Tunneling is the basis of VPN. Almost all the VPN works on a method called tunneling. Tunneling is the method used to transfer data from one network to another network in Network Infrastructure. The data to be transferred in frames of another protocol.
Tunneling encapsulates the data sent by the sending node on its format i.e it adds its header, which contains routing information so that the data traveled in the network properly. The encapsulated packets routed through the endpoint of the tunnel over the network.
The tunnel is the logical path through which the packets encapsulated are traversed to reach the destination. when the frames reach the destination the packet de-encapsulated and the frames forwarded to the final destination.
In short, tunneling is the process outlined below
Protocols used by tunneling.
Tunneling uses one type of protocol to encapsulate the frames from the datagram of the protocol. VPN uses PPTP protocol to encapsulate the frame over the internet(public network). An alternative protocol that used is L2TP. This protocol depends upon the features specified by the PPP.
PPP was the basic protocol used to send data across dedicated or dial-up connections. PPP encapsulates the IP packets with the PPP frames and transmits the data across the network. It was specifically designed to be used over NAS ( Network Access Server).
Tunneling requires three protocols.
Carrier – The protocol used by the network to transfer the data.
Encapsulating protocol — the protocol to wrap the data.(PPTP,L2TP,GRE,IPSec)
Passenger protocol – protocol to carry the original data(IPX, NetBEUI, IP).
What has split tunneling?
split tunneling is the method that enables Remote access VPN CLIENTS to route the corporate traffic over the network(VPN connection) while sending the Internet-based traffic using the local Internet connection. This is a great method to split the traffic, use of corporate bandwidth for access to internet sites is prevented.
This adds extra security to the network. If the remote access client has the reachability to both Internet and private Organisation network simultaneously, there the possibility that the Internet connection exploited to access to private organization network through the remote access client.
The companies which are more security sensitive can choose to use the default routing method which ensures that every traffic by the VPN client passes by the corporate firewall.