Article Categories
- All Categories
-
Data Structure
-
Networking
-
RDBMS
-
Operating System
-
Java
-
MS Excel
-
iOS
-
HTML
-
CSS
-
Android
-
Python
-
C Programming
-
C++
-
C#
-
MongoDB
-
MySQL
-
Javascript
-
PHP
-
Economics & Finance
What is Layer 2 Forwarding (L2F)?
Layer 2 Forwarding (L2F) is a tunneling protocol developed by Cisco Systems for creating Virtual Private Networks (VPNs) over public networks like the Internet. L2F operates at the data-link layer and tunnels Layer 2 protocols such as Point-to-Point Protocol (PPP) and Serial Line Internet Protocol (SLIP) across IP networks.
Unlike IP-dependent protocols, L2F is media-independent and can operate over various network infrastructures including Frame Relay and ATM. The protocol enables server-side capabilities like user authentication via RADIUS, dynamic address allocation, and Quality of Service (QoS) management.
How L2F Works
L2F creates an end-to-end tunnel between a client and a remote network through a Network Access Server (NAS). When a dial-up client establishes a PPP connection, the NAS receives the call and can extend this connection to a remote target node called the home gateway in Cisco terminology.
The NAS acts as a transparent forwarder, projecting PPP frames from the client to the distant home gateway. This creates the illusion that the client is directly connected to the corporate network rather than going through an ISP's infrastructure.
Authentication Methods
L2F employs a dual authentication mechanism using PPP authentication protocols:
-
First authentication − Performed by the ISP before tunnel establishment
-
Second authentication − Conducted by the corporate gateway after tunnel connection
PAP (Password Authentication Protocol)
The client sends a packet containing username and password credentials. The server verifies these credentials and either accepts or rejects the authentication request.
CHAP (Challenge Handshake Authentication Protocol)
The server periodically sends challenge packets to the client throughout the session. The client responds with authentication packets, providing continuous verification and enhanced security compared to PAP.
Advantages and Disadvantages
| Advantages | Disadvantages |
|---|---|
| Media-independent operation | No built-in encryption support |
| Multiple connections per tunnel | Lacks data flow control |
| Dual authentication mechanism | No attribute-value pair hiding |
| Works with non-IP protocols | Cisco proprietary protocol |
Conclusion
Layer 2 Forwarding (L2F) is a Cisco-developed tunneling protocol that enables VPN connectivity by forwarding Layer 2 frames across public networks. While it provides flexible, media-independent tunneling with dual authentication, it lacks built-in encryption and has been largely superseded by more secure protocols like L2TP.
1K+ Views
