Is VPN a layer 3 concept?
From Tanenbaum's Computer Network
This demand soon led to the invention of VPNs (Virtual Private Networks),
which are overlay networks on top of public networks but with most of the properties of private networks.
One popular approach is to build VPNs directly over the Internet. A
common design is to equip each office with a firewall and create
tunnels through the Internet between all pairs of offices. ... When
the system is brought up, each pair of firewalls has to negotiate the
parameters of its SA, including the services, modes, algorithms, and
keys. If IPsec is used for the tunneling, it is possible to aggregate
all traffic between any two pairs of offices onto a single
authenticated, encrypted SA, thus providing in- tegrity control,
secrecy, and even considerable immunity to traffic analysis. Many
firewalls have VPN capabilities built in. Some ordinary routers can do
this as well, but since firewalls are primarily in the security
business, it is natural to have the tunnels begin and end at the
firewalls, providing a clear separation between the company and the
Internet. Thus, firewalls, VPNs, and IPsec with ESP in tunnel mode are
a natural combination and widely used in practice. Once the SAs have
been established, traffic can begin flowing. To a router within the
Internet, a packet traveling along a VPN tunnel is just an ordinary
packet. The only thing unusual about it is the presence of the IPsec
header after the IP header, but since these extra headers have no
effect on the forwarding process, the routers do not care about this
extra header.
Another approach that is gaining popularity is to have the ISP set up
the VPN. Using MPLS (as discussed in Chap. 5), paths for the VPN
traffic can be set up across the ISP network between the company
offices. These paths keep the VPN traffic separate from other Internet
traffic and can be guaranteed a certain amount of bandwidth or other
quality of service.
Is VPN a layer 3 or 5 concept? (seems to me yes?)
Do both approaches in the quote to build VPNs are layer 3
approaches? (Seems to me yes, because the technologies involved to built VPNs seem to be layer 3)Does openvpn use the server-client model and therefore a layer
5 approach to build VPNs? How do a openvpn server and client work
together to build a VPN? I can't figure it out based on the two
approaches in the book.Similar questions for SSH VPN to those for openvpn.
Thanks.
vpn
asked Mar 18 at 18:20
TimTim
499416
add a comment |
From Tanenbaum's Computer Network
This demand soon led to the invention of VPNs (Virtual Private Networks),
which are overlay networks on top of public networks but with most of the properties of private networks.
One popular approach is to build VPNs directly over the Internet. A
common design is to equip each office with a firewall and create
tunnels through the Internet between all pairs of offices. ... When
the system is brought up, each pair of firewalls has to negotiate the
parameters of its SA, including the services, modes, algorithms, and
keys. If IPsec is used for the tunneling, it is possible to aggregate
all traffic between any two pairs of offices onto a single
authenticated, encrypted SA, thus providing in- tegrity control,
secrecy, and even considerable immunity to traffic analysis. Many
firewalls have VPN capabilities built in. Some ordinary routers can do
this as well, but since firewalls are primarily in the security
business, it is natural to have the tunnels begin and end at the
firewalls, providing a clear separation between the company and the
Internet. Thus, firewalls, VPNs, and IPsec with ESP in tunnel mode are
a natural combination and widely used in practice. Once the SAs have
been established, traffic can begin flowing. To a router within the
Internet, a packet traveling along a VPN tunnel is just an ordinary
packet. The only thing unusual about it is the presence of the IPsec
header after the IP header, but since these extra headers have no
effect on the forwarding process, the routers do not care about this
extra header.
Another approach that is gaining popularity is to have the ISP set up
the VPN. Using MPLS (as discussed in Chap. 5), paths for the VPN
traffic can be set up across the ISP network between the company
offices. These paths keep the VPN traffic separate from other Internet
traffic and can be guaranteed a certain amount of bandwidth or other
quality of service.
Is VPN a layer 3 or 5 concept? (seems to me yes?)
