1 / 8

Understanding “Virtual” Networks

Understanding “Virtual” Networks. J.J. Ekstrom Fall 2011. Payload. Pad. Dest MAC. Source Mac. Ether type > 1500. Ether CRC. Understanding VLANs, Tunnels and VPNs. Ethernet II packet. 802.3 packet. Link to: IANA EtherType List. Dest MAC. Source Mac. Len < 1500. Payload. Pad.

rodd
Download Presentation

Understanding “Virtual” Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Understanding “Virtual” Networks J.J. Ekstrom Fall 2011

  2. Payload Pad Dest MAC Source Mac Ether type > 1500 Ether CRC Understanding VLANs, Tunnels and VPNs Ethernet II packet 802.3 packet Link to: IANA EtherType List Dest MAC Source Mac Len < 1500 Payload Pad Ether CRC VLANs separate Traffic, but access to wire gives access to data. 802.1p/Q packet Dest MAC Source Mac 0x8100 VLAN Tag 4bits priority 12 bits VLAN # Old Ether type Payload Pad Ether CRC VLAN Tag

  3. Payload Payload Pad Pad Dest MAC Dest MAC Dest MAC Dest MAC Source Mac Source Mac Source Mac Source Mac IP Ether type > 1500 Ether type > 1500 IP Ether CRC Ether CRC VPN not Necessarily Secure LTTP packet (Layer 2 Tunneling Protocol) IP Header/ UDP Payload Ether CRC LTTP packet (Layer 2 Tunneling Protocol) IP Header/ UDP Payload Ether CRC However payload can be encrypted which reveals pipe but not the contents

  4. Payload Pad Dest MAC Source Mac Ether type > 1500 Ether CRC MPLS: VLANS on the WAN Ethernet II packet MPLS Label Takes off Label and decrypts if necessary Puts on Label Edge Router Label Switch Router Edge Router Edge Router Label Switch Router Label Switch Router Label Switch Router Label Switch Router Label Switch Router Label Switch Router Can encrypt for security Label Switch Router Just uses Label Edge Router

  5. MPLS Mappings • VLAN tag to MPLS Label • IP subnet to MPLS Label • IP Destination subnet to MPLS Label • Can be different depending on content. • Encrypt some packets not others.

  6. Tunneling (SSL) • Treating a stream like a wire. • SSL (Secure Sockets Layer) • OpenSSL has tunneling built in. • In on local port tunneled to destination IP and port. • Travels through a virtual wire on port 80 • Looks like http traffic

  7. Virtual Private Networks • Typically Encrypted • Encapsulate a packet in another protocol’s payload.

  8. Generalizations • VPN, VLANs, MPLS, L2TP are all variations on a theme of “tunnel” • Tunnels can be used for various things: • Routing simplification • Encryption • Traffic management • …

More Related