IPsec Transport Mode
IPsec can work in two modes: transport mode and tunnel mode. In transport mode, IP packets are protected using IPsec (ESP and/or AH) and are sent on to the destination—the receiving IPsec-aware node. At the protocol level, the ESP or AH header is inserted after the IP header and before the contained protocol (TCP, UDP, ICMP, or any other IP protocol) header. See Figures 9.2, 9.3, and 9.4. Gray areas show the parts of the packet protected by IPsec.
Figure 9.2. Unprotected packet before IPsec.
Figure 9.3. IPsec packet in transport mode (using ESP).
Figure 9.4. IPsec packet in transport mode (using AH).
Get Solaris 8 Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