Do both approaches in the quote to build VPNs are layer 3
approaches? (Seems to me yes, because the technologies involved to built VPNs seem to be layer 3)Does openvpn use the server-client model and therefore a layer
5 approach to build VPNs? How do a openvpn server and client work
together to build a VPN? I can't figure it out based on the two
approaches in the book.Similar questions for SSH VPN to those for openvpn.
Thanks.
vpn
asked Mar 18 at 18:20
TimTim
499416
add a comment |
From Tanenbaum's Computer Network
This demand soon led to the invention of VPNs (Virtual Private Networks),
which are overlay networks on top of public networks but with most of the properties of private networks.
One popular approach is to build VPNs directly over the Internet. A
common design is to equip each office with a firewall and create
tunnels through the Internet between all pairs of offices. ... When
the system is brought up, each pair of firewalls has to negotiate the
parameters of its SA, including the services, modes, algorithms, and
keys. If IPsec is used for the tunneling, it is possible to aggregate
all traffic between any two pairs of offices onto a single
authenticated, encrypted SA, thus providing in- tegrity control,
secrecy, and even considerable immunity to traffic analysis. Many
firewalls have VPN capabilities built in. Some ordinary routers can do
this as well, but since firewalls are primarily in the security
business, it is natural to have the tunnels begin and end at the
firewalls, providing a clear separation between the company and the
Internet. Thus, firewalls, VPNs, and IPsec with ESP in tunnel mode are
a natural combination and widely used in practice. Once the SAs have
been established, traffic can begin flowing. To a router within the
Internet, a packet traveling along a VPN tunnel is just an ordinary
packet. The only thing unusual about it is the presence of the IPsec
header after the IP header, but since these extra headers have no
effect on the forwarding process, the routers do not care about this
extra header.
Another approach that is gaining popularity is to have the ISP set up
the VPN. Using MPLS (as discussed in Chap. 5), paths for the VPN
traffic can be set up across the ISP network between the company
offices. These paths keep the VPN traffic separate from other Internet
traffic and can be guaranteed a certain amount of bandwidth or other
quality of service.
Is VPN a layer 3 or 5 concept? (seems to me yes?)
Do both approaches in the quote to build VPNs are layer 3
approaches? (Seems to me yes, because the technologies involved to built VPNs seem to be layer 3)Does openvpn use the server-client model and therefore a layer
5 approach to build VPNs? How do a openvpn server and client work
together to build a VPN? I can't figure it out based on the two
approaches in the book.Similar questions for SSH VPN to those for openvpn.
Thanks.
vpn
asked Mar 18 at 18:20
TimTim
499416
From Tanenbaum's Computer Network
This demand soon led to the invention of VPNs (Virtual Private Networks),
which are overlay networks on top of public networks but with most of the properties of private networks.
One popular approach is to build VPNs directly over the Internet. A
common design is to equip each office with a firewall and create
tunnels through the Internet between all pairs of offices. ... When
the system is brought up, each pair of firewalls has to negotiate the
parameters of its SA, including the services, modes, algorithms, and
keys. If IPsec is used for the tunneling, it is possible to aggregate
all traffic between any two pairs of offices onto a single
authenticated, encrypted SA, thus providing in- tegrity control,
secrecy, and even considerable immunity to traffic analysis. Many
firewalls have VPN capabilities built in. Some ordinary routers can do
this as well, but since firewalls are primarily in the security
business, it is natural to have the tunnels begin and end at the
firewalls, providing a clear separation between the company and the
Internet. Thus, firewalls, VPNs, and IPsec with ESP in tunnel mode are
a natural combination and widely used in practice. Once the SAs have
been established, traffic can begin flowing. To a router within the
Internet, a packet traveling along a VPN tunnel is just an ordinary
packet. The only thing unusual about it is the presence of the IPsec
header after the IP header, but since these extra headers have no
effect on the forwarding process, the routers do not care about this
extra header.
Another approach that is gaining popularity is to have the ISP set up
the VPN. Using MPLS (as discussed in Chap. 5), paths for the VPN
traffic can be set up across the ISP network between the company
offices. These paths keep the VPN traffic separate from other Internet
traffic and can be guaranteed a certain amount of bandwidth or other
quality of service.
