A technique of inter-networking called Tunneling is used when source and destination networks of the same type are to be connected through a network of different types. Tunneling uses a layered protocol model such as those of the OSI or TCP/IP protocol suite.
So, in other words, when data moves from host A to B it covers all the different levels of the specified protocol (OSI, TCP/IP, etc.) while moving between different levels, data conversion (Encapsulation) to suit different interfaces of the particular layer is called tunneling.
For example, let us consider an Ethernet to be connected to another Ethernet through a WAN as:
TunnelingThe task is sent on an IP packet from host A of Ethernet-1 to host B of Ethernet-2 via a WAN.
Steps
- Host A constructs a packet that contains the IP address of Host B.
- It then inserts this IP packet into an Ethernet frame and this frame is addressed to the multiprotocol router M1
- Host A then puts this frame on Ethernet.
- When M1 receives this frame, it removes the IP packet, inserts it in the payload packet of the WAN network layer packet, and addresses the WAN packet to M2. The multiprotocol router M2 removes the IP packet and sends it to host B in an Ethernet frame.
How Does Encapsulation Work?
Data travels from one place to another in the form of packets, and a packet has two parts, the first one is the header which consists of the destination address and the working protocol and the second thing is its contents.
In simple terminology, Encapsulation is the process of adding a new packet within the existing packet or a packet inside a packet. In an encapsulated packet, the header part of the first packet is remain surrounded by the payload section of the surrounding packet, which has actual contents.
Why is this Technique Called Tunneling?
In this particular example, the IP packet does not have to deal with WAN, and the host's A and B also do not have to deal with the WAN. The multiprotocol routers M1 and M2 will have to understand IP and WAN packets. Therefore, the WAN can be imagined to be equivalent to a big tunnel extending between multiprotocol routers M1 and M2 and the technique is called Tunneling.
Types of Tunneling Protocols
- Generic Routing Encapsulation
- Internet Protocol Security
- Ip-in-IP
- SSH
- Point-to-Point Tunneling Protocol
- Secure Socket Tunneling Protocol
- Layer 2 Tunneling Protocol
- Virtual Extensible Local Area Network
1. Generic Routing Encapsulation (GRE)
Generic Routing Encapsulation is a method of encapsulation of IP packets in a GRE header that hides the original IP packet. Also, a new header named delivery header is added above the GRE header which contains the new source and destination address.
GRE header act as a new IP header with a Delivery header containing a new source and destination address. Only routers between which GRE is configured can decrypt and encrypt the GRE header. The original IP packet enters a router, travels in encrypted form, and emerges out of another GRE-configured router as the original IP packet as they have traveled through a tunnel. Hence, this process is called GRE tunneling.
2. Internet Protocol Security (IPsec)
IP security (IPSec) is an Internet Engineering Task Force (IETF) standard suite of protocols between 2 communication points across the IP network that provide data authentication, integrity, and confidentiality. It also defines the encrypted, decrypted, and authenticated packets. The protocols needed for secure key exchange and key management are defined in it.
3. IP-in-IP
IP-in-IP is a Tunneling Protocol for encapsulating IP packets inside another IP packet.
4. Secure Shell (SSH)
SSH(Secure Shell) is an access credential that is used in the SSH Protocol. In other words, it is a cryptographic network protocol that is used for transferring encrypted data over the network. It allows you to connect to a server, or multiple servers, without having to remember or enter your password for each system which is to log in remotely from one system to another.
5. Point-to-Point Tunneling Protocol (PPTP)
PPTP or Point-to-Point Tunneling Protocol generates a tunnel and confines the data packet. Point-to-Point Protocol (PPP) is used to encrypt the data between the connection. PPTP is one of the most widely used VPN protocols and has been in use since the early release of Windows. PPTP is also used on Mac and Linux apart from Windows.
