WAN PROTOCOLS
WAN protocols have two important characteristics. One, they are designed to be used on WAN media, such as fiber-optic or telephone cable. Two, they have the ability to encapsulate the commonly used LAN protocols so that the encapsulated data (payload data included) can be transported from one LAN to another over a WAN. Most WAN protocols are designed to transport at least TCP/IP. Others can host NetBEUI, IPX/SPX, and other protocols. Three of the earliest WAN protocols are X.25, Serial line Internet Protocol (SLIP) and Point-to-Point Protocol (PPP). More recently, frame relay, ATM, SMDS and SONET have been implemented for WAN communications.
7.5.1 X.25
The X.25 protocol, which is amongst the oldest WAN protocols, uses packet switching techniques. X.25 basically defines how data is sent from the data terminal equipment (DTE), such as computers to data circuit equipment (DCE), such as modem.


X.25 provides point-to-point connection-oriented communications, rather than point to multipoint connectionless communications, which are used by many other WAN protocols. Because it is connection-oriented, X.25 includes techniques to verify the continuity of the WAN connections, and to ensure that each packet reaches its intended destination.When it was introduced, the X.25 commercial carrier service was limited to a maximum transmission speed of 64 Kbps. The ITU-T updated X.25 standards in 1992 to include transmission speeds of up to 2.048 Mbps. Today, these services are more commonly used in Europe than in the United States, and some European networks. Currently these services support speeds of up to only 9.6 Kbps. X.25 is not a high-speed WAN protocol, but it does offer:

• Global acceptance
• Reliability
• The ability to connect older LANs to WANs
• The ability to connect older mainframes and minicomputers to WAN.

An X.25 network can transmit data packets using one of the three nodes: Switched Virtual Circuits (SVC), Permanent Virtual Circuits (PVC), and Datagrams.
A switched virtual circuit is a two-way channel established from node to node, through an X.25 switch. The circuit is a logical connection that is established only for the duration of the data transmission. Once the data transmission is completed, the channel can be made available to other nodes.
A permanent virtual circuit is a logical communications channel that remains connected at all times. The connection remains in place even when data transmission stops. Both switched and permanent virtual circuits are examples of packet switching.
Datagrams are packaged data sent without establishing a communications channel. They reach their destination using a form of message switching. The packets are addressed to a given destination and may arrive at different times depending on which path is selected. Datagrams are not used on international networks, but are included in the ITU-T specifications for the Internet. The X.25 Internet Datagram encapsulated the IP layer within the X.25 packet, so that the X.25 device is not aware of the IP component. The IP network address is simply mapped to the X.25 destination address.
  Serial Line Internet Protocol (SLIP)
Serial Line Internet Protocol was originally designed for UNIX environments for point­to-point communications between computers, servers, and hosts using TCP/IP. SLIP is used, for example, when user wants to communicate between a remote home computer and a UNIX computer that is on a LAN at the office as shown in Figure 7.7.
That user can employ a dial-up telephone line to connect the UNIX computer, and then transmit packets using TCP/IP within SLIP. SLIP merely acts as the host WAN protocol, corresponding the connection session over the telephone wire and modems. Once the protocol (with its data payload) reaches the destination, the SLIP header and trailer are removed, leaving TCP/IP. SLIP is an older remote communication protocol with more overhead than PPP. Compressed Serial Line Internet Protocol (CSLIP) is the newly developed extension of SLIP that compresses header information in each packet sent across a remote link. CSLIP reduces the overhead of a SLIP connection by decreasing the speed of communications.
However, the header still must be decompressed at the receiving end. Both SLIP and CSLIP are limited in that they do not support network connection authentication

to prevent someone from intercepting a communication. They also do not support automatic setup of the network connection at multiple OSI layers at the same time for a faster connection. Another disadvantage is that SLIP and CSLIP are intended for asynchronous communications, for example a modem-to-modem connection. They do not support synchronous connections, like X.25. Many dial-up services do not support SLIP or CSLIP because these protocols do not provide authentication.
  Point-to-Point Protocol (PPP)
Today, millions of Internet users need to connect their home computers to the computers of an Internet provider to access the Internet. There are also a lot of individuals who need to connect to a computer from home, but they do not want to go through the Internet. The majority of these users have either a dialup or leased telephone line. The telephone line provides a physical link, but to control and manage the transfer of data, there is need for a point-to-point link control. Figure 7.8 shows the physical scheme for point-to-point connection:

The first protocol devised for this purpose was Serial Line Internet Protocol (SLIP). However, SLIP has some deficiencies: it does not support protocols other than Internet Protocol (IP); it does not allow the IP addresses to be assigned dynamically;and it does not support authentication of the user. The point-to-point protocol is a protocol designed to remedy these deficiencies. Table 7.3 compares SLIP and PPP.

Point-to-point Protocol users a stack of other protocols (Link Control Protocol, Authentication Protocols and Network Control Protocol) to establish the link, to authenticate the parties involved, and to carry the network layer data.

Link Control Protocol (LCP) is responsible for establishing maintaining, configuring, and terminating 'links. It also provides negotiation mechanisms to set options between the two endpoints. Both endpoints of the link must reach an agreement about the options before the link can be established. Note that when PPP is carrying an LCP packet, it is either in the establishing state or in the terminating state. No user data is carried during these states.
A particular strength of PPP is that it includes authentication protocols, which is a major issue when the computer connects to a remote network.
Authentication plays a very important role in PPP because PPP is designed for use over dialup link where verification of user identity is necessary. Authentication means validating the identity of the user who needs to access a set of resources. PPP has created two protocols for authentication: Password Authentication Protocol (PAP) and Chalenge Handshake Authentication Protocol (CHAP).
Password Authentication Protocol (PAP) is a simple authentication procedure with a two-step process:
•   The user who wants to access a system sends an authentication identification (usually the user name) and a password.
•   The system checks the validity of the identification and password and either accepts or denies connection.
For those systems that require greater security, PAP is not enough. A third perty with access to the link can easily pick up the password and access the system resources. Challenge Handshake Authentication Protocol (CHAP) is a three-way handshaking authentication protocol that provides greater security than PAP. In this method the password is kept secret; it is never sent on-line.
• The system sends to the user a challenge packet containing a challenge value, usually a few bytes.
• The user applies a predefined function that takes the challenge value and the user's own password and creates a result. The user sends the result in the response packet to the system.
• The system does the same. It applies the same function to the password of the user (known to the system) and the challenge value to create a result. If the result created is the same as the result sent in the response packet, access is granted; otherwise, it is denied. Challenge Handshake Authentication Protocol (CHAP) is more secure than Password Authentication Protocol (PAP), especially if the system continuousely changes the challenge value. Even if the intruder learns the challenge value and the result, the password is still secret.
PAP, which is used to verify the password entered to access a server over a WAN, alone can authenticate passwords, but it does not encrypt them. CHAP can be used in conjunction with PAP to encrypt passwords so that they will be difficult for a network intruder to intercept and decipher.
After authentication has been completed, a Network Control Protocol is used to configure each network layer protocol that is to operate over the link. PPP can subsequently transfer packets from these different network layer protocols (such as IP) over the same data link. PPP requires two parties to negotiate not only at the data link layer, but also at the network layer. Before user data can be sent connection must be established at this level. The set of packets that establish and terminate a network layer connection for IP packets is called Internetwork Protocol Control Protocol (IPCP).
When a PC is connecting to an IP network, the NCP for IP negotiates a dynamically assigned IP address for the PC. In low-speed lines it may also negotiate TCP and IP header compression schemes that reduce the number of bits that need to be transmitted. The PPP connection is now ready for data transfer.

BACK