FAQ-What Are Advantages and Disadvantages of Direct Forwarding and Tunnel Forwarding

Publication Date:  2015-06-27 Views:  280 Downloads:  0
Issue Description
What Are Advantages and Disadvantages of Direct Forwarding and Tunnel Forwarding?
Direct forwarding: Packets do not need to be encapsulated and decapsulated. Therefore, the forwarding efficiency is high, and it is easy for network administrators to locate faults. However, user packets may be intercepted during transmission, threatening information security. In addition, packets of service VLANs need to be transparently transmitted, which increases maintenance workload on the Layer 2 network between ACs and APs.

Tunnel forwarding: Packets are encrypted using the Datagram Transport Layer Security (DTLS) protocol, which prevents attackers from intercepting packets transmitted on the network. Therefore, tunnel forwarding has high security. The configuration is also simple because only packets of the management VLAN need to be transparently transmitted between APs and ACs. However, encrypted packets make fault location difficult. Moreover, the forwarding efficiency is lower than that in direct forwarding because data packets must be encapsulated with a CAPWAP header.