Cisco Press
800 East 96th Street, 3rd Floor
Indianapolis, IN 46240 USA

Cisco Press
CCNP Self-Study

CCNP BCRAN Exam
Certification Guide

Second Edition

Brian Morgan, CCIE No. 4865
Craig Dennis

0848.book Page i Monday, October 13, 2003 1:12 PM

ii

CCNP BCRAN Exam Certification Guide
Second Edition

Brian Morgan
Craig Dennis
Copyright© 2004 Cisco Systems, Inc.
Published by:
Cisco Press
800 East 96th Street, 3rd Floor
Indianapolis, Indiana 46240 USA
All rights reserved. No part of this book may be reproduced or transmitted in any form or by any means, electronic or mechanical,


U.S. Corporate and Government Sales

1-800-382-3419
For sales outside of the U.S. please contact:

International Sales

1-317-581-3793

0848.book Page ii Monday, October 13, 2003 1:12 PM

iii

Trademark Acknowledgments

All terms mentioned in this book that are known to be trademarks or service marks have been appropriately capitalized. Cisco Press or
Cisco Systems, Inc., cannot attest to the accuracy of this information. Use of a term in this book should not be regarded as affecting the
validity of any trademark or service mark.

Publisher:

John Wait

Cisco Press Program Manager:

Sonia Torres Chavez

Editor-In-Chief:


Production Manager:

Patrick Kanouse

Team Coordinator:

Tammi Barnett

Production Team:

Argosy Publishing

Copy Editor:

Bill McManus

Book and Cover Designer:

Louisa Adair

0848.book Page iii Monday, October 13, 2003 1:12 PM

iv

About the Authors

Brian Morgan

, CCIE No. 4865, is a certified Cisco Systems instructor teaching ICND, BSCI,
CVOICE, BCRAN, CBCR, CIT, and CATM courses. Brian has been instructing for more than five

Shawn Boyd

is a senior network consultant for ARP Technologies, Inc. Shawn is active in course
development and is a certified Cisco Systems instructor with Global Knowledge, responsible for
teaching most of the CCNP, CCDP, and Security courses. His background is in network security and
design at a service provider level. He has worked for Canada’s largest telco providers performing
network designs and implementations and was lead contact on many large government contracts.

0848.book Page iv Monday, October 13, 2003 1:12 PM

v

About the Technical Reviewers

Henry Benjamin

, CCIE No. 4695, is a triple CCIE, having certified Routing and Switching in May
1999, ISP Dial in June 2001, and Communications and Services in May 2002. He has more than
10 years of experience in Cisco networks, including planning, designing, and implementing large
IP networks running IGRP, EIGRP, BGP, and OSPF. Recently Henry has worked for a large IT
organization based in Sydney, Australia, as a key network designer, designing and implementing
networks all over Australia and Asia. Henry is a formal CCIE lab proctor.

Howard Hecht

is a consultant for the Cisco Networking Academy® Program. He holds both the
CCNA and CCNP certifications with a masters degree in media management. He has been an author,
reviewer, and subject matter expert for several different networking titles.

Charles Mann


vi

Acknowledgments

Brian Morgan

: I’d like to thank my wife, Beth, and kids, Emma and Amanda, for putting up with
me during the time this book was being produced. It has taken me away from them more than I’d
like to admit. Their patience in temporarily setting some things aside so I could get the book done
has been incredible, even when my patience wore a bit thin in trying to meet timelines.
I’d like to give special recognition to Bill Wagner just for being Bill. I couldn’t wish for a better friend.
A big “thank you” goes out to the production team for this book. John Kane, Michelle Grandin, and
the crew have been incredibly professional and a pleasure to work with.
Craig, thoughts are with you and your family.
Thank you to Neil Lovering, Shawn Boyd, Howard Hecht, and Charles Mann for their part in this
production. Their assistance and contributions have proved invaluable.
Hi Mom and Dad!

Craig Dennis

: There are so many people who have helped me in one way or another during the
rewrite of this book—I hope I can remember them all.
First, I want to thank the entire Cisco Press team for gently guiding me through this and for their
sympathy in the loss of my parents. Thank you, Chris Cleveland, Jill Batistick, Michelle Grandin,
and all the others who worked behind the scenes to make this project another reality.
Thanks to Brian and his usual Herculean efforts on his parts.
A special thanks goes to my wife, Sharon, who always held the family together while we were going
in ten different directions over the last year. Thanks also to Sandra, Jacob, Joseph, and David, my
children, for just being there.

