IPsec and NETBEUI
Stephen Hope
SHOPE at DATARANGE.CO.UK
Thu Mar 23 03:52:33 EST 2000
You cant tunnel NetBEUI directly. However, a reasonable router
with Data Link Switching (DLSw) will tunnel and spoof NetBEUI
across an IP network. there have been several RFCs on the subject
- DLSw Version 2 is the most widely used these days.
DLSw has a lot of versions over the years, but the basic protocol
uses 2 TCP connections between each pair of routers.
You then need to use a VPN to tunnel the TCP connections.
Only some DLSw implementations can carry NNetBEUI - i have worked
on Bay / Nortel routers and IBM 2210.
The protocol includes discovery mechanisms to allow a large topology
to be built. The assumption in the original system was that the LANs
were Token ring, but ethernet is also supported.
Note that you may need a relatively expensive varient of the router
code, and DLSw can eat up a lot of memory - each router - router
tunnel can use 50 to 100k for structures, buffers etc.
Stephen
Stephen Hope C. Eng, Network Consultant, shope at datarange.co.uk,
Datarange Communications PLC, part of Energis, WWW:
http://www.datarange.co.uk
Carrington Business Park, Carrington, Manchester , UK. M31 4ZU
Tel: +44 (0)161 776 4190 Mob: +44 (0)7767 256 180 Fax: +44 (0)161 776
4189
> -----Original Message-----
> From: Ryan Russell [mailto:ryan at SECURITYFOCUS.COM]
> Sent: Thursday, March 16, 2000 10:08 PM
> To: VPN at SECURITYFOCUS.COM
> Subject: Re: IPsec and NETBEUI
>
>
> I've yet to see anything that will tunnel layer 2 over anything IP. I
> suspect the timing problems make it impracticle.
>
> Ryan
>
>
> On Thu, 16 Mar 2000, Miranda Heesbeen wrote:
>
> > I have one more question. Can IPsec encrypt NETBEUI traffic
> and send it over
> > the Internet?
> >
>
> VPN is sponsored by SecurityFocus.COM
>
VPN is sponsored by SecurityFocus.COM
More information about the VPN
mailing list