You might have to add MPLS VPN which is the most widely used one or could
be even a GRE with BGP as the routing protocol.
Cheers,
- Balaji
On Fri, Apr 27, 2012 at 1:32 PM, Girish Venkatachalam <
girishvenkatachalam at gmail.com> wrote:
What is a VPN?
A VPN otherwise known as virtual private network creates a tunnel between
two
endpoints on the Internet.
A typical case would be between a company's branch office and head office.
I will explain more about this since there are plenty of things nobody
will tell you.
No article or literature will specify what all goes into this
seemingly easy technology.
I used to think it was easy since I am the spam guy. I solved how
e-mail security can be
assured to organizations which is a much bigger problem but then it
turned out that
VPN was also a big problem.
It took me close to 4 years to get it right.
Anyway this article will only speak about the higher level
interactions and big picture.
The reality of today's Internet is that there are not as many public
IPv4 addresses as we prefer.
Hence all organizations go for a private address space in one of
rfc1918 IP address blocks.
Say 192.168.0.0/16, 10.0.0.0/8 or 172.16.0.0/12 addresses.
None of these addresses are routable over the net since millions or
networks will be using
the same IP addresses.
What a VPN enables is to route them across the Internet by
encapsulating them inside like our
tanjavur bommai.
So we have an outside IP header which contains the two public IP
endpoints and the inside
IP has the private IP endpoints.
Thereby we can actually talk to your LAN machines and access all of
the applications, even obtain
a DHCP address from the remote network using a VPN.
Now VPN is often thought of as having to do with encryption but that
is only an aside.
You can jolly well have VPNs without any crypto and key setup.
PPTP and L2TP VPNs are in that category I think.
Let us leave aside crypto for now.
The biggest issue is that of being able to talk to a remote LAN
without using a known IP address or a
static IP address.
You can do that when you are a VPN client but you can also do that
when you are a VPN server by using
dynamic DNS services.
The applications that are not network aware are NetBIOS file
sharing(Windows shares) and layer II protocols
and various other things like tally applications, db apps and so on.
These work inside a LAN.
And moreover you don't want to purchase a separate license for each site.
If you have Internet setup a VPN and connect to the head office. That
is how all major companies function.
Now you also have another way to use a VPN. Let us say you are at an
airport or you are at home. You are a single
person accessing the office LAN. Either with your laptop or on a
public computer.
VPN enables that as well.
We will close this article with discussing the different kinds of VPN
technologies I know of:
1) OpenVPN
2) IPsec VPN
3) OpenSSH VPN
4) L2TP
5) PPTP (Windows free software)
And VPN can work in tunnel mode or transport mode, normally we are
only bothered about tunnels.
-Girish
--
Gayatri Hitech
http://gayatri-hitech.com
_______________________________________________
ILUGC Mailing List:
http://www.ae.iitm.ac.in/mailman/listinfo/ilugc