Chapter 1 Remote Access Solutions 5
Chapter 2 Identifying Site Requirements 25
Chapter 3 Network Overview 51

PART II Enabling On-Demand Connections to the Central Site 81

Chapter 4 Configuring Asynchronous Connections with Modems 83
Chapter 5 Configuring PPP and Controlling Network Access 111
Chapter 6 PPP Link Control Protocol Options 127

PART III Using ISDN and DDR Technologies to Enhance Remote Connectivity 139

Chapter 7 Using ISDN and DDR Technologies 141
Chapter 8 Advanced DDR Options 175
Chapter 9 Using ISDN Primary Rate Interface 191

PART IV Broadband Access Methods to the Central Site 215

Chapter 10 Broadband Options to Access a Central Site 217
Chapter 11 Using DSL to Access a Central Site 241

PART V Establishing a Dedicated Frame Relay Connection and
Controlling Traffic Flow 271

Chapter 12 Establishing a Frame Relay Connection 273
Chapter 13 Frame Relay Traffic Shaping 297

PART VI Backup and Network Management Methods 313

Chapter 14 Enabling a Backup to the Permanent Connection 315

Cisco 1600 Series 12
Cisco 1700 Series 12
Cisco 2500 Series 13
Cisco 2600 Series 13
Cisco 3600 Series 13
Cisco 3700 Series 14
Cisco AS5000 Series 14
Cisco 7200 Series 15
PIX Firewall Series 15
VPN 3000 Concentrator Series 15

WAN Connections 16

Traditional WAN Technologies 16
Emerging WAN Technologies 17

Determining the Site Requirements 18

Central Site Installations 18
Branch-Office Installations 18
Remote Office or Home Office Installations 19

Introduction to QoS 19
Foundation Summary 22
Q&A 23

Chapter 2 Identifying Site Requirements 25

“Do I Know This Already?” Quiz 25
Foundation Topics 28

Central-Site Router Selection 56
Remote Office/Branch Office Router Selection 62
Small Office/Home Office Router Selection 65

Assembling and Cabling the Equipment 66
Verifying the Installation 68

LED Lights 69
Router Interface Verification 69

Foundation Summary 75
Q&A 77
Scenarios 78
Scenario 3-1 78
Scenario Answers 79
Scenario 3-1 Answers 79

Part II Enabling On-Demand Connections to the Central Site 81

Chapter 4 Configuring Asynchronous Connections with Modems 83

“Do I Know This Already?” Quiz 83
Foundation Topics 88
Modem Signaling 88

Data Transfer 89
Data Flow Control 89
Modem Control 89
DTE Call Termination 90
DCE Call Termination 90

Foundation Topics 115
PPP Background 115

PPP Architecture 115
PPP Components 116
Dedicated and Interactive PPP Sessions 117

PPP Options 118

PPP Authentication 119
Password Authentication Protocol 119
Challenge Handshake Authentication Protocol 120

Foundation Summary 123
Q&A 124

Chapter 6 PPP Link Control Protocol Options 127

“Do I Know This Already?” Quiz 127
Foundation Topics 130
PPP LCP 130
PPP Options 130

PPP Callback 131
PPP Compression 133
Multilink PPP 134

PPP Troubleshooting 134
Foundation Summary 136
Q&A 137


Default Routes 167
Rate Adaptation 168

Foundation Summary 170
Q&A 172

Chapter 8 Advanced DDR Options 175

“Do I Know This Already?” Quiz 175
Foundation Topics 178
Basic DDR Review 178
Enhancing DDR Functionality 178

Bandwidth on Demand 178
Multilink PPP 179

Advanced DDR Operations 181

Using Dialer Profiles 181
Rotary Groups 184
Snapshot Routing 185

Foundation Summary 188
Q&A 189

Chapter 9 Using ISDN Primary Rate Interface 191

“Do I Know This Already?” Quiz 191
Foundation Topics 194

Cable Technology Background 221

0848.book Page xi Monday, October 13, 2003 1:12 PM

xii

DOCSIS Basics 221
CM Initialization 224
CM Configuration 225

Satellite Options 229

Satellite Technology Background 230
Types of Orbits 230

Wireless Options 232

Wireless Technology Background 232
IEEE 802.11 232
Wireless LANs 233
Security Concerns 235

