Is VPN a layer 3 concept?Cisco ASA site-to-site VPN failoverWhat are the reasons for choosing separate or combined VPN and Internet routers?Placement of firewall for VPN RA and L2L tunnelsHow to failover static ipsec vpn tunnels?Routing from IPSec VPN1 to IPSec VPN2 through HQIPsec tunnel configuration questionVPN connecting offices vs hiding only VPNs (privacy) and their settingsHow to configure a distributed network for the replication?Packets are not being de-capsulated on the ASA end of a VPNWhich VPN Types/Protocols inherently support Multicast Traffic?

Extraneous elements in "Europe countries" list

Print last inputted byte

Do I need to convey a moral for each of my blog post?

Should a narrator ever describe things based on a characters view instead of fact?

When should a starting writer get his own webpage?

Writing in a Christian voice

Would mining huge amounts of resources on the Moon change its orbit?

CLI: Get information Ubuntu releases

Was World War I a war of liberals against authoritarians?

How to test the sharpness of a knife?

Imaginary part of expression too difficult to calculate

Why is "la Gestapo" feminine?

Justification failure in beamer enumerate list

Why does Surtur say that Thor is Asgard's doom?

"Marked down as someone wanting to sell shares." What does that mean?

Would this string work as string?

Why didn’t Eve recognize the little cockroach as a living organism?

The English Debate

How to remove space in section title at KOMA-Script

Unfrosted light bulb

What (if any) is the reason to buy in small local stores?

Do native speakers use "ultima" and "proxima" frequently in spoken English?

Friend wants my recommendation but I don't want to

Why is participating in the European Parliamentary elections used as a threat?



Is VPN a layer 3 concept?


Cisco ASA site-to-site VPN failoverWhat are the reasons for choosing separate or combined VPN and Internet routers?Placement of firewall for VPN RA and L2L tunnelsHow to failover static ipsec vpn tunnels?Routing from IPSec VPN1 to IPSec VPN2 through HQIPsec tunnel configuration questionVPN connecting offices vs hiding only VPNs (privacy) and their settingsHow to configure a distributed network for the replication?Packets are not being de-capsulated on the ASA end of a VPNWhich VPN Types/Protocols inherently support Multicast Traffic?













1















From Tanenbaum's Computer Network




This demand soon led to the invention of VPNs (Virtual Private Networks),
which are overlay networks on top of public networks but with most of the properties of private networks.



One popular approach is to build VPNs directly over the Internet. A
common design is to equip each office with a firewall and create
tunnels through the Internet between all pairs of offices. ... When
the system is brought up, each pair of firewalls has to negotiate the
parameters of its SA, including the services, modes, algorithms, and
keys. If IPsec is used for the tunneling, it is possible to aggregate
all traffic between any two pairs of offices onto a single
authenticated, encrypted SA, thus providing in- tegrity control,
secrecy, and even considerable immunity to traffic analysis. Many
firewalls have VPN capabilities built in. Some ordinary routers can do
this as well, but since firewalls are primarily in the security
business, it is natural to have the tunnels begin and end at the
firewalls, providing a clear separation between the company and the
Internet. Thus, firewalls, VPNs, and IPsec with ESP in tunnel mode are
a natural combination and widely used in practice.
Once the SAs have
been established, traffic can begin flowing. To a router within the
Internet, a packet traveling along a VPN tunnel is just an ordinary
packet.
The only thing unusual about it is the presence of the IPsec
header after the IP header, but since these extra headers have no
effect on the forwarding process, the routers do not care about this
extra header.



Another approach that is gaining popularity is to have the ISP set up
the VPN. Using MPLS (as discussed in Chap. 5), paths for the VPN
traffic can be set up across the ISP network between the company
offices. These paths keep the VPN traffic separate from other Internet
traffic and can be guaranteed a certain amount of bandwidth or other
quality of service.




  1. Is VPN a layer 3 or 5 concept? (seems to me yes?)


  2. Do both approaches in the quote to build VPNs are layer 3
    approaches? (Seems to me yes, because the technologies involved to built VPNs seem to be layer 3)


  3. Does openvpn use the server-client model and therefore a layer
    5 approach to build VPNs? How do a openvpn server and client work
    together to build a VPN? I can't figure it out based on the two
    approaches in the book.


  4. Similar questions for SSH VPN to those for openvpn.


Thanks.










share|improve this question


























    1















    From Tanenbaum's Computer Network




    This demand soon led to the invention of VPNs (Virtual Private Networks),
    which are overlay networks on top of public networks but with most of the properties of private networks.



