| The five layer TCP/IP model | | 5. Application layer | | DHCP • DNS • FTP • HTTP • IMAP4 • IRC • NNTP • XMPP • MIME • POP3 • SIP • SMTP • SNMP • SSH • TELNET • BGP • RPC • RTP • RTCP • TLS/SSL • SDP • SOAP • L2TP • PPTP • … The TCP/IP model or Internet reference model, sometimes called the DoD model (DoD, Department of Defense), ARPANET reference model, is a layered abstract description for communications and computer network protocol design. ...
The application layer is the seventh level of the seven-layer OSI model. ...
The Dynamic Host Configuration Protocol (DHCP) is a set of rules used by a communications device (such as a computer, router or networking adapter) to allow the device to request and obtain an Internet address from a server which has a list of addresses available for assignment. ...
The domain name system (DNS) stores and associates many types of information with domain names, but most importantly, it translates domain names (computer hostnames) to IP addresses. ...
FTP or File Transfer Protocol is used to transfer data from one computer to another over the Internet, or through a network. ...
Hypertext Transfer Protocol (HTTP) is a method used to transfer or convey information on the World Wide Web. ...
The Internet Message Access Protocol (commonly known as IMAP or IMAP4, and previously called Internet Mail Access Protocol, Interactive Mail Access Protocol (RFC 1064), and Interim Mail Access Protocol [1] ) is an application layer Internet protocol that allows a local client to access e-mail on a remote server. ...
Internet Relay Chat (IRC) is a form of real-time Internet chat or synchronous conferencing. ...
The Network News Transfer Protocol or NNTP is an Internet application protocol used primarily for reading and posting Usenet articles, as well as transferring news among news servers. ...
Extensible Messaging and Presence Protocol, or XMPP, is an open, XML-based protocol for near real-time extensible messaging and presence events. ...
Multipurpose Internet Mail Extensions (MIME) is an Internet Standard for the format of e-mail. ...
In computing, local e-mail clients use the Post Office Protocol version 3 (POP3), an application-layer Internet standard protocol, to retrieve e-mail from a remote server over a TCP/IP connection. ...
The Session Initiation Protocol (SIP) is an application-layer control (signaling) protocol for creating, modifying, and terminating sessions with one or more participants. ...
Simple Mail Transfer Protocol (SMTP) is the de facto standard for e-mail transmissions across the Internet. ...
The simple network management protocol (SNMP) forms part of the internet protocol suite as defined by the Internet Engineering Task Force (IETF). ...
In computing, Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. ...
TELNET (TELetype NETwork) is a network protocol used on the Internet or local area network (LAN) connections. ...
The Border Gateway Protocol (BGP) is the core routing protocol of the Internet. ...
Remote procedure call (RPC) is a protocol that allows a computer program running on one computer to cause a subroutine on another computer to be executed without the programmer explicitly coding the details for this interaction. ...
The Real-time Transport Protocol (or RTP) defines a good standardized packet format for delivering audio and video over the Internet. ...
RTP Control Protocol (RTCP) is a sister protocol of the Real-time Transport Protocol (RTP). ...
This article or section does not adequately cite its references or sources. ...
Session Description Protocol (SDP), is a format for describing streaming media initialization parameters. ...
This article is about the computer protocol. ...
The Point-to-Point Tunneling Protocol (PPTP) is a method for implementing virtual private networks. ...
| | 4. Transport layer | | TCP • UDP • DCCP • SCTP • GTP • … In computing and telecommunications, the transport layer is layer four of the seven layer OSI model. ...
The Transmission Control Protocol (TCP) is one of the core protocols of the Internet protocol suite, often simply referred to as TCP/IP. Using TCP, applications on networked hosts can create connections to one another, over which they can exchange streams of data using Stream Sockets. ...
The User Datagram Protocol (UDP) is one of the core protocols of the Internet protocol suite. ...
The Datagram Congestion Control Protocol (DCCP) is a message-oriented transport layer protocol that is currently under development in the IETF. Applications that might make use of DCCP include those with timingconstraints on the delivery of data such that reliable in-order delivery, when combined with congestion control, is likely...
