Jon Marshall Tue, 07/03/2007 - 08:55
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Hi Haitham


If i understand correctly, the outer IP header is an entirely new IP header with all the fields that the local IP header would have. Obviously some of these fields may be different ie the source and destination IP addresses, ports etc, and some information may or may not be present such as QOS settings.


Was there something specific you were thinking of ?


Jon

haithamnofal Tue, 07/03/2007 - 09:13
User Badges:

Hi Jon,


I wanted to know how would the fields in the outer header differ from the inner one. Taking an example Router A & B having VPN tunnel between each others, shouldn't the source and destination IP addresses in both the outer header and the inner header be Router A & B ?


Regards,

Haitham

Jon Marshall Tue, 07/03/2007 - 10:14
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Haitham


It depends on where the packet is sourced from and where the destination is eg.


You have a site-to-site VPN tunnel across the Internet between router A & router B. A client behind router B ( 192.168.5.10 ) wants to send data to server at site A ( 172.16.5.11 ).


Router A public IP address is 194.67.11.10

Router B public IP address is 212.32.22.66


Client at site B sends packet to router B with a source IP address of 192.168.5.10 and a destination IP address of 172.16.15.11.


Router B realises this is meant to go down the VPN tunnel so it encrypts the entire packet, creates a new IP header for the encrypted packet. The source IP address of this packet will be Router B public IP address and the destination address will be Router A public IP address.


When Router A receives the packet it strips off the outer IP header, decrypts the original packet, sees that the destination is 172.16.5.11 and forwards it on.


Hope that makes sense


Jon

Actions

This Discussion