SlideShare une entreprise Scribd logo

F0322038042

I
inventionjournals

International Journal of Engineering and Science Invention (IJESI) is an international journal intended for professionals and researchers in all fields of computer science and electronics. IJESI publishes research articles and reviews within the whole field Engineering Science and Technology, new teaching methods, assessment, validation and the impact of new technologies and it will continue to provide information on the latest trends and developments in this ever-expanding subject. The publications of papers are selected through double peer reviewed to ensure originality, relevance, and readability. The articles published in our journal can be accessed online.

Technologie
1  sur  5
Télécharger pour lire hors ligne
International Journal of Engineering Science Invention ISSN (Online): 2319 – 6734, ISSN (Print): 2319 – 6726 www.ijesi.org Volume 3 Issue 2 ǁ February 2014 ǁ PP.38-42 www.ijesi.org 38 | Page Effective Tunneling of Traffic and Data in a Network with L2TP Based ON L2F Pushpa Yadav1 and Rohit Singhal 2 1 Computer Science,Gurgaon College of Engg ,Gurgaon, India 2 Computer Science,Institute of Engineering & Technology, Alwar, India ABSTRACT: Layer 2 Tunnel Protocol (L2TP) is an emerging Internet Engineering Task Force(IETF) standard that combines the best features of two existing tunneling protocols: Microsoft’s Point-to-Point Tunneling Protocol(PPTP) and Cisco’s Layer 2 Forwarding(L2F) and ensures confidentiality, interoperability and security among vendors, increase service availability and customer flexibility. In this paper, we will study how tunneling enables remote access to users in order to connect to a variety of network resources (an Internet Service Provider) through a public data network and traffic is managed by shaping or queuing traffic on a per- session basis that helps to avoid traffic congestion and provides a higher degree of granularity on the network. KEYWORDS: GRE, L2F, L2TP, PPTP, Tunneling. I. INTRODUCTION In today’s connected business environment, straightforward and effective traffic management from the network core to the network edge is very essential. Enterprises need a network infrastructure that scales to meet new business needs and manages added complexity in a cost-effective manner. Many companies today are looking for a dial-in solution where the employees can access the corporate network from a remote location. Since security is a major concern in such networks, the only available setup has involved long-distance telephone calls to corporate Network Access Servers (NAS). II. TUNNELING A tunnel is just a special type of connection across a network. It is very much like the connections your browser makes to web servers, except tunnel connections are long term and are done in a way to make the tunnel resemble a direct wire connecting two computers. Tunneling is a technique that enables remote access users to connect to a variety of network resources (Corporate Home Gateways or an Internet Service Provider) through a public data network. However, we mostly use them for other purposes, such as providing static IP service to users on other physical networks. Figure 1: Tunneling Technique
Effective Tunneling of Traffic and Data in a Network with... www.ijesi.org 39 | Page A computer connected to our network with a tunnel has two IP addresses. One is on the network of the ISP being used for access, usually a broadband ISP (cable modem, DSL, or wireless). This IP address is used by the packets forming the tunnel and is the carrier IP address. The second IP address is one on our network and is the tunnel payload IP address, often called the virtual address. In normal operation the carrier address is used for nothing except carrying the tunnel. Otherwise the computer operates as if it had only the one address on our network. Other modes of operation are possible but require some understanding of IP routing and network operation. For such users we provide a small subnet, not just a single IP a ddress. However, for most users running a tunnel is no more complicated than establishing a dialup connection. In fact, the on-screen action for the most common type of tunnel is almost identical to dialling in. No modem or phone lines are involved though. Example Tunnel User - Mail Server, Web Server. 2.1 GRE Tunnel It is possible to tunnel layer 2 over GRE by bridging the physical interface with a GRE tunnel interface. Assuming similar hardware the configuration of both tunnel endpoints will be almost identical except for the IP addressing and the routing statements, if they are used. FIgure 2: GRE Tunnel A Loopback interface will be used as the tunnel source. This Loopback interface will act as the tunnel destination for the tunnel configuration on the remote tunnel device.There are a couple of advantages to using a Loopback interface instead of a physical interface.  As it is a logical interface it will never go down  If the tunnel device has multiple uplinks the loopback interface will remain reachable, even if one of these links goes down.  It allows for a somewhat more generic configuration 2.2 Tunneling Protocols Tunneling protocols are the heart of virtual private networking. The tunnels make it possible to use a public TCP/IP network, such as the Internet, to create secure connections between remote users and a private corporate network. The secure connection is called a tunnel. The VPN 3000 Concentrator Series uses tunneling protocols to:  Negotiate tunnel parameters  Establish tunnels  Authenticate users and data  Manage security keys  Encrypt and decrypt data  Manage data transfer across the tunnel  Manage data transfer inbound and outbound as a tunnel endpoint or router The VPN Concentrator supports the most popular VPN tunneling protocols:  PPTP: Point-to-Point Tunneling Protocol
Effective Tunneling of Traffic and Data in a Network with... www.ijesi.org 40 | Page  L2F: Layer 2 Forwarding  L2TP: Layer 2 Tunneling Protocol  IPSec: IP Security Protocol  WebVPN: SSL VPN, which provides VPN services to remote users via an HTTPS-enabled Webbrowser, and does not require a client. 