    One popular approach is to build VPNs directly over the Internet. A
    common design is to equip each office with a firewall and create
    tunnels through the Internet between all pairs of offices. ... When
    the system is brought up, each pair of firewalls has to negotiate the
    parameters of its SA, including the services, modes, algorithms, and
    keys. If IPsec is used for the tunneling, it is possible to aggregate
    all traffic between any two pairs of offices onto a single
    authenticated, encrypted SA, thus providing in- tegrity control,
    secrecy, and even considerable immunity to traffic analysis. Many
    firewalls have VPN capabilities built in. Some ordinary routers can do
    this as well, but since firewalls are primarily in the security
    business, it is natural to have the tunnels begin and end at the
    firewalls, providing a clear separation between the company and the
    Internet. Thus, firewalls, VPNs, and IPsec with ESP in tunnel mode are
    a natural combination and widely used in practice.
    Once the SAs have
    been established, traffic can begin flowing. To a router within the
    Internet, a packet traveling along a VPN tunnel is just an ordinary
    packet.
    The only thing unusual about it is the presence of the IPsec
    header after the IP header, but since these extra headers have no
    effect on the forwarding process, the routers do not care about this
    extra header.



    Another approach that is gaining popularity is to have the ISP set up
    the VPN. Using MPLS (as discussed in Chap. 5), paths for the VPN
    traffic can be set up across the ISP network between the company
    offices. These paths keep the VPN traffic separate from other Internet
    traffic and can be guaranteed a certain amount of bandwidth or other
    quality of service.




    1. Is VPN a layer 3 or 5 concept? (seems to me yes?)


    2. Do both approaches in the quote to build VPNs are layer 3
      approaches? (Seems to me yes, because the technologies involved to built VPNs seem to be layer 3)


    3. Does openvpn use the server-client model and therefore a layer
      5 approach to build VPNs? How do a openvpn server and client work
      together to build a VPN? I can't figure it out based on the two
      approaches in the book.


    4. Similar questions for SSH VPN to those for openvpn.


    Thanks.










    share|improve this question
























      1












      1








      1


      1






      From Tanenbaum's Computer Network




      This demand soon led to the invention of VPNs (Virtual Private Networks),
      which are overlay networks on top of public networks but with most of the properties of private networks.



      One popular approach is to build VPNs directly over the Internet. A
      common design is to equip each office with a firewall and create
      tunnels through the Internet between all pairs of offices. ... When
      the system is brought up, each pair of firewalls has to negotiate the
      parameters of its SA, including the services, modes, algorithms, and
      keys. If IPsec is used for the tunneling, it is possible to aggregate
      all traffic between any two pairs of offices onto a single
      authenticated, encrypted SA, thus providing in- tegrity control,
      secrecy, and even considerable immunity to traffic analysis. Many
      firewalls have VPN capabilities built in. Some ordinary routers can do
      this as well, but since firewalls are primarily in the security
      business, it is natural to have the tunnels begin and end at the
      firewalls, providing a clear separation between the company and the
      Internet. Thus, firewalls, VPNs, and IPsec with ESP in tunnel mode are
      a natural combination and widely used in practice.
      Once the SAs have
      been established, traffic can begin flowing. To a router within the
      Internet, a packet traveling along a VPN tunnel is just an ordinary
      packet.
      The only thing unusual about it is the presence of the IPsec
      header after the IP header, but since these extra headers have no
      effect on the forwarding process, the routers do not care about this
      extra header.



      Another approach that is gaining popularity is to have the ISP set up
      the VPN. Using MPLS (as discussed in Chap. 5), paths for the VPN
      traffic can be set up across the ISP network between the company
      offices. These paths keep the VPN traffic separate from other Internet
      traffic and can be guaranteed a certain amount of bandwidth or other
      quality of service.




      1. Is VPN a layer 3 or 5 concept? (seems to me yes?)


      2. Do both approaches in the quote to build VPNs are layer 3
        approaches? (Seems to me yes, because the technologies involved to built VPNs seem to be layer 3)


      3. Does openvpn use the server-client model and therefore a layer
        5 approach to build VPNs? How do a openvpn server and client work
        together to build a VPN? I can't figure it out based on the two
        approaches in the book.


      4. Similar questions for SSH VPN to those for openvpn.


      Thanks.










      share|improve this question














      From Tanenbaum's Computer Network




      This demand soon led to the invention of VPNs (Virtual Private Networks),
      which are overlay networks on top of public networks but with most of the properties of private networks.



