Download at WoweBook.Com in Software Generation QR in Software Download at WoweBook.Com

Download at WoweBook.Com using software togenerate qr code iso/iec18004 with web,windows application GS1 Barcode Types VPN Virtual Private Network Tunneling and overhead We have already learned Software qr bidimensional barcode that VPN technology is often called tunneling because the data in a VPN connection is protected from the Internet, as the walls of a road or rail tunnel protect the traffic in the tunnel from the weight of stone of the mountain above. Let"s now have a closer look at how the VPN software does this..

The Internet The VPN software in the Software Denso QR Bar Code locations A and B encrypts (locks) and decrypts (unlocks) the data and sends it through the tunnel. Like cars or trains in a tunnel, the data cannot go anywhere else but to the other tunnel endpoint (if they are properly routed). The following are put together and wrapped into one new package: Tunnel information (such as the address of the other endpoint) Encryption data and methods The original IP packet (or network frame).

The new package is then sent to the other tunnel endpoint. The payload of this package now holds the complete IP packet (or network frame), but in an encrypted form. Therefore it is not readable to anyone who does not possess the right key.

The new header of the packet simply contains the addresses of the sender, recipient, and other metadata that is necessary for and provided by the VPN software that is used. Perhaps you have noticed that the amount of data that is sent grows during the process of "wrapping". Depending on the VPN software used, this so-called overhead can become a very important factor.

The overhead is the difference between the net data that is sent to the tunnel software and the gross data that is sent through the tunnel by the VPN software. If a file of 1MB is sent from user A to user B, and this file causes 1.5MB traffic in the tunnel, then the overhead would be 50%, a very high level indeed (note that every protocol that is used causes overhead, so not all of that 50% might be the fault of the VPN solution.

). The overhead caused by the VPN software depends on the amount of organizational (meta-) data and the encryption used. Whereas the first depends only on the VPN software used, the latter is simply a matter of choice between security and speed.

In other words, the better the cipher you use for encryption, the more overhead you will produce. Speed versus security is your choice..

[ 16 ]. Download at WoweBook.Com 1 . Tunnel Information Header Data Header Header Data Data VPN concepts overview During the last ten yea rs, many different VPN concepts have evolved. You may have noticed that I added "network frames" in parenthesis when I spoke of tunneling IP packets. This was necessary because, in principle, tunneling can be done on almost all layers of the OSI model.

. A proposed standard for tunneling The General Routing Enc apsulation (GRE) provides a standard for tunneling data, which was defined in 1994 in Request for Comments (RFCs) 1701 and 1702, and later in RFCs 2784 and 2890. Perhaps because this definition is not a protocol definition, but more or less a standard proposal on how to tunnel data, this implementation has found its way into many devices and has become the basis for other protocols. The concept of GRE is pretty simple.

A protocol header and a delivery header are added to the original packet, and its payload is encapsulated in the new packet. If no encryption is done, then GRE offers no security. The advantages of this model are obvious the simplicity offers many possibilities: the transparency enables administrators and routers to look inside the packets and pass decisions based on the type of payload that has been sent.

By doing so, special applications can receive privileged treatment by traffic shaping or similar methods. There are many implementations for GRE tunneling software under Linux. Only kernel support is necessary, which is fulfilled by most modern distributions.

Due to its flexibility, GRE can also be used in scenarios where IPv4- and IPv6-networks collide, or for tunneling Netware"s or Apple"s protocols. GRE is assigned the IP protocol number 47..

[ 17 ].
Copyright © . All rights reserved.