2.3 Need of Tunneling Tunneling is a technique that enables remote access users to connect to a variety of network resources (an Internet Service Provider) through a public data network. In general, tunnels established through the public network are point-to-point (though a multipoint tunnel is possible) and link a remote user to some resource at the far end of the tunnel. The most significant benefit of Tunneling is that it allows for the creation of VPNs over public data networks to provide cost savings.A Network tunnel lets someone physically on another network be on our network also, with IP addresses of ours. The IP address and/or subnet we assign are static, so tunnel users can run Internet servers on their own computers. III. L2TP L2TP is a tunneling protocol that supports tunnel and user authentication. It is an important component for VPNs. Virtual private network (VPN) extends a private network across a public network, such as the Internet. It enables a computer to send and receive data across shared or public networks as if it were directly connected to the private network, while benefiting from the functionality, security and management policies of the private network.VPNs are cost-effective because users can connect to the Internet locally and tunnel back to connect to corporate resources. This not only reduces overhead costs associated with traditional remote access methods, but also improves flexibility and scalability.Traditional dial-up networking services only support registered IP addresses, which limits the types of applications that are implemented over VPNs. L2TP supports multiple protocols and unregistered and privately administered IP addresses over the Internet. This allows the existing access infrastructure, such as the Internet, modems, access servers, and ISDN terminal adapters (TAs), to be used. It also allows enterprise customers to outsource dial out support, thus reducing overhead for hardware maintenance cost and allows them to concentrate corporate gateway resources.Just like PPTP, L2TP provides an encrypted tunnel for VPN traffic; however, L2TP encrypts the traffic before the Point to Point (PPP) connection negotiation begins, making it much harder to conduct dictionary attacks on captured PPP packets. 3.1 L2TP Architecture L2TP tunnels are used primarily in compulsory mode (that is, dialup LAC to LNS) access VPNs for both IP and non-IP traffic. Figure 3: L2TP Architecture A VPDN connection between a remote user, a LAC at the ISP point-of-presence (POP), and the LNS at the home LAN using an L2TP tunnel is accomplished as follows: 1) The ISP network LAC accepts the connection at the POP and the PPP link is established. 2) The remote user initiates a PPP connection to the ISP, using the analog telephone system or ISDN. 3) After the end user and LNS negotiate LCP, the LAC partially authenticates the end user with CHAP or PAP. The username, domain name, or DNIS is used to determine whether the user is a VPDN client. If the
Effective Tunneling of Traffic and Data in a Network with... www.ijesi.org 41 | Page user is not a VPDN client, authentication continues, and the client will access the Internet or other contacted service. If the username is a VPDN client, the mapping will name a specific endpoint (the LNS). 4) Once the tunnel exists, an L2TP session is created for the end user. 5) The tunnel end points, the LAC and the LNS, authenticate each other before any sessions are attempted within a tunnel. Alternatively, the LNS can accept tunnel creation without any tunnel authentication of the LAC. 6) The LAC will propagate the LCP negotiated options and the partially authenticated CHAP/PAP information to the LNS. The LNS will funnel the negotiated options and authentication information directly to the virtual access interface. If the options configured on the virtual template interface does not match the negotiated options with the LAC, the connection will fail, and a disconnect is sent to the LAC.The end result is that the exchange process appears to be between the dial-up client and the remote LNS exclusively, as if no intermediary device (the LAC) is involved. Figure 3 offers a pictorial account of the L2TP incoming call sequence with its own corresponding sequence numbers. 3.2 Features  Ethernet packets tunnelled using BCP/PPP/L2TP  L2TP tunnel bridges Wi-Fi clients onto carrier network  Consistent access policies and user experience everywhere  MAC addresses visible to broadband provider allowing device authentication  Monitor and restrict user activity to prevent malicious use of network  Ability to transport VLAN tags allows different policies to be applied to each SSID  IP addresses can be allocated by centralized DHCP server  QoS policies enforced at the edge to maximize performance and enable multimedia services  Single L2TP tunnel simplifies operation and management overhead. 3.3 Benefits of L2TP  Flexible, scalable remote network access environment without compromising  Security and guaranteed priority for their most mission-critical applications  corporate security or endangering mission-critical  Improved connectivity, reduced costs, and freedom to refocus resources on core competencies. IV. TRAFFIC MANAGEMENT The ability to shape or queue traffic on a per-session basis helps to avoid traffic congestion and allows the ISP to adhere to the SLA established for handling traffic. Shaping or queuing traffic on a per-session basis provides a higher degree of granularity when managing traffic on the network.Traffic shaping allows you to control the traffic going out an interface in order to match its flow to the speed of the remote target interface. A traffic shaper typically delays excess traffic using a buffer, or a similar mechanism, to hold packets and shape the flow when the data rate of the source is higher than expected.Traffic shaping ensures that the traffic conforms to policies contracted for it. Thus, traffic adhering to a particular profile can be shaped to meet downstream requirements, eliminating bottlenecks in topologies with data-rate mismatches. V. RESTRICTIONS The following restrictions apply to the L2TP feature:  Only dial in support currently exists.  If flow control is enabled using the l2tp flow-control receive-window command with a value greater than zero, the switching path defaults to process level switching VI. FUTURE SCOPES AND CONCLUSION L2TP is a standard protocol in which all end users and service providers can enjoy a wide range of service offerings available from multiple vendors. Quality of service can be improved by using various traffic management techniques that enhances the performance factor during tunneling using L2F (Layer 2 Forwarding Protocol) which in return helps to avoid traffic congestion. L2TP combines the best features of PPTP and L2F, so that during tunneling of data can be made secure and confidential over the network. REFERENCES Journal Papers [1] Secure VPN Based on Combination of L2TP and IPSec” by Ya-qinFan , Chi Li and Chao Sun [2] Attacking Generic Routing Encapsulation “ bytechrepublic associates [3] Tunneling in VPN” by Yuan Yuan; Ji Yi ; GuGuanqun.
Effective Tunneling of Traffic and Data in a Network with... www.ijesi.org 42 | Page [4] Research and implementation of Layer Two Tunneling Protocol (L2TP) on carrier network” by Qin Zhao ; Kuramoto, M. ; Cho, F. ; Lunyong Zhang [5] Virtual Private Networks Constructed by the Combination of IPSec& L2TP” by ZHU Changsheng,YU Dongmei. [6] ACCESS IP-VPN SOLUTION BASED ON INTEGRATION OF L2TP & IPSEC” by Hu Jianli Wang JiazhenPengDeyun Zhang Bi [7] PROPPING AND TUNNELING” by Eric Friedman, Simon Johnson and Todd Mitton