In the field of computer networking, the IETF Signaling Transport (SIGTRAN) working group defined the Stream Control Transmission Protocol (SCTP) as a transport layer protocol in 2000. ...
GPRS Tunnelling Protocol (or GTP) is a IP based protocol used within GSM and UMTS networks. ...
| | 3. Network layer | | IP (IPv4 • IPv6) • ARP • RARP • ICMP • IGMP • RSVP • IPsec • … The network layer is level three of the seven level OSI model. ...
The Internet Protocol (IP) is a data-oriented protocol used for communicating data across a packet-switched internetwork. ...
Internet Protocol version 4 is the fourth iteration of the Internet Protocol (IP) and it is the first version of the protocol to be widely deployed. ...
Internet Protocol version 6 (IPv6) is a network layer protocol for packet-switched internetworks. ...
In computer networking, the Address Resolution Protocol (ARP) is the method for finding a hosts hardware address when only its network layer address is known. ...
Reverse address resolution protocol (RARP) is a protocol used to resolve an IP address from a given hardware address (such as an Ethernet address). ...
The Internet Control Message Protocol (ICMP) is one of the core protocols of the Internet protocol suite. ...
The Internet Group Management Protocol is a communications protocol used to manage the membership of Internet Protocol multicast groups. ...
The Resource ReSerVation Protocol (RSVP), described in RFC 2205, is a transport layer protocol designed to reserve resources across a network for an integrated services Internet. ...
IPsec (IP security) is a suite of protocols for securing Internet Protocol (IP) communications by encrypting and/or authenticating each IP packet in a data stream. ...
| | 2. Data link layer | | ATM • DTM • Ethernet • FDDI • Frame Relay • GPRS • PPP • … To meet Wikipedias quality standards, this article or section may require cleanup. ...
Asynchronous Transfer Mode (ATM) is a cell relay, network and data link layer protocol which encodes data traffic into small (53 bytes; 48 bytes of data and 5 bytes of header information) fixed-sized cells. ...
Dynamic synchronous Transfer Mode , or DTM for short, is a network protocol. ...
Ethernet is a large and diverse family of frame-based computer networking technologies for local area networks (LANs). ...
In computer networking, fiber-distributed data interface (FDDI) is a standard for data transmission in a local area network that can extend in range up to 200 km (124 miles). ...
In the context of computer networking, frame relay (also found written as frame-relay) consists of an efficient data transmission technique used to send digital information quickly and cheaply in a relay of frames to one or many destinations from one or many end-points. ...
poopie General Packet Radio Services (GPRS) is a mobile data service available to users of GSM and IS-136 mobile phones. ...
In computing, the Point-to-Point Protocol, or PPP, is commonly used to establish a direct connection between two nodes. ...
| | 1. Physical layer | | Ethernet physical layer • ISDN • Modems • PLC • SONET/SDH • G.709 • Wi-Fi • … This article or section does not cite its references or sources. ...
IEEE photograph of a diagram with the original terms for describing Ethernet drawn by Robert M. Metcalfe around 1976. ...
Integrated Services Digital Network (ISDN) is a circuit-switched telephone network system, designed to allow digital transmission of voice and data over ordinary telephone copper wires, resulting in better quality and higher speeds than that available with the PSTN system. ...
A modem (from modulate and demodulate) is a device that modulates an analogue carrier signal to encode digital information, and also demodulates such a carrier signal to decode the transmitted information. ...
Power line communication (PLC), also called mains communication, power line telecoms (PLT), powerband or power line networking (PLN), is a term describing several different systems for using power distribution wires for simultaneous distribution of data. ...
It has been suggested that this article be split into articles entitled synchronous optical networking, SONET and SDH. (Discuss) Synchronous optical networking, is a method for communicating digital information using lasers or light-emitting diodes (LEDs) over optical fiber. ...
There are very few or no other articles that link to this one. ...
Official Wi-Fi logo Wi-Fi is a brand originally licensed by the Wi-Fi Alliance to describe the underlying technology of wireless local area networks (WLAN) based on the IEEE 802. ...
| | | In computer networking, the Layer 2 Tunneling Protocol (L2TP) is a tunneling protocol used to support virtual private networks (VPNs). This article or section is in need of attention from an expert on the subject. ...
