Much of the confusion on the topic of Link vs. End-to-End encryption is due to conflicting terminology used to say the same thing. Let me try to help… Data can be encrypted in either two fashions – with or without the IP header (routing information) encrypted. Either way the DATA is protected for confidentiality purposes.
The two methods of encryption used in a VPN are commonly called End-to-End and Link. In End-to-End encryption the IP header is NOT encrypted. TLS (SSL) does this as they are used prior to the application of the IP header. Link encryption occurs AFTER the IP header has been placed in the packet and it therefore encrypts the data and the IP header.
If a VPN is setup to utilize End-to-End encryption, then any intermediary routing devices can easily view the IP header and make routing decisions. A man in the middle attack could also see the routing information and could perform something called “traffic analysis” which looks at the source and destination IP addresses to determine what people are talking about and how often/much they are talking. Think of this as pulling a phone record in a police show – the data does not appear in the phone record (as it is also encrypted in the End-to-End VPN tunnel). However, the phone record can provide useful information about the frequency and duration calls just as IP headers can provide information about the endpoints.
An example here might be monitoring encrypted communications between Evil HQ and Evil field operators…the actual communications are unread, however the fact that there are communications may be important.
If a VPN is set up to utilize Link encryption, then the IP information is protected (encrypted) as well as all of the data traffic. This situation would make it impossible to route over the LAN or the Internet unless each routing device had a copy of the secret key used. Which would be horrible key management practice, or if each pair of routing devices had their own shared key, which would be a logistical nightmare. Furthermore, the data (and the IP header) would be decrypted by each and every routing device along the way which would mean that any router becoming compromised would provide the attacker with your plaintext data. I have seen Link encryption performed with military hardware encryptors on a dedicated point-to-point circuit (non-routed link) and they work very well.
You can “nest” the two encryption types, utilizing End-to-End encryption to protect the data on the LAN and Link encryption to further protect the IP information on the edge devices prior to sending the data out on an uncontrolled WAN. The data will then be doubly encrypted.
We can further confuse things by adding IPSec into the conversation. IPSec has two modes of encryption called “Transport” and “Tunnel”. Transport mode is equivalent to End-to-End in that it does NOT protect the IP headers, just the data. Tunnel mode is equivalent to Link encryption and protects (encrypts) the data and the IP header information.
As always, the challenge is protecting the routing information as well as the data. IPSec solves this problem in Tunnel mode by adding a new IP header to the front of the encrypted IP header. This new IP header will be used by the intermediary routing devices (perhaps the routers on the Internet) to route to the opposite end of the IPSec tunnel – to the receiving end of the IPSec tunnel. The device on the receiving end of the tunnel will look at the new IP header and determine that it is the end station (according at least to the new IP header) and will decrypt the packet revealing the internal protected IP header which it will then use to route to the real IP destination. A decent explanation of this (with pictures) can be found here:
Another option for devices performing Link encryption but not running IPSec can be to utilize GRE. I will save a full explanation