Recommandé

Fast Mobile IPv6 Handover Using Link and Location Information
Fast Mobile IPv6 Handover Using Link and Location InformationFast Mobile IPv6 Handover Using Link and Location Information
Fast Mobile IPv6 Handover Using Link and Location InformationCSCJournals
 
Class-note-data communications-01
Class-note-data communications-01Class-note-data communications-01
Class-note-data communications-01Md. Abdur Rahim Khan
 
Internet 2.0
Internet 2.0Internet 2.0
Internet 2.0Chong Yee Er
 
Internet
InternetInternet
InternetSuneel Dogra
 
MANAGING ORGANISATION USING VPN's : A SURVEY
MANAGING ORGANISATION USING VPN's : A SURVEYMANAGING ORGANISATION USING VPN's : A SURVEY
MANAGING ORGANISATION USING VPN's : A SURVEYEditor IJMTER
 
Bcs 052 solved assignment
Bcs 052 solved assignmentBcs 052 solved assignment
Bcs 052 solved assignmentIndira Gnadhi National Open University (IGNOU)
 
Ff36968971
Ff36968971Ff36968971
Ff36968971IJERA Editor
 
Vpn
VpnVpn
VpnSwarup Kumar Mall
 

Recommandé

Fast Mobile IPv6 Handover Using Link and Location Information
Fast Mobile IPv6 Handover Using Link and Location InformationFast Mobile IPv6 Handover Using Link and Location Information
Fast Mobile IPv6 Handover Using Link and Location InformationCSCJournals
 
Class-note-data communications-01
Class-note-data communications-01Class-note-data communications-01
Class-note-data communications-01Md. Abdur Rahim Khan
 
Internet 2.0
Internet 2.0Internet 2.0
Internet 2.0Chong Yee Er
 
Internet
InternetInternet
InternetSuneel Dogra
 
MANAGING ORGANISATION USING VPN's : A SURVEY
MANAGING ORGANISATION USING VPN's : A SURVEYMANAGING ORGANISATION USING VPN's : A SURVEY
MANAGING ORGANISATION USING VPN's : A SURVEYEditor IJMTER
 
Bcs 052 solved assignment
Bcs 052 solved assignmentBcs 052 solved assignment
Bcs 052 solved assignmentIndira Gnadhi National Open University (IGNOU)
 
Ff36968971
Ff36968971Ff36968971
Ff36968971IJERA Editor
 
Vpn
VpnVpn
VpnSwarup Kumar Mall
 
Glossary of introduction to networks
Glossary of introduction to networksGlossary of introduction to networks
Glossary of introduction to networksevelyn
 
call for papers, research paper publishing, where to publish research paper, ...
call for papers, research paper publishing, where to publish research paper, ...call for papers, research paper publishing, where to publish research paper, ...
call for papers, research paper publishing, where to publish research paper, ...International Journal of Engineering Inventions www.ijeijournal.com
 
EFFECTIVE TOPOLOGY-AWARE PEER SELECTION IN UNSTRUCTURED PEER-TO-PEER SYSTEMS
EFFECTIVE TOPOLOGY-AWARE PEER SELECTION IN UNSTRUCTURED PEER-TO-PEER SYSTEMSEFFECTIVE TOPOLOGY-AWARE PEER SELECTION IN UNSTRUCTURED PEER-TO-PEER SYSTEMS
EFFECTIVE TOPOLOGY-AWARE PEER SELECTION IN UNSTRUCTURED PEER-TO-PEER SYSTEMSijp2p
 
Introduction P2p
Introduction P2pIntroduction P2p
Introduction P2pDavide Carboni
 
Centrality-Based Network Coder Placement For Peer-To-Peer Content Distribution
Centrality-Based Network Coder Placement For Peer-To-Peer Content DistributionCentrality-Based Network Coder Placement For Peer-To-Peer Content Distribution
Centrality-Based Network Coder Placement For Peer-To-Peer Content DistributionIJCNCJournal
 
F233842
F233842F233842
F233842irjes
 
Migrating packet dropping in mobile ad hoc network based on modified ack-base...
Migrating packet dropping in mobile ad hoc network based on modified ack-base...Migrating packet dropping in mobile ad hoc network based on modified ack-base...
Migrating packet dropping in mobile ad hoc network based on modified ack-base...Alexander Decker
 
Week10 transport
Week10 transportWeek10 transport
Week10 transportkapilpahwabnb
 
Master Thesis on Performance Improvement of Underwater Acoustic Sensor Networ...
Master Thesis on Performance Improvement of Underwater Acoustic Sensor Networ...Master Thesis on Performance Improvement of Underwater Acoustic Sensor Networ...
Master Thesis on Performance Improvement of Underwater Acoustic Sensor Networ...Thesis Scientist Private Limited
 
Tech Doc: Umbrella Delivery Platform
Tech Doc: Umbrella Delivery PlatformTech Doc: Umbrella Delivery Platform
Tech Doc: Umbrella Delivery PlatformCourtland Smith
 
COMPARATIVE STUDY OF CAN, PASTRY, KADEMLIA AND CHORD DHTS
COMPARATIVE STUDY OF CAN, PASTRY, KADEMLIA AND CHORD DHTS COMPARATIVE STUDY OF CAN, PASTRY, KADEMLIA AND CHORD DHTS
COMPARATIVE STUDY OF CAN, PASTRY, KADEMLIA AND CHORD DHTS ijp2p
 