Foundation Summary 237
Q&A 238

Chapter 11 Using DSL to Access a Central Site 241

“Do I Know This Already?” Quiz 241
Foundation Topics 245
DSL Technology Background 245

Device Roles 277
Frame Relay LMI 278

Frame Relay Topologies 279

Issues When Connecting Multiple Sites Through a Single Router Interface 281
Resolving Split Horizon Problems 282

0848.book Page xii Monday, October 13, 2003 1:12 PM

xiii

Frame Relay Configuration 283

Step 1: Determine the Interface to Be Configured 284
Step 2: Configure Frame Relay Encapsulation 284
Step 3: Configure Protocol-Specific Parameters 285
Step 4: Configure Frame Relay Characteristics 285
Step 5: Verify Frame Relay Configuration 287

Foundation Summary 292
Q&A 294

Chapter 13 Frame Relay Traffic Shaping 297

“Do I Know This Already?” Quiz 297
Foundation Topics 300
Frame Relay Traffic Shaping Fundamentals 300

Frame Relay Traffic Parameters 300

Queuing Overview 331
Introduction to Queuing 333

First-In, First-Out Queuing 333
Fair Queuing 334
Weighted Fair Queuing 335

Class-Based Weighted Fair Queuing 338

The class-map Command 339
The policy-map Command 340
The service-policy Command 341
CBWFQ Verification 343

0848.book Page xiii Monday, October 13, 2003 1:12 PM

xiv

Low-Latency Queuing 345

The policy-map Command 345
LLQ Verification 345

Compression Techniques 346

Link Compression 348
Payload Compression 349
TCP Header Compression 350
Compression Issues 350
Configuring Compression 351

Scenario 16-2 389
Scenario 16-3 389
Scenario Answers 390
Scenario 16-1 Answers 390
Scenario 16-2 Answers 391
Scenario 16-3 Answers 391

Chapter 17 Using AAA to Scale Access Control in an Expanding Network 395

“Do I Know This Already?” Quiz 395
Foundation Topics 400
Using AAA to Secure and Scale Access Control in an Expanding Network 400

0848.book Page xiv Monday, October 13, 2003 1:12 PM

xv

AAA Overview 400
AAA Definitions 401

Authentication 401
Authorization 401
Accounting 401

Security Protocols Used for AAA Services 402

TACACS Overview 402
RADIUS Overview 403

Router Access Modes and Interface Types 404

Crypto Maps 443
Testing and Verifying Configuration 444
Foundation Summary 446
Q&A 448
Appendix A Answers to the “Do I Know This Already?” Quizzes and Q&A Sections 451
Index 504
0848.book Page xv Monday, October 13, 2003 1:12 PM
xvi
Icons Used in This Book
DSU/CSU
Router Bridge Hub DSU/CSU
Catalyst
Switch
Multilayer
Switch
ATM
Switch
ISDN/Frame Relay
Switch
Communication
Server
Gateway
Access
Server
PC PC with
Software
Sun
Workstation
Macintosh
Terminal File

Braces within square brackets ([{ }]) indicate a required choice within an optional element.
Network Cloud
Token
Ring
Token Ring
Line: Ethernet
FDDI
FDDI
Line: Serial
Line: Switched Serial
0848.book Page xvii Monday, October 13, 2003 1:12 PM
xviii
Foreword
CCNP BCRAN Exam Certification Guide, Second Edition, is a complete study tool for the CCNP
BCRAN exam, allowing you to assess your knowledge, identify areas in which to concentrate your
study, and master key concepts to help you succeed on the exam and in your daily job. The book is
filled with features that help you master the skills to configure, operate, and troubleshoot WAN and
other remote access networks while maximizing bandwidth utilization over remote links. This book
was developed in cooperation with the Cisco Internet Learning Solutions Group. Cisco Press books
are the only self-study books authorized by Cisco Systems for CCNP exam preparation.
Cisco Systems and Cisco Press present this material in text-based format to provide another learning
vehicle for our customers and the broader user community in general. Although a publication does
not duplicate the instructor-led or e-learning environment, we acknowledge that not everyone
responds in the same way to the same delivery mechanism. It is our intent that presenting this
material via a Cisco Press publication will enhance the transfer of knowledge to a broad audience
of networking professionals.
Cisco Press will present study guides on existing and future exams through these Exam Certification
Guides to help achieve Cisco Internet Learning Solutions Group’s principal objectives: to educate
the Cisco community of networking professionals and to enable that community to build and
maintain reliable, scalable networks. The Cisco Career Certifications and classes that support these

