y c thit lp da trn cu trc c bn ca PPP v dng trong mng VPN truy cp t xa. L2F (Layer 2 Forwarding) c Cisco pht trin. L2 F dng bt k c ch thm nh quyn truy cp no c PPP h tr. PPTP (Point-to-Point Tunneling Protocol) c tp on PPTP Forum pht trin. Giao thc ny h tr m ha 40 bit v 128 bit, dng bt k c ch thm nh quyn truy cp no c PPP h tr. L2TP (Layer 2 Tunneling Protocol) l sn phm ca s hp tc gia cc thnh vin PPTP Forum, Cisco v IETF. Kt hp cc tnh nng ca c PPTP v L2F, L2TP cng h tr y IPSec. L2TP c th c s dng lm giao thc Tunneling cho mng VPN im-ni-im v VPN truy cp t xa. Trn thc t, L2TP c th to ra mt tunnel
gia my khch v router, NAS v router, router v router. So vi PPTP th L2TP c nhiu c tnh mnh v an ton hn.
Link Control Protocol (LCP): thit lp, iu chnh cu hnh, v hy b mt lin kt. Hn th na LCP cn c c ch Link Quality Monitoring (LQM) c th c cu hnh kt hp vi mt trong hai c ch chng thc Password Authentication Protocol (PAP) hay Challenge Handshake Authentication Protocol (CHAP). Network Control Protocol (NCP): NCP lm nhim v thit lp, iu chnh cu hnh v hy b vic truyn d liu ca cc giao thc ca lp network nh: IP, IPX, AppleTalk and DECnet.
C LCP v NCP u hat ng lp 2. Hin c m rng ca PPP phc v cho vic truyn d liu s dng nhiu links mt lc, l Multilink PPP (MPPP) trong s dng Multilink Protocol (MLP) lin kt cc lp LCP v NCP.
Dead: kt ni cha hat ng Establish: khi to LCP v sau khi nhn c bn tin Configure ACK lin kt s chuyn sang pha sau: authentication Authenticate: c th la chn mt trong hai c ch PAP hay CHAP. Network: trong pha ny, c ch truyn d liu cho cc giao thc lp Network c h tr s c thit lp v vic truyn d liu s bt u. Terminate: Hy kt ni
C th s dng c ch Piggyback routing cache li cc thng tin nh tuyn v ch truyn khi kt ni thng sut. Trong gi LCP (c cha trong trng Information ca gi tin PPP), trng Code s nh ra cc gi tin Configure Request (1), Configure Ack (2), Configure Nak (3) ngha l khng chp nhn v Configure Reject (4). Mi giao thc lp 3 u c NCP code xc nh cho n, v gi tr m ny c t trong trng protocol ca gi tin NCP, mt s gi tr v d nh sau: Code..............................Protocol 8021..................................... IP 8029 ....................................AT
Chng thc Password Authentication Protocol (PAP) Trong pha LCP, khi mt kt ni PPP c yu cu bi client v PAP c chn dng, access server s ra lnh cho client s dng PAP. Client sau s phi gi b username v password ca mnh, cc thng tin ny u c truyn di dng clear text m khng c m ha g c v c ng gi trong cc gi d liu ca PPP. Server sau s quyt nh chp nhn hay t chi vic thit lp kt ni.y l c ch PAP mt chiu gia mt client v mt server. Nu hai router ni chuyn vi nhau th Two-way PAP (PAP hai chiu) s c s dng trong mi router s gi username v password, nh vy mi router s chng thc ln nhau. Challenge Handshake Protocol (CHAP) CHAP c s dng ph bin hn PAP, do n c kh nng m ha mt khu cng nh d liu.
Gi s mt user A quay s truy cp vo access server B. Access server s gi qua ng truyn mt gi tin khi to chng thc Type 1 gi l gi tin Challenge. Gi tin Challenge ny cha mt s c sinh ngu nhin, mt s ID sequence number xc nh challenge v tn chng thc ca challenager Bn gi s ly ra chui authentication name, v tm trong d liu ca mnh chui m mt CHAP ng vi user name nhn c. Caller s nhp m mt ca CHAP, s ID sequence number v mt gi tr s c sinh ngu nhin vo thut ton bm Message Digest 5 (MD5). Gi tr kt qu sau khi tnh ton hm bm c gi tr li cho Challenger (Access server) trong mt gi CHAP Response (Type 2) cha chui bm, tn chng thc ca caller v cui cng l ID (Sequence Number) c ly t gi Challenge. Khi nhn c gi Response Type 2, Challenger s s dng ID tm gi Challenge nguyn thy. username ca caller (A) c s dng tm kim m mt CHAP t mt local database, hay mt RADIUS server hoc mt TACACS+ server. ID, gi tr Challande gc c sinh ngn nhin v gi tr CHAP ngu nhin ban u v m mt ca c a vo x l bi hm bm MD5. Chui bm kt qu sau khi tnh ton sau c so snh vi gi tr nhn c trong gi Response. Nu 2 chui l ging nhau th qu trnh chng thc CHAP thnh cng v cc gi Type 3 c gi n caller cha ID. iu ny c ngha l kt ni c chng thc hp l. Nu chng thc CHAP tht bi, mt gi tin Type 4 s c gi n caller trong cha original ID, xc nhn qu trnh chng thc l khng thnh cng.