Recital Study of Various Congestion Control Protocols in wireless network
Recital Study of Various Congestion Control Protocols in wireless networkRecital Study of Various Congestion Control Protocols in wireless network
Recital Study of Various Congestion Control Protocols in wireless networkiosrjce
 
E-Commerce Chapter3a
E-Commerce Chapter3aE-Commerce Chapter3a
E-Commerce Chapter3aIshfaq Chohan
 
A XMLRPC Approach to the Management of Cloud Infrastructure
A XMLRPC Approach to the Management of Cloud InfrastructureA XMLRPC Approach to the Management of Cloud Infrastructure
A XMLRPC Approach to the Management of Cloud Infrastructureiosrjce
 
Security Issues of Network Mobility (NEMO) with Tor Architecture
Security Issues of Network Mobility (NEMO) with Tor ArchitectureSecurity Issues of Network Mobility (NEMO) with Tor Architecture
Security Issues of Network Mobility (NEMO) with Tor ArchitectureUnited International Journal for Research & Technology
 
A Neighbor Coverage-Based Probabilistic Rebroadcast for Reducing Routing Ove...
A Neighbor Coverage-Based Probabilistic Rebroadcast for Reducing Routing Ove...A Neighbor Coverage-Based Probabilistic Rebroadcast for Reducing Routing Ove...
A Neighbor Coverage-Based Probabilistic Rebroadcast for Reducing Routing Ove...IJMER
 
Enhancing Cloud Computing Security for Data Sharing Within Group Members
Enhancing Cloud Computing Security for Data Sharing Within Group MembersEnhancing Cloud Computing Security for Data Sharing Within Group Members
Enhancing Cloud Computing Security for Data Sharing Within Group Membersiosrjce
 
A review study of handover performance in mobile ip
A review study of handover performance in mobile ipA review study of handover performance in mobile ip
A review study of handover performance in mobile ipIJCNCJournal
 
L2tp1
L2tp1L2tp1
L2tp1Shiva Krishna Chandra Shekar
 
L2 tp
L2 tpL2 tp
L2 tpRamya Chowdary
 
ACIT - CCNA Training India - VPN
ACIT - CCNA Training India - VPNACIT - CCNA Training India - VPN
ACIT - CCNA Training India - VPNSleek International
 
Tunnel & vpn1
Tunnel & vpn1Tunnel & vpn1
Tunnel & vpn1ariesubagyo
 

Contenu connexe

Tendances

Glossary of introduction to networks
Glossary of introduction to networksGlossary of introduction to networks
Glossary of introduction to networksevelyn
 
EFFECTIVE TOPOLOGY-AWARE PEER SELECTION IN UNSTRUCTURED PEER-TO-PEER SYSTEMS
EFFECTIVE TOPOLOGY-AWARE PEER SELECTION IN UNSTRUCTURED PEER-TO-PEER SYSTEMSEFFECTIVE TOPOLOGY-AWARE PEER SELECTION IN UNSTRUCTURED PEER-TO-PEER SYSTEMS
EFFECTIVE TOPOLOGY-AWARE PEER SELECTION IN UNSTRUCTURED PEER-TO-PEER SYSTEMSijp2p
 
Centrality-Based Network Coder Placement For Peer-To-Peer Content Distribution
Centrality-Based Network Coder Placement For Peer-To-Peer Content DistributionCentrality-Based Network Coder Placement For Peer-To-Peer Content Distribution
Centrality-Based Network Coder Placement For Peer-To-Peer Content DistributionIJCNCJournal
 
F233842
F233842F233842
F233842irjes
 
Migrating packet dropping in mobile ad hoc network based on modified ack-base...
Migrating packet dropping in mobile ad hoc network based on modified ack-base...Migrating packet dropping in mobile ad hoc network based on modified ack-base...
Migrating packet dropping in mobile ad hoc network based on modified ack-base...Alexander Decker
 
Master Thesis on Performance Improvement of Underwater Acoustic Sensor Networ...
Master Thesis on Performance Improvement of Underwater Acoustic Sensor Networ...Master Thesis on Performance Improvement of Underwater Acoustic Sensor Networ...
Master Thesis on Performance Improvement of Underwater Acoustic Sensor Networ...Thesis Scientist Private Limited
 
Tech Doc: Umbrella Delivery Platform
Tech Doc: Umbrella Delivery PlatformTech Doc: Umbrella Delivery Platform
Tech Doc: Umbrella Delivery PlatformCourtland Smith
 
COMPARATIVE STUDY OF CAN, PASTRY, KADEMLIA AND CHORD DHTS
COMPARATIVE STUDY OF CAN, PASTRY, KADEMLIA AND CHORD DHTS COMPARATIVE STUDY OF CAN, PASTRY, KADEMLIA AND CHORD DHTS
COMPARATIVE STUDY OF CAN, PASTRY, KADEMLIA AND CHORD DHTS ijp2p
 
Recital Study of Various Congestion Control Protocols in wireless network
Recital Study of Various Congestion Control Protocols in wireless networkRecital Study of Various Congestion Control Protocols in wireless network
Recital Study of Various Congestion Control Protocols in wireless networkiosrjce
 
E-Commerce Chapter3a
E-Commerce Chapter3aE-Commerce Chapter3a
E-Commerce Chapter3aIshfaq Chohan
 
A XMLRPC Approach to the Management of Cloud Infrastructure
A XMLRPC Approach to the Management of Cloud InfrastructureA XMLRPC Approach to the Management of Cloud Infrastructure
A XMLRPC Approach to the Management of Cloud Infrastructureiosrjce
 
A Neighbor Coverage-Based Probabilistic Rebroadcast for Reducing Routing Ove...
A Neighbor Coverage-Based Probabilistic Rebroadcast for Reducing Routing Ove...A Neighbor Coverage-Based Probabilistic Rebroadcast for Reducing Routing Ove...
A Neighbor Coverage-Based Probabilistic Rebroadcast for Reducing Routing Ove...IJMER
 