A tunneling protocol is a network protocol which encapsulates one protocol or session inside another. ...
A virtual private network (VPN) is a private communications network often used by companies or organizations, to communicate confidentially over a public network. ...
History and future Published in 1999 as proposed standard RFC 2661, L2TP has its origins primarily in two older tunneling protocols for PPP: Cisco's Layer 2 Forwarding (L2F) and Microsoft's Point-to-Point Tunneling Protocol (PPTP). A new version of this protocol, L2TPv3, was published as proposed standard RFC 3931 in 2005. L2TPv3 provides additional security features, improved encapsulation, and the ability to carry data links other than simply PPP over an IP network (e.g., Frame Relay, Ethernet, ATM, etc). Cisco Systems, Inc. ...
Microsoft is one of few companies engaging itself in the console wars Where they are up against sony, nintendo, and of course sharps new console which may cause a threat. ...
The Point-to-Point Tunneling Protocol (PPTP) is a method for implementing virtual private networks. ...
Layer 2 Tunneling Protocol Version 3 is a draft version of L2TP that is proposed as an alternative protocol to MPLS for encapsulation of multiprotocol Layer 2 communications traffic over IP networks. ...
Description L2TP acts like a data link layer (layer 2 of the OSI model) protocol for tunneling network traffic between two peers over an existing network (usually the Internet). L2TP is in fact a layer 5 protocol session layer, and uses the registered UDP port 1701. The entire L2TP packet, including payload and L2TP header, is sent within a UDP datagram. It is common to carry Point-to-Point Protocol (PPP) sessions within an L2TP tunnel. L2TP does not provide confidentiality or strong authentication by itself. IPsec is often used to secure L2TP packets by providing confidentiality, authentication and integrity. The combination of these two protocols is generally known as L2TP/IPsec (discussed below). To meet Wikipedias quality standards, this article or section may require cleanup. ...
The Open Systems Interconnection Basic Reference Model (OSI Reference Model or OSI Model for short) is a layered, abstract description for communications and computer network protocol design, developed as part of the Open Systems Interconnection initiative. ...
The session layer is level five of the seven level OSI model. ...
In computing, the Point-to-Point Protocol, or PPP, is commonly used to establish a direct connection between two nodes. ...
IPsec (IP security) is a suite of protocols for securing Internet Protocol (IP) communications by encrypting and/or authenticating each IP packet in a data stream. ...
IPsec (IP security) is a suite of protocols for securing Internet Protocol (IP) communications by encrypting and/or authenticating each IP packet in a data stream. ...
The two endpoints of an L2TP tunnel are called the LAC (L2TP Access Concentrator) and the LNS (L2TP Network Server). The LAC is the initiator of the tunnel while the LNS is the server, which waits for new tunnels. Once a tunnel is established, the network traffic between the peers is bidirectional. To be useful for networking, higher-level protocols are then run through the L2TP tunnel. To facilitate this an L2TP session (or call) is established within the tunnel for each higher-level protocol such as PPP. Either the LAC or LNS may initiate sessions. The traffic for each session is isolated by L2TP, so it is possible to set up multiple virtual networks across a single tunnel.
Be sure to consider MTU when implementing L2TP. In computer networking, the term Maximum Transmission Unit (MTU) refers to the size (in bytes) of the largest packet that a given layer of a communications protocol can pass onwards. ...
The packets exchanged within an L2TP tunnel are categorised as either control packets or data packets. L2TP provides reliability features for the control packets, but no reliability for data packets. Reliability, if desired, must be provided by the nested protocols running within each session of the L2TP tunnel. A packet is a formatted block of information carried by a computer network. ...
Cisco has the software patent related to L2F and L2TP [1]. It has been assigned patent number 5,918,019 in the United States. [2] Software patent does not have a universally accepted definition. ...
