VPNs: main concepts cheat sheet

‘VPN’ has become a catch-all term nowadays.
What does VPN mean ?
→ A software used to insure privacy on the internet ?
→ A way to connect 2 distant private networks together ?
→ An encryption mechanism ?
→ A tunneling protocol ?
→ A type of router / firewall ?
→ A layer 2 / 3 / 4 protocol ?
I’ll try to shed light on everything above.

Plan

  • Network tunnels (types, layers)
  • Basic tunneling protocols (IP-in-IP, GRE)
  • Improved tunneling protocols (PPTP, L2TP)
  • Security (IPSec, TLS)
  • VPN Timeline

Network tunnels

In computer networks, a tunneling protocol is a communications protocol that allows for the movement of data from one network to another. It involves allowing private network communications to be sent across a public network (such as the Internet) through a process called encapsulation.Because tunneling involves repackaging the traffic data into a different form, perhaps with encryption as standard, it can hide the nature of the traffic that is run through a tunnel. (Wikipedia)

Tunnel types

Figure 1 — ‘Road warrior’ or ‘client-to-site’ VPN
Figure 2 — Site-to-site VPN

Tunneling layers

Tunneling layers can be quite confusing since it modifies our OSI model conception.
I think the two interesting questions to ask for each tunnel technology are:
At which OSI layer is the tunnel established ?
→ Can be layer 3 or above
What is the OSI layer of the content transported through the tunnel ?
→ Could be layer 2 or above

Layer 2 content transported

Layer 2 data is encapsulated, sent through the tunnel and unencapsulated at the other side of the network.
Depending on the tunnel protocol, different layer 2 formats are available such as:
- PPP (Point to Point Protocol)
- Ethernet
- …
One advantage of transporting layer 2 content is that computers on both sides could use layer 2 features (such as MAC addresses, DHCP requests with ethernet).

Layer 3 content transported

Layer 3 data is encapsulated, sent through the tunnel and unencapsulated at the other side of the network, on the VPN router. The VPN router can then redirect the packets to the correct local host.

IP assignments

When a tunnel is created, a virtual interface is created on the client connecting to the remote site.
This virtual interface (also called tunnel interface) needs a private IP address.

If the tunnel transports layer 2 content, the client should be able to get an IP address (inside LAN block) from the DHCP server of the remote LAN as a DHCP request is layer 2 protocol.

If the tunnel transports layer 3 content, the client is unable to use DHCP. Thus it will be the remote ‘Tunnel server’ which will assign a private IP from its pre configured Virtual IP Address Pool (VIPAP). This VIPAP should not of course enter in conflict with the local IP addresses of the LAN.

Advantages / disadvantages

Figure 3 — Layer 2 vs layer 3

Basic tunneling protocols

Let’s start studying basic tunneling protocols.
Keep in mind that there is no security mechanism for the moment (encryption, integrity, …).

IP-in-IP tunnel

IP-in-IP is a layer 3 tunneling protocol transporting layer 3 data.

Figure 4 — IP-in-IP packet anatomy

This tunnel technology is not too hard to understand: an IP packet is encapsulated as the payload of another IP packet which will transport it.
Outer IP header has a protocol field of 4 (indicating its payload is another IP datagram).

Quick note here: as the IP protocol number is known (n° 4), any intermediate router could detect and block this kind of traffic.

IP-in-IP Example

Figure 5 — Site-to-site tunnel

In figure 5, there are 2 LANs (10.0.1.0/25 and 10.0.1.128/25) geographically distant which are connected together thanks to an IP tunnel.
H1 and H2 have an entry in their routing table which states that every packet with destination
10.0.1.128/25 should be sent to the GW1 router.
When GW1 receives LAN traffic that tries to reach 10.0.1.128/25, It is configured to encapsulate the whole packet in a newly created packet which has the public IP of the GW2 router as destination.
GW2 will ‘de-encapsulate’ the data received from GW1 and send it to the right host in the LAN.

Figure 6 — ICMP Ping example

Some edge cases can cause errors in this tunneling technology:
- If the DF (Don’t Fragment) bit is set to 1 in the inner IP packet but then the outer IP header is added, it could create issues with MTU …
- ICMP protocol can encounter issues (such as traceroute) because of the encapsulation.

