Blog

Get news about our products, which events we are attending plus industry insights and commentary

History of Tunneling Protocols

Written by Sarah Chandley on Friday, 17 August 2018. Posted in Cyber

Tunneling allows private network communications to be sent across a public network, such as the Internet, through a process called encapsulation. Encapsulation wraps private data packets with formatting and routing information so that when they pass through the public network, the private data is usually ignored. Only the public network data added by the encapsulation is read to route the packet.

As tunnelling protocols hide a complete packet within the flow, there is the potential for misuse, which is why it is important to understand tunnelling protocols and the role they play within your infrastructure and cyber security strategy. In this post we are going to explore the history of the most common tunnelling protocols, their usages, flow information sources and the composition of the packet.

Timeline of Creation

  • VLAN - Initiated in 1988 ratified 2003 as IEEE 802.1Q (Dot1q), IEEE 802.1ad (QinQ) .
  • IPinIP - Initiated and ratified 1996 RFC 2003.
  • MPLS - Initiated 1996 ratified 2001 as RFC 3031.
  • GTP - Initiated 1996 ratified 2006 3GPP TS 29.060 V6.9.0.
  • VXLAN - Initiated 2011 ratified RFC 7348

VLAN - Virtual Local Area Network

Usages:

  • Virtual Private Networks (VPNs).
  • Traffic isolation.

Flow information sources:

  • Ethernet switches (possibly not IP).
  • Ethernet routers.
  • Flow sensors/collectors (FlowProbe).
  • Raw capture.

VLAN Packet:

MPLS - Multi-Protocol Label Switching

Usages:

  • Virtual Private Networks.
  • Traffic isolation.

Flow information sources:

  • MPLS router (possibly not IP).
  • MPLS provider/edge routers.
  • Flow sensors/collectors (FlowProbe).
  • Raw capture.

MPLS Packet:

IPinIP

Usages:

  • IP Mobility.
  • IP Domain transport IPv4 in IPv6 and IPv6 in IPv4.
  • IP Transparent transport IPv4 in IPv4, IPv4 in IPv6, IPv6 in IPv4 and IPv6 ijn IPv6.

Flow information sources:

  • Ethernet switch (outer IP only).
  • Encapsulator/Decapsulator switch.
  • Flow sensors/collectors both layers (FlowProbe).
  • Raw capture.

IPinIP Packet:

GRE – Generic Routing Encapsulation

Usages:

  • Virtual Private Networks.
  • IPSec Virtual Private Networks.
  • Point to Point tunnelling.

Flow information sources:

  • Ethernet routers (Outer IP layer Only).
  • Flow sensors/collectors both layers (FlowProbe).
  • Raw capture.

GRE Packet:

GTP - GPRS Tunnelling Protocol

Usages:

  • Within Mobile Carrier networks.

Flow information sources:

  • Ethernet routers (Outer IP layer Only).
  • GSN and RAN if available.
  • Flow sensors/collectors both layers (FlowProbe).
  • Raw capture.

GTP Packet:

VXLAN – Virtual eXtensible Local Area Network

Usages:

  • Within virtualised cloud networks.
  • Equal-Cost Multipaths for scalability.

Flow information sources:

  • Ethernet routers (Outer IP layer Only).
  • VXLAN Tunnel End Points.
  • Flow sensors/collectors both layers (FlowProbe).
  • Raw capture.

VXLAN Packet:

The above shows us that to fully understand traffic behaviour and detect anomalies within data tunnels, it is not sufficient to look only at the outermost network routing informaiton, although this is what the majority of existing network monitoring infrastructure does.

To find out more about Tunnelling Protocol monitoring in the Telesoft FlowProbe, read our Monitoring Tunnelling protocols blog post or check out the FlowProbe.

About the Author

Sarah Chandley

Sarah Chandley

Sarah is an experienced B2B technology marketing expert, creating thought provoking and informative content for the Cyber Security, Telco and Government Infrastructure sectors. 

Information cookies

Cookies are short reports that are sent and stored on the hard drive of the user's computer through your browser when it connects to a web. Cookies can be used to collect and store user data while connected to provide you the requested services and sometimes tend not to keep. Cookies can be themselves or others.

There are several types of cookies:

  • Technical cookies that facilitate user navigation and use of the various options or services offered by the web as identify the session, allow access to certain areas, facilitate orders, purchases, filling out forms, registration, security, facilitating functionalities (videos, social networks, etc..).
  • Customization cookies that allow users to access services according to their preferences (language, browser, configuration, etc..).
  • Analytical cookies which allow anonymous analysis of the behavior of web users and allow to measure user activity and develop navigation profiles in order to improve the websites.

So when you access our website, in compliance with Article 22 of Law 34/2002 of the Information Society Services, in the analytical cookies treatment, we have requested your consent to their use. All of this is to improve our services. We use Google Analytics to collect anonymous statistical information such as the number of visitors to our site. Cookies added by Google Analytics are governed by the privacy policies of Google Analytics. If you want you can disable cookies from Google Analytics.

However, please note that you can enable or disable cookies by following the instructions of your browser.