IP tunnel

From Wikipedia, the free encyclopedia

IP tunnelling is the process of embedding one IP packet inside of another, for the purpose of simulating a physical connection between two remote networks across an intermediate network.

IP tunnels are often used in conjunction with IPSec protocol to create a VPN between two or more remote networks across a public network such as the Internet.

[edit] How it works

Diagram describing IP tunnelling
Diagram describing IP tunnelling

The point behind an IP tunnel is to carry existing IP packets across said tunnel inside of IP packets destined for the tunnel endpoints. When a packet reaches either endpoint, the tunnel's IP header and any additional tunnel headers are stripped off, and the original IP packet is injected into the IP stack of the tunnel endpoint.

The encapsulation is done by adding an outer IP header before the original IP header. Between them are any other headers for the path, such as security headers specific to the tunnel configuration.

Internet protocol 4, sometimes called ipencap or IP within IP, is a concrete example of IP encapsulation within IP and is described by RFC 2003.

IP tunnel will generally bypass any firewall with ease. IP tunneling or IP encapsulation is a technique to encapsulate IP datagram within IP datagrams, which will allow datagrams destined for one IP address to be wrapped and redirected to another IP address.

[edit] References

Languages