Enhancing Cloud Computing Security for Data Sharing Within Group Members
Enhancing Cloud Computing Security for Data Sharing Within Group MembersEnhancing Cloud Computing Security for Data Sharing Within Group Members
Enhancing Cloud Computing Security for Data Sharing Within Group Membersiosrjce
 
A review study of handover performance in mobile ip
A review study of handover performance in mobile ipA review study of handover performance in mobile ip
A review study of handover performance in mobile ipIJCNCJournal
 

Tendances (18)

Glossary of introduction to networks
Glossary of introduction to networksGlossary of introduction to networks
Glossary of introduction to networks
 
call for papers, research paper publishing, where to publish research paper, ...
call for papers, research paper publishing, where to publish research paper, ...call for papers, research paper publishing, where to publish research paper, ...
call for papers, research paper publishing, where to publish research paper, ...
 
EFFECTIVE TOPOLOGY-AWARE PEER SELECTION IN UNSTRUCTURED PEER-TO-PEER SYSTEMS
EFFECTIVE TOPOLOGY-AWARE PEER SELECTION IN UNSTRUCTURED PEER-TO-PEER SYSTEMSEFFECTIVE TOPOLOGY-AWARE PEER SELECTION IN UNSTRUCTURED PEER-TO-PEER SYSTEMS
EFFECTIVE TOPOLOGY-AWARE PEER SELECTION IN UNSTRUCTURED PEER-TO-PEER SYSTEMS
 
Introduction P2p
Introduction P2pIntroduction P2p
Introduction P2p
 
Centrality-Based Network Coder Placement For Peer-To-Peer Content Distribution
Centrality-Based Network Coder Placement For Peer-To-Peer Content DistributionCentrality-Based Network Coder Placement For Peer-To-Peer Content Distribution
Centrality-Based Network Coder Placement For Peer-To-Peer Content Distribution
 
F233842
F233842F233842
F233842
 
Migrating packet dropping in mobile ad hoc network based on modified ack-base...
Migrating packet dropping in mobile ad hoc network based on modified ack-base...Migrating packet dropping in mobile ad hoc network based on modified ack-base...
Migrating packet dropping in mobile ad hoc network based on modified ack-base...
 
Week10 transport
Week10 transportWeek10 transport
Week10 transport
 
Master Thesis on Performance Improvement of Underwater Acoustic Sensor Networ...
Master Thesis on Performance Improvement of Underwater Acoustic Sensor Networ...Master Thesis on Performance Improvement of Underwater Acoustic Sensor Networ...
Master Thesis on Performance Improvement of Underwater Acoustic Sensor Networ...
 
Tech Doc: Umbrella Delivery Platform
Tech Doc: Umbrella Delivery PlatformTech Doc: Umbrella Delivery Platform
Tech Doc: Umbrella Delivery Platform
 
COMPARATIVE STUDY OF CAN, PASTRY, KADEMLIA AND CHORD DHTS
COMPARATIVE STUDY OF CAN, PASTRY, KADEMLIA AND CHORD DHTS COMPARATIVE STUDY OF CAN, PASTRY, KADEMLIA AND CHORD DHTS
COMPARATIVE STUDY OF CAN, PASTRY, KADEMLIA AND CHORD DHTS
 
Recital Study of Various Congestion Control Protocols in wireless network
Recital Study of Various Congestion Control Protocols in wireless networkRecital Study of Various Congestion Control Protocols in wireless network
Recital Study of Various Congestion Control Protocols in wireless network
 
E-Commerce Chapter3a
E-Commerce Chapter3aE-Commerce Chapter3a
E-Commerce Chapter3a
 
A XMLRPC Approach to the Management of Cloud Infrastructure
A XMLRPC Approach to the Management of Cloud InfrastructureA XMLRPC Approach to the Management of Cloud Infrastructure
A XMLRPC Approach to the Management of Cloud Infrastructure
 
Security Issues of Network Mobility (NEMO) with Tor Architecture
Security Issues of Network Mobility (NEMO) with Tor ArchitectureSecurity Issues of Network Mobility (NEMO) with Tor Architecture
Security Issues of Network Mobility (NEMO) with Tor Architecture
 
A Neighbor Coverage-Based Probabilistic Rebroadcast for Reducing Routing Ove...
A Neighbor Coverage-Based Probabilistic Rebroadcast for Reducing Routing Ove...A Neighbor Coverage-Based Probabilistic Rebroadcast for Reducing Routing Ove...
A Neighbor Coverage-Based Probabilistic Rebroadcast for Reducing Routing Ove...
 
Enhancing Cloud Computing Security for Data Sharing Within Group Members
Enhancing Cloud Computing Security for Data Sharing Within Group MembersEnhancing Cloud Computing Security for Data Sharing Within Group Members
Enhancing Cloud Computing Security for Data Sharing Within Group Members
 
A review study of handover performance in mobile ip
A review study of handover performance in mobile ipA review study of handover performance in mobile ip
A review study of handover performance in mobile ip
 

En vedette

ACIT - CCNA Training India - VPN
ACIT - CCNA Training India - VPNACIT - CCNA Training India - VPN
ACIT - CCNA Training India - VPNSleek International
 
Cisco Router As A Vpn Server
Cisco Router As A Vpn ServerCisco Router As A Vpn Server
Cisco Router As A Vpn Servermmoizuddin
 
Vpn site to site
Vpn site to siteVpn site to site
Vpn site to siteIT Tech
 
8 Authentication Security Protocols
8 Authentication Security Protocols8 Authentication Security Protocols
8 Authentication Security Protocolsguestfbf635
 
VPN - Virtual Private Network
VPN - Virtual Private NetworkVPN - Virtual Private Network
VPN - Virtual Private NetworkPeter R. Egli
 