Generic Routing Encapsulation (GRE)

GRE is a layer 3 tunneling protocol transporting any layer (mostly layer 3 content) depending on its implementation.
GRE has its own IP protocol number which is 47 and doesn’t encrypt anything on its own.

Figure 7 — GRE encapsulation: a GRE header is added
Figure 8 — GRE header

In contrast to IP-in-IP, GRE tunnels have the following advantages:
- Encapsulate any layer three protocol (versus just IP)
- Add an additional checksum (which isn't useful for TCP/IPv4)
- Specify a tunnel key
- Enforce packet sequencing

Source: https://packetlife.net/blog/2012/feb/27/gre-vs-ipip-tunneling/

Improved tunneling protocols

We’ve seen two basic tunneling protocols (IP-in-IP and GRE).
Let’s see two tunneling protocols that are a bit more complex now: PPTP and L2TP.
These protocols have two distinct channels, one to control the creation and life cycle of the tunnel (and some configurations) while the other channel is dedicated to data traffic.

PPTP (Point to Point Tunneling Protocol)

PPTP is a Microsoft tunneling protocol which is based on GRE (GRE embeds layer 2 PPP frames instead of IP packets in this implementation).
This protocol is considered obsolete nowadays but it is still in use in some networks.

PPTP opens two communication channels:

  • control channel in order to control the link state (TCP port 1723 of the remote server). This channel is established first.
  • data channel where data are exchanged. It uses the IP protocol number 47 (GRE).
Figure 9 — PPTP packet

As you can understand it is hard to speak of a distinct OSI layer for this tunneling protocol because:
→ It transports layer 2 content (PPP frames)
→ It is established both on layer 3 (data channel) and layer 4 (TCP control channel)

L2TP (Layer 2 Tunneling Protocol)

L2TP creates an IP tunnel for PPP frames between a “client” and a remote network.
The “client” is called a LAC (L2TP Access Concentrator) and the remote network is called a LNS (L2TP Network Server).

Figure 10 — L2TP tunnel either client-to-site or site-to-site

L2TP uses UDP for encapsulation:

Figure 11 — L2TP packet anatomy
Figure 12 — L2TP path to NIC

The client (LAC) creates a virtual network interface (also called tunnel interface).

Connections using this interface send their usual internet traffic (TCP/UDP socket).

PS: In Figure 12, I am not sure whether the UDP header is created by the Virtual NIC (tunnel interface) or by the physical NIC.

2 types of message can be sent in a L2TP tunnel:
- control message (to create, delete, configure the tunnel)
- data messages (encapsulated frame)

Both messages use the L2TP Common header:

Figure 13 — L2TP header

Creation of the L2TP tunnel

Figure 14 — L2TP handshake

Using the L2TP header, a handshake is made (like TCP).

Tunnel ID is set during handshake in order to manage multiple tunnels.
Tunnel control messages are “reliable” thanks to acknowledgment and seq numbers used inside the L2TP header.

.

Security

Security is one important feature of VPNs.
In fact a VPN is no more than security added to a tunnel technology.
Some VPNs have the tunnel and security technologies tightly coupled, some others not …
Let’s see security / cryptographic tools that tunnels can use such as IPSec and TLS.

IPSec

Internet Protocol Security (IPsec) is a secure network protocol suite that authenticates and encrypts the packets of data to provide secure encrypted communication between two computers over an Internet Protocol network. (Wikipedia)

IPSec is divided into two steps:

  • Key exchange using IKE to authenticate and get ready to establish an IPSec connection.
  • IPSec connection configuration (selecting either AH or ESP protocol).

The purpose of these steps is to ensure confidentiality, integrity, and authentication.
Let’s understand them a bit more.

Internet Key Exchange — IKE

IKE is the protocol (UDP port 500) used to set up a security association (SA) in the IPsec protocol.
Its purpose is to securely agree on a shared secret (session key) between two hosts.
IKE is divided in two steps:
1) Authentication of the “client”
2) Perform a Diffie-Hellman key exchange.