BCRAN exam are designed to also make you much more knowledgeable about how to do your job.
In other words, this book helps you to truly learn and understand the topics, not just memorize them
long enough to pass the exam. To that end, the book uses the following methods to help you pass
the Remote Access exam:
■
Presents questions that help you to discover which test topics you have not mastered and need
to review in more depth
■
Provides explanations and information to fill in your knowledge gaps
■
Supplies exercises and scenarios that enhance your ability to recall and deduce the answers to
test questions
■
Provides practice exercises on the topics and the testing process via test questions on the CD-
ROM, enabling you to prove to yourself that you have mastered the topics
Who Should Read This Book?
This book is intended for network administrators who want to significantly increase their chances
of passing the CCNP BCRAN exam. (It is also a good general reference for networking topics,
although that is not its intended purpose.) Passing the CCNP BCRAN exam is one of the milestones
toward getting the CCNP certification. The reasons for getting CCNP certification vary. It could
mean a raise, a promotion, professional recognition, or an important enhancement to your resume.
Perhaps you want to demonstrate that you are serious about continuing the learning process. Or,
perhaps you want to please your reseller-employer, who needs more certified employees to obtain a
higher discount from Cisco. Regardless of the reason, you first need to pass the CCNP BCRAN
exam, and this book will help you to do so.
0848.book Page xix Monday, October 13, 2003 1:12 PM
xx
Strategies for Exam Preparation
The strategy you use to prepare for CCNP BCRAN exam might be slightly different than strategies
used by other readers, mainly based on the skills, knowledge, and experience you already have

in modem signaling, configuration using reverse Telnet, router line numbering, and basic
asynchronous configuration.
■
Chapter 5, “Configuring PPP and Controlling Network Access,” discusses the background and
basics of the PPP and its use in today’s remote-access networks.
■
Chapter 6, “PPP Link Control Protocol Options,” discusses features of PPP to enhance the
operation and security of implementing it. Options such as authentication, callback, and
multilink are discussed in some detail.
0848.book Page xx Monday, October 13, 2003 1:12 PM
xxi
■
Chapter 7, “Using ISDN and DDR Technologies,” covers the basics and background of ISDN
as a technology. ISDN remains a staple of remote-access networking throughout the industry.
This chapter explores the ins and outs of the technology.
■
Chapter 8, “Advanced DDR Options,” discusses dial-on-demand routing issues such as dialer
profiles and rotary groups. These two implementations further augment the functionality of
ISDN services in a remote-access network.
■
Chapter 9, “Using ISDN Primary Rate Interface,” provides an introduction to T1 and E1 PRI
implementations. These connections are useful in providing central site connectivity and ISP-
type dialup capabilities for a remote-access network.
■
Chapter 10, “Broadband Options to Access a Central Site,” discusses various options for high-
speed Internet connectivity available in today’s marketplace. Satellite, cable, and wireless
networking will have a profound effect on the access market in the years to come.
■
Chapter 11, “Using DSL to Access a Central Site,” discusses the basics and background of DSL
technologies. DSL is emerging as the forerunner in the SOHO Internet connectivity market.

0848.book Page xxi Monday, October 13, 2003 1:12 PM
xxii
Each of these chapters uses several features to help you make the best use of your time in that
chapter:
■
“Do I Know This Already?” quiz—Each chapter begins with a quiz that helps you determine
the amount of time you need to spend studying that chapter. The quiz is broken into
subdivisions, each of which corresponds to a section of the chapter. Based on your score on the
quiz, you will be directed to study all or particular parts of the chapter.
■
Foundation Topics—This is the core section of each chapter that explains the protocols,
concepts, and configuration for the topics in the chapter.
■
Foundation Summary—This section is designed to help you review the key concepts in the
chapter, and it is an excellent tool for last-minute review.
■
Q&A—These end-of-the-chapter questions focus on recall, covering topics in the “Foundation
Topics” section by using several types of questions. It is a tool for final review when your exam
date is approaching.
■
CD-ROM-based practice exam—The companion CD-ROM contains a large number of
questions that are not included in the text of the book. You can answer these questions by using
the simulated exam feature, or by using the topical review feature. This is the best tool for
helping you prepare for the test-taking process.
Approach
Retention and recall are the two features of human memory most closely related to performance on
tests. This exam preparation guide focuses on increasing both retention and recall of the topics on
the exam. The other human characteristic involved in successfully passing the exam is intelligence;
this book does not address that issue!
Adult retention is typically less than that of children. For example, it is common for four-year-old

