Coursework 1 B00297486

download Coursework 1 B00297486

of 12

Transcript of Coursework 1 B00297486

  • 8/17/2019 Coursework 1 B00297486

    1/12

     

    B00297486COMP09022 Network Design

    COURSEWORK 1 

    Tunnelling Protocols 

  • 8/17/2019 Coursework 1 B00297486

    2/12

    COMP09022 Network Design Coursework 1 B00297486

    Page 1 of 11 

    Table of Contents

    1. Executive Summary ............................................................................................. 2

    2. Introduction .......................................................................................................... 3

    3. Statement of Methodology ................................................................................... 4

    4. Why is Tunnelling used ........................................................................................ 5

    5. Tunnelling Protocols ............................................................................................ 6

    5.1 Layer 2 Tunnelling Protocol........................................................................... 6

    5.2 Point to Point Tunnelling Protocol ................................................................. 7

    5.3 Layer 2 Forwarding Protocol ......................................................................... 8

    6. Conclusion ......................................................................................................... 10

    References ............................................................................................................... 11

  • 8/17/2019 Coursework 1 B00297486

    3/12

    COMP09022 Network Design Coursework 1 B00297486

    Page 2 of 11 

    1 Executive Summary

    The aim of this report is to review various Tunnelling Protocols, why they are used

    and how they may be linked to other Tunnelling Protocols, and to explain why they

    have been developed. The report also describes standardised Tunneling Protocols

    and why one protocol may be used over another

  • 8/17/2019 Coursework 1 B00297486

    4/12

    COMP09022 Network Design Coursework 1 B00297486

    Page 3 of 11 

    2 Introduction

    The purpose of this report is to describe some tunnelling protocols, why tunnelling is

    used, to explain why they have been developed and to also explain the reason why

    one protocol is used over another. In this report, each protocol examined will give

    information on the protocol, and explain why tunnelling is used, and why it may be

    necessary.

  • 8/17/2019 Coursework 1 B00297486

    5/12

    COMP09022 Network Design Coursework 1 B00297486

    Page 4 of 11 

    3 Statement of Methodology

    In order to carry out this report, various sources were reviewed. These texts were

    analysed to provide an understanding of various standardised Tunnelling Protocols

    and why they are used.

  • 8/17/2019 Coursework 1 B00297486

    6/12

    COMP09022 Network Design Coursework 1 B00297486

    Page 5 of 11 

    4 Why is Tunnelling used

    To understand why tunnelling is used, it is necessary to know what tunnelling is.

    Tunnelling is a protocol that allows data to be sent from the host computer, to a

    remote computer on another network. This allows the data to be sent over the Public

    Internet through encapsulation. A company no longer has to lease private lines for

    Wide Area Networking. Tunnelling also allows for the data to be encrypted for secure

    transmission, depending on what protocol is used. “ Tunneling is a process of

    encapsulating an entire data packet as the payload within a second packet, which is

    understood by the network and both end points. Depending on the protocols used,

    the new payload —the original packet —can be encrypted.”  (eTutorials.org, 2008-

    2015) 

    Tunnelling can be used for connecting two or more networks that do not have a

    routing path to each other, tunnelling can also be used to connect IPv6 and IPv4networks together. When using tunnelling, most protocols support data compression,

    therefore, this reduces the amount of packets that need to be sent.

     Another reason that tunnelling may be used, is to bypass firewalls. This is due to it

    enclosing blocked protocols within another protocol that the firewall lets through.

    Tunnelling is used to send data, across a network, that normally would not be able to

    support the original protocol. For example, sending data using NetBEUI, this protocol

    is non routable, the packet is then encapsulated within another protocol, this would

    be in the data portion of the second protocol, such as PPTP.

     Although the protocols are referred to as tunnelling protocols, there is no actual

    tunnel between the devices, it refers to data being sent via a non-secure

    environment, such as the Internet, without the fear of data being looked at or

    changed by a third party.

    The protocols in this report all work at layer 2, Data Link Layer, of the Open Systems

    Interconnection (OSI) model.

  • 8/17/2019 Coursework 1 B00297486

    7/12

    COMP09022 Network Design Coursework 1 B00297486

    Page 6 of 11 

    5 Tunnelling Protocols

    There are several tunnelling protocols, three of which are detailed below, Layer 2

    Tunnelling Protocol (L2TP), Point to Point Tunnelling Protocol (PPTP) and Layer 2

    Forwarding Protocol (L2F).