Slideshare Powerpoint presentation
Slideshare Powerpoint presentationSlideshare Powerpoint presentation
Slideshare Powerpoint presentationelliehood
 

En vedette (14)

L2tp1
L2tp1L2tp1
L2tp1
 
L2 tp
L2 tpL2 tp
L2 tp
 
ACIT - CCNA Training India - VPN
ACIT - CCNA Training India - VPNACIT - CCNA Training India - VPN
ACIT - CCNA Training India - VPN
 
Tunnel & vpn1
Tunnel & vpn1Tunnel & vpn1
Tunnel & vpn1
 
Ldap
LdapLdap
Ldap
 
Cisco site to-site vpn
Cisco site to-site vpnCisco site to-site vpn
Cisco site to-site vpn
 
Unit08
Unit08Unit08
Unit08
 
Cisco Router As A Vpn Server
Cisco Router As A Vpn ServerCisco Router As A Vpn Server
Cisco Router As A Vpn Server
 
Vpn site to site
Vpn site to siteVpn site to site
Vpn site to site
 
8 Authentication Security Protocols
8 Authentication Security Protocols8 Authentication Security Protocols
8 Authentication Security Protocols
 
Bgp Basic Labs
Bgp Basic LabsBgp Basic Labs
Bgp Basic Labs
 
VPN - Virtual Private Network
VPN - Virtual Private NetworkVPN - Virtual Private Network
VPN - Virtual Private Network
 
Slideshare Powerpoint presentation
Slideshare Powerpoint presentationSlideshare Powerpoint presentation
Slideshare Powerpoint presentation
 
Slideshare ppt
Slideshare pptSlideshare ppt
Slideshare ppt
 

Similaire à F0322038042

Network access layer security protocol
Network access layer security protocolNetwork access layer security protocol
Network access layer security protocolKirti Ahirrao
 
Virtual private networks (vpn)
Virtual private networks (vpn)Virtual private networks (vpn)
Virtual private networks (vpn)Avinash Nath
 
Virtual private networks (vpn)
Virtual private networks (vpn)Virtual private networks (vpn)
Virtual private networks (vpn)Avinash Nath
 
Building a metro ethernet network to deliver high bandwidth internet protocol...
Building a metro ethernet network to deliver high bandwidth internet protocol...Building a metro ethernet network to deliver high bandwidth internet protocol...
Building a metro ethernet network to deliver high bandwidth internet protocol...IRJET Journal
 
Virtual private network
Virtual private network Virtual private network
Virtual private network Parth Akbari
 
MPLS Virtual Private Networks.pdf
MPLS Virtual Private Networks.pdfMPLS Virtual Private Networks.pdf
MPLS Virtual Private Networks.pdfHuynh MVT
 
VPN (virtual private network)
VPN (virtual private network) VPN (virtual private network)
VPN (virtual private network) Netwax Lab
 
MC0087 Internal Assignment (SMU)
MC0087 Internal Assignment (SMU)MC0087 Internal Assignment (SMU)
MC0087 Internal Assignment (SMU)Krishan Pareek
 
Internet of things protocols for resource constrained applications
Internet of things protocols for resource constrained applications Internet of things protocols for resource constrained applications
Internet of things protocols for resource constrained applications Pokala Sai
 
ETE405-lec7.pptx
ETE405-lec7.pptxETE405-lec7.pptx
ETE405-lec7.pptxmashiur
 
Fundamentals of internet_measurement_a_tutorial
Fundamentals of internet_measurement_a_tutorialFundamentals of internet_measurement_a_tutorial
Fundamentals of internet_measurement_a_tutorialTuristicae
 

Similaire à F0322038042 (20)

Network access layer security protocol
Network access layer security protocolNetwork access layer security protocol
Network access layer security protocol
 
Mcse question
Mcse questionMcse question
Mcse question
 
V P N
V P NV P N
V P N
 
Vp ns
Vp nsVp ns
Vp ns
 
Vpn
VpnVpn
Vpn
 
Transport layer
Transport layer Transport layer
Transport layer
 
Virtual private networks (vpn)
Virtual private networks (vpn)Virtual private networks (vpn)
Virtual private networks (vpn)
 
Virtual private networks (vpn)
Virtual private networks (vpn)Virtual private networks (vpn)
Virtual private networks (vpn)
 
Building a metro ethernet network to deliver high bandwidth internet protocol...
Building a metro ethernet network to deliver high bandwidth internet protocol...Building a metro ethernet network to deliver high bandwidth internet protocol...
Building a metro ethernet network to deliver high bandwidth internet protocol...
 
Virtual private network
Virtual private network Virtual private network
Virtual private network
 
MPLS Virtual Private Networks.pdf
MPLS Virtual Private Networks.pdfMPLS Virtual Private Networks.pdf
MPLS Virtual Private Networks.pdf
 
VPN (virtual private network)
VPN (virtual private network) VPN (virtual private network)
VPN (virtual private network)
 
Virtual private networks
Virtual private networks Virtual private networks
Virtual private networks
 
MC0087 Internal Assignment (SMU)
MC0087 Internal Assignment (SMU)MC0087 Internal Assignment (SMU)
MC0087 Internal Assignment (SMU)
 
COMPUTER NETWORKS
COMPUTER NETWORKSCOMPUTER NETWORKS
COMPUTER NETWORKS
 
Internet of things protocols for resource constrained applications
Internet of things protocols for resource constrained applications Internet of things protocols for resource constrained applications
Internet of things protocols for resource constrained applications
 
matdid018951.ppt
matdid018951.pptmatdid018951.ppt
matdid018951.ppt
 
Lecture 12
Lecture 12Lecture 12
Lecture 12
 
ETE405-lec7.pptx
ETE405-lec7.pptxETE405-lec7.pptx
ETE405-lec7.pptx
 
Fundamentals of internet_measurement_a_tutorial
Fundamentals of internet_measurement_a_tutorialFundamentals of internet_measurement_a_tutorial
Fundamentals of internet_measurement_a_tutorial
 

