(Page 1 of 2)
Tunneling is the process of encapsulating a protocol within packets carried by a lower-level network, to provide a virtual point-to-point connection. For example, many VPNs run over TCP/IP networks, embedding another TCP/IP networks traffic, sometimes using a completely different host addressing scheme such as NAT, within the outer networks packets.
In many cases, the complete packet traveling on the virtual network is placed into the data area of the physical networks packets, just as with any other application. The lower layers of the outer network are not even aware that another networks traffic is piggybacking over them.
Tunneling can provide an authenticated, encrypted, tamper-resistant channel of communication over the Internet, between two points, as we discussed in section 2.1 on Remote Access protocols and technologies.
Tunneling software takes care of encapsulating the packets for transmission, and then receiving and decoding them at the other end of the tunnel and placing them onto the local network as if they had originated there. It can exist at various network layers, such as OSI layers 2 and 3, or higher application layers.
Home - Table Of Contents - Contact Us
CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004
Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.