     All three are linked in some way, PPTP was developed by Microsoft, Cisco realised

    there was some absences within the protocol, so set about to improve it. This led to

    L2F being developed. Then working with IETF, L2TP was developed. Looking at the

    protocols, L2TP would seem to be the most secure of all three protocols. They all

    use PPP to send data from one point to the other.

    5 1 Layer 2 Tunnelling Protocol

    Layer 2 Tunnelling Protocol (L2TP) was developed within the Internet

    Engineering Task Force (IETF). It was developed by Microsoft (from Microsoft’s

    Point to Point Tunnelling Protocol) and Cisco (from Cisco’s Layer 2 Forwarding

    Protocol). Cisco started the development as the company had recognised

    absences in PPTP. This led to the development initially of the Layer 2 Forwarding

    Protocol. So in essence, L2TP is closely linked to both PPTP and L2F

    The full details of L2TP can be found in Request for Comments (RFC) 2661.

     As stated in RFC2661 “L2TP utilizes two types of messages, control messagesand data messages. Control messages are used in the establishment,

    maintenance and clearing of tunnels and calls. Data messages are used to

    encapsulate PPP frames being carried over the tunnel. Control messages utilize

    a reliable Control Channel within L2TP to guarantee delivery (see section 5.1 for

    details). Data messages are not retransmitted when packet loss occurs.” 

    (Townsley, et al., 1999)

    L2TP is compatible with Remote Authentication Dial-In User Service (RADIUS),

    which is a server that allows for remote user authentication and is used by most

    Internet Service Providers (ISP).

    L2TP uses PPP to encapsulate frames. To allow this protocol to send secure

    data, it can be combined with Internet Protocol Security (IPsec). IPsec allows the

    packets being sent to be authenticated and encrypted, thus making L2TP a

    secure protocol to use. The data that is tunnelled through the protocol uses UDP,

    and as such the port 1701 may have to be opened up in the firewall to allow

    these frames through.

  • 8/17/2019 Coursework 1 B00297486

    8/12

    COMP09022 Network Design Coursework 1 B00297486

    Page 7 of 11 

    Figure 1 L2TP Packet Construction (Infocellar, Unknown) 

    5 2 Point to Point Tunnelling Protocol

    Point to Point Tunnelling Protocol (PPTP) was developed by Microsoft, USRobotics and other companies. This was known as the PPTP Forum. The

    protocol was developed as there was a need to secure data being sent from a

    remote client to a corporate network, as data was being sent over the Internet

    which is essentially an “open network”. This was a new technology when it was

    developed.

    Full details of this protocol can be seen in RFC2637

    “Point to Point Tunneling Protocol (PPTP) is a network protocol that enables the

    secure transfer of data from a remote client to a private enterprise server by

    creating a PPP tunnel across TCP/IP-based data networks.”  (Technology, 2003) 

    Point to point refers to the created connection. It uses one point usually the user’s

    computer, to connect to another specific point, usually the remote network, by

    way of using the Internet. Tunnelling part refers to the way in which one protocol

    is encapsulated within another protocol, with PPTP, this is encapsulated within

    the TCP/IP Protocol. This shows as a direct link between the two points,

    therefore creating a secure connection. (Christensson, 2006)

  • 8/17/2019 Coursework 1 B00297486

    9/12

    COMP09022 Network Design Coursework 1 B00297486

    Page 8 of 11 

    Figure 2 PPTP Process (Microsoft, 2016)

    PPTP uses an improved Generic Routing Encapsulation (GRE). This allows for

    flow control and the control of congestion encapsulated datagram which carried

    PPP packets, this permits the efficient use of bandwidth.