Is VPN a layer 3 or 5 concept? (seems to me yes?)
Do both approaches in the quote to build VPNs are layer 3
approaches? (Seems to me yes, because the technologies involved to built VPNs seem to be layer 3)Does openvpn use the server-client model and therefore a layer
5 approach to build VPNs? How do a openvpn server and client work
together to build a VPN? I can't figure it out based on the two
approaches in the book.Similar questions for SSH VPN to those for openvpn.
Thanks.
vpn
vpn
asked Mar 18 at 18:20
TimTim
499416
asked Mar 18 at 18:20
TimTim
499416
asked Mar 18 at 18:20
TimTim
499416
asked Mar 18 at 18:20
TimTim
499416
asked Mar 18 at 18:20
TimTim
499416
499416
add a comment |
add a comment |
3 Answers
3
active
oldest
votes
There are layer-2 and layer-3 VPNs. "VPN" is a term used for a tunnel combined with encryption.
A tunneling interface encapsulates an inner packet (or frame) in an outer packet. This inner packet is then transported to the far tunnel end, according to the outer packet, and decapsulated again. For the inner packet the tunnel looks like a direct connection, regardless of the path of the outer packet.
Tunneling somewhat defies the strict OSI layering. Usually, layer-3 packets are tunneled over layer 3 (IPsec) or layer 4 (TCP or UDP). An L3 tunnel routes between two networks.
When layer-2 frames are tunneled, the networks are bridged together.
OpenVPN uses SSL VPN over UDP or TCP (layer 4) with SSL encryption. SSH has an inherent tunneling mechanism for arbitrary connections including port forwarding.
[edit] Note that we're using OSI layer numbers here (as far as applicable), so your "layer 5" application layer is usually refered to as layer 7.
answered Mar 18 at 18:38
Zac67Zac67
31.8k22063
Thanks. "OpenVPN uses SSL VPN over UDP or TCP (layer 4) with SSL encryption". Do you mean the protocols from top to bottom are: VPN, SSL, UDP/TCP?
– Tim
Mar 18 at 20:56
VPN is not a protocol. OpenVPN uses UDP or TCP with SSL and tunnels IP within.
– Zac67
Mar 18 at 21:35
Thanks. Are protocols from top to bottom (one encapsulate the one below) are: IP, SSL, UDP/TCP?
– Tim
Mar 18 at 21:40
If you insist: IP encapsulated in UDP/SSL over IP is the most common variant (OpenVPN also supports L2 VPN, SSL is more or less a TCP or UDP option).
– Zac67
Mar 18 at 22:16
In L2 VPN, what protocols are encapsulate and how are they encapulated?
– Tim
Mar 18 at 22:37
|
show 8 more comments
Is VPN a layer 3 or 5 concept? (seems to me yes?)
It's both. And it's others. The VPN software is layers 5-7, whilst commonly L3 routing is used to direct packets trough the VPN. Note that layers generally break down above layer 3; there's fuzzy boundaries.
Does openvpn use the server-client model and therefore a layer 5 approach to build VPNs?
Yes, but the result is a layer 3 tunnel. You have to differentiate between the tunnel and the software that builds it, and how traffic trough the tunnel is handled.
Note that OpenVPN may run in L2 mode as well, commonly known as tap device.
answered Mar 18 at 20:21
vidarlovidarlo
1716
New contributor
vidarlo is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Thanks. WHat is the tunnelling protocol provided by openvpn?
– Tim
Mar 18 at 20:55
Many. As L2 tunnel? Whatever you care to throw at it.
