L2TP Packets
L2TP Protocol Structure
Figure 1 depicts the relationship of PPP frames and control messages over the L2TP control and data channels. PPP frames are passed through an unreliable data channel; control messages are sent over a reliable L2TP control channel.
Both L2TP data and control messages are transmitted in UDP packets. Data messages are not retransmitted in the case of transmission failures and therefore the transmission is unreliable; the transmission of control messages, however, is controlled by the traffic control and retransmission mechanisms and therefore is reliable. L2TP uses the registered UDP port 1701 and this port is used only during the initial establishment of an L2TP tunnel. The initiator of an L2TP tunnel picks a free source UDP port (which may or may not be 1701), and sends packets to port 1701 of the receiver. Upon receiving the packets, the receiver also picks a free port on its own system (which may or may not be 1701), and sends a reply to the initiator's UDP port. Once the source and destination ports and addresses are specified, they must remain unchanged as long as the tunnel is connective.
L2TP Header
Headers of L2TP control messages and L2TP data messages are the same.
In the L2TP message header, "opt" following a field indicates that the field is optional in a data message but is mandatory in a control message.
Figure 2 describes the fields in an L2TP message header.
Field |
Meaning |
Remarks |
|---|---|---|
T |
Indicates the type of a message:
|
The value must be 1 in a control message. |
L |
Indicates the Length bit. The value 1 indicates that a message header contains the Length field. |
The value must be 1 in a control message. |
x |
Indicates a reserved bit. |
- |
S |
Indicates the Sequence bit. The value 1 indicates that a message header contains the Ns field and the Nr field. |
The value must be 1 in a control message. |
O |
Indicates the Offset size bit. The value 1 indicates that a message header contains the Offset size field. |
The value must be 0 in a control message. |
P |
Indicates the priority. This field exists only in a data message. |
The value must be 0 in a control message. |
Ver |
Indicates the version number of the L2TP protocol. |
The value is 2 if L2TPv2 is enabled. |
Length |
Indicates the total length of a message, in bytes. |
- |
Tunnel ID |
Indicates the tunnel ID, which is only locally valid. |
The value must be 0 in a Hello control message because the Hello control message is globally valid. |
Session ID |
Indicates the session ID, which is only locally valid. |
- |
Ns |
Indicates the sequence number of the current message. |
- |
Nr |
Indicates the sequence number of the next message expected to be received. |
It is a reserved field in data messages. |
offset size |
Indicates the origin position of the payload. |
- |
offset padding |
Indicates the padding bit. |
- |
The tunnel ID and session ID contained in an L2TP message header are allocated by the peer along an L2TP tunnel to identify a tunnel and a session, respectively. Messages with the same tunnel ID and different session IDs are multiplexed on one L2TP tunnel.
Structure of an L2TP Data Message
A user PPP packet (already encapsulated with a source IP header and a PPP header) is encapsulated with the following protocol headers when being transmitted as an IP packet over a public network:
A 16-byte L2TP header
An 8-byte UDP header
A 20-byte new IP header, indicating the source and destination addresses of an L2TP tunnel
Figure 3 shows the format of an L2TP data message.
The LAC encapsulates a PPP packet as follows:
Encapsulates the packet with an L2TP header.
Encapsulates the packet with a UDP header.
Encapsulates the packet with a new IP header and then sends the packet through a public network interface. The destination address in the new IP header is the IP address of the destination of the L2TP tunnel.
L2TP has no data fragmentation function. After an L2TP message is encapsulated with an IP header, the IP packet can be fragmented as required. To ensure that no packet needs to be fragmented, the size of the encapsulated IP packet cannot be greater than the value of the MTU of the physical interface.
After receiving the packet on the interface connected to the public network, the LNS handles the packet as follows:
Decapsulates the IP header and the UDP header and then sends the packet to the L2TP module.
Decapsulates the L2TP header and the PPP header to restore the original user IP packet, and then sends the IP packet to the server inside the private network.