L2tp architecture, Tunnel and session, Control message and data message – H3C Technologies H3C SecPath F1000-E User Manual

Page 36

Advertising
background image

3

L2TP architecture

Figure 2

shows the relationship between the PPP frame, control channel, and data channel. PPP frames

are transferred over unreliable L2TP data channels, while control messages are transferred within reliable
L2TP control channels.

Figure 2 L2TP architecture

Figure 3 L2TP packet encapsulation structure

Figure 3

depicts the encapsulation structure of an L2TP data packet between the LAC and the LNS.

Usually, L2TP data is transferred as User Data Protocol (UDP) packets. The well-known UDP port for L2TP

is 1701, though this is only used in the tunnel creation stage. The L2TP tunnel initiator selects an idle port

(not necessarily 1701) to send a packet to port 1701 of the receiver. After receiving the packet, the

receiver also selects an idle port (not necessarily 1701 either) to return a packet to the specified port of

the initiator. Then, the two parties use the negotiated ports to communicate until the tunnel is

disconnected.

Tunnel and session

Two types of connections are present between an LNS and an LAC: Tunnel and session.

A tunnel corresponds to a LNS-LAC pair, and comprises a control connection and one or more
sessions.

A session corresponds to one PPP data stream between an LNS and a LAC and is multiplexed on
a tunnel. A session can be set up only after the tunnel is created.

Multiple L2TP tunnels can be established between an LNS and an LAC.
Both control messages and PPP frames are transferred on the tunnel. L2TP uses Hello packets to check a

tunnel’s connectivity. The LAC and the LNS regularly send Hello packets to each other. If no response

packet is received within a given amount of time, the tunnel is torn down.

Control message and data message

L2TP supports two types of messages: Control messages and data messages.

Control messages are used in establishment, maintenance, and clearing of tunnels and sessions.
Control messages are transmitted over a reliable control channel, which supports flow control and

congestion control.

Data messages encapsulate PPP frames to be tunneled. Data messages are transmitted over an
unreliable data channel that lacks flow control and congestion control, and retransmission

mechanisms.

Control messages and data messages share the same header structure. An L2TP header contains a

tunnel ID and a session ID, which are used to identify the tunnel and session respectively. Packets with the

Advertising
This manual is related to the following products:

H3C SecPath F5000-A5 Firewall, H3C SecBlade FW Cards, H3C SecPath U200-A U200-M U200-S

Popular Brands
Popular manuals