1) Authentication
During this phase, the initiator authenticates and agrees on some parameters such as session duration, hash algorithm to use, …
Authentication is done by using either PSK or PKI.

  • PSK — Pre Shared key
    The tunnel server has some information configured on it such as a ‘username+password’ combination (for client-to-site) or ‘public IP+password’ (for site-to-site).
    The client which wants to establish a connection hashes its combination and send it to the tunnel server. The tunnel server will then be able to calculate and compare the hash to authenticate the client.
  • PKI — Public Key infrastructure
    The tunnel server has multiple CA public keys. Whenever a client wants to establish a communication, it will send its certificate. The tunnel server will then be able to verify the certificate thanks to one of his CA public keys (the certificate could also be self signed).

2) Diffie-Hellman key exchange
Once authenticated, the initiator and tunnel server agree on a DH shared secret key.
At the end of this first step, a secure “ISAKMP tunnel” which is going to be used for the IPSec negotiation is established.

IPSec connection configuration

Now that an ISAKMP tunnel has been created thanks to IKE, IPSec uses that link to create its tunnel on top of it.
IPSec connection configuration is the negotiation of parameters for the IPSec tunnel that will be built on top:

→ IPsec Protocol: do we use AH or ESP?

→ Encapsulation Mode: transport or tunnel mode?

→ Encryption: what encryption algorithm do we use? DES, 3DES or AES?

→ Authentication: what authentication algorithm do we use? MD5 or SHA?

→ Lifetime: how long is the IKE phase 2 tunnel valid? When the tunnel is about to expire, we will refresh the keying material.

→ (Optional) DH exchange: used for PFS (Perfect Forward Secrecy).

Source: https://networklessons.com/cisco/ccie-routing-switching/ipsec-internet-protocol-security

IPSec protocols and modes
An IPSec connection uses either AH or ESP protocol (it can be both but we won’t consider that case for clearness). Each protocol can be used in transport or tunnel mode.

AH — Authentication header
AH doesn’t provide confidentiality (encryption) but integrity and authentication.
It does it by adding an AH header to the IP packet. This is called transport mode.

Figure 15 — AH in transport mode

The most important field of this AH header is “Integrity Check Value (ICV)”.

Integrity Check Value (ICV) is a hash (HMAC-MD5 or HMAC-SHA) of most fields of the IP header (except some which could change such as TTL) and a secret AH shared key.
The receiver can check if the hash is correct which guarantees the fields didn’t change between the source and the destination.

AH header can be used for tunnel mode (which is needed for VPNs):

Figure 16 — AH in tunnel mode

In this case, an outer IP header is added.
The inner IP packet is fully added to the hashed content ensuring a complete authentication of the inner IP packet.

AH tunnel mode has 2 downsides for VPN:
→ No encryption
→ NAT / PAT not working since IP address and port number are part of the hash (hence, cannot change).
ESP solves those two “issues”.

ESP — Encapsulating security payload

Figure 17 — ESP in transport mode

→ ESP encrypts the data (transport mode in Figure 17).

→ ESP doesn’t authenticate the full outer IP header. Thus NAT and PAT are supported.

Figure 18 — ESP in tunnel mode (used for VPN)

ESP has the IP protocol number 50.
The ESP Auth contains the hash to check the integrity.

L2TP tunnels use an IPSec implementation to secure the tunnel. ESP is mostly used in tunnel mode for VPN.

TLS

TLS is a layer 4 protocol (TCP port 443) used by some VPNs to establish a secured tunnel.
TLS VPNs differ from web browsers since what is exchanged through the link is not HTTP content but IP packets (or even layer 2 frames).
TLS has an advantage compared to layer 3 and layer 2 VPNs as it is harder to detect / block it.
Indeed, outer IP packets of TLS VPN won’t have a specific ICMP code.
However, TLS VPNs have a big downside: the TCP meltdown problem.
TCP meltdown refers to speed issues due to the fact that if a TCP segment is encapsulated inside another TCP segment, it can cause a lot of retransmissions.
That’s why it is recommended to use UDP instead of TCP if possible with these kinds of tunnels.