.png)
Point-to-Point Tunneling Protocol (PPTP)6. Secure Socket Tunneling Protocol (SSTP)
A VPN protocol developed by Microsoft that uses SSL to secure the connection, but only available for Windows.
7. Layer 2 Tunneling Protocol (L2TP)
L2TP stands for Layer 2 Tunneling Protocol, published in 2000 as proposed standard RFC 2661. It is a computer networking protocol that was designed to support VPN connections used by an Internet service provider (ISP) to enable VPN operation over the Internet. L2TP combines the best features of two other tunneling protocols- PPTP(Point-to-Point Tunneling Protocol) from Microsoft and L2F(Layer 2 Forwarding) from Cisco Systems.
8. Virtual Extensible Local Area Network (VXLAN)
Virtual Extensible Local Area Network is short called VXLAN. It is a network virtualization technology that stretches layer 2 connections over layer 3 networks by encapsulating Ethernet frames in a VXLAN packet which includes IP addresses to address the scalability problem in a more extensible manner.
What is SSL Tunneling?
SSL Tunneling involves a client that requires an SSL connection to a backend service or secures a server via a proxy server. This proxy server opens the connection between the client and the backend service and copies the data to both sides without any direct interference in the SSL connection.
SSL Tunneling
Similar Reads
DNS Tunneling
DNS Tunneling is a type of Cyber Attack that encrypts data from other programs or protocols in DNS queries and responses. DNS tunneling frequently contains data payloads, which can be loaded onto an attacked DNS server and used to manage a remote server and applications. The Domain Name System (DNS)
5 min read
CCNA Tutorial for Beginners
This CCNA Tutorial is well-suited for the beginner as well as professionals, and It will cover all the basic to advanced concepts of CCNA like Components of Computer Networking, Transport Layer, Network Layer, CCNA training, Cisco Networking, Network Design, Routing and Switching, etc. which are req
8 min read
Computer Network Tutorial
A Computer Network is a system where two or more devices are linked together to share data, resources and information. These networks can range from simple setups, like connecting two devices in your home, to massive global systems, like the Internet. Below are the main components of a computer netw
7 min read
Types of VPN Tunneling
Tunneling is the technique of putting an integrated data packet into another packet (which contains routing information) and sending it over the internet. The packets travel through a path which is known as tunnel. To secure a tunneled transmission against interception, all traffic over a VPN is enc
2 min read
Onion Routing
Onion routing is a technique for anonymous communication over a computer network. In an onion network, messages are encapsulated in layers of encryption, analogous to layers of an onion. There is a large set of preventive measures and best practices to make web browsing safer and more secure for use
10 min read
Introduction to Remote Login
Remote Login is a process in which user can login into remote site i.e. computer and use services that are available on the remote computer. With the help of remote login a user is able to understand result of transferring and result of processing from the remote computer to the local computer. Figu
2 min read
Distance Vector Routing (DVR) Protocol
Distance Vector Routing (DVR) Protocol is a method used by routers to find the best path for data to travel across a network. Each router keeps a table that shows the shortest distance to every other router, based on the number of hops (or steps) needed to reach them. Routers share this information
5 min read
NAT Hole Punching in Computer Network
Prerequisite - Network Address Translation (NAT) What is NAT hole punching ? The main restriction or disadvantage for a Device under a NAT is that it cannot accept outbound connections. And if any such attempt is made a NAT makes sure that the message reaches the trash can. This restriction is overc
3 min read
Configuring RIP Static Neighbors
Routing Information Protocol (RIP) is a dynamic routing protocol that uses hop count as a routing metric to find the best path between the source and the destination network. It is a distance-vector routing protocol that has an AD value of 120 and works on the Network layer of the OSI model. RIP use
3 min read
Introduction to Netcat
Netcat or NC is a utility tool that uses TCP and UDP connections to read and write in a network. It can be used for both attacking and security. In the case of attacking. It helps us to debug the network along with investigating it. It runs on all operating systems. Getting Started with Netcat To st
3 min read