Presentation is loading. Please wait.

Presentation is loading. Please wait.

L2TP Chapter 7. Motivation Sometimes we want to tunnel one protocol over another protocol –Maybe the network does not understand how to forward that protocol.

Published bySpencer Holmes Modified over 9 years ago

Similar presentations

Presentation on theme: "L2TP Chapter 7. Motivation Sometimes we want to tunnel one protocol over another protocol –Maybe the network does not understand how to forward that protocol."— Presentation transcript:

1 L2TP Chapter 7

2 Motivation Sometimes we want to tunnel one protocol over another protocol –Maybe the network does not understand how to forward that protocol –Maybe want to route around a failure –Maybe want to tunnel for policy reasons –Mobility –VPN services Focus of this lecture

3 Motivation – GRE limitations ISPs require authentication for billing –GRE authentication not standardised, removed from later versions Interaction between other L3 protocols and GRE not well defined Path-MTU discovery problems

4 Motivation It would be easier to just tunnel PPP sessions over IP –IP is ubiquitous –PPP has well defined authentication methods –PPP defines NCPs for tunnelling various protocols –PPP has a large install base

5 L2TP Layer-2 Tunnelling Protocol –L2TPv2 defines tunnelling PPP circuits RFC 2661 –L2TPv3 defines tunnelling other L2 protocols “Pseudo-wire” Ethernet, Frame relay RFC 3931

6 Traditional PSTN Connection MDF PSTN switch NAS Modem emulator Router Core PPP

7 Traditional DSL connection MDF Voice to PSTN DSLAM LAN filter RADIUS Core BRAS PPP

8 L2TP model LAC: L2TP Access Concentrator LNS: L2TP Network Server LACLNS User PPP session Tunnelled PPP sessions

9 L2TP protocol overview +-------------------+ | PPP Frames | +-------------------+ +-----------------------+ | L2TP Data Messages| | L2TP Control Messages | +-------------------+ +-----------------------+ | L2TP Data Channel | | L2TP Control Channel | | (unreliable) | | (reliable) | +------------------------------------------------+ | Packet Transport (UDP, FR, ATM, etc.) | +------------------------------------------------+ Figure 3.0: L2TP Protocol Structure, RFC 2661

10 L2TP Control Tunnel setup and maintenance Uses UDP, implements TCP-like windowing and congestion control Three message exchange –SCCRQ: Start-Control-Connection-Request –SCCRP: Start-Control-Connection-Reply –SCCCN: Start-Control-Connection-Connected

11 L2TP Data Tunnel individual PPP sessions Unreliable UDP stream of packets Three-packet exchange –ICRQ: Incoming-Call-Request –ICRP: Incoming-Call-Reply –ICCN: Incoming-Call-Connected

12 L2TP message format 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |T|L|x|x|S|x|O|P|x|x|x|x| Ver | Length (opt) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Tunnel ID | Session ID | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Ns (opt) | Nr (opt) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Offset Size (opt) | Offset pad... (opt) +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ T: TypeL: Length S: SequenceO: Offset P: PriorityVer: Version Tunnel ID:Identifier of control connection Session ID:Identifer for session within tunnel Ns:expected next sequence number Nr:expected next sequence number for control messages

13 L2TP and MTU L2TP, like other tunnelling mechanisms, introduces per-packet framing overhead –Reduces MTU Two solutions –PPP negotiation of MRU –Provision network between LAC and LNS to encapsulate commonly required packet size 1500 user bytes + PPP header + L2TP + UDP + IP

14 L2TP: LAC to LNS security Authentication –CHAP using shared secret Encryption –IPSec User-PPP + L2TP + UDP + IPSec + IP

15 Further Reading Chapter 7 of Broadband network architectures RFC 2661

Download ppt "L2TP Chapter 7. Motivation Sometimes we want to tunnel one protocol over another protocol –Maybe the network does not understand how to forward that protocol."

Similar presentations

Encrypting Wireless Data with VPN Techniques

Encrypting Wireless Data with VPN Techniques
20.1 Chapter 20 Network Layer: Internet Protocol Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

20.1 Chapter 20 Network Layer: Internet Protocol Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
PPPoE Last Update 2011.07.21 1.4.0 Copyright 2000-2011 Kenneth M. Chipps Ph.D. www.chipps.com 1.

PPPoE Last Update Copyright Kenneth M. Chipps Ph.D. 1.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Introducing VPNs.

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Introducing VPNs.
Labcourse “Routerlab”

Labcourse “Routerlab”
1 Chapter 2: Networking Protocol Design Designs That Include TCP/IP Essential TCP/IP Design Concepts TCP/IP Data Protection TCP/IP Optimization.

1 Chapter 2: Networking Protocol Design Designs That Include TCP/IP Essential TCP/IP Design Concepts TCP/IP Data Protection TCP/IP Optimization.
Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206) 217-7048

Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206)
Bay DVPN 0698 1 Dial-in Virtual Private Networking Using Layer 3 Tunneling Gary Malkin Bay Networks Internet Telecom Business Group.

Bay DVPN Dial-in Virtual Private Networking Using Layer 3 Tunneling Gary Malkin Bay Networks Internet Telecom Business Group.
Layer 2 Tunneling Protocol (L2TP)

Layer 2 Tunneling Protocol (L2TP)
IPv6 over xDSL: The DIODOS Proposal Athanassios Liakopoulos Greek Research & Technology Network International IPv6 Workshop, Kopaonik,

IPv6 over xDSL: The DIODOS Proposal Athanassios Liakopoulos Greek Research & Technology Network International IPv6 Workshop, Kopaonik,
Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference Slide: 1 Lesson 4 Point to Point Protocol (PPP)

Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference Slide: 1 Lesson 4 Point to Point Protocol (PPP)
Pseudowire Edge to Edge Emulation FROM THE SERVICE PROVIDER POINT OF VIEW

Pseudowire Edge to Edge Emulation FROM THE SERVICE PROVIDER POINT OF VIEW
W. Mark Townsley townsley@cisco.com Pseudowires and L2TPv3 W. Mark Townsley townsley@cisco.com.

W. Mark Townsley Pseudowires and L2TPv3 W. Mark Townsley
Virtual Private Networks. Why VPN Fast, secure and reliable communication between remote locations –Use leased lines to maintain a WAN. –Disadvantages.

Virtual Private Networks. Why VPN Fast, secure and reliable communication between remote locations –Use leased lines to maintain a WAN. –Disadvantages.
Internet Security CSCE 813 Network Access Layer Security Protocols.

Internet Security CSCE 813 Network Access Layer Security Protocols.
Softwires Hub & Spoke using L2TPv3

Softwires Hub & Spoke using L2TPv3
DSL Access Architectures and Protocols. xDSL Architecture.

DSL Access Architectures and Protocols. xDSL Architecture.
WAN Technologies Dial-up modem connections Cheap Slow

WAN Technologies Dial-up modem connections Cheap Slow
1 Configuring Virtual Private Networks for Remote Clients and Networks.

1 Configuring Virtual Private Networks for Remote Clients and Networks.
Virtual Private Networks (VPN)

Virtual Private Networks (VPN)

Similar presentations

Ads by Google