Tunneling protocol
From Wikipedia, the free encyclopedia
| Internet protocol suite |
| 5. Application layer |
|
DHCP • DNS • FTP • HTTP • IMAP4 • IRC • MIME • POP3 • SIP • SMTP • SNMP • SSH • TELNET • TLS/SSL • RPC • RTP • SDP • SOAP • … |
| 4. Transport layer |
| 3. Network layer |
| 2. Data link layer |
|
ATM • Bluetooth (PAN-Profile) • Ethernet • FDDI • Frame Relay • GPRS • Modems • PPP • Wi-Fi • … |
| 1. Physical layer |
|
Bluetooth RF • Ethernet physical layer • ISDN • Modems • RS232 • SONET/SDH • USB • Wi-Fi • … |
A tunneling protocol is a network protocol which encapsulates one protocol or session inside another. Protocol A is encapsulated within protocol B, such that A treats B as though it were a data link layer. Tunneling may be used to transport a network protocol through a network which would not otherwise support it. Tunnelling may also be used to provide various types of VPN functionality such as private addressing.
Examples include:
Datagram-based:
- L2TP (Layer 2 Tunneling Protocol)
- MPLS (Multi-Protocol Label Switching)
- GRE (Generic Routing Encapsulation)
- GTP (GPRS Tunnelling Protocol)
- PPTP (Point-to-Point Tunneling Protocol)
- PPPoE (point-to-point protocol over Ethernet)
- PPPoA (point-to-point protocol over ATM)
- IP in IP Tunneling (RFC 1853)
- IPsec
- IEEE 802.1Q (Ethernet VLANs)
- DLSw (SNA over IP)
- XOT (X.25 datagrams over TCP)
- 6to4 (IPv6 over IPv4 as protocol 41)
- Teredo (IPv6 over UDP over IPv4)
- Anything In Anything (AYIYA; e.g. IPv6 over UDP over IPv4, IPv4 over IPv6, IPv6 over TCP IPv4, etc.)
Stream-based:
Contents |
[edit] SSH tunneling
SSH is frequently used to tunnel insecure traffic over the Internet in a secure way. For example, Windows machines can share files using the SMB protocol, which is not encrypted. If you were to mount a Windows filesystem remotely through the Internet, someone snooping on the connection could see your files.
So to mount a SMB file system securely, one can establish an SSH tunnel that routes all SMB traffic to the fileserver inside an SSH-encrypted connection. Even though the SMB traffic itself is insecure, because it travels within an encrypted connection it becomes secure.
[edit] Tunneling to bypass firewalls
Tunneling can also be used to bypass a system firewall. In this case, firewall-blocked data is encapsulated inside a commonly allowed protocol such as HTTP. One example of this type of use is HTTP-Tunnel.
[edit] See also
[edit] References
This article was originally based on material from the Free On-line Dictionary of Computing, which is licensed under the GFDL.