      One popular approach is to build VPNs directly over the Internet. A
      common design is to equip each office with a firewall and create
      tunnels through the Internet between all pairs of offices. ... When
      the system is brought up, each pair of firewalls has to negotiate the
      parameters of its SA, including the services, modes, algorithms, and
      keys. If IPsec is used for the tunneling, it is possible to aggregate
      all traffic between any two pairs of offices onto a single
      authenticated, encrypted SA, thus providing in- tegrity control,
      secrecy, and even considerable immunity to traffic analysis. Many
      firewalls have VPN capabilities built in. Some ordinary routers can do
      this as well, but since firewalls are primarily in the security
      business, it is natural to have the tunnels begin and end at the
      firewalls, providing a clear separation between the company and the
      Internet. Thus, firewalls, VPNs, and IPsec with ESP in tunnel mode are
      a natural combination and widely used in practice.
      Once the SAs have
      been established, traffic can begin flowing. To a router within the
      Internet, a packet traveling along a VPN tunnel is just an ordinary
      packet.
      The only thing unusual about it is the presence of the IPsec
      header after the IP header, but since these extra headers have no
      effect on the forwarding process, the routers do not care about this
      extra header.



      Another approach that is gaining popularity is to have the ISP set up
      the VPN. Using MPLS (as discussed in Chap. 5), paths for the VPN
      traffic can be set up across the ISP network between the company
      offices. These paths keep the VPN traffic separate from other Internet
      traffic and can be guaranteed a certain amount of bandwidth or other
      quality of service.




      1. Is VPN a layer 3 or 5 concept? (seems to me yes?)


      2. Do both approaches in the quote to build VPNs are layer 3
        approaches? (Seems to me yes, because the technologies involved to built VPNs seem to be layer 3)


      3. Does openvpn use the server-client model and therefore a layer
        5 approach to build VPNs? How do a openvpn server and client work
        together to build a VPN? I can't figure it out based on the two
        approaches in the book.


      4. Similar questions for SSH VPN to those for openvpn.


      Thanks.







      vpn






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked 6 hours ago









      TimTim

      428416




      428416




















          2 Answers
          2






          active

          oldest

          votes


















          5














          There are layer-2 and layer-3 VPNs. "VPN" is a term used for a tunnel combined with encryption.



          A tunneling interface encapsulates an inner packet (or frame) in an outer packet. This inner packet is then transported to the far tunnel end, according to the outer packet, and decapsulated again. For the inner packet the tunnel looks like a direct connection, regardless of the path of the outer packet.



          Tunneling somewhat defies the strict OSI layering. Usually, layer-3 packets are tunneled over layer 3 (IPsec) or layer 4 (TCP or UDP). An L3 tunnel routes between two networks.



          When layer-2 frames are tunneled, the networks are bridged together.



          OpenVPN uses SSL VPN over UDP or TCP (layer 4) with SSL encryption. SSH has an inherent tunneling mechanism for arbitrary connections including port forwarding.






          share|improve this answer

























          • Thanks. "OpenVPN uses SSL VPN over UDP or TCP (layer 4) with SSL encryption". Do you mean the protocols from top to bottom are: VPN, SSL, UDP/TCP?

            – Tim
            3 hours ago











          • VPN is not a protocol. OpenVPN uses UDP or TCP with SSL and tunnels IP within.

            – Zac67
            3 hours ago











          • Thanks. Are protocols from top to bottom (one encapsulate the one below) are: IP, SSL, UDP/TCP?

            – Tim
            3 hours ago












          • If you insist: IP encapsulated in UDP/SSL over IP is the most common variant (OpenVPN also supports L2 VPN, SSL is more or less a TCP or UDP option).

            – Zac67
            2 hours ago











          • In L2 VPN, what protocols are encapsulate and how are they encapulated?

            – Tim
            2 hours ago


















          2















          Is VPN a layer 3 or 5 concept? (seems to me yes?)




          It's both. And it's others. The VPN software is layers 5-7, whilst commonly L3 routing is used to direct packets trough the VPN. Note that layers generally break down above layer 3; there's fuzzy boundaries.




          Does openvpn use the server-client model and therefore a layer 5 approach to build VPNs?




          Yes, but the result is a layer 3 tunnel. You have to differentiate between the tunnel and the software that builds it, and how traffic trough the tunnel is handled.



          Note that OpenVPN may run in L2 mode as well, commonly known as tap device.






          share|improve this answer








          New contributor




          vidarlo is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
          Check out our Code of Conduct.




















          • Thanks. WHat is the tunnelling protocol provided by openvpn?

            – Tim
            3 hours ago











          • Many. As L2 tunnel? Whatever you care to throw at it.

