a VPN protocol depends

The choice of a VPN protocol depends on the type of traffic to be sent via the tunnel.  VPN protocols can be classified according to OSI layers of received packets used for encryption. There are currently 3 kinds of VPN: Chapter 2: VPN Overview  Page 11 © 2009 Chen Xu  Page 11 o Layer 2 VPN A Layer 2 VPN encapsulates packets on the OSI Layer 2: Data Link Layer. Main Layer 2 VPN protocols are: Layer 2 MPLS VPN, OpenVPN, PPTP and L2TP. Chapter 2.3 discusses the details of Layer 2 VPN protocols. o Layer 3 VPN Layer 3 VPN encapsulates packets on the OSI Layer 3: Network Layer. Main Layer 3 VPN protocols are: Layer 3 MPLS VPN, IPsec and OpenVPN. Chapter 2.4 discusses the details of Layer 3 VPN protocols. o Layer 4 VPN Transport Layer Security (TLS) and its predecessor  Secure Sockets Layer (SSL) are Layer 4 VPN protocols that encrypt  segments of network connections at the OSI Layer 4 (transport layer). A prominent use of TLS is for securing web traffic carried by HTTP to form HTTPS. Although TLS is widely used, it can only encrypt Layer 4 packets, not lower layers. This greatly limits its applications. This thesis uses VPN protocols at lower layers.  2.3 VPN PROTOCOLS IMPLEMENTED ON OSI LAYER 2 This section will analyse and compare main VPN protocols implemented on OSI layer 2 (data link layer). 2.3.1 Layer 2 MPLS VPN Multiprotocol Label Switching (MPLS) [48] is a mechanism used in high-performance networks and it carries data from one network node to the other. In an MPLS network, labels are added to each data packet and packets are switched according to these labels. MPLS is a scalable protocol as MPLS labels can be added to various network protocols. Layer 2 MPLS VPN is a type of Virtual Private Network (VPN) that uses MPLS labels to transport OSI Layer 2 packets. It is commonly used when customers want to communicate between remote offices through the Internet Service Provider (ISP) network [35], but they have no access to the public Internet. The edge routers on the Service provider side are called Provider