:start
<h2>Layer 2 Tunneling Protocol</h2><div class="wp-caption alignright" style="width: 310px"><a href="http://content.answcdn.com/main/content/img/CDE/L2TP.GIF" target="_blank"><img title="Layer 2 Tunneling Protocol" alt="Layer 2 Tunneling Protocol" src="http://content.answcdn.com/main/content/img/CDE/L2TP.GIF" width="300" height="270" /></a> </div><div class="wp-caption alignright" style="width: 310px"><a href="http://www.nwfusion.com/gif/2002/0408TechUpdate.gif" target="_blank"><img title="Layer 2 Tunneling Protocol" alt="Layer 2 Tunneling Protocol" src="http://www.nwfusion.com/gif/2002/0408TechUpdate.gif" width="150" height="135" /></a> </div><div class="wp-caption alignright" style="width: 310px"><a href="http://www.socialpositives.com/wp-content/uploads/2012/12/vpn-diag.gif" target="_blank"><img title="Layer 2 Tunneling Protocol" alt="Layer 2 Tunneling Protocol" src="http://www.socialpositives.com/wp-content/uploads/2012/12/vpn-diag.gif" width="150" height="135" /></a> </div>
<p>In computer networking, <b>Layer 2 Tunneling Protocol</b> is a tunneling protocol used to support virtual private networks (VPNs) or as part of the delivery of services by ISPs. It does not provide any encryption or confidentiality by itself. Rather, it relies on an encryption protocol that it passes within the tunnel to provide privacy.</p>
<p>Published in 1999 as proposed standard RFC 2661, L2TP has its origins primarily in two older tunneling protocols for Point-to-Point communication: Cisco's Layer 2 Forwarding Protocol and USRobotics Point-to-Point Tunneling Protocol (PPTP). A new version of this protocol, L2TPv3, was published as proposed standard RFC 3931 in 2005. L2TPv3 provides additional security features, improved encapsulation, and the ability to carry data links other than simply PPP (PPP) over an IP network (e.g., Frame Relay, Ethernet, ATM, etc.).</p>
<p>The entire L2TP packet, including payload and L2TP header, is sent within a User Datagram Protocol datagram. It is common to carry PPP sessions within an L2TP tunnel. L2TP does not provide confidentiality or strong authentication by itself. IPsec is often used to secure L2TP packets by providing confidentiality, authentication and integrity. The combination of these two protocols is generally known as L2TP/IPsec (discussed below).</p>
<p>The two endpoints of an L2TP tunnel are called the LAC and the LNS (L2TP Network Server). The LAC is the initiator of the tunnel while the LNS is the server, which waits for new tunnels. Once a tunnel is established, the network traffic between the peers is bidirectional. To be useful for networking, higher-level protocols are then run through the L2TP tunnel. To facilitate this, an L2TP session (or 'call') is established within the tunnel for each higher-level protocol such as PPP. Either the LAC or LNS may initiate sessions. The traffic for each session is isolated by L2TP, so it is possible to set up multiple virtual networks across a single tunnel. MTU should be considered when implementing L2TP.</p>
<p>The packets exchanged within an L2TP tunnel are categorized as either control packets or data packets. L2TP provides reliability features for the control packets, but no reliability for data packets. Reliability, if desired, must be provided by the nested protocols running within each session of the L2TP tunnel.</p>
<p>At the time of setup of L2TP connection, many control packets are exchanged between server and client to establish tunnel and session for each direction. One peer requests the other peer to assign a specific tunnel and session id through these control packets. Then using this tunnel and session id, data packets are exchanged with the compressed PPP frames as payload.</p>
<p>When the process is complete, L2TP packets between the endpoints are encapsulated by IPsec. Since the L2TP packet itself is wrapped and hidden within the IPsec packet, no information about the internal private network can be garnered from the encrypted packet. Also, it isn't necessary to open UDP port 1701 on firewalls between the endpoints, since the inner packets aren't acted upon until after IPsec data has been decrypted and stripped, which only takes place at the endpoints.</p>
<p>A potential point of confusion in L2TP/IPsec is the use of the terms tunnel and secure channel. The term tunnel refers to a channel which allows untouched packets of one network to be transported over another network. In the case of L2TP/PPP, it allows L2TP/PPP packets to be transported over IP. A secure channel refers to a connection within which the confidentiality of all data is guaranteed. In L2TP/IPsec, 1st IPsec provides a secure channel, then L2TP provides a tunnel.</p>
<p>Both these configuration utilities aren't without their difficulties, and unfortunately, there is very little documentation about both "netsh advfirewall" and the IPsec client in WFwAS. One of the aforementioned difficulties is that it isn't compatible with NAT. Another problem is that servers must be specified only by IP address in the new Vista configuration utilities; the hostname of the server cannot be used, so if the IP address of the IPsec server changes, all clients will have to be informed of this new IP address.</p>
<p>L2TP is often used by ISPs when internet service over for example ADSL or cable is being resold. From the end user, packets travel over a wholesale network service provider's network to a server called a Broadband Remote Access Server, a protocol converter and router combined. On legacy networks the path from end user customer premises' equipment to the BRAS may be over an ATM network. From there on, over an IP network, an L2TP tunnel runs from the BRAS (acting as LAC) to an LNS which is an edge router at the boundary of the ultimate destination ISP's IP network. See example of reseller ISPs using L2TP.</p>
<h3>Related Sites for Layer 2 Tunneling Protocol</h3>
<ul><li><strong>Layer 2 Tunneling Protocol</strong> (L2TP) in The Network Encyclopedia <a href="http://www.thenetworkencyclopedia.com/d2.asp?ref=1104" target="_blank">read Layer 2 Tunneling Protocol</a></li>
<li>RFC 2661 <a href="http://www.ietf.org/rfc/rfc2661.txt" target="_blank">read Layer 2 Tunneling Protocol</a></li>
<li><strong>Tunneling</strong> - Tech-FAQ <a href="http://www.tech-faq.com/tunneling.html" target="_blank">read Layer 2 Tunneling Protocol</a></li>
<li>RFC 4851: The Flexible Authentication via Secure <strong>Tunneling</strong> ... <a href="http://www.rfc-archive.org/getrfc.php?rfc=4851" target="_blank">read Layer 2 Tunneling Protocol</a></li></ul>
:end
tags: Layer, 2, Tunneling, Protocol, Layer 2 Tunneling Protocol, l2tp, tunnel, packets, within
[category ]
Subscribe to:
Post Comments (Atom)
0 Response to "Layer 2 Tunneling Protocol is ..."
Post a Comment