TLS handshake

Figure 19 — TLS handshake

TLS handshake occurs just after TCP handshake.
Thanks to the server public certificate, the client can use the server public key and establish a shared session key for further conversation.
More details on the TLS handshake here:
https://www.cloudflare.com/learning/ssl/what-happens-in-a-tls-handshake/

Example of VPN technologies using TLS

  • OpenVPN
  • SSTP

VPN Timeline

To end this blog post I created a timeline of the different VPN technologies (I included ToR at the end but it is not a VPN).
I based the dates on the RFC but don’t be fooled, a lot of other RFCs have been added later for most items such as L2TPv3 in 2005 or TLS 1.3 in 2018.

Figure 20 — VPN timeline

Conclusion

It took me some time to write this blog post and I had to make multiple modifications before publishing it.
→ It is hard to be brief without being simplistic on a topic as broad as the VPNs / tunnels.
→ Having never really studied VPNs before, this blog post gave me the opportunity to improve my knowledge on this topic.

As a consequence I do not guarantee this blog post to be error free …
Thus, if you detect any error, don’t hesitate to let me know, it would be greatly appreciated.
You can also follow me on twitter and check out the references below if you want to dive deeper into the subject.

References

Books
VPNs Illustrated: Tunnels, VPNs, and IPsec — Jon C. Snader

Websites
https://en.wikipedia.org/wiki/Tunneling_protocol
https://www.youtube.com/watch?v=lPkARHDJBac
https://www.cisco.com/c/en/us/support/docs/dial-access/virtual-private-dialup-network-vpdn/23980-l2tp-23980.html
https://www.frameip.com/l2tp-pppoe-ppp-ethernet/#53-8211-les-concentrateurs-drsquoacces-8211-lac
https://cybersecurity.att.com/blogs/security-essentials/the-ultimate-guide-to-vpn-encryption-protocols-and-ciphers
https://networkengineering.stackexchange.com/questions/46877/how-are-vpn-clients-given-ip-addresses-when-they-connect-to-vpn-routers-such-as
https://en.wikipedia.org/wiki/IPsec
https://cromwell-intl.com/networking/what-is-ipsec.html
https://networklessons.com/cisco/ccie-routing-switching/ipsec-internet-protocol-security#IKE_Phase_1
https://wikipedia.org

Images

Figure 3
https://ipwithease.com/layer-2-vs-layer-3-vpn/
Figure 4
VPNs Illustrated: Tunnels, VPNs, and IPsec — Jon C. Snader
Figure 5
VPNs Illustrated: Tunnels, VPNs, and IPsec — Jon C. Snader
Figure 6
VPNs Illustrated: Tunnels, VPNs, and IPsec — Jon C. Snader
Figure 7
VPNs Illustrated: Tunnels, VPNs, and IPsec — Jon C. Snader
Figure 8
https://en.wikipedia.org/wiki/Generic_Routing_Encapsulation
Figure 9
https://www.researchgate.net/figure/PPTP-Tunnel-Data-Frame-Format_fig3_287458379
Figure 10
VPNs Illustrated: Tunnels, VPNs, and IPsec — Jon C. Snader
Figure 11
https://www.speaknetworks.com/configuring-l2tp-ipsec-vpn-cisco-asa/
Figure 13
VPNs Illustrated: Tunnels, VPNs, and IPsec — Jon C. Snader
Figure 14
VPNs Illustrated: Tunnels, VPNs, and IPsec — Jon C. Snader
Figure 15
https://networklessons.com/cisco/ccie-routing-switching/ipsec-internet-protocol-security
Figure 16
https://networklessons.com/cisco/ccie-routing-switching/ipsec-internet-protocol-security
Figure 17
https://networklessons.com/cisco/ccie-routing-switching/ipsec-internet-protocol-security
Figure 18
https://networklessons.com/cisco/ccie-routing-switching/ipsec-internet-protocol-security
Figure 19
https://www.cloudflare.com/learning/ssl/what-happens-in-a-tls-handshake/

I write my own computer science “cheatsheets” and “big pictures” as posts here. I mainly do it for myself but it may benefit others

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store