Tunnels in a computer network connect two or more network devices together. The tunnels are virtual cables. Network traffic from the same open systems interconnection (OSI) layer or lower is communicated over the tunnel. The network traffic, such as an Internet Protocol (IP) packet with or without transport information (e.g., Ethernet frame), is packaged in another IP packet for the tunnel. The IP packet for the tunnel includes tunnel information to route the nested network traffic to the tunnel destination for any further routing. Generally, a frame or packet enters a tunnel at one endpoint, “disappears” from the network, and “reappears” on the network at the other endpoint of the tunnel.
Some networks may use tunnels for virtual routing and forwarding (VRF). A routing protocol for the VRF may operate with multiple instances, such as for implementing routing that is dynamically created as network devices join or disconnect. Separate tunnels are established for the different instances. However, separate tunnels may increase processing, bandwidth, and/or memory requirements, especially where the tunnels are secured, such as with IPsec.
There are several methods to virtualize interfaces on layer two technologies, such as virtual local area network (VLAN) tags, asynchronous transfer mode virtual path/virtual circuit (ATM VP/VC), and frame relay virtual circuits. However, tunnels are created for layer three.