further analyze or transform the traffic.
• If the contents of the packet is encapsulated (such as with IPsec, PPTP/L2TP or some
other type of tunneled protocol), then the interface lists are checked for a matching
interface. If one is found, the packet is decapsulated and the payload (the plaintext) is
sent into NetDefendOS again, now with source interface being the matched tunnel
interface. In other words, the process continues at step 3 above.
• If traffic management information is present, the packet might get queued or otherwise
be subjected to actions related to traffic management.
11. Eventually, the packet will be forwarded out on the destination interface according to the
state. If the destination interface is a tunnel interface or a physical sub-interface, additional
processing such as encryption or encapsulation might occur.
The next section provides a set of diagrams illustrating the flow of packets through
NetDefendOS.
Chapter 1: NetDefendOS Overview
27
To Next Page
Loading...