Dernier

Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 

Dernier (20)

Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 

F0322038042

  • 1. International Journal of Engineering Science Invention ISSN (Online): 2319 – 6734, ISSN (Print): 2319 – 6726 www.ijesi.org Volume 3 Issue 2 ǁ February 2014 ǁ PP.38-42 www.ijesi.org 38 | Page Effective Tunneling of Traffic and Data in a Network with L2TP Based ON L2F Pushpa Yadav1 and Rohit Singhal 2 1 Computer Science,Gurgaon College of Engg ,Gurgaon, India 2 Computer Science,Institute of Engineering & Technology, Alwar, India ABSTRACT: Layer 2 Tunnel Protocol (L2TP) is an emerging Internet Engineering Task Force(IETF) standard that combines the best features of two existing tunneling protocols: Microsoft’s Point-to-Point Tunneling Protocol(PPTP) and Cisco’s Layer 2 Forwarding(L2F) and ensures confidentiality, interoperability and security among vendors, increase service availability and customer flexibility. In this paper, we will study how tunneling enables remote access to users in order to connect to a variety of network resources (an Internet Service Provider) through a public data network and traffic is managed by shaping or queuing traffic on a per- session basis that helps to avoid traffic congestion and provides a higher degree of granularity on the network. KEYWORDS: GRE, L2F, L2TP, PPTP, Tunneling. I. INTRODUCTION In today’s connected business environment, straightforward and effective traffic management from the network core to the network edge is very essential. Enterprises need a network infrastructure that scales to meet new business needs and manages added complexity in a cost-effective manner. Many companies today are looking for a dial-in solution where the employees can access the corporate network from a remote location. Since security is a major concern in such networks, the only available setup has involved long-distance telephone calls to corporate Network Access Servers (NAS). II. TUNNELING A tunnel is just a special type of connection across a network. It is very much like the connections your browser makes to web servers, except tunnel connections are long term and are done in a way to make the tunnel resemble a direct wire connecting two computers. Tunneling is a technique that enables remote access users to connect to a variety of network resources (Corporate Home Gateways or an Internet Service Provider) through a public data network. However, we mostly use them for other purposes, such as providing static IP service to users on other physical networks. Figure 1: Tunneling Technique
  • 2. Effective Tunneling of Traffic and Data in a Network with... www.ijesi.org 39 | Page A computer connected to our network with a tunnel has two IP addresses. One is on the network of the ISP being used for access, usually a broadband ISP (cable modem, DSL, or wireless). This IP address is used by the packets forming the tunnel and is the carrier IP address. The second IP address is one on our network and is the tunnel payload IP address, often called the virtual address. In normal operation the carrier address is used for nothing except carrying the tunnel. Otherwise the computer operates as if it had only the one address on our network. Other modes of operation are possible but require some understanding of IP routing and network operation. For such users we provide a small subnet, not just a single IP a ddress. However, for most users running a tunnel is no more complicated than establishing a dialup connection. In fact, the on-screen action for the most common type of tunnel is almost identical to dialling in. No modem or phone lines are involved though. Example Tunnel User - Mail Server, Web Server. 2.1 GRE Tunnel It is possible to tunnel layer 2 over GRE by bridging the physical interface with a GRE tunnel interface. Assuming similar hardware the configuration of both tunnel endpoints will be almost identical except for the IP addressing and the routing statements, if they are used. FIgure 2: GRE Tunnel A Loopback interface will be used as the tunnel source. This Loopback interface will act as the tunnel destination for the tunnel configuration on the remote tunnel device.There are a couple of advantages to using a Loopback interface instead of a physical interface.  As it is a logical interface it will never go down  If the tunnel device has multiple uplinks the loopback interface will remain reachable, even if one of these links goes down.  It allows for a somewhat more generic configuration 2.2 Tunneling Protocols Tunneling protocols are the heart of virtual private networking. The tunnels make it possible to use a public TCP/IP network, such as the Internet, to create secure connections between remote users and a private corporate network. The secure connection is called a tunnel. The VPN 3000 Concentrator Series uses tunneling protocols to:  Negotiate tunnel parameters  Establish tunnels  Authenticate users and data  Manage security keys  Encrypt and decrypt data  Manage data transfer across the tunnel  Manage data transfer inbound and outbound as a tunnel endpoint or router The VPN Concentrator supports the most popular VPN tunneling protocols:  PPTP: Point-to-Point Tunneling Protocol
  • 3. Effective Tunneling of Traffic and Data in a Network with... www.ijesi.org 40 | Page  L2F: Layer 2 Forwarding  L2TP: Layer 2 Tunneling Protocol  IPSec: IP Security Protocol  WebVPN: SSL VPN, which provides VPN services to remote users via an HTTPS-enabled Webbrowser, and does not require a client. 2.3 Need of Tunneling Tunneling is a technique that enables remote access users to connect to a variety of network resources (an Internet Service Provider) through a public data network. In general, tunnels established through the public network are point-to-point (though a multipoint tunnel is possible) and link a remote user to some resource at the far end of the tunnel. The most significant benefit of Tunneling is that it allows for the creation of VPNs over public data networks to provide cost savings.A Network tunnel lets someone physically on another network be on our network also, with IP addresses of ours. The IP address and/or subnet we assign are static, so tunnel users can run Internet servers on their own computers. III. L2TP L2TP is a tunneling protocol that supports tunnel and user authentication. It is an important component for VPNs. Virtual private network (VPN) extends a private network across a public network, such as the Internet. It enables a computer to send and receive data across shared or public networks as if it were directly