– vidarlo
Mar 18 at 21:01
add a comment |
Layer 3 VPN (L3VPN) is a type of VPN mode that is built and delivered on OSI layer 3 networking technologies. The entire communication from the core VPN infrastructure is forwarded using layer 3 virtual routing and forwarding techniques. Layer 3 VPN is also known as virtual private routed network (VPRN).
answered 11 hours ago
user56196user56196
211
New contributor
user56196 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "496"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fnetworkengineering.stackexchange.com%2fquestions%2f57734%2fis-vpn-a-layer-3-concept%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
3 Answers
3
active
oldest
votes
3 Answers
3
active
oldest
votes
active
oldest
votes
active
oldest
votes
There are layer-2 and layer-3 VPNs. "VPN" is a term used for a tunnel combined with encryption.
A tunneling interface encapsulates an inner packet (or frame) in an outer packet. This inner packet is then transported to the far tunnel end, according to the outer packet, and decapsulated again. For the inner packet the tunnel looks like a direct connection, regardless of the path of the outer packet.
Tunneling somewhat defies the strict OSI layering. Usually, layer-3 packets are tunneled over layer 3 (IPsec) or layer 4 (TCP or UDP). An L3 tunnel routes between two networks.
When layer-2 frames are tunneled, the networks are bridged together.
OpenVPN uses SSL VPN over UDP or TCP (layer 4) with SSL encryption. SSH has an inherent tunneling mechanism for arbitrary connections including port forwarding.
[edit] Note that we're using OSI layer numbers here (as far as applicable), so your "layer 5" application layer is usually refered to as layer 7.
answered Mar 18 at 18:38
Zac67Zac67
31.8k22063
Thanks. "OpenVPN uses SSL VPN over UDP or TCP (layer 4) with SSL encryption". Do you mean the protocols from top to bottom are: VPN, SSL, UDP/TCP?
– Tim
Mar 18 at 20:56
VPN is not a protocol. OpenVPN uses UDP or TCP with SSL and tunnels IP within.
– Zac67
Mar 18 at 21:35
Thanks. Are protocols from top to bottom (one encapsulate the one below) are: IP, SSL, UDP/TCP?
– Tim
Mar 18 at 21:40
If you insist: IP encapsulated in UDP/SSL over IP is the most common variant (OpenVPN also supports L2 VPN, SSL is more or less a TCP or UDP option).
– Zac67
Mar 18 at 22:16
In L2 VPN, what protocols are encapsulate and how are they encapulated?
– Tim
Mar 18 at 22:37
|
show 8 more comments
There are layer-2 and layer-3 VPNs. "VPN" is a term used for a tunnel combined with encryption.
A tunneling interface encapsulates an inner packet (or frame) in an outer packet. This inner packet is then transported to the far tunnel end, according to the outer packet, and decapsulated again. For the inner packet the tunnel looks like a direct connection, regardless of the path of the outer packet.
Tunneling somewhat defies the strict OSI layering. Usually, layer-3 packets are tunneled over layer 3 (IPsec) or layer 4 (TCP or UDP). An L3 tunnel routes between two networks.
When layer-2 frames are tunneled, the networks are bridged together.
OpenVPN uses SSL VPN over UDP or TCP (layer 4) with SSL encryption. SSH has an inherent tunneling mechanism for arbitrary connections including port forwarding.
[edit] Note that we're using OSI layer numbers here (as far as applicable), so your "layer 5" application layer is usually refered to as layer 7.
answered Mar 18 at 18:38
Zac67Zac67
31.8k22063
Thanks. "OpenVPN uses SSL VPN over UDP or TCP (layer 4) with SSL encryption". Do you mean the protocols from top to bottom are: VPN, SSL, UDP/TCP?
– Tim
Mar 18 at 20:56
VPN is not a protocol. OpenVPN uses UDP or TCP with SSL and tunnels IP within.
– Zac67
Mar 18 at 21:35
Thanks. Are protocols from top to bottom (one encapsulate the one below) are: IP, SSL, UDP/TCP?
– Tim
Mar 18 at 21:40
If you insist: IP encapsulated in UDP/SSL over IP is the most common variant (OpenVPN also supports L2 VPN, SSL is more or less a TCP or UDP option).
– Zac67
Mar 18 at 22:16
In L2 VPN, what protocols are encapsulate and how are they encapulated?
