Ethernet tunneling
Ethernet tunnels (TAPs)#
To provide the transportation for Tunnel Aggregation Groups (TAGs), Ethernet tunnels (TAPs) need establishing, in order to encapsulate the traffic that is being inversely multiplexed, sending the packets to either NFR or EVX.
Tunnel packages used#
Various encapsulation packages can be used to provide Ethernet TAPs. The following is the current set tested and in use in the INF. Others will be added as they are tested for interoperability.
- OpenVPN - OpenSSL based encrypted encapsulation using UDP or TCP in TAP mode
- GRE - Generic Routing Encapsulation (GRETAP) tunneling protocol designed for full Ethernet frames
- Fastd - Open source lightweight tunnel protocol with kernel offloading support
TUN versus TAP#
TAGs take full Ethernet frames and distribute them. So in order to provide an emulation of Layer 2, TAPs are used rather than TUNs (which instead operate at Layer 3).