            – vidarlo
            3 hours ago










          Your Answer








          StackExchange.ready(function()
          var channelOptions =
          tags: "".split(" "),
          id: "496"
          ;
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function()
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled)
          StackExchange.using("snippets", function()
          createEditor();
          );

          else
          createEditor();

          );

          function createEditor()
          StackExchange.prepareEditor(
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: false,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: null,
          bindNavPrevention: true,
          postfix: "",
          imageUploader:
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          ,
          noCode: true, onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          );



          );













          draft saved

          draft discarded


















          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fnetworkengineering.stackexchange.com%2fquestions%2f57734%2fis-vpn-a-layer-3-concept%23new-answer', 'question_page');

          );

          Post as a guest















          Required, but never shown

























          2 Answers
          2






          active

          oldest

          votes








          2 Answers
          2






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes









          5














          There are layer-2 and layer-3 VPNs. "VPN" is a term used for a tunnel combined with encryption.



          A tunneling interface encapsulates an inner packet (or frame) in an outer packet. This inner packet is then transported to the far tunnel end, according to the outer packet, and decapsulated again. For the inner packet the tunnel looks like a direct connection, regardless of the path of the outer packet.



          Tunneling somewhat defies the strict OSI layering. Usually, layer-3 packets are tunneled over layer 3 (IPsec) or layer 4 (TCP or UDP). An L3 tunnel routes between two networks.



          When layer-2 frames are tunneled, the networks are bridged together.



          OpenVPN uses SSL VPN over UDP or TCP (layer 4) with SSL encryption. SSH has an inherent tunneling mechanism for arbitrary connections including port forwarding.






          share|improve this answer

























          • Thanks. "OpenVPN uses SSL VPN over UDP or TCP (layer 4) with SSL encryption". Do you mean the protocols from top to bottom are: VPN, SSL, UDP/TCP?

            – Tim
            3 hours ago











          • VPN is not a protocol. OpenVPN uses UDP or TCP with SSL and tunnels IP within.

            – Zac67
            3 hours ago











          • Thanks. Are protocols from top to bottom (one encapsulate the one below) are: IP, SSL, UDP/TCP?

            – Tim
            3 hours ago












          • If you insist: IP encapsulated in UDP/SSL over IP is the most common variant (OpenVPN also supports L2 VPN, SSL is more or less a TCP or UDP option).

            – Zac67
            2 hours ago











          • In L2 VPN, what protocols are encapsulate and how are they encapulated?

            – Tim
            2 hours ago















          5














          There are layer-2 and layer-3 VPNs. "VPN" is a term used for a tunnel combined with encryption.



          A tunneling interface encapsulates an inner packet (or frame) in an outer packet. This inner packet is then transported to the far tunnel end, according to the outer packet, and decapsulated again. For the inner packet the tunnel looks like a direct connection, regardless of the path of the outer packet.



          Tunneling somewhat defies the strict OSI layering. Usually, layer-3 packets are tunneled over layer 3 (IPsec) or layer 4 (TCP or UDP). An L3 tunnel routes between two networks.



          When layer-2 frames are tunneled, the networks are bridged together.



          OpenVPN uses SSL VPN over UDP or TCP (layer 4) with SSL encryption. SSH has an inherent tunneling mechanism for arbitrary connections including port forwarding.






          share|improve this answer

























          • Thanks. "OpenVPN uses SSL VPN over UDP or TCP (layer 4) with SSL encryption". Do you mean the protocols from top to bottom are: VPN, SSL, UDP/TCP?

            – Tim
            3 hours ago











          • VPN is not a protocol. OpenVPN uses UDP or TCP with SSL and tunnels IP within.

            – Zac67
            3 hours ago











          • Thanks. Are protocols from top to bottom (one encapsulate the one below) are: IP, SSL, UDP/TCP?

            – Tim
            3 hours ago












          • If you insist: IP encapsulated in UDP/SSL over IP is the most common variant (OpenVPN also supports L2 VPN, SSL is more or less a TCP or UDP option).

            – Zac67
            2 hours ago











          • In L2 VPN, what protocols are encapsulate and how are they encapulated?

            – Tim
            2 hours ago













          5












          5








          5







          There are layer-2 and layer-3 VPNs. "VPN" is a term used for a tunnel combined with encryption.



          A tunneling interface encapsulates an inner packet (or frame) in an outer packet. This inner packet is then transported to the far tunnel end, according to the outer packet, and decapsulated again. For the inner packet the tunnel looks like a direct connection, regardless of the path of the outer packet.



          Tunneling somewhat defies the strict OSI layering. Usually, layer-3 packets are tunneled over layer 3 (IPsec) or layer 4 (TCP or UDP). An L3 tunnel routes between two networks.



          When layer-2 frames are tunneled, the networks are bridged together.



