IP tunnels

True point-to-point networks are not always possible in corporate networking environment. Many networks deploy nontraditional methods of connection (for example, DSL or broadband) at remote sites or branch offices. The branch office, telecommuter, or business traveler then becomes separated from the corporate network. Some method of tunneling becomes imperative to connect all the network sites together.

Virtual Private Networking (VPN) is often deployed to create private tunnels through the public network system for passing data to remote sites. While VPN is sufficient for the average business traveler, it is not a good solution for branch site connectivity. VPN configurations must include statically maintained access lists to identify traffic through the tunnel. These access lists are often tedious to configure for larger networks and are prone to errors.

VPNs do not permit multicast traffic to pass; therefore routing protocols such as Routing Information Protocol (RIP) and Open Shortest Path First (OSPF) are no longer options for dynamic routing updates. All new additions to the network topology must be manually added to the various configured access lists. Without dynamic routing from one site to another, network management is severely hampered. Network managers need their non-heterogeneous networks to function like traditional point-to-point networks so that traditional management methods (once available only on point-to-point circuits) can apply to the entire network.

The solution to these challenges is to use IP tunnels. An IP tunnel provides a virtual link between endpoints on two different networks enabling data to be exchanged as if the endpoints were directly connected on the same network. Traffic between the devices is isolated from the intervening networks that the tunnel spans.

IP tunnels supported features

  • Up to 127 tunnels can be defined on a switch shared between different tunnel types.

Unsupported features

  • Key support can be added for security and identification purposes when there are multiple applications.
  • VPN across public IP network.