Vic bm (Hashing) hon ton khc vi vic m ha thng tin bi v thng tin s khng th c khi phc li sau khi thc hin hm bm. Trong cc router ca Nortel Networks Code C223 xc nh hat ng ca CHAP.
PPP Callback
Callback l mt tnh nng ca PPP rt c ch trong vic gim thiu chi ph truyn d liu ng thi cung cp c ch bo mt thng tin. Qu trnh Callback din ra nh sau. 1. 2. 3. 4. 5. 6. 7. Client khi to cuc gi. ng thi client request dch v callback cng vi cc la chn thng s khc ca kt ni trong pha LCP negotiation Callback request c acknowledgement bi server v server sau s kim tra thng s cu hnh ca n xem vic kch hot dch v ny l c c php hay khng. Vic chng thc ngi dng din ra v client username c s dng trong dialer map xc nh dial string s dng trong cuc gi ngc li. Nu chng thc thnh cng nhng la chn dch v callback l khng c php th cuc gi vn tip tc v client s l ngi tr tin cho cuc gi, nu chng thc khng thnh cng server s hy cuc gi. Client c gi bi server bng chui dial string c cu hnh cho cuc gi o chiu. Thc hin chng thc ln na. Kt ni tip tc.
Trong trng hp l tng, m bo c ch bo mt ti a, tin trnh callback nn c thc hin trn mt modem ring pha server c lp vi kt ni modem nhn d liu n. ISDN s dng knh D c lp cho vic thc hin callback. Vic ny khng nhng cho php bo mt tt hn m cn tit kim c chi ph v trong cuc gi dial up, do d liu chng thc v LCP negotiation c truyn chung trn ng truyn d liu nn ngi dng s phi chu c phn chi ph gi i cc thng tin overhead .
Compression
Vic nn d liu c th l nn mm s dng mt s tin ch nh Wellfleet Compression Protocol (WCP) (giao thc ny c s dng trong cc router ca Nortel) v cho hiu qu tt nht trn nhng ng truyn tc chm (128Kb/s or less). Thut ton Lempel-Ziv (LZS) cung cp c ch nn v gii nn nhanh d liu. Thut ton ny c s dng trong c ch nn STAC trong PPP, ISDN v Frame Relay. Cc c ch nn trn ch c p dng cho d liu ca cc giao thc lp 3 (IPCP v IPXCP), m khng nh hng n traffic ca cc giao thc LCP v NCP lp 2. C ch nn theo giao thc WCP ch chy gia 2 router ca Nortel v WCP gn mt gi tr protocol vo trng protocol a protocol value in the protocol field that is proprietory to Nortel Networks. B m d liu history hot ng c 2 u, cc chui data truyn v nhn s c lu . Khi thc hin mt lt truyn mi, cc chui mi s c so snh vi cc chui truyn lu trong b m, nu trng khp ton b hoc mt phn th d liu s khng c gi i ton b m ch phn sai khc c gi i. Bn nhn cng thc hin vic so khp tng t vi b m history ca mnh ly ra c d liu phin trc ghp vi d liu mi to thnh thng tin hon chnh. Nortel cung cp hai ch nn:
Continuous Packet Compression: The history buffer spans multiple packets, which means more memory is used up, but produces greater compression ratio.
Packet-by-Packet Compression: The history buffer is reset with each packet, which means less memory is used but the compression ratio is not as great. Stacker - which examines the data and only sends each data type once and sends information indicating to the other end where each type occurs within the data stream. The other end reassembles the data into the various data types from the data stream. Stacker tends to be more CPU intensive and less memory intensive. Predictor phn tch d liu kim tra xem n c nn cha v ch truyn i cc thng tin c nn, nh vy s khng mt thi gian nn li cc d liu c nn Predictor tn nhiu memory hn v tn t CPU hn.
Vic nn li d liu c nn thng thm vo frame cc overhead do trn thc t, d liu v bn cht li n ra mt cht (mc d y thc hin vic nn). Hn na,vic thc hin nn mt cch khng hp l s chim CPU mt cch khng cn thit.
Tng t giao thc L2F, PPTP (Point-to-Point Tunneling Protocol - giao thc to ng hm im ni im) ban u c pht trin v c thit k gii quyt vn to v duy tr cc ng hm VPN trn cc mng public da vo TCP/IP bng cch s dng PPP. PPP l kt qu ca s n lc chung ca Microsoft v mt lot cc nh cung cp sn phm bao gm chng hn Ascend Communications, 3Com/Primary Access, ECI Telematics, v U.S. Robotics.
