IP protocol types
Transmission Control Protocol (TCP) is a connection-oriented transport protocol which operates at Transport layer (OSI level 4) of network model. It is used on top of IP protocol for reliable transmission of packets.
User Datagram Protocol (UDP) is a lightweight connectionless data transport protocol which operates at Transport layer (OSI level 4) of network model. It is used on top of IP protocol for fast data transmission.
Internet Control Message Protocol (ICMP) is used to communicate information about network connectivity issues back to sender. It is used as an error reporting mechanism and a query service.
Examples of ICMP usage: ping, echo, echo replies.
Generic Routing Encapsulation protocol (GRE) is used as a simple and effective way to create a tunnel (a GRE tunnel) over a public network. GRE was developed by CISCO. GRE tunnel can be established between routers. GRE tunnel does not provide any encryption by default.
Internet Protocol Security (IPSec) is a set of protocols at the Network layer (OSI layer 3) used to protect one or more data flows between peers. It is a TCP protocol which authenticates and encrypts IP packets. Unlike GRE, an IPSec tunnel is an encrypted tunnel over a public network. IPSec is heavily used inside VPNs.
In order to encypt data, IPSec uses:
- Authentication Header (AH), and
- Encapsulating Security Payload (ESP).
Authentication Header (AH) is a protocol within IPSec protocol which provides data integrity and authentification. It hashes IP header and payload. Then, this hash is used to create an AH header which is appended to the packet.
Encapsulating Security Payload (ESP) is a protocol within IPSec protocol which provides data packets encryption and integrity. Adds an ESP header to data packets. The protocol is backwards compatible with routers which were not designed to work with IPSec protocol.