An L2TP tunnel can extend across an entire PPP session or only across one segment of a two-segment session. This can be represented by four different tunneling models, namely voluntary tunnel, compulsory tunnel — outgoing call, compulsory tunnel — remote dial, and L2TP multi-hop connection.[3] [4] [5]
In the voluntary tunnel model, a tunnel is created by the user, typically by the use of an L2TP enabled client which is called the LAC client. The user will send L2TP packets to the Internet Service Provider (ISP) which will forward them on to the LNS. The ISP does not need to support L2TP, it only forwards the L2TP packets between LAC and LNS . The LAC client acts as an L2TP tunnel initiator which effectively resides on the same system as the remote client. The tunnel extends across the entire PPP session from the L2TP client to the LNS.
In the compulsory tunnel model-incoming call, a tunnel is created between ISP LAC and the LNS. The company may provide the remote user with Virtual Private Network(VPN)login account from which he can access the corporate server. As a result the user will send PPP packets to the ISP (LAC) which will encapsulate them in L2TP and tunnel them to the LNS. In the compulsory tunneling cases, the ISP must be L2TP capable. In this model the tunnel only extends across the segment of the PPP session between the ISP and the LNS.
In the compulsory tunnel model-remote dial the home gateway (LNS) initiates a tunnel to an ISP (LAC) (outgoing call) and instructs the ISP to place a local call to the PPP enabled client which is remote user. This model is intended for cases where the remote PPP Answer Client has a permanent established phone number with an ISP. This model is expected to be used when a company with established presence on the Internet needs to establish a connection to a remote office that requires a dial-up link. In this model the tunnel only extends across the segment of the PPP session between the LNS and the ISP.
An L2TP Multi-hop connection is a way of redirecting L2TP traffic on behalf of client LACs and LNSs. A Multi-hop connection is established using an L2TP Multi-hop gateway. A tunnel is established from a client LAC to the L2TP Multi-hop gateway and then another tunnel is established between the L2TP Multi-hop gateway and a target LNS. L2TP traffic between client LAC and LNS is redirected to each other through the gateway.
L2TP/IPsec Because of the lack of confidentiality inherent in the L2TP protocol, it is often implemented along with IPsec. This is referred to as L2TP/IPsec, and is standardized in IETF RFC 3193. IPsec (IP security) is a suite of protocols for securing Internet Protocol (IP) communications by encrypting and/or authenticating each IP packet in a data stream. ...
IPsec (IP security) is a suite of protocols for securing Internet Protocol (IP) communications by encrypting and/or authenticating each IP packet in a data stream. ...
The Internet Engineering Task Force (IETF) is charged with developing and promoting Internet standards. ...
The process of setting up an L2TP/IPsec VPN is as follows: IPsec (IP security) is a suite of protocols for securing Internet Protocol (IP) communications by encrypting and/or authenticating each IP packet in a data stream. ...
-
- Negotiation of IPsec Security Association (SA), typically through Internet Key Exchange (IKE). This is carried out over UDP port 500, and commonly uses either a shared password (so-called "pre-shared keys"), public keys, or X.509 certificates on both ends, although other keying methods exist.
- Establishment of Encapsulated Security Payload (ESP) communication in transport mode. The IP Protocol number for ESP is 50 (compare TCP's 6 and UDP's 17). At this point, a secure channel has been established, but no tunneling is taking place.
- Negotiation and establishment of L2TP tunnel between the SA endpoints. The actual negotiation of parameters takes place over the SA's secure channel, within the IPsec encryption. L2TP uses UDP port 1701.
When the process is complete, L2TP packets between the endpoints are encapsulated by IPsec. Since the L2TP packet itself is wrapped and hidden within the IPsec packet, no information about the internal private network can be garnered from the encrypted packet. Also, it is not necessary to open UDP port 1701 on firewalls between the endpoints, since the inner packets are not acted upon until after IPsec data has been decrypted and stripped, which only takes place at the endpoints. If a firewall or packet filter is integrated into the endpoint itself, however, it will probably be necessary to open port 1701 on that endpoint. IPsec (IP security) is a suite of protocols for securing Internet Protocol (IP) communications by encrypting and/or authenticating each IP packet in a data stream. ...
In IPsec a security association (SA) describes an unidirectional secured flow of data between two gateways. ...
Internet key exchange (IKE) is the protocol used to set up a security association (SA) in the IPsec protocol suite. ...