Ban u nhng cng ty ny thnh lp PPP Forum vi thng s k thut PPTP c lm cho c sn cng cng v c gi n IETF Point-to-Point Extensions (PPPEXT) WG xem xt nh l mt tiu chun Internet vo nm 1996. Mt s trin khai in hnh PPTP bt u vi mt h thng t xa hoc dial-up client, chng hn nh mt my tnh laptop phi c lin thng vi mt LNS c t trn mt intranet cng ty bng cch s dng mt LAC. Do , PPTP c th c s dng bao bc cc khung PPP trong cc gi IP truyn trn Internet hoc bt k mng khc TCP/IP c th truy cp cng cng. C th hn, h thng t xa c th kt ni vi LNS theo hai cch: 1. Nu h thng t xa h tr PPTP, n c th s dng trc tip n kt ni LNS. 2. Tuy nhin, nu h thng t xa khng h tr PPTP, n c th s dng PPP ni kt vi LAC ca mt nh cung cp dch v Internet v sau LAC c th s dng PPTP kt ni vi LNS. Trong trng hp th nht, tnh hung tng i n gin. Trc tin h thng t xa thit lp mt kt ni PPP vi LAC ca nh cung cp dch v Internet v sau s dng PPTP gi cc khung PPP c ng gi n LNS. Cc gi IP vn bao bc cc khung PPP c chuyn tip bi LAC. Tuy nhin, trong trng hp th hai, LAC phi s dng PPTP bao bc cc khung PPP trong cc gi IP thay mt cho h thng t xa. Kt qu, LAC phi ng mt vai tr ca mt i tng trung gian hoc proxy server theo cch ny hoc cch khc. Thc t, c hai kt ni. Kt ni th nht s dng PPTP lin thng h thng t xa v LAC trong khi kt ni th hai s dng PPP lin thng LAC v LNS. Cc khung PPP c nhn bi LAC c bao bc trong cc gi IP bng cch s dng PPTP. mt trong hai trng hp, PPTP s dng mt s ng gi tinh vi to ng hm cc khung PPP qua Internet (hoc bt k mng khc da vo TCP/IP vn lin thng LAC v LNS). Thc t, cc n v d liu giao thc lp mng hoc lp Internet (v d nh cc gi IP, cc gi IPX, hoc thng bo NetBEUI) c to khung u tin bng cch s dng PPP. Sau cc khung PPP va to ra c bao bc bng cch s dng mt tiu GRE (Generic Routing Encapsulation) cng nh mt tiu IP c s dng nh tuyn khung qua Internet. Sau cng, cc gi IP c to khung vi vn mt tiu khc dnh ring cho phng tin trc khi chng c th c chuyn tip n giao din c kt ni vi Internet. Ngoi knh d liu vn s dng s bao bc IP chuyn d liu, PPP s dng mt ni kt TCP truyn tn hiu. Cc thng bo tng ng vn c gi hoc c nhn trn kt ni ny c s dng truy vn trng thi v truyn thng tin tn hiu gia LAC (l client PPTP) v LNS (l server PPTP). Knh iu khin lun c khi to bi client PPTP n server PPTP bng cch s dng s cng TCP 1723. Trong hu ht cc trng hp, n l mt knh hai chiu trong client c th gi cc thng bo n server v ngc li. Ch khi nim v mt knh truyn tn hiu ngoi di l mt iu rt ring bit cho PPTP. Hu ht cc giao thc bo mt khc (v d nh: IPSec) s dng s to tn hiu trong di, ngha l thng tin truyn tn c vn chuyn cng vi cc n v d liu c bo v. Thng s k thut PPTP khng bt buc s dng cc thut ton c th xc thc v m ha. Thay vo , n cung cp mt framework thng lng cc thut ton c th. S thng lng ny khng dnh ring cho PPTP, v ph thuc vo cc thng lng ty chn PPP hin c c cha trong giao thc nn PPP (CCP), CHAP (Challenge handshake authentication protocol) v mt s phn m rng v ci tin PPP khc. Cng bn ngoi th gii ca PPTP, cc session PPP c th thng lng cc thut toan nn cng nh cc thut ton xc thc v m ha. Bt k vic thng s s dng PPTP c gi n IETF PPEXT WG xem xt nh l mt tiu chun Internet, n
lc tiu chun ha ca n b hy b. Vic thc thi ca Microsoft i vi PPTP (ngha l MS-PPTP) c s dng rt nhiu trong cc mi trng Windows NT. Tuy nhin, bn ngoi nhng mi trng ny MS-PPTP hoc mt phn thc thi khc ca PPTP khng c trin khai rng ri. Bng cch s dng MS-PPTP, client v server thng xc thc nhau bng cch s dng MS-CHAP, y l phin bn ca Microsoft ca CHAP, v m ha d liu bng cch s dng giao thc MPPE Microsoft Point-to-Point Encryption.