21. June 2008 01:14
Let's analyze some data and see how it travels along the wire.
Assume that we have the scenario from Figure1. Two routers, one subnet behind each router, the routers are directly connected(192.168.50.0/24).
Actually if you wonder, the two routers are Cisco routers and not Vyatta VC4 machines. The reason behind this was to be able to take a look at Cisco's IPsec Static Virtual Tunnel Interfaces (SVTIs) and DMVPN.
Taking all the Wireshark captures using the same equipment will keep things contiguous. The only exception was the L2TP/IPsec site-to-site connection where I've used two ISA 2006 Firewalls.
In order to generate some traffic, I've used the ping command. So a host behind R1 (located on the 192.168.30.0/24 subnet) wants to reach a host behind R0 (located on the 192.168.10.0/24 subnet) and vice-versa. R0's external IP address is 192.168.50.1 and R1's external IP address is 192.168.50.2. As usually, we will capture traffic with our favourite protocol analyzer, Wireshark.