connected to the private network, while benefiting from the functionality, security and management policies of the private network.VPNs are cost-effective because users can connect to the Internet locally and tunnel back to connect to corporate resources. This not only reduces overhead costs associated with traditional remote access methods, but also improves flexibility and scalability.Traditional dial-up networking services only support registered IP addresses, which limits the types of applications that are implemented over VPNs. L2TP supports multiple protocols and unregistered and privately administered IP addresses over the Internet. This allows the existing access infrastructure, such as the Internet, modems, access servers, and ISDN terminal adapters (TAs), to be used. It also allows enterprise customers to outsource dial out support, thus reducing overhead for hardware maintenance cost and allows them to concentrate corporate gateway resources.Just like PPTP, L2TP provides an encrypted tunnel for VPN traffic; however, L2TP encrypts the traffic before the Point to Point (PPP) connection negotiation begins, making it much harder to conduct dictionary attacks on captured PPP packets. 3.1 L2TP Architecture L2TP tunnels are used primarily in compulsory mode (that is, dialup LAC to LNS) access VPNs for both IP and non-IP traffic. Figure 3: L2TP Architecture A VPDN connection between a remote user, a LAC at the ISP point-of-presence (POP), and the LNS at the home LAN using an L2TP tunnel is accomplished as follows: 1) The ISP network LAC accepts the connection at the POP and the PPP link is established. 2) The remote user initiates a PPP connection to the ISP, using the analog telephone system or ISDN. 3) After the end user and LNS negotiate LCP, the LAC partially authenticates the end user with CHAP or PAP. The username, domain name, or DNIS is used to determine whether the user is a VPDN client. If the
  • 4. Effective Tunneling of Traffic and Data in a Network with... www.ijesi.org 41 | Page user is not a VPDN client, authentication continues, and the client will access the Internet or other contacted service. If the username is a VPDN client, the mapping will name a specific endpoint (the LNS). 4) Once the tunnel exists, an L2TP session is created for the end user. 5) The tunnel end points, the LAC and the LNS, authenticate each other before any sessions are attempted within a tunnel. Alternatively, the LNS can accept tunnel creation without any tunnel authentication of the LAC. 6) The LAC will propagate the LCP negotiated options and the partially authenticated CHAP/PAP information to the LNS. The LNS will funnel the negotiated options and authentication information directly to the virtual access interface. If the options configured on the virtual template interface does not match the negotiated options with the LAC, the connection will fail, and a disconnect is sent to the LAC.The end result is that the exchange process appears to be between the dial-up client and the remote LNS exclusively, as if no intermediary device (the LAC) is involved. Figure 3 offers a pictorial account of the L2TP incoming call sequence with its own corresponding sequence numbers. 3.2 Features  Ethernet packets tunnelled using BCP/PPP/L2TP  L2TP tunnel bridges Wi-Fi clients onto carrier network  Consistent access policies and user experience everywhere  MAC addresses visible to broadband provider allowing device authentication  Monitor and restrict user activity to prevent malicious use of network  Ability to transport VLAN tags allows different policies to be applied to each SSID  IP addresses can be allocated by centralized DHCP server  QoS policies enforced at the edge to maximize performance and enable multimedia services  Single L2TP tunnel simplifies operation and management overhead. 3.3 Benefits of L2TP  Flexible, scalable remote network access environment without compromising  Security and guaranteed priority for their most mission-critical applications  corporate security or endangering mission-critical  Improved connectivity, reduced costs, and freedom to refocus resources on core competencies. IV. TRAFFIC MANAGEMENT The ability to shape or queue traffic on a per-session basis helps to avoid traffic congestion and allows the ISP to adhere to the SLA established for handling traffic. Shaping or queuing traffic on a per-session basis provides a higher degree of granularity when managing traffic on the network.Traffic shaping allows you to control the traffic going out an interface in order to match its flow to the speed of the remote target interface. A traffic shaper typically delays excess traffic using a buffer, or a similar mechanism, to hold packets and shape the flow when the data rate of the source is higher than expected.Traffic shaping ensures that the traffic conforms to policies contracted for it. Thus, traffic adhering to a particular profile can be shaped to meet downstream requirements, eliminating bottlenecks in topologies with data-rate mismatches. V. RESTRICTIONS The following restrictions apply to the L2TP feature:  Only dial in support currently exists.  If flow control is enabled using the l2tp flow-control receive-window command with a value greater than zero, the switching path defaults to process level switching VI. FUTURE SCOPES AND CONCLUSION L2TP is a standard protocol in which all end users and service providers can enjoy a wide range of service offerings available from multiple vendors. Quality of service can be improved by using various traffic management techniques that enhances the performance factor during tunneling using L2F (Layer 2 Forwarding Protocol) which in return helps to avoid traffic congestion. L2TP combines the best features of PPTP and L2F, so that during tunneling of data can be made secure and confidential over the network. REFERENCES Journal Papers [1] Secure VPN Based on Combination of L2TP and IPSec” by Ya-qinFan , Chi Li and Chao Sun [2] Attacking Generic Routing Encapsulation “ bytechrepublic associates [3] Tunneling in VPN” by Yuan Yuan; Ji Yi ; GuGuanqun.
  • 5. Effective Tunneling of Traffic and Data in a Network with... www.ijesi.org 42 | Page [4] Research and implementation of Layer Two Tunneling Protocol (L2TP) on carrier network” by Qin Zhao ; Kuramoto, M. ; Cho, F. ; Lunyong Zhang [5] Virtual Private Networks Constructed by the Combination of IPSec& L2TP” by ZHU Changsheng,YU Dongmei. [6] ACCESS IP-VPN SOLUTION BASED ON INTEGRATION OF L2TP & IPSEC” by Hu Jianli Wang JiazhenPengDeyun Zhang Bi [7] PROPPING AND TUNNELING” by Eric Friedman, Simon Johnson and Todd Mitton