L2tp architecture, Tunnel and session, Control message and data message – H3C Technologies H3C SecPath F1000-E User Manual
Page 36
3
L2TP architecture
shows the relationship between the PPP frame, control channel, and data channel. PPP frames
are transferred over unreliable L2TP data channels, while control messages are transferred within reliable
L2TP control channels.
Figure 2 L2TP architecture
Figure 3 L2TP packet encapsulation structure
depicts the encapsulation structure of an L2TP data packet between the LAC and the LNS.
Usually, L2TP data is transferred as User Data Protocol (UDP) packets. The well-known UDP port for L2TP
is 1701, though this is only used in the tunnel creation stage. The L2TP tunnel initiator selects an idle port
(not necessarily 1701) to send a packet to port 1701 of the receiver. After receiving the packet, the
receiver also selects an idle port (not necessarily 1701 either) to return a packet to the specified port of
the initiator. Then, the two parties use the negotiated ports to communicate until the tunnel is
disconnected.
Tunnel and session
Two types of connections are present between an LNS and an LAC: Tunnel and session.
•
A tunnel corresponds to a LNS-LAC pair, and comprises a control connection and one or more
sessions.
•
A session corresponds to one PPP data stream between an LNS and a LAC and is multiplexed on
a tunnel. A session can be set up only after the tunnel is created.
Multiple L2TP tunnels can be established between an LNS and an LAC.
Both control messages and PPP frames are transferred on the tunnel. L2TP uses Hello packets to check a
tunnel’s connectivity. The LAC and the LNS regularly send Hello packets to each other. If no response
packet is received within a given amount of time, the tunnel is torn down.
Control message and data message
L2TP supports two types of messages: Control messages and data messages.
•
Control messages are used in establishment, maintenance, and clearing of tunnels and sessions.
Control messages are transmitted over a reliable control channel, which supports flow control and
congestion control.
•
Data messages encapsulate PPP frames to be tunneled. Data messages are transmitted over an
unreliable data channel that lacks flow control and congestion control, and retransmission
mechanisms.
Control messages and data messages share the same header structure. An L2TP header contains a
tunnel ID and a session ID, which are used to identify the tunnel and session respectively. Packets with the