ESP Modes

   

The next header field indicates the type of data that is contained in the payload data field what ESP is actually protecting. If ESP is applied in transport mode (Figure 5.2), the ESP header is placed between the IP header and the upper-layer protocol header and the next header field will indicate the type of upper-level protocol that follows, for example TCP would be six (6).If ESP is applied in tunnel mode (Figure 5.3), an entire IP datagram is encapsulated by another IP datagram and the ESP header is placed between the two. In tunnel mode the next header field with therefore be the value four (4) for IPv4 or fourty-one (41) for IPv6, indicating IP-in-IP encapsulation.

Figure 5.2. An IP Packet protected by ESP in Transport Mode

graphics/05fig02.gif

Figure 5.3. An IP Packet protected by ESP in Tunnel Mode

graphics/05fig03.gif


   
Top


IPSec(c) The New Security Standard for the Internet, Intranets, and Virtual Private Networks
IPSec (2nd Edition)
ISBN: 013046189X
EAN: 2147483647
Year: 2004
Pages: 76

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net