Coursework 1 B00297486

8/17/2019 Coursework 1 B00297486

1/12

B00297486COMP09022 Network Design

COURSEWORK 1

Tunnelling Protocols

8/17/2019 Coursework 1 B00297486

2/12

COMP09022 Network Design Coursework 1 B00297486

Page 1 of 11

Table of Contents

1. Executive Summary ............................................................................................. 2

2. Introduction .......................................................................................................... 3

3. Statement of Methodology ................................................................................... 4

4. Why is Tunnelling used ........................................................................................ 5

5. Tunnelling Protocols ............................................................................................ 6

5.1 Layer 2 Tunnelling Protocol........................................................................... 6

5.2 Point to Point Tunnelling Protocol ................................................................. 7

5.3 Layer 2 Forwarding Protocol ......................................................................... 8

6. Conclusion ......................................................................................................... 10

References ............................................................................................................... 11

8/17/2019 Coursework 1 B00297486

3/12


Page 2 of 11

1 Executive Summary

The aim of this report is to review various Tunnelling Protocols, why they are used

and how they may be linked to other Tunnelling Protocols, and to explain why they

have been developed. The report also describes standardised Tunneling Protocols

and why one protocol may be used over another

8/17/2019 Coursework 1 B00297486

4/12


Page 3 of 11

2 Introduction

The purpose of this report is to describe some tunnelling protocols, why tunnelling is

used, to explain why they have been developed and to also explain the reason why

one protocol is used over another. In this report, each protocol examined will give

information on the protocol, and explain why tunnelling is used, and why it may be

necessary.

8/17/2019 Coursework 1 B00297486

5/12


Page 4 of 11

3 Statement of Methodology

In order to carry out this report, various sources were reviewed. These texts were

analysed to provide an understanding of various standardised Tunnelling Protocols

and why they are used.

8/17/2019 Coursework 1 B00297486

6/12


Page 5 of 11

4 Why is Tunnelling used

To understand why tunnelling is used, it is necessary to know what tunnelling is.

Tunnelling is a protocol that allows data to be sent from the host computer, to a

remote computer on another network. This allows the data to be sent over the Public

Internet through encapsulation. A company no longer has to lease private lines for

Wide Area Networking. Tunnelling also allows for the data to be encrypted for secure

transmission, depending on what protocol is used. “ Tunneling is a process of

encapsulating an entire data packet as the payload within a second packet, which is

understood by the network and both end points. Depending on the protocols used,

the new payload —the original packet —can be encrypted.” (eTutorials.org, 2008-

2015)

Tunnelling can be used for connecting two or more networks that do not have a

routing path to each other, tunnelling can also be used to connect IPv6 and IPv4networks together. When using tunnelling, most protocols support data compression,

therefore, this reduces the amount of packets that need to be sent.

Another reason that tunnelling may be used, is to bypass firewalls. This is due to it

enclosing blocked protocols within another protocol that the firewall lets through.

Tunnelling is used to send data, across a network, that normally would not be able to

support the original protocol. For example, sending data using NetBEUI, this protocol

is non routable, the packet is then encapsulated within another protocol, this would

be in the data portion of the second protocol, such as PPTP.

Although the protocols are referred to as tunnelling protocols, there is no actual

tunnel between the devices, it refers to data being sent via a non-secure

environment, such as the Internet, without the fear of data being looked at or

changed by a third party.

The protocols in this report all work at layer 2, Data Link Layer, of the Open Systems

Interconnection (OSI) model.

8/17/2019 Coursework 1 B00297486

7/12


Page 6 of 11

5 Tunnelling Protocols

There are several tunnelling protocols, three of which are detailed below, Layer 2

Tunnelling Protocol (L2TP), Point to Point Tunnelling Protocol (PPTP) and Layer 2

Forwarding Protocol (L2F).

All three are linked in some way, PPTP was developed by Microsoft, Cisco realised

there was some absences within the protocol, so set about to improve it. This led to

L2F being developed. Then working with IETF, L2TP was developed. Looking at the

protocols, L2TP would seem to be the most secure of all three protocols. They all

use PPP to send data from one point to the other.

5 1 Layer 2 Tunnelling Protocol

Layer 2 Tunnelling Protocol (L2TP) was developed within the Internet

Engineering Task Force (IETF). It was developed by Microsoft (from Microsoft’s

Point to Point Tunnelling Protocol) and Cisco (from Cisco’s Layer 2 Forwarding

Protocol). Cisco started the development as the company had recognised

absences in PPTP. This led to the development initially of the Layer 2 Forwarding

Protocol. So in essence, L2TP is closely linked to both PPTP and L2F

The full details of L2TP can be found in Request for Comments (RFC) 2661.

As stated in RFC2661 “L2TP utilizes two types of messages, control messagesand data messages. Control messages are used in the establishment,

maintenance and clearing of tunnels and calls. Data messages are used to

encapsulate PPP frames being carried over the tunnel. Control messages utilize

a reliable Control Channel within L2TP to guarantee delivery (see section 5.1 for

details). Data messages are not retransmitted when packet loss occurs.”

(Townsley, et al., 1999)

L2TP is compatible with Remote Authentication Dial-In User Service (RADIUS),

which is a server that allows for remote user authentication and is used by most

Internet Service Providers (ISP).

L2TP uses PPP to encapsulate frames. To allow this protocol to send secure

data, it can be combined with Internet Protocol Security (IPsec). IPsec allows the

packets being sent to be authenticated and encrypted, thus making L2TP a

secure protocol to use. The data that is tunnelled through the protocol uses UDP,

and as such the port 1701 may have to be opened up in the firewall to allow

these frames through.

