Why Do We Use Tunnelling Protocols

Published Date: 02 Nov 2017

Tunnelling Protocols

Network Design Report

Introduction

The following report will give a clear understanding of why tunnelling protocols are used and why tunnelling is essential within transmitting data. I will describe in detail three common protocols L2TP, PPTP and SSTP. I will also state the similarities between each of these and describe their advantages and disadvantages and then compare each of them to one another in factors such as security, reliability and flexibility.

Tunnelling is a word used to describe the transmission of data through encapsulation of one protocol onto another between different networks.

http://www.secpoint.com/what-is-tunneling-protocol.html

Why Do We Use Tunnelling Protocols?

Tunnelling is used to aid a specific protocol to navigate to its destination by the use of another protocol. Tunnelling uses the Data Link Layer in order to exchange data and ensure no errors occur during transmission. This works by also communicating and working with the Network Layer this is known as the OSI model (Figure 1). Tunnelling securely transmits packets of data which then gets put into frames directly between two main points over the tunnel, this is known as encapsulation. Within encapsulation one protocol is placed inside another protocol enabling it to be hidden across the network. While this protocol is hidden it can then be transported across an unsecure network. Without tunnelling protocols it would be difficult to transmit data through certain unsecured networks. Tunnelling protocols are very safe and secure when dealing with suspicious and threatening looking networks.

http://books.google.co.uk/books?id=UD0h_GqgbHgC&pg=PA338&dq=what+are+tunnelling+protocols&hl=en&sa=X&ei=VbMzUfXHD8KL0AXh7oHgBw&ved=0CDcQ6AEwAA#v=onepage&q=what%20are%20tunnelling%20protocols&f=false

http://books.google.co.uk/books?id=On_Hh23IXDUC&pg=PA176&dq=encapsulation+networking&hl=en&sa=X&ei=U-hGUYCEF4aW0QXI3oDACg&ved=0CDsQ6AEwAA#v=onepage&q=encapsulation%20networking&f=false

Figure 1 – OSI model

http://www.google.co.uk/search?hl=en&q=OSI%20model&bav=on.2,or.&bvm=bv.43828540,d.d2k&biw=1280&bih=906&wrapid=tlif136359989376211&safe=active&um=1&ie=UTF-8&tbm=isch&source=og&sa=N&tab=wi&ei=dOJGUejYPMOw0QWZmIGAAw#imgrc=v0jZQUfY4unCOM%3A%3BiXTBBaAl-dcQgM%3Bhttp%253A%252F%252F0.tqn.com%252Fd%252Fcompnetworking%252F1%252FG%252F2%252F1%252Fosimodel.gif%3Bhttp%253A%252F%252Fcompnetworking.about.com%252Fcs%252Fdesignosimodel%252Fa%252Fosimodel.htm%3B160%3B161

Tunnelling Protocols

L2TP

L2TP (Layer 2 Tunnelling Protocol) is one of the most popular protocols which uses a VPN (Virtual Private Network). It enables you to connect to many different networking devices from a remote location, also known as a VPN (Virtual Private Network). L2TP is based off of another protocol called PPTP (Point to Point Tunnelling Protocol); I will also explain this protocol further on in the report and another protocol called L2F (Layer 2 Forwarding). This is how L2TP got its name. L2TP is quite similar to PPTP as it shares the same features and supported protocols as PPTP.

http://books.google.co.uk/books?id=ydKQ4YKc_xsC&pg=PA290&dq=advantages+of+l2tp&hl=en&sa=X&ei=lMw0UZrsD4aM0AWKnYDIAw&ved=0CEIQ6AEwAw#v=onepage&q=advantages%20of%20l2tp&f=false

http://books.google.co.uk/books?id=ydKQ4YKc_xsC&printsec=frontcover&dq=l2tp&hl=en&sa=X&ei=h4s3Ud6YB6mn0AXFxYG4CA&ved=0CDQQ6AEwAQ#v=onepage&q=l2tp&f=false