– Tim
Mar 18 at 22:37
|
show 8 more comments
There are layer-2 and layer-3 VPNs. "VPN" is a term used for a tunnel combined with encryption.
A tunneling interface encapsulates an inner packet (or frame) in an outer packet. This inner packet is then transported to the far tunnel end, according to the outer packet, and decapsulated again. For the inner packet the tunnel looks like a direct connection, regardless of the path of the outer packet.
Tunneling somewhat defies the strict OSI layering. Usually, layer-3 packets are tunneled over layer 3 (IPsec) or layer 4 (TCP or UDP). An L3 tunnel routes between two networks.
When layer-2 frames are tunneled, the networks are bridged together.
OpenVPN uses SSL VPN over UDP or TCP (layer 4) with SSL encryption. SSH has an inherent tunneling mechanism for arbitrary connections including port forwarding.
[edit] Note that we're using OSI layer numbers here (as far as applicable), so your "layer 5" application layer is usually refered to as layer 7.
answered Mar 18 at 18:38
Zac67Zac67
31.8k22063
There are layer-2 and layer-3 VPNs. "VPN" is a term used for a tunnel combined with encryption.
A tunneling interface encapsulates an inner packet (or frame) in an outer packet. This inner packet is then transported to the far tunnel end, according to the outer packet, and decapsulated again. For the inner packet the tunnel looks like a direct connection, regardless of the path of the outer packet.
Tunneling somewhat defies the strict OSI layering. Usually, layer-3 packets are tunneled over layer 3 (IPsec) or layer 4 (TCP or UDP). An L3 tunnel routes between two networks.
When layer-2 frames are tunneled, the networks are bridged together.
OpenVPN uses SSL VPN over UDP or TCP (layer 4) with SSL encryption. SSH has an inherent tunneling mechanism for arbitrary connections including port forwarding.
[edit] Note that we're using OSI layer numbers here (as far as applicable), so your "layer 5" application layer is usually refered to as layer 7.
answered Mar 18 at 18:38
Zac67Zac67
31.8k22063
edited Mar 19 at 14:19
answered Mar 18 at 18:38
Zac67Zac67
31.8k22063
answered Mar 18 at 18:38
Zac67Zac67
31.8k22063
answered Mar 18 at 18:38
Zac67Zac67
31.8k22063
31.8k22063
Thanks. "OpenVPN uses SSL VPN over UDP or TCP (layer 4) with SSL encryption". Do you mean the protocols from top to bottom are: VPN, SSL, UDP/TCP?
– Tim
Mar 18 at 20:56
VPN is not a protocol. OpenVPN uses UDP or TCP with SSL and tunnels IP within.
– Zac67
Mar 18 at 21:35
Thanks. Are protocols from top to bottom (one encapsulate the one below) are: IP, SSL, UDP/TCP?
– Tim
Mar 18 at 21:40
If you insist: IP encapsulated in UDP/SSL over IP is the most common variant (OpenVPN also supports L2 VPN, SSL is more or less a TCP or UDP option).
– Zac67
Mar 18 at 22:16
In L2 VPN, what protocols are encapsulate and how are they encapulated?
– Tim
Mar 18 at 22:37
|
show 8 more comments
Thanks. "OpenVPN uses SSL VPN over UDP or TCP (layer 4) with SSL encryption". Do you mean the protocols from top to bottom are: VPN, SSL, UDP/TCP?
– Tim
Mar 18 at 20:56
VPN is not a protocol. OpenVPN uses UDP or TCP with SSL and tunnels IP within.
– Zac67
Mar 18 at 21:35
Thanks. Are protocols from top to bottom (one encapsulate the one below) are: IP, SSL, UDP/TCP?
– Tim
Mar 18 at 21:40
If you insist: IP encapsulated in UDP/SSL over IP is the most common variant (OpenVPN also supports L2 VPN, SSL is more or less a TCP or UDP option).
– Zac67
Mar 18 at 22:16
In L2 VPN, what protocols are encapsulate and how are they encapulated?