          OpenVPN uses SSL VPN over UDP or TCP (layer 4) with SSL encryption. SSH has an inherent tunneling mechanism for arbitrary connections including port forwarding.






          share|improve this answer















          There are layer-2 and layer-3 VPNs. "VPN" is a term used for a tunnel combined with encryption.



          A tunneling interface encapsulates an inner packet (or frame) in an outer packet. This inner packet is then transported to the far tunnel end, according to the outer packet, and decapsulated again. For the inner packet the tunnel looks like a direct connection, regardless of the path of the outer packet.



          Tunneling somewhat defies the strict OSI layering. Usually, layer-3 packets are tunneled over layer 3 (IPsec) or layer 4 (TCP or UDP). An L3 tunnel routes between two networks.



          When layer-2 frames are tunneled, the networks are bridged together.



          OpenVPN uses SSL VPN over UDP or TCP (layer 4) with SSL encryption. SSH has an inherent tunneling mechanism for arbitrary connections including port forwarding.







          share|improve this answer














          share|improve this answer



          share|improve this answer








          edited 4 hours ago

























          answered 6 hours ago









          Zac67Zac67

          31.3k21961




          31.3k21961












          • Thanks. "OpenVPN uses SSL VPN over UDP or TCP (layer 4) with SSL encryption". Do you mean the protocols from top to bottom are: VPN, SSL, UDP/TCP?

            – Tim
            3 hours ago











          • VPN is not a protocol. OpenVPN uses UDP or TCP with SSL and tunnels IP within.

            – Zac67
            3 hours ago











          • Thanks. Are protocols from top to bottom (one encapsulate the one below) are: IP, SSL, UDP/TCP?

            – Tim
            3 hours ago












          • If you insist: IP encapsulated in UDP/SSL over IP is the most common variant (OpenVPN also supports L2 VPN, SSL is more or less a TCP or UDP option).

            – Zac67
            2 hours ago











          • In L2 VPN, what protocols are encapsulate and how are they encapulated?

            – Tim
            2 hours ago

















          • Thanks. "OpenVPN uses SSL VPN over UDP or TCP (layer 4) with SSL encryption". Do you mean the protocols from top to bottom are: VPN, SSL, UDP/TCP?

            – Tim
            3 hours ago











          • VPN is not a protocol. OpenVPN uses UDP or TCP with SSL and tunnels IP within.

            – Zac67
            3 hours ago











          • Thanks. Are protocols from top to bottom (one encapsulate the one below) are: IP, SSL, UDP/TCP?

            – Tim
            3 hours ago












          • If you insist: IP encapsulated in UDP/SSL over IP is the most common variant (OpenVPN also supports L2 VPN, SSL is more or less a TCP or UDP option).

            – Zac67
            2 hours ago











          • In L2 VPN, what protocols are encapsulate and how are they encapulated?

            – Tim
            2 hours ago
















          Thanks. "OpenVPN uses SSL VPN over UDP or TCP (layer 4) with SSL encryption". Do you mean the protocols from top to bottom are: VPN, SSL, UDP/TCP?

          – Tim
          3 hours ago





          Thanks. "OpenVPN uses SSL VPN over UDP or TCP (layer 4) with SSL encryption". Do you mean the protocols from top to bottom are: VPN, SSL, UDP/TCP?

          – Tim
          3 hours ago













          VPN is not a protocol. OpenVPN uses UDP or TCP with SSL and tunnels IP within.

          – Zac67
          3 hours ago





          VPN is not a protocol. OpenVPN uses UDP or TCP with SSL and tunnels IP within.

          – Zac67
          3 hours ago













          Thanks. Are protocols from top to bottom (one encapsulate the one below) are: IP, SSL, UDP/TCP?

          – Tim
          3 hours ago






          Thanks. Are protocols from top to bottom (one encapsulate the one below) are: IP, SSL, UDP/TCP?

          – Tim
          3 hours ago














          If you insist: IP encapsulated in UDP/SSL over IP is the most common variant (OpenVPN also supports L2 VPN, SSL is more or less a TCP or UDP option).

          – Zac67
          2 hours ago





          If you insist: IP encapsulated in UDP/SSL over IP is the most common variant (OpenVPN also supports L2 VPN, SSL is more or less a TCP or UDP option).

          – Zac67
          2 hours ago













          In L2 VPN, what protocols are encapsulate and how are they encapulated?

          – Tim
          2 hours ago





          In L2 VPN, what protocols are encapsulate and how are they encapulated?

          – Tim
          2 hours ago











          2















          Is VPN a layer 3 or 5 concept? (seems to me yes?)




