Manualshelf

Brocade Web Tools Administrator's Guide v6.2.0 (53-1001194-01, April 2009)

ManualsBrandsHP ManualsStorageHP DC SAN Backbone Director Switch
261262263264265266267268269270
240 Web Tools Administrator’s Guide
53-1001194-01
IPSec Concepts
17
Transport mode and tunnel mode
Transport mode adds an authentication header (AH) before the IP header. Only a single pair of
addresses is used (those in the IP header). When transport mode is used, both endpoints
implement IPSec.
Tunnel mode encapsulates an IP datagram in a new datagram, with a new IP header specifying the
addresses of the tunnel end points. IPSec is implemented between tunnel endpoints. IPSec is
transparent to the actual endpoints within the IP header in the original packet.
Figure 117 provides a basic visual comparison of how transport mode and tunnel mode modify an
IP datagram.
FIGURE 117 Transport mode and tunnel mode comparison