– Tim
Mar 18 at 22:37
Thanks. "OpenVPN uses SSL VPN over UDP or TCP (layer 4) with SSL encryption". Do you mean the protocols from top to bottom are: VPN, SSL, UDP/TCP?
– Tim
Mar 18 at 20:56
Thanks. "OpenVPN uses SSL VPN over UDP or TCP (layer 4) with SSL encryption". Do you mean the protocols from top to bottom are: VPN, SSL, UDP/TCP?
– Tim
Mar 18 at 20:56
VPN is not a protocol. OpenVPN uses UDP or TCP with SSL and tunnels IP within.
– Zac67
Mar 18 at 21:35
VPN is not a protocol. OpenVPN uses UDP or TCP with SSL and tunnels IP within.
– Zac67
Mar 18 at 21:35
Thanks. Are protocols from top to bottom (one encapsulate the one below) are: IP, SSL, UDP/TCP?
– Tim
Mar 18 at 21:40
Thanks. Are protocols from top to bottom (one encapsulate the one below) are: IP, SSL, UDP/TCP?
– Tim
Mar 18 at 21:40
If you insist: IP encapsulated in UDP/SSL over IP is the most common variant (OpenVPN also supports L2 VPN, SSL is more or less a TCP or UDP option).
– Zac67
Mar 18 at 22:16
If you insist: IP encapsulated in UDP/SSL over IP is the most common variant (OpenVPN also supports L2 VPN, SSL is more or less a TCP or UDP option).
– Zac67
Mar 18 at 22:16
In L2 VPN, what protocols are encapsulate and how are they encapulated?
– Tim
Mar 18 at 22:37
In L2 VPN, what protocols are encapsulate and how are they encapulated?
– Tim
Mar 18 at 22:37
|
show 8 more comments
Is VPN a layer 3 or 5 concept? (seems to me yes?)
It's both. And it's others. The VPN software is layers 5-7, whilst commonly L3 routing is used to direct packets trough the VPN. Note that layers generally break down above layer 3; there's fuzzy boundaries.
Does openvpn use the server-client model and therefore a layer 5 approach to build VPNs?
Yes, but the result is a layer 3 tunnel. You have to differentiate between the tunnel and the software that builds it, and how traffic trough the tunnel is handled.
Note that OpenVPN may run in L2 mode as well, commonly known as tap device.
answered Mar 18 at 20:21
vidarlovidarlo
1716
New contributor
vidarlo is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Thanks. WHat is the tunnelling protocol provided by openvpn?
– Tim
Mar 18 at 20:55
Many. As L2 tunnel? Whatever you care to throw at it.
– vidarlo
Mar 18 at 21:01
add a comment |
Is VPN a layer 3 or 5 concept? (seems to me yes?)
It's both. And it's others. The VPN software is layers 5-7, whilst commonly L3 routing is used to direct packets trough the VPN. Note that layers generally break down above layer 3; there's fuzzy boundaries.
Does openvpn use the server-client model and therefore a layer 5 approach to build VPNs?
Yes, but the result is a layer 3 tunnel. You have to differentiate between the tunnel and the software that builds it, and how traffic trough the tunnel is handled.
Note that OpenVPN may run in L2 mode as well, commonly known as tap device.
answered Mar 18 at 20:21
vidarlovidarlo
1716
New contributor
vidarlo is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Thanks. WHat is the tunnelling protocol provided by openvpn?
– Tim
Mar 18 at 20:55
Many. As L2 tunnel? Whatever you care to throw at it.
– vidarlo
Mar 18 at 21:01
add a comment |
Is VPN a layer 3 or 5 concept? (seems to me yes?)
It's both. And it's others. The VPN software is layers 5-7, whilst commonly L3 routing is used to direct packets trough the VPN. Note that layers generally break down above layer 3; there's fuzzy boundaries.
Does openvpn use the server-client model and therefore a layer 5 approach to build VPNs?
Yes, but the result is a layer 3 tunnel. You have to differentiate between the tunnel and the software that builds it, and how traffic trough the tunnel is handled.