     As stated in RFC2637, “The PPTP protocol is implemented only by the PAC and

    PNS. No other systems need to be aware of PPTP.”  (Hamzeh, et al., 1999) 

    PPTP uses the same encryption as PPP. This can include Extensible

     Authentication Protocol (EAP), Shiva Password Authentication Protocol (SPAP),

    Password Authentication Protocol (PAP) and Microsoft Challenge-Handshake

     Authentication Protocol (MS-CHAP)

    5 3 Layer 2 Forwarding Protocol

    Layer 2 Forwarding (L2F) Protocol is a protocol developed by Cisco Systems,

    and is found in Cisco routers through the Internetwork Operating System (IOS),

    full details can be found in RFC2341. This protocol was developed to try and

    enhance Microsoft’s PPTP protocol. Layer 2 Forwarding is media independent, in

    that it can be used over Ethernet, Fibre etc. L2F runs in conjunction with other

    protocols such as PPP or Serial Line Internet Protocol (SLIP). L2F can be used

    with user authentication such as Remote Authentication Dial-In User Service

    (RADIUS), as well as other features such as quality of service (QoS).

    When L2F uses PPP, the protocol PPP connects the client to the Network

     Access Server (NAS), this is usually the Internet Service Provider (ISP). L2F

    allows this connection to go further than the ISP, to the destination required. The

    L2F protocol does not provide encryption on its own, but relies on the protocol

    that is being tunnelled such as PPP. As seen in RFC2341, once the packet is

    encapsulated is contains the L2F header, the payload (PPP/SLIP) and canoptionally contain L2f checksum.

  • 8/17/2019 Coursework 1 B00297486

    10/12

    COMP09022 Network Design Coursework 1 B00297486

    Page 9 of 11 

    L2F supports Multiplexing, “Multiplexing is the process in which multiple Data

    Streams, coming from different Sources, are combined and Transmitted over a

    Single Data Channel or Data Stream.”  (Macao., 2015) 

    Figure 3 - Multiplexing (THAKUR, Unknown)

  • 8/17/2019 Coursework 1 B00297486

    11/12

    COMP09022 Network Design Coursework 1 B00297486

    Page 10 of 11 

    6 Conclusion

    In conclusion, although there are a few tunnelling protocols, the above three

    protocols would seem to be the most commonly used. The protocol that seems to be

    the favoured is Layer 2 Tunnelling Protocol, as L2TP uses PPP and can be used

    with IPsec to authenticate and encrypt each packet.

  • 8/17/2019 Coursework 1 B00297486

    12/12

    COMP09022 Network Design Coursework 1 B00297486

    Page 11 of 11 

    References

    Christensson, P., 2006. PPTP Definitions. [Online]

     Available at: http://techterms.com/definition/pptp

    [Accessed 06th March 2016].

    eTutorials.org, 2008-2015. Tunnelling Protocols. [Online]

     Available at:

    http://etutorials.org/Networking/Cisco+Certified+Security+Professional+Certification/

    Part+III+Virtual+Private+Networks+VPNs/Chapter+9+Cisco+IOS+IPSec+Introductio

    n/Tunneling+Protocols/

    [Accessed 03rd March 2016].

    Hamzeh, K. et al., 1999. RFC2637. [Online]

     Available at: https://www.ietf.org/rfc/rfc2637.txt

    [Accessed 06th March 2016].

    Infocellar, Unknown. Tunneling Protocols. [Online]

     Available at: http://www.infocellar.com/networks/IPVPN/Tunneling-Protocols.htm

    [Accessed 06th March 2016].

    Macao., C. M. o., 2015. Multiplexing and Demultiplexing. [Online]

     Available at:

    http://macao.communications.museum/eng/exhibition/secondfloor/MoreInfo/2_8_6_ 

    Multiplexing.html

    [Accessed 14th March 2016].

    Microsoft, 2016. Point-To-Point Tunnelling Protocol. [Online] Available at: https://technet.microsoft.com/en-us/library/cc958045.aspx

    [Accessed 06th March 2016].

    Technology, A., 2003. Addpac PPTP. [Online]

     Available at: http://www.addpac.com/addpac_kor2015/files/PPTP.pdf

    [Accessed 06th March 2016].

    THAKUR, D., Unknown. Multiplexing - What is Multiplexing ?Explain its Multiplexing

    Methods. [Online]

     Available at: http://ecomputernotes.com/computernetworkingnotes/multiple-

    access/multiplexing-what-is-multiplexing-explain-its-multiplexing-methods[Accessed 14th March 2016].

    Townsley, W. et al., 1999. RFC2661. [Online]

     Available at: https://tools.ietf.org/html/rfc2661

    [Accessed 06th Month 2016].