Professional Documents
Culture Documents
IP Transport Network Overview - Part2
IP Transport Network Overview - Part2
part 2
Introduction
Why learn about the IP transport Network?
› IP features
Objectives
› IP Security
› IP Format
6
Transport protocols
ports
IP
dat datgrmfo t
octerd torde bitorde
octe+0 octe+120 2octe+3
34567012 45670123 01234567
hdr typeofhdr
lengthver+0 servictoal lengthoa
iden+4tfcao flagsrmticon entofsragm
time+8olv protclheadkiv erchksum
+12 sourceIPad res
dat datgrmfo t
octerd torde bitorde
octe+0 octe+120 2octe+3
34567012 45670123 01234567
hdr typeofhdr
lengthver+0 servictoal lengthoa
iden+4tfcao flagsrmticon entofsragm
time+8olv protclheadkiv erchksum
+12
sourceIPad res
IPDat
dat agrmfot
octerd datgrmfo torde tbiorde
34567octe+012 octe+14567023 0 2octe+3014567
lengthvr+0d typeofsrvichdal lengthoa
iden+4tfcao flagsrm tifcaon entofsragm
time+8olv protclheadk tolive erchksum
+126 sourceIPadtin res
datgrm format +16opti20 destinaoIP ns(ifay) adresping
+240 optins(fay) pading
IPDat
IPDat
octerd itordeb
cte+0o cte+1o octe+23
01234567 67012345 23456701 0
hdr typeof
length+0ver servic toalengh
identfca+4 tionflag fragmentos t
timeolv+8 protcl headrcksum
+12 sourceIPad es
+16 destinaoIP dres
opt+20 ions(fay) pading
+24
IPDat
datgrm format
octerd bitorde
octe+0 octe+1 octe+23
01234567 67012345 12345670 0
hdr typeof
length+0ver servic toalengh
identfca+4 tionflag fragmentos t
timeolv+8 protcl headrcksum
+12 sourceIPad es
+16 destinaoIP dres
opt+20 ions(fay) pading
+24
IPDat
Encrypted Text
IPSec Tunnel
Public Network
Private Network
Private Network
SEGw1 SEGw2
SeGw SeGw
Host Router Router Host Host LA LA Host
LA A B LA
N N
N N
Protected link
S IP S H S IP H S A B
Domain of Interpretation
ESP packet diagram
Orig IP Hdr TCP Hdr Data
Insert Append
Orig IP Hdr ESP Hdr TCP Hdr Data ESP Trailer ESP Auth
Usually encrypted
Integrity hash coverage
Authentication Header
packet diagram
Orig IP Hdr TCP Hdr Data
AH header
Internet Key Exchange (IKE)
Key
SSN
Key Key
PRI PRI
Key Key
PUB PUB
Encryption Layers
Network-Layer (IPSec)
Transport/
Network
Layers (3-4)
SEGw SEGw
Link/Physical
Layers (1-2)
SIU
GSM BSC/RNC Site
WCDMA SEGw L2 Sw
ET-MFX RNC
LTE eNB
l
S1 optiona A3
is
ec
IPs
n d X2
S1 a
A2
A1
c
A2
se
IP
A1
Recommendation:
RBS A1 Use IPsec only on such sections that are not secure
SEG RBS
RBS RBS