Note that OpenVPN may run in L2 mode as well, commonly known as tap device.
answered Mar 18 at 20:21
vidarlovidarlo
1716
New contributor
vidarlo is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Is VPN a layer 3 or 5 concept? (seems to me yes?)
It's both. And it's others. The VPN software is layers 5-7, whilst commonly L3 routing is used to direct packets trough the VPN. Note that layers generally break down above layer 3; there's fuzzy boundaries.
Does openvpn use the server-client model and therefore a layer 5 approach to build VPNs?
Yes, but the result is a layer 3 tunnel. You have to differentiate between the tunnel and the software that builds it, and how traffic trough the tunnel is handled.
Note that OpenVPN may run in L2 mode as well, commonly known as tap device.
answered Mar 18 at 20:21
vidarlovidarlo
1716
New contributor
vidarlo is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered Mar 18 at 20:21
vidarlovidarlo
1716
New contributor
vidarlo is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered Mar 18 at 20:21
vidarlovidarlo
1716
answered Mar 18 at 20:21
vidarlovidarlo
1716
1716
New contributor
vidarlo is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
vidarlo is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
vidarlo is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Thanks. WHat is the tunnelling protocol provided by openvpn?
– Tim
Mar 18 at 20:55
Many. As L2 tunnel? Whatever you care to throw at it.
– vidarlo
Mar 18 at 21:01
add a comment |
Thanks. WHat is the tunnelling protocol provided by openvpn?
– Tim
Mar 18 at 20:55
Many. As L2 tunnel? Whatever you care to throw at it.
– vidarlo
Mar 18 at 21:01
Thanks. WHat is the tunnelling protocol provided by openvpn?
– Tim
Mar 18 at 20:55
Thanks. WHat is the tunnelling protocol provided by openvpn?
– Tim
Mar 18 at 20:55
Many. As L2 tunnel? Whatever you care to throw at it.
– vidarlo
Mar 18 at 21:01
Many. As L2 tunnel? Whatever you care to throw at it.
– vidarlo
Mar 18 at 21:01
add a comment |
Layer 3 VPN (L3VPN) is a type of VPN mode that is built and delivered on OSI layer 3 networking technologies. The entire communication from the core VPN infrastructure is forwarded using layer 3 virtual routing and forwarding techniques. Layer 3 VPN is also known as virtual private routed network (VPRN).
answered 11 hours ago
user56196user56196
211
New contributor
user56196 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
Layer 3 VPN (L3VPN) is a type of VPN mode that is built and delivered on OSI layer 3 networking technologies. The entire communication from the core VPN infrastructure is forwarded using layer 3 virtual routing and forwarding techniques. Layer 3 VPN is also known as virtual private routed network (VPRN).
answered 11 hours ago
user56196user56196
211
New contributor
user56196 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
Layer 3 VPN (L3VPN) is a type of VPN mode that is built and delivered on OSI layer 3 networking technologies. The entire communication from the core VPN infrastructure is forwarded using layer 3 virtual routing and forwarding techniques. Layer 3 VPN is also known as virtual private routed network (VPRN).
answered 11 hours ago
user56196user56196
211
New contributor
user56196 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Layer 3 VPN (L3VPN) is a type of VPN mode that is built and delivered on OSI layer 3 networking technologies. The entire communication from the core VPN infrastructure is forwarded using layer 3 virtual routing and forwarding techniques. Layer 3 VPN is also known as virtual private routed network (VPRN).
answered 11 hours ago
user56196user56196
211
New contributor
user56196 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 11 hours ago
user56196user56196
211
New contributor
user56196 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 11 hours ago
user56196user56196
211
answered 11 hours ago
user56196user56196
211
211
New contributor
user56196 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
user56196 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
user56196 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
add a comment |
Thanks for contributing an answer to Network Engineering Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fnetworkengineering.stackexchange.com%2fquestions%2f57734%2fis-vpn-a-layer-3-concept%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