Reasons for First

L2TP is very secure when transmitting data to the receiver. This is because it uses IPSec (Internet Protocol Security). One of the main benefits of using L2TP protocol is that it involves an authentication process, meaning no one else can gain access to that transmission being sent. This makes the protocol a safe and reliable connection. Although this can be considered an advantage it means the large requirement of security measures can slow the network service down slightly. L2TP works with UDP (User Datagram Protocol) which manages and controls the tunnelling. UDP is based on a fast speed connection, this can benefit L2TP but UDP does not support flow or traffic congestion. UDP is also ‘firewall friendly’ meaning no conflicts will take place between the connection and firewall.

L2TP also has the benefit of flexibility for example it allows packet switching within the network. By allowing this it means data packets that belong to one message can be given different paths routes along the network. Although this may cause the packets to be in the wrong order they were sent it also sorts them into the correct order when they arrive at the destination.

http://www.squidoo.com/advantages-and-disadvantages-of-vpn-protocols

http://www.pcmag.com/encyclopedia_term/0,1237,t=packet+switching&i=48751,00.asp

PPTP

PPTP (Point-to-Point Tunnelling Protocol) is a well known protocol introduced by Microsoft. PPTP can only run on Microsoft OS platforms such as Windows which means it is quite limited compared to L2TP. Both PPTP and L2TP use the same layer of the OSI; Layer 2. It also uses VPN to deal with the transmission of data safely and securely. PPTP allows for a user using a computer from a different location to access a remote network by the use of the internet. PPTP was developed from PPP (Point-to-Point Protocol) which was used as a dial up connection. PPTP is used by encapsulating PPP frames into IP packets which then encrypts data and transports them through the internet; TCP is used for this connection (Transmission Control Protocol). TCP handles any complications that may occur with a connection.

http://www.techterms.com/definition/pptp

http://books.google.co.uk/books?id=wF0gSwveiW8C&pg=PA307&dq=PPTP+tunneling+protocol&hl=en&sa=X&ei=0gc5Uc-NIMaLOe_agYgP&ved=0CFUQ6AEwBQ#v=onepage&q=PPTP%20tunneling%20protocol&f=false

PPTP uses improved GRE (General Routing Encapsulation) which helps with traffic congestion which allows for a flowing pathway. Although GRE is encapsulated within PPTP it is incompatible when using other protocols. http://books.google.co.uk/books?id=UmotqEirVDQC&pg=PA148&dq=PPTP+GRE&hl=en&sa=X&ei=sA85UbiWEISsOunagMAB&ved=0CD4Q6AEwAg#v=onepage&q=PPTP%20GRE&f=false

Reasons for Second

PPTP has a faster VPN connection as it uses less CPU processing to encrypt data unlike L2TP. This can benefit PPTP but also comes with a downfall as this then means that although the connection is increased it lacks the use of VPN security compared to L2TP. This means that although the security is minimal it is a lot simpler to configure as it does not provide an authentication process and is also easier to use.

Operating systems such as Windows, Mac and Linux are all supported by PPTP which means it is a popular choice when choosing a protocol.

http://www.goldenfrog.com/vyprvpn/pptp-vs-l2tp-vs-openvpn

Summarize Section 1

L2TP and PPTP share very similar features but both have their own benefits. L2TP is secure due to the use of IPSec, this has a big advantage in comparison to PPTP as encryption and authentication ensures all transmissions remain private and safe. As PPTP does not provide authentication it reduces the security meaning it could be intercepted by others and the data could be seen. L2TP also benefits by allowing packet switching unlike PPTP. Although L2TP seems like an ideal choice it also has its downfalls. This includes the configuration process as the authentication process can cause complications. This can cause a slow VPN connection as the security measures are high. PPTP has a much higher VPN connection in comparison to L2TP as encryption is not essential within PPTP which means the configuration process is more easily carried out as PPTP does not support encryption or authentication.