completed rigorous testing in the network arena. In addition, the CCNP certification is becoming
more important than ever because Cisco is providing greater and greater incentives to its partners
that have employees with CCNP-level expertise.
The CCNP track requires the candidate to be comfortable with advanced routing techniques,
switching techniques, and dialup or Remote Access Server (RAS) technology. On top of those areas,
the CCNP must be able to, without consulting a book or other resource, configure and troubleshoot
a routed and switched network.
The CCNP is a hands-on certification that requires a candidate to pass the Cisco Internetwork
Troubleshooting exam. The emphasis in the exam is on troubleshooting the router if the
configuration for it has failed. CCNP is currently one of the most sought-after certifications, short
of the Cisco Certified Internetworking Expert (CCIE).
The CCNP track is daunting at first glance because it requires a candidate to pass a number of tests.
To become a CCNP, a candidate must first be a Cisco Certified Network Associate (CCNA). The
CCNP certification requires study and proficiency in the three areas of advanced routing, in
switching and RAS, and in either design or troubleshooting.
Some of the information in this book overlaps with information in the routing field, and you may
have seen some of this book’s information while studying for the BCMSN exam. In addition, there
are other certification books that specifically focus on advanced routing and switching. You might
find some overlap in those manuals also. This is to be expected—all the information taken as a whole
is what produces a CCNP.
The exam is a computer-based exam that has multiple choice, fill-in-the-blank, and list-in-order
style questions. The fill-in-the-blank questions are filled in using the complete syntax for the
0848.book Page xxiii Monday, October 13, 2003 1:12 PM
xxiv
command, including dashes and the like. For the fill-in-the-blank questions, a tile button is given to
list commands in alphabetical order. This is a real lifesaver if you can’t remember whether there is
a dash or an s at the end of a command. Knowing the syntax is key, however, because the list contains
some bogus commands in addition to the real ones.
The exam can be taken at any Pearson VUE testing center ( or
Thomson Prometric testing center (866-PROMETRIC or www.prometric.com). As with most Cisco

xxv
Overview of Cisco Certifications
Cisco fulfills only a small portion of its orders through direct sales; most times, a Cisco reseller is
involved. Cisco’s main motivation for developing the current certification program was to measure
the skills of people working for Cisco Resellers and Certified Partners.
Cisco has not attempted to become the only source for consulting and implementation services for
network deployments using Cisco products. In 1996 and 1997, Cisco embarked on a channel
program in which business partners would work with smaller and midsize businesses with whom
Cisco could not form a peer relationship. In effect, Cisco partners of all sizes carried the Cisco flag
into these smaller companies. With so many partners involved, Cisco needed to certify the skill
levels of the employees of the partner companies.
The CCIE program was Cisco’s first cut at certifications. Introduced in 1994, the CCIE was designed
to be one of the most respected, difficult-to-achieve certifications. To certify, a written test (also at
Thomson Prometric) had to be passed, and then a two-day hands-on lab test was administered by
Cisco. The certifications were a huge commitment for the smaller resellers that dealt in the
commodity-based products for small business and home use.
Cisco would certify resellers and services partners by using the number of employed CCIEs as the
gauge. This criterion worked well originally, partly because Cisco had only a few large partners. In
fact, the partners in 1995–1997 were generally large integrators that targeted the midsize
corporations with whom Cisco did not have the engineering resources to maintain a personal
relationship. This was a win-win situation for both Cisco and the partners. The partners had a staff
that consisted of CCIEs that could present the product and configuration with the same adroitness
as the Cisco engineering staff and were close to the customer.
As stated, Cisco used the number of CCIEs on staff as a criterion in determining the partner status
of another company. That status in turn dictated the discount received by the reseller when buying
from Cisco. The number of resellers began to grow, however, and with Cisco’s commitment to the
lower-tier market and smaller-sized businesses, it needed to have smaller integrators that could
handle that piece of the market.
The CCIE certification didn’t help the smaller integrators who were satisfying the small business
and home market; because of their size, the smaller integrators were not able to attain any degree of