In cryptography, X.509 is an ITU-T standard for public key infrastructure (PKI). ...
IPsec (IP security) is a suite of protocols for securing Internet Protocol (IP) communications by encrypting and/or authenticating each IP packet in a data stream. ...
IPsec (IP security) is a suite of protocols for securing Internet Protocol (IP) communications by encrypting and/or authenticating each IP packet in a data stream. ...
IPsec (IP security) is a suite of protocols for securing Internet Protocol (IP) communications by encrypting and/or authenticating each IP packet in a data stream. ...
IPsec (IP security) is a suite of protocols for securing Internet Protocol (IP) communications by encrypting and/or authenticating each IP packet in a data stream. ...
A potential point of confusion in L2TP/IPsec is the use of the terms "tunnel" and "secure channel." Tunnel refers to a channel which allows untouched packets of one network to be transported over another network. In the case of L2TP/IPsec, it allows L2TP/PPP packets to be transported over IP. A secure channel refers to a connection within which the confidentiality of all data is guaranteed. In L2TP/IPsec, first IPsec provides a secure channel, then L2TP provides a tunnel. IPsec (IP security) is a suite of protocols for securing Internet Protocol (IP) communications by encrypting and/or authenticating each IP packet in a data stream. ...
IPsec (IP security) is a suite of protocols for securing Internet Protocol (IP) communications by encrypting and/or authenticating each IP packet in a data stream. ...
IPsec (IP security) is a suite of protocols for securing Internet Protocol (IP) communications by encrypting and/or authenticating each IP packet in a data stream. ...
IPsec (IP security) is a suite of protocols for securing Internet Protocol (IP) communications by encrypting and/or authenticating each IP packet in a data stream. ...
L2TP in ADSL networks L2TP is often used as a tunneling mechanism to resell ADSL endpoint connectivity. An L2TP tunnel would sit between the user and the ISP the connection would be resold to, so the reselling ISP wouldn't appear as doing the transit.
External links
Implementations
Internet standards and extensions - RFC 2341 Cisco Layer Two Forwarding (Protocol) "L2F". (A predecessor to L2TP)
- RFC 2637 Point-to-Point Tunneling Protocol (PPTP). (A predecessor to L2TP)
- RFC 2661 Layer Two Tunneling Protocol "L2TP"
- RFC 2809 Implementation of L2TP Compulsory Tunneling via RADIUS
- RFC 2888 Secure Remote Access with L2TP
- RFC 3070 Layer Two Tunneling Protocol (L2TP) over Frame Relay
- RFC 3145 L2TP Disconnect Cause Information
- RFC 3193 Securing L2TP using IPsec
- RFC 3301 Layer Two Tunnelling Protocol (L2TP): ATM access network
- RFC 3308 Layer Two Tunneling Protocol (L2TP) Differentiated Services
- RFC 3355 Layer Two Tunnelling Protocol (L2TP) Over ATM Adaptation Layer 5 (AAL5)
- RFC 3371 Layer Two Tunneling Protocol "L2TP" Management Information Base
- RFC 3437 Layer Two Tunneling Protocol Extensions for PPP Link Control Protocol Negotiation
- RFC 3438 Layer Two Tunneling Protocol (L2TP) Internet Assigned Numbers: Internet Assigned Numbers Authority (IANA) Considerations Update
- RFC 3573 Signaling of Modem-On-Hold status in Layer 2 Tunneling Protocol (L2TP)
- RFC 3817 Layer 2 Tunneling Protocol (L2TP) Active Discovery Relay for PPP over Ethernet (PPPoE)
- RFC 3931 Layer Two Tunneling Protocol - Version 3 (L2TPv3).
- RFC 4045 Extensions to Support Efficient Carrying of Multicast Traffic in Layer-2 Tunneling Protocol (L2TP).
IPsec (IP security) is a suite of protocols for securing Internet Protocol (IP) communications by encrypting and/or authenticating each IP packet in a data stream. ...
Example real world usage - the ISP-Howto (in french) details how the French Data Network is providing ADSL service through L2TP and how the ADSL network is setup in France
Setup Instructions |
Feeds |
Contact