          It's both. And it's others. The VPN software is layers 5-7, whilst commonly L3 routing is used to direct packets trough the VPN. Note that layers generally break down above layer 3; there's fuzzy boundaries.




          Does openvpn use the server-client model and therefore a layer 5 approach to build VPNs?




          Yes, but the result is a layer 3 tunnel. You have to differentiate between the tunnel and the software that builds it, and how traffic trough the tunnel is handled.



          Note that OpenVPN may run in L2 mode as well, commonly known as tap device.






          share|improve this answer








          New contributor




          vidarlo is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
          Check out our Code of Conduct.




















          • Thanks. WHat is the tunnelling protocol provided by openvpn?

            – Tim
            3 hours ago











          • Many. As L2 tunnel? Whatever you care to throw at it.

            – vidarlo
            3 hours ago















          2















          Is VPN a layer 3 or 5 concept? (seems to me yes?)




          It's both. And it's others. The VPN software is layers 5-7, whilst commonly L3 routing is used to direct packets trough the VPN. Note that layers generally break down above layer 3; there's fuzzy boundaries.




          Does openvpn use the server-client model and therefore a layer 5 approach to build VPNs?




          Yes, but the result is a layer 3 tunnel. You have to differentiate between the tunnel and the software that builds it, and how traffic trough the tunnel is handled.



          Note that OpenVPN may run in L2 mode as well, commonly known as tap device.






          share|improve this answer








          New contributor




          vidarlo is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
          Check out our Code of Conduct.




















          • Thanks. WHat is the tunnelling protocol provided by openvpn?

            – Tim
            3 hours ago











          • Many. As L2 tunnel? Whatever you care to throw at it.

            – vidarlo
            3 hours ago













          2












          2








          2








          Is VPN a layer 3 or 5 concept? (seems to me yes?)




          It's both. And it's others. The VPN software is layers 5-7, whilst commonly L3 routing is used to direct packets trough the VPN. Note that layers generally break down above layer 3; there's fuzzy boundaries.




          Does openvpn use the server-client model and therefore a layer 5 approach to build VPNs?




          Yes, but the result is a layer 3 tunnel. You have to differentiate between the tunnel and the software that builds it, and how traffic trough the tunnel is handled.



          Note that OpenVPN may run in L2 mode as well, commonly known as tap device.






          share|improve this answer








          New contributor




          vidarlo is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
          Check out our Code of Conduct.











          Is VPN a layer 3 or 5 concept? (seems to me yes?)




          It's both. And it's others. The VPN software is layers 5-7, whilst commonly L3 routing is used to direct packets trough the VPN. Note that layers generally break down above layer 3; there's fuzzy boundaries.




          Does openvpn use the server-client model and therefore a layer 5 approach to build VPNs?




          Yes, but the result is a layer 3 tunnel. You have to differentiate between the tunnel and the software that builds it, and how traffic trough the tunnel is handled.



          Note that OpenVPN may run in L2 mode as well, commonly known as tap device.







          share|improve this answer








          New contributor




          vidarlo is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
          Check out our Code of Conduct.









          share|improve this answer



          share|improve this answer






          New contributor




          vidarlo is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
          Check out our Code of Conduct.









          answered 4 hours ago









          vidarlovidarlo

          1616




          1616




          New contributor




          vidarlo is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
          Check out our Code of Conduct.





          New contributor





          vidarlo is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
          Check out our Code of Conduct.






          vidarlo is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
          Check out our Code of Conduct.












          • Thanks. WHat is the tunnelling protocol provided by openvpn?

            – Tim
            3 hours ago











          • Many. As L2 tunnel? Whatever you care to throw at it.

            – vidarlo
            3 hours ago

















          • Thanks. WHat is the tunnelling protocol provided by openvpn?

            – Tim
            3 hours ago











          • Many. As L2 tunnel? Whatever you care to throw at it.

            – vidarlo
            3 hours ago
















          Thanks. WHat is the tunnelling protocol provided by openvpn?

          – Tim
          3 hours ago





          Thanks. WHat is the tunnelling protocol provided by openvpn?

          – Tim
          3 hours ago













          Many. As L2 tunnel? Whatever you care to throw at it.

          – vidarlo
          3 hours ago





          Many. As L2 tunnel? Whatever you care to throw at it.

          – vidarlo
          3 hours ago

















          draft saved

          draft discarded
















































          Thanks for contributing an answer to Network Engineering Stack Exchange!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid


          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.