8/17/2019 Coursework 1 B00297486

8/12


Page 7 of 11

Figure 1 L2TP Packet Construction (Infocellar, Unknown)

5 2 Point to Point Tunnelling Protocol

Point to Point Tunnelling Protocol (PPTP) was developed by Microsoft, USRobotics and other companies. This was known as the PPTP Forum. The

protocol was developed as there was a need to secure data being sent from a

remote client to a corporate network, as data was being sent over the Internet

which is essentially an “open network”. This was a new technology when it was

developed.

Full details of this protocol can be seen in RFC2637

“Point to Point Tunneling Protocol (PPTP) is a network protocol that enables the

secure transfer of data from a remote client to a private enterprise server by

creating a PPP tunnel across TCP/IP-based data networks.” (Technology, 2003)

Point to point refers to the created connection. It uses one point usually the user’s

computer, to connect to another specific point, usually the remote network, by

way of using the Internet. Tunnelling part refers to the way in which one protocol

is encapsulated within another protocol, with PPTP, this is encapsulated within

the TCP/IP Protocol. This shows as a direct link between the two points,

therefore creating a secure connection. (Christensson, 2006)

8/17/2019 Coursework 1 B00297486

9/12


Page 8 of 11

Figure 2 PPTP Process (Microsoft, 2016)

PPTP uses an improved Generic Routing Encapsulation (GRE). This allows for

flow control and the control of congestion encapsulated datagram which carried

PPP packets, this permits the efficient use of bandwidth.

As stated in RFC2637, “The PPTP protocol is implemented only by the PAC and

PNS. No other systems need to be aware of PPTP.” (Hamzeh, et al., 1999)

PPTP uses the same encryption as PPP. This can include Extensible

Authentication Protocol (EAP), Shiva Password Authentication Protocol (SPAP),

Password Authentication Protocol (PAP) and Microsoft Challenge-Handshake

Authentication Protocol (MS-CHAP)

5 3 Layer 2 Forwarding Protocol

Layer 2 Forwarding (L2F) Protocol is a protocol developed by Cisco Systems,

and is found in Cisco routers through the Internetwork Operating System (IOS),

full details can be found in RFC2341. This protocol was developed to try and

enhance Microsoft’s PPTP protocol. Layer 2 Forwarding is media independent, in

that it can be used over Ethernet, Fibre etc. L2F runs in conjunction with other

protocols such as PPP or Serial Line Internet Protocol (SLIP). L2F can be used

with user authentication such as Remote Authentication Dial-In User Service

(RADIUS), as well as other features such as quality of service (QoS).

When L2F uses PPP, the protocol PPP connects the client to the Network

Access Server (NAS), this is usually the Internet Service Provider (ISP). L2F

allows this connection to go further than the ISP, to the destination required. The

L2F protocol does not provide encryption on its own, but relies on the protocol

that is being tunnelled such as PPP. As seen in RFC2341, once the packet is

encapsulated is contains the L2F header, the payload (PPP/SLIP) and canoptionally contain L2f checksum.

8/17/2019 Coursework 1 B00297486

10/12


Page 9 of 11

L2F supports Multiplexing, “Multiplexing is the process in which multiple Data

Streams, coming from different Sources, are combined and Transmitted over a

Single Data Channel or Data Stream.” (Macao., 2015)

Figure 3 - Multiplexing (THAKUR, Unknown)

8/17/2019 Coursework 1 B00297486

11/12


Page 10 of 11

6 Conclusion

In conclusion, although there are a few tunnelling protocols, the above three

protocols would seem to be the most commonly used. The protocol that seems to be

the favoured is Layer 2 Tunnelling Protocol, as L2TP uses PPP and can be used

with IPsec to authenticate and encrypt each packet.

8/17/2019 Coursework 1 B00297486

12/12


Page 11 of 11

References

Christensson, P., 2006. PPTP Definitions. [Online]

Available at: http://techterms.com/definition/pptp

[Accessed 06th March 2016].

eTutorials.org, 2008-2015. Tunnelling Protocols. [Online]

Available at:

http://etutorials.org/Networking/Cisco+Certified+Security+Professional+Certification/

Part+III+Virtual+Private+Networks+VPNs/Chapter+9+Cisco+IOS+IPSec+Introductio

n/Tunneling+Protocols/

[Accessed 03rd March 2016].

Hamzeh, K. et al., 1999. RFC2637. [Online]

Available at: https://www.ietf.org/rfc/rfc2637.txt


Infocellar, Unknown. Tunneling Protocols. [Online]

Available at: http://www.infocellar.com/networks/IPVPN/Tunneling-Protocols.htm


Macao., C. M. o., 2015. Multiplexing and Demultiplexing. [Online]

Available at:

http://macao.communications.museum/eng/exhibition/secondfloor/MoreInfo/2_8_6_

Multiplexing.html


Microsoft, 2016. Point-To-Point Tunnelling Protocol. [Online] Available at: https://technet.microsoft.com/en-us/library/cc958045.aspx


Technology, A., 2003. Addpac PPTP. [Online]

Available at: http://www.addpac.com/addpac_kor2015/files/PPTP.pdf


THAKUR, D., Unknown. Multiplexing - What is Multiplexing ?Explain its Multiplexing

Methods. [Online]

Available at: http://ecomputernotes.com/computernetworkingnotes/multiple-

access/multiplexing-what-is-multiplexing-explain-its-multiplexing-methods[Accessed 14th March 2016].

Townsley, W. et al., 1999. RFC2661. [Online]

Available at: https://tools.ietf.org/html/rfc2661

[Accessed 06th Month 2016].

Coursework 1 B00297486

Documents

Transcript of Coursework 1 B00297486