AH Modes

AH can be used in either transport or tunnel mode, just like ESP. The difference is the data being protected, either an upper-layer protocol or an entire IP datagram.

Transport Mode

When used in transport mode, AH protects end-to-end communication. The communications endpoint must be IPSec endpoint. The AH header is inserted into the datagram by placing it immediately following the IP header (and any options) and before the upper-layer protocol header.

Tunnel Mode

When used in tunnel mode, AH encapsulates the protected datagram. An additional IP header is added before the AH header after that. The "internal" IP datagram maintains the original addressing of the communication and the "outer" IP datagram contains the addresses of the IPSec endpoints. Tunnel mode can be used as a replacement to transport mode for end-to-end security. However, as there is no confidentiality and therefore no protection against traffic analysis, it is pointless. AH is used only to guarantee that the received packet was not modified in transit, that it was sent by the party claiming to have sent it, and, optionally, that it is a fresh, nonreplayed packet.

Top Previous page Table of content Next page IPSec (2nd Edition) ISBN: 013046189X EAN: 2147483647 Year: 2004 Pages: 76 Authors: Naganand Doraswamy, Dan Harkins BUY ON AMAZON Cisco IP Telephony (CIPT) (Authorized Self-Study) (2nd Edition) Review Questions Restricting External Transfers Performance Counters Documenting Software Architectures: Views and Beyond P.6. Seven Rules for Sound Documentation The Pipe-and-Filter Style Discussion Questions Summary Checklist Overview Service-Oriented Architecture (SOA): Concepts, Technology, and Design Why this book is important Part I: SOA and Web Services Fundamentals WS-BPEL language basics Integration considerations A.3. The Oasis Car Wash Ruby Cookbook (Cookbooks (OReilly)) Getting the Parts of a String You Want Replacing Multiple Patterns in a Single Pass Checking Your Access to a File Converting and Coercing Objects to Different Types Parsing URLs AutoCAD 2005 and AutoCAD LT 2005. No Experience Required Gaining Drawing Strategies: Part 1 Gaining Drawing Strategies: Part 2 Generating Elevations Dimensioning a Drawing Using Layouts to Set Up a Print Microsoft Visual Basic .NET Programmers Cookbook (Pro-Developer) Numbers, Dates, and Other Data Types Multithreading Network Programming Reflection Printing and Drawing with GDI+ flylib.com © 2008-2017. If you may any questions please contact us: flylib@qtcs.net Privacy policy This website uses cookies. Click here to find out more. Accept cookies