          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fnetworkengineering.stackexchange.com%2fquestions%2f57734%2fis-vpn-a-layer-3-concept%23new-answer', 'question_page');

          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          Popular posts from this blog

          Францішак Багушэвіч Змест Сям'я | Біяграфія | Творчасць | Мова Багушэвіча | Ацэнкі дзейнасці | Цікавыя факты | Спадчына | Выбраная бібліяграфія | Ушанаванне памяці | У філатэліі | Зноскі | Літаратура | Спасылкі | НавігацыяЛяхоўскі У. Рупіўся дзеля Бога і людзей: Жыццёвы шлях Лявона Вітан-Дубейкаўскага // Вольскі і Памідораў з песняй пра немца Адвакат, паэт, народны заступнік Ашмянскі веснікВ Минске появится площадь Богушевича и улица Сырокомли, Белорусская деловая газета, 19 июля 2001 г.Айцец беларускай нацыянальнай ідэі паўстаў у бронзе Сяргей Аляксандравіч Адашкевіч (1918, Мінск). 80-я гады. Бюст «Францішак Багушэвіч».Яўген Мікалаевіч Ціхановіч. «Партрэт Францішка Багушэвіча»Мікола Мікалаевіч Купава. «Партрэт зачынальніка новай беларускай літаратуры Францішка Багушэвіча»Уладзімір Іванавіч Мелехаў. На помніку «Змагарам за родную мову» Барэльеф «Францішак Багушэвіч»Памяць пра Багушэвіча на Віленшчыне Страчаная сталіца. Беларускія шыльды на вуліцах Вільні«Krynica». Ideologia i przywódcy białoruskiego katolicyzmuФранцішак БагушэвічТворы на knihi.comТворы Францішка Багушэвіча на bellib.byСодаль Уладзімір. Францішак Багушэвіч на Лідчыне;Луцкевіч Антон. Жыцьцё і творчасьць Фр. Багушэвіча ў успамінах ягоных сучасьнікаў // Запісы Беларускага Навуковага таварыства. Вільня, 1938. Сшытак 1. С. 16-34.Большая российская1188761710000 0000 5537 633Xn9209310021619551927869394п

