COURSEWORK 1

Tunnelling Protocols

B00297486
COMP09022 Network Design

COMP09022 Network Design

Coursework 1

B00297486

Table of Contents
1. Executive Summary ............................................................................................. 2
2. Introduction .......................................................................................................... 3
3. Statement of Methodology ................................................................................... 4
4. Why is Tunnelling used ........................................................................................ 5
5. Tunnelling Protocols ............................................................................................ 6
5.1

Layer 2 Tunnelling Protocol........................................................................... 6

5.2

Point to Point Tunnelling Protocol ................................................................. 7

5.3

Layer 2 Forwarding Protocol ......................................................................... 8

6. Conclusion ......................................................................................................... 10
References ............................................................................................................... 11

Page 1 of 11

COMP09022 Network Design

Coursework 1

B00297486

1. Executive Summary
The aim of this report is to review various Tunnelling Protocols, why they are used
and how they may be linked to other Tunnelling Protocols, and to explain why they
have been developed. The report also describes standardised Tunneling Protocols
and why one protocol may be used over another

Page 2 of 11

COMP09022 Network Design

Coursework 1

B00297486

2. Introduction
The purpose of this report is to describe some tunnelling protocols, why tunnelling is
used, to explain why they have been developed and to also explain the reason why
one protocol is used over another. In this report, each protocol examined will give
information on the protocol, and explain why tunnelling is used, and why it may be
necessary.

Page 3 of 11

COMP09022 Network Design

Coursework 1

B00297486

3. Statement of Methodology
In order to carry out this report, various sources were reviewed. These texts were
analysed to provide an understanding of various standardised Tunnelling Protocols
and why they are used.

Page 4 of 11

COMP09022 Network Design

Coursework 1

B00297486

4. Why is Tunnelling used

To understand why tunnelling is used, it is necessary to know what tunnelling is.
Tunnelling is a protocol that allows data to be sent from the host computer, to a
remote computer on another network. This allows the data to be sent over the Public
Internet through encapsulation. A company no longer has to lease private lines for
Wide Area Networking. Tunnelling also allows for the data to be encrypted for secure
transmission, depending on what protocol is used. Tunneling is a process of
encapsulating an entire data packet as the payload within a second packet, which is
understood by the network and both end points. Depending on the protocols used,
the new payloadthe original packetcan be encrypted. (eTutorials.org, 20082015)
Tunnelling can be used for connecting two or more networks that do not have a
routing path to each other, tunnelling can also be used to connect IPv6 and IPv4
networks together. When using tunnelling, most protocols support data compression,
therefore, this reduces the amount of packets that need to be sent.
Another reason that tunnelling may be used, is to bypass firewalls. This is due to it
enclosing blocked protocols within another protocol that the firewall lets through.
Tunnelling is used to send data, across a network, that normally would not be able to
support the original protocol. For example, sending data using NetBEUI, this protocol
is non routable, the packet is then encapsulated within another protocol, this would
be in the data portion of the second protocol, such as PPTP.
Although the protocols are referred to as tunnelling protocols, there is no actual
tunnel between the devices, it refers to data being sent via a non-secure
environment, such as the Internet, without the fear of data being looked at or
changed by a third party.
The protocols in this report all work at layer 2, Data Link Layer, of the Open Systems
Interconnection (OSI) model.

Page 5 of 11

COMP09022 Network Design

Coursework 1

B00297486

5. Tunnelling Protocols
There are several tunnelling protocols, three of which are detailed below, Layer 2
Tunnelling Protocol (L2TP), Point to Point Tunnelling Protocol (PPTP) and Layer 2
Forwarding Protocol (L2F).
All three are linked in some way, PPTP was developed by Microsoft, Cisco realised
there was some absences within the protocol, so set about to improve it. This led to
L2F being developed. Then working with IETF, L2TP was developed. Looking at the
protocols, L2TP would seem to be the most secure of all three protocols. They all
use PPP to send data from one point to the other.

5.1 Layer 2 Tunnelling Protocol

Layer 2 Tunnelling Protocol (L2TP) was developed within the Internet
Engineering Task Force (IETF). It was developed by Microsoft (from Microsofts
Point to Point Tunnelling Protocol) and Cisco (from Ciscos Layer 2 Forwarding
Protocol). Cisco started the development as the company had recognised
absences in PPTP. This led to the development initially of the Layer 2 Forwarding
Protocol. So in essence, L2TP is closely linked to both PPTP and L2F
The full details of L2TP can be found in Request for Comments (RFC) 2661.
As stated in RFC2661 L2TP utilizes two types of messages, control messages
and data messages. Control messages are used in the establishment,
maintenance and clearing of tunnels and calls. Data messages are used to
encapsulate PPP frames being carried over the tunnel. Control messages utilize
a reliable Control Channel within L2TP to guarantee delivery (see section 5.1 for
details). Data messages are not retransmitted when packet loss occurs.
(Townsley, et al., 1999)
L2TP is compatible with Remote Authentication Dial-In User Service (RADIUS),
which is a server that allows for remote user authentication and is used by most
Internet Service Providers (ISP).
L2TP uses PPP to encapsulate frames. To allow this protocol to send secure
data, it can be combined with Internet Protocol Security (IPsec). IPsec allows the
packets being sent to be authenticated and encrypted, thus making L2TP a
secure protocol to use. The data that is tunnelled through the protocol uses UDP,
and as such the port 1701 may have to be opened up in the firewall to allow
these frames through.

Page 6 of 11

COMP09022 Network Design

Coursework 1

B00297486

Figure 1 L2TP Packet Construction (Infocellar, Unknown)

5.2 Point to Point Tunnelling Protocol

Point to Point Tunnelling Protocol (PPTP) was developed by Microsoft, US
Robotics and other companies. This was known as the PPTP Forum. The
protocol was developed as there was a need to secure data being sent from a
remote client to a corporate network, as data was being sent over the Internet
which is essentially an open network. This was a new technology when it was
developed.
Full details of this protocol can be seen in RFC2637
Point to Point Tunneling Protocol (PPTP) is a network protocol that enables the
secure transfer of data from a remote client to a private enterprise server by
creating a PPP tunnel across TCP/IP-based data networks. (Technology, 2003)
Point to point refers to the created connection. It uses one point usually the users
computer, to connect to another specific point, usually the remote network, by
way of using the Internet. Tunnelling part refers to the way in which one protocol
is encapsulated within another protocol, with PPTP, this is encapsulated within
the TCP/IP Protocol. This shows as a direct link between the two points,
therefore creating a secure connection. (Christensson, 2006)

Page 7 of 11

COMP09022 Network Design

Coursework 1

B00297486

Figure 2 PPTP Process (Microsoft, 2016)

PPTP uses an improved Generic Routing Encapsulation (GRE). This allows for
flow control and the control of congestion encapsulated datagram which carried
PPP packets, this permits the efficient use of bandwidth.
As stated in RFC2637, The PPTP protocol is implemented only by the PAC and
PNS. No other systems need to be aware of PPTP. (Hamzeh, et al., 1999)
PPTP uses the same encryption as PPP. This can include Extensible
Authentication Protocol (EAP), Shiva Password Authentication Protocol (SPAP),
Password Authentication Protocol (PAP) and Microsoft Challenge-Handshake
Authentication Protocol (MS-CHAP)

5.3 Layer 2 Forwarding Protocol

Layer 2 Forwarding (L2F) Protocol is a protocol developed by Cisco Systems,
and is found in Cisco routers through the Internetwork Operating System (IOS),
full details can be found in RFC2341. This protocol was developed to try and
enhance Microsofts PPTP protocol. Layer 2 Forwarding is media independent, in
that it can be used over Ethernet, Fibre etc. L2F runs in conjunction with other
protocols such as PPP or Serial Line Internet Protocol (SLIP). L2F can be used
with user authentication such as Remote Authentication Dial-In User Service
(RADIUS), as well as other features such as quality of service (QoS).
When L2F uses PPP, the protocol PPP connects the client to the Network
Access Server (NAS), this is usually the Internet Service Provider (ISP). L2F
allows this connection to go further than the ISP, to the destination required. The
L2F protocol does not provide encryption on its own, but relies on the protocol
that is being tunnelled such as PPP. As seen in RFC2341, once the packet is
encapsulated is contains the L2F header, the payload (PPP/SLIP) and can
optionally contain L2f checksum.
Page 8 of 11

COMP09022 Network Design

Coursework 1

B00297486

L2F supports Multiplexing, Multiplexing is the process in which multiple Data

Streams, coming from different Sources, are combined and Transmitted over a
Single Data Channel or Data Stream. (Macao., 2015)

Figure 3 - Multiplexing (THAKUR, Unknown)

Page 9 of 11

COMP09022 Network Design

Coursework 1

B00297486

6. Conclusion
In conclusion, although there are a few tunnelling protocols, the above three
protocols would seem to be the most commonly used. The protocol that seems to be
the favoured is Layer 2 Tunnelling Protocol, as L2TP uses PPP and can be used
with IPsec to authenticate and encrypt each packet.

Page 10 of 11

COMP09022 Network Design

Coursework 1

B00297486

References
Christensson, P., 2006. PPTP Definitions. [Online]
Available at: http://techterms.com/definition/pptp
[Accessed 06th March 2016].
eTutorials.org, 2008-2015. Tunnelling Protocols. [Online]
Available at:
http://etutorials.org/Networking/Cisco+Certified+Security+Professional+Certification/
Part+III+Virtual+Private+Networks+VPNs/Chapter+9+Cisco+IOS+IPSec+Introductio
n/Tunneling+Protocols/
[Accessed 03rd March 2016].
Hamzeh, K. et al., 1999. RFC2637. [Online]
Available at: https://www.ietf.org/rfc/rfc2637.txt
[Accessed 06th March 2016].
Infocellar, Unknown. Tunneling Protocols. [Online]
Available at: http://www.infocellar.com/networks/IPVPN/Tunneling-Protocols.htm
[Accessed 06th March 2016].
Macao., C. M. o., 2015. Multiplexing and Demultiplexing. [Online]
Available at:
http://macao.communications.museum/eng/exhibition/secondfloor/MoreInfo/2_8_6_
Multiplexing.html
[Accessed 14th March 2016].
Microsoft, 2016. Point-To-Point Tunnelling Protocol. [Online]
Available at: https://technet.microsoft.com/en-us/library/cc958045.aspx
[Accessed 06th March 2016].
Technology, A., 2003. Addpac PPTP. [Online]
Available at: http://www.addpac.com/addpac_kor2015/files/PPTP.pdf
[Accessed 06th March 2016].
THAKUR, D., Unknown. Multiplexing - What is Multiplexing ?Explain its Multiplexing
Methods. [Online]
Available at: http://ecomputernotes.com/computernetworkingnotes/multipleaccess/multiplexing-what-is-multiplexing-explain-its-multiplexing-methods
[Accessed 14th March 2016].
Townsley, W. et al., 1999. RFC2661. [Online]
Available at: https://tools.ietf.org/html/rfc2661
[Accessed 06th Month 2016].

Page 11 of 11