Tunnel mode differs because you would have a third IP header since thats how tunnel mode works. This 3rd set of IP headers would be the same as the outer headers. The entire packet would then be +20 bytes.
Regards,
Brandon Carroll - CCIE #23837 Senior Technical Instructor - IPexpert Telephone: +1.810.326.1444 eFax: +1.810.454.0130
IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, Audio Tools, Online Hardware Rental and Classroom Training for the Cisco CCIE (R&S, Voice, Security & Service Provider) certification(s) with training locations throughout the United States, Europe, South Asia and Australia. Be sure to visit our online communities at www.ipexpert.com/communities and our public website at www.ipexpert.com
On Apr 25, 2010, at 3:06 AM, Dnyaneshwar Gore wrote: Thx Brandon,
So in transport mode, the outer most header is Public IP from Tunnel interface. But I guess it should be physical int ip address derived using NHS service. Otherwise how spoke1 will reach to spoke2?
And how transport mode header structure is different from tunnel mode?
Regards,
DMG
On Sat, Apr 24, 2010 at 9:26 PM, Brandon Carroll <[email protected]> wrote:
So from Spoke 1 to spoke 2 it will look like this in transport mode:
Whatever Data you are sending : The Original IP Header with the 192 host addresses in it : The GRE Header: The ESP Header: The Outer IP Header with Public IPs in it (From the Tunnel Source Command): The Layer 2 Header.
I've attached a screen shot of wireshark with a capture of a ping. You'll notice you cant see the ping of course because its inside the ESP, but you can see everything up to the ESP header. Since tunnel protection is applied to the tunnel interface the next header after that would be the GRE header, followed by the original IP header, followed by the Data.
<pod118acs.proctorlabs.com_.jpg>
Regards,
Brandon Carroll - CCIE #23837
Senior Technical Instructor - IPexpert Telephone: +1.810.326.1444
eFax: +1.810.454.0130
IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, Audio Tools, Online Hardware Rental and Classroom Training for the Cisco CCIE (R&S, Voice, Security & Service Provider) certification(s) with training locations throughout the United States, Europe, South Asia and Australia. Be sure to visit our online communities at www.ipexpert.com/communities and our public website at www.ipexpert.com
Platinum Solutions Group (PSG) provides high-end consulting services with a primary emphasis on Cisco's Data Center Solutions, Service Provider Solutions, Unified Communications and Security-enabled infrastructures. Be sure to visit www.platinumsolutionsgroup.com. On Apr 23, 2010, at 7:45 PM, Dnyaneshwar Gore wrote: Attaching figure.....
On Sat, Apr 24, 2010 at 8:14 AM, Dnyaneshwar Gore <[email protected]> wrote:
Hi,
Need insight on DMVPN header structure.
How will be DMVPN header structure in case of attached figure with
- TRANSPORT mode
- TUNNEL Mode
Will appreciate if you explain with ip address.
I know DMVPN header will be = IPSec header + GRE Header + IP Header + data payload. Want to know exact header in case of Transport & Tunnel mode.
Regards,
DMG
For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
|
DMVPN Spoke