          Беларусь Змест Назва Гісторыя Геаграфія Сімволіка Дзяржаўны лад Палітычныя партыі Міжнароднае становішча і знешняя палітыка Адміністрацыйны падзел Насельніцтва Эканоміка Культура і грамадства Сацыяльная сфера Узброеныя сілы Заўвагі Літаратура Спасылкі НавігацыяHGЯOiТоп-2011 г. (па версіі ej.by)Топ-2013 г. (па версіі ej.by)Топ-2016 г. (па версіі ej.by)Топ-2017 г. (па версіі ej.by)Нацыянальны статыстычны камітэт Рэспублікі БеларусьШчыльнасць насельніцтва па краінахhttp://naviny.by/rubrics/society/2011/09/16/ic_articles_116_175144/А. Калечыц, У. Ксяндзоў. Спробы засялення краю неандэртальскім чалавекам.І ў Менску былі мамантыА. Калечыц, У. Ксяндзоў. Старажытны каменны век (палеаліт). Першапачатковае засяленне тэрыторыіГ. Штыхаў. Балты і славяне ў VI—VIII стст.М. Клімаў. Полацкае княства ў IX—XI стст.Г. Штыхаў, В. Ляўко. Палітычная гісторыя Полацкай зямліГ. Штыхаў. Дзяржаўны лад у землях-княствахГ. Штыхаў. Дзяржаўны лад у землях-княствахБеларускія землі ў складзе Вялікага Княства ЛітоўскагаЛюблінская унія 1569 г."The Early Stages of Independence"Zapomniane prawdy25 гадоў таму было аб'яўлена, што Язэп Пілсудскі — беларус (фота)Наша вадаДакументы ЧАЭС: Забруджванне тэрыторыі Беларусі « ЧАЭС Зона адчужэнняСведения о политических партиях, зарегистрированных в Республике Беларусь // Министерство юстиции Республики БеларусьСтатыстычны бюлетэнь „Полаўзроставая структура насельніцтва Рэспублікі Беларусь на 1 студзеня 2012 года і сярэднегадовая колькасць насельніцтва за 2011 год“Индекс человеческого развития Беларуси — не было бы нижеБеларусь занимает первое место в СНГ по индексу развития с учетом гендерного факцёраНацыянальны статыстычны камітэт Рэспублікі БеларусьКанстытуцыя РБ. Артыкул 17Трансфармацыйныя задачы БеларусіВыйсце з крызісу — далейшае рэфармаванне Беларускі рубель — сусветны лідар па дэвальвацыяхПра змену коштаў у кастрычніку 2011 г.Бядней за беларусаў у СНД толькі таджыкіСярэдні заробак у верасні дасягнуў 2,26 мільёна рублёўЭканомікаГаласуем за ТОП-100 беларускай прозыСучасныя беларускія мастакіАрхитектура Беларуси BELARUS.BYА. Каханоўскі. Культура Беларусі ўсярэдзіне XVII—XVIII ст.Анталогія беларускай народнай песні, гуказапісы спеваўБеларускія Музычныя IнструментыБеларускі рок, які мы страцілі. Топ-10 гуртоў«Мясцовы час» — нязгаслая легенда беларускай рок-музыкіСЯРГЕЙ БУДКІН. МЫ НЯ ЗНАЕМ СВАЁЙ МУЗЫКІМ. А. Каладзінскі. НАРОДНЫ ТЭАТРМагнацкія культурныя цэнтрыПублічная дыскусія «Беларуская новая пьеса: без беларускай мовы ці беларуская?»Беларускія драматургі па-ранейшаму лепш ставяцца за мяжой, чым на радзіме«Працэс незалежнага кіно пайшоў, і дзяржаву турбуе яго непадкантрольнасць»Беларускія філосафы ў пошуках прасторыВсе идём в библиотекуАрхіваванаАб Нацыянальнай праграме даследавання і выкарыстання касмічнай прасторы ў мірных мэтах на 2008—2012 гадыУ космас — разам.У суседнім з Барысаўскім раёне пабудуюць Камандна-вымяральны пунктСвяты і абрады беларусаў«Мірныя бульбашы з малой краіны» — 5 непраўдзівых стэрэатыпаў пра БеларусьМ. Раманюк. Беларускае народнае адзеннеУ Беларусі скарачаецца колькасць злачынстваўЛукашэнка незадаволены мінскімі ўладамі Крадзяжы складаюць у Мінску каля 70% злачынстваў Узровень злачыннасці ў Мінскай вобласці — адзін з самых высокіх у краіне Генпракуратура аналізуе стан са злачыннасцю ў Беларусі па каэфіцыенце злачыннасці У Беларусі стабілізавалася крымінагеннае становішча, лічыць генпракурорЗамежнікі сталі здзяйсняць у Беларусі больш злачынстваўМУС Беларусі турбуе рост рэцыдыўнай злачыннасціЯ з ЖЭСа. Дазволіце вас абкрасці! Рэйтынг усіх службаў і падраздзяленняў ГУУС Мінгарвыканкама вырасАб КДБ РБГісторыя Аператыўна-аналітычнага цэнтра РБГісторыя ДКФРТаможняagentura.ruБеларусьBelarus.by — Афіцыйны сайт Рэспублікі БеларусьСайт урада БеларусіRadzima.org — Збор архітэктурных помнікаў, гісторыя Беларусі«Глобус Беларуси»Гербы и флаги БеларусиАсаблівасці каменнага веку на БеларусіА. Калечыц, У. Ксяндзоў. Старажытны каменны век (палеаліт). Першапачатковае засяленне тэрыторыіУ. Ксяндзоў. Сярэдні каменны век (мезаліт). Засяленне краю плямёнамі паляўнічых, рыбакоў і збіральнікаўА. Калечыц, М. Чарняўскі. Плямёны на тэрыторыі Беларусі ў новым каменным веку (неаліце)А. Калечыц, У. Ксяндзоў, М. Чарняўскі. Гаспадарчыя заняткі ў каменным векуЭ. Зайкоўскі. Духоўная культура ў каменным векуАсаблівасці бронзавага веку на БеларусіФарміраванне супольнасцей ранняга перыяду бронзавага векуФотографии БеларусиРоля беларускіх зямель ва ўтварэнні і ўмацаванні ВКЛВ. Фадзеева. З гісторыі развіцця беларускай народнай вышыўкіDMOZGran catalanaБольшая российскаяBritannica (анлайн)Швейцарскі гістарычны15325917611952699xDA123282154079143-90000 0001 2171 2080n9112870100577502ge128882171858027501086026362074122714179пппппп

          ValueError: Expected n_neighbors <= n_samples, but n_samples = 1, n_neighbors = 6 (SMOTE) The 2019 Stack Overflow Developer Survey Results Are InCan SMOTE be applied over sequence of words (sentences)?ValueError when doing validation with random forestsSMOTE and multi class oversamplingLogic behind SMOTE-NC?ValueError: Error when checking target: expected dense_1 to have shape (7,) but got array with shape (1,)SmoteBoost: Should SMOTE be ran individually for each iteration/tree in the boosting?solving multi-class imbalance classification using smote and OSSUsing SMOTE for Synthetic Data generation to improve performance on unbalanced dataproblem of entry format for a simple model in KerasSVM SMOTE fit_resample() function runs forever with no result