Although L2TP comes with more complications when configuring such as authentication process compared to PPTP it has many benefits and overall outweighs all other protocols on features such as scalability, flexibility and reliability. In my opinion I feel L2TP is the better choice due to its advanced features and security measures it offers.

SSTP

SSTP (Secure Socket Tunnelling Protocol) is the newest protocol which has been introduced. It also uses VPN in order to connect to a network from a remote location. It tunnels through web proxies, routers and firewalls with the use of NAT (Network Address Translation) this does not allow L2TP/IPSec or PPTP traffic to pass through the network. http://books.google.co.uk/books?id=apxKM0Bpj8QC&pg=PA56&dq=SSTP+protocol&hl=en&sa=X&ei=aypDUYfyJoW_0QW2p4CYBw&ved=0CEAQ6AEwAQ#v=onepage&q=SSTP%20protocol&f=false

SSTP encapsulates PPP packets over an SSL channel (Secure Socket Layer) which then forwards them on to a HTTP security connection. With the use of HTTPS it allows a more stable VPN connection. http://books.google.co.uk/books?id=raOtfK51vLIC&pg=PA202&dq=SSTP+protocol&hl=en&sa=X&ei=aypDUYfyJoW_0QW2p4CYBw&ved=0CEUQ6AEwAg#v=onepage&q=SSTP%20protocol&f=false

SSTP is limited as it can only run on Widows Server 2008 and Vista SP1. This means that it is unable to operate on other systems.http://books.google.co.uk/books?id=BaQFGNZAJ4wC&pg=PT1141&dq=SSTP+protocol&hl=en&sa=X&ei=RS9DUei_CYPN0QWxroGoDw&ved=0CFoQ6AEwBQ

Reasons for Third

SSTP is easily configured as it uses a ‘two step process’ this is ideal for users who are not as knowledgeable within computer networking as the process is more simpler after the initial set up stage. SSTP is mainly used as it is greatly secure due to HTTPS and also increases a solid VPN connection to make it a lot more stable and reliable.

SSTP allows ports to be accessed which would normally be blocked by firewalls or NAT restrictions over a VPN tunnel. SSL is used during this stage meaning it allows a clear pathway through the network without any conflicts or complications.

Although SSTP seems like a good choice of protocol it is restricted as it requires certificates to pass through blocks within network security boundaries.

Summarize Section 2

L2TP, PPTP and SSTP all differ from one another. I feel overall L2TP is the strongest protocol as it offers more useful VPN functions that PPTP and SSTP does not. L2TP is a popular choice of protocol as it was developed from PPTP which means it provides improved features that PPTP offers. Although L2TP does not offer encryption it does rely on IPSec to control all security measures required to ensure all encrypted data is sent across a secure connection which forbids access to unauthorised users so data remains private.

PPTP’s main priority is a reliable fast connection by the use of TCP connection. PPTP would mainly be used for a small office network connection as it can be run on many operating systems. As PPTP does not offer maximum security it means less CPU processing as it can run a faster connection.

SSTP is the most reliable when security is a major requirement as it is by far the safest protocol. This is because it requires a Server Authentication Enhanced Key Usage (EKU) to ensure authentication between both server and client during SSL process. http://books.google.co.uk/books?id=apxKM0Bpj8QC&pg=PA56&dq=sstp+eku&hl=en&sa=X&ei=GSpKUbDlM6am0AXS7IHYBQ&ved=0CDEQ6AEwAA#v=onepage&q=sstp%20eku&f=false

SSTP is known to carry very confidential information

Conclusion

All three protocols that the author has chosen support a VPN connection which provides access to a network. L2TP, PPTP and SSTP are all popular and well known protocols which provide a safe and secure pathway for the transmission of data. Although some protocols provide better features than others they all have their own strengths. Deciding on a suitable VPN protocol to choose depends on what the user requires as an ideal choice of connection. Choices you have to consider when deciding an appropriate protocol are reliability, scalability, flexibility and security.