Presentation is loading. Please wait.

Presentation is loading. Please wait.

Understanding “Virtual” Networks J.J. Ekstrom Fall 2011.

Published byGodwin Elijah Burns Modified over 8 years ago

Similar presentations

Presentation on theme: "Understanding “Virtual” Networks J.J. Ekstrom Fall 2011."— Presentation transcript:

1 Understanding “Virtual” Networks J.J. Ekstrom Fall 2011

2 Understanding VLANs, Tunnels and VPNs Dest MAC0x8100Source Mac Payload Ether CRCDest MAC Old Ether type Source Mac Ethernet II packet 802.3 packet Len < 1500 Payload Ether CRCDest MAC Ether type > 1500 Source Mac Pad 802.1p/Q packet Ether CRC VLAN Tag 4bits priority 12 bits VLAN # Payload Pad Link to: IANA EtherType List VLAN Tag VLANs separate Traffic, but access to wire gives access to data.

3 VPN not Necessarily Secure Payload Ether CRC Dest MACIPSource Mac LTTP packet (Layer 2 Tunneling Protocol) IP Header/ UDP Payload Ether CRCDest MAC Ether type > 1500 Source Mac Pad Payload Ether CRC Dest MACIPSource Mac LTTP packet (Layer 2 Tunneling Protocol) IP Header/ UDP Payload Ether CRCDest MAC Ether type > 1500 Source Mac Pad However payload can be encrypted which reveals pipe but not the contents

4 MPLS: VLANS on the WAN Ethernet II packet Payload Ether CRCDest MAC Ether type > 1500 Source Mac Pad MPLS Label Edge Router Label Switch Router Label Switch Router Label Switch Router Label Switch Router Label Switch Router Label Switch Router Label Switch Router Label Switch Router Puts on Label Takes off Label and decrypts if necessary Just uses Label Can encrypt for security

5 MPLS Mappings VLAN tag to MPLS Label IP subnet to MPLS Label IP Destination subnet to MPLS Label Can be different depending on content. ◦ Encrypt some packets not others.

6 Tunneling (SSL) Treating a stream like a wire. SSL (Secure Sockets Layer) ◦ OpenSSL has tunneling built in. ◦ In on local port tunneled to destination IP and port. ◦ Travels through a virtual wire on port 80 ◦ Looks like http traffic

7 Virtual Private Networks Typically Encrypted Encapsulate a packet in another protocol’s payload.

8 Generalizations VPN, VLANs, MPLS, L2TP are all variations on a theme of “tunnel” Tunnels can be used for various things: ◦ Routing simplification ◦ Encryption ◦ Traffic management ◦ …

Download ppt "Understanding “Virtual” Networks J.J. Ekstrom Fall 2011."

Similar presentations

MPLS: The Magic Behind the Myths Grenville Armitage (author) Scott Crosby (presenter)

MPLS: The Magic Behind the Myths Grenville Armitage (author) Scott Crosby (presenter)
Internetworking II: MPLS, Security, and Traffic Engineering

Internetworking II: MPLS, Security, and Traffic Engineering
Computer Networks20-1 Chapter 20. Network Layer: Internet Protocol 20.1 Internetworking 20.2 IPv4 20.3 IPv6.

Computer Networks20-1 Chapter 20. Network Layer: Internet Protocol 20.1 Internetworking 20.2 IPv IPv6.
1 Teredo - Tunneling IPv6 through NATs Date: 2003-10-31 Speaker: Quincy Wu National Chiao Tung University.

1 Teredo - Tunneling IPv6 through NATs Date: Speaker: Quincy Wu National Chiao Tung University.
OpenFlow overview Joint Techs Baton Rouge. Classic Ethernet Originally a true broadcast medium Each end-system network interface card (NIC) received every.

OpenFlow overview Joint Techs Baton Rouge. Classic Ethernet Originally a true broadcast medium Each end-system network interface card (NIC) received every.
Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206) 217-7048

Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206)
Copyright © 2015 John Wiley & Sons, Inc. All rights reserved. 8-1 FitzGerald ● Dennis ● Durcikova Prepared by Taylor M. Wells: College of Business Administration,

Copyright © 2015 John Wiley & Sons, Inc. All rights reserved. 8-1 FitzGerald ● Dennis ● Durcikova Prepared by Taylor M. Wells: College of Business Administration,
IP Version 6 (IPv6) Dr. Adil Yousif. Why IPv6?  Deficiency of IPv4  Address space exhaustion  New types of service  Integration  Multicast  Quality.

IP Version 6 (IPv6) Dr. Adil Yousif. Why IPv6?  Deficiency of IPv4  Address space exhaustion  New types of service  Integration  Multicast  Quality.
Virtual Private Networks. Why VPN Fast, secure and reliable communication between remote locations –Use leased lines to maintain a WAN. –Disadvantages.

Virtual Private Networks. Why VPN Fast, secure and reliable communication between remote locations –Use leased lines to maintain a WAN. –Disadvantages.
Introducing MPLS Labels and Label Stacks

Introducing MPLS Labels and Label Stacks
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.

Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
1 IP VPN Nikolay Scarbnik. 2 Agenda Introduction………………………………………………………….3 VPN concept definition……………………………………………..4 VPN advantages……………...…………………………………….5.

1 IP VPN Nikolay Scarbnik. 2 Agenda Introduction………………………………………………………….3 VPN concept definition……………………………………………..4 VPN advantages……………...…………………………………….5.
VLANs Port-based VLAN: switch ports grouped (by switch management software) so that single physical switch …… Switch(es) supporting VLAN capabilities can.

VLANs Port-based VLAN: switch ports grouped (by switch management software) so that single physical switch …… Switch(es) supporting VLAN capabilities can.
1 Application TCPUDP IPICMPARPRARP Physical network Application TCP/IP Protocol Suite.

1 Application TCPUDP IPICMPARPRARP Physical network Application TCP/IP Protocol Suite.
Chapter 10 Virtual Private Networks. VPN Defined  A segment of the public network made to appear part of a private network so that it can be used to.

Chapter 10 Virtual Private Networks. VPN Defined  A segment of the public network made to appear part of a private network so that it can be used to.
Internet Protocol Security (IPSec)

Internet Protocol Security (IPSec)
SMUCSE 8344 MPLS Virtual Private Networks (VPNs).

SMUCSE 8344 MPLS Virtual Private Networks (VPNs).
Network Address Translation, Remote Access and Virtual Private Networks BSAD 146 Dave Novak Sources: Network+ Guide to Networks, Dean 2013.

Network Address Translation, Remote Access and Virtual Private Networks BSAD 146 Dave Novak Sources: Network+ Guide to Networks, Dean 2013.
Virtual Private Networks (VPN’s)

Virtual Private Networks (VPN’s)
Virtual LANs. VLAN introduction VLANs logically segment switched networks based on the functions, project teams, or applications of the organization regardless.

Virtual LANs. VLAN introduction VLANs logically segment switched networks based on the functions, project teams, or applications of the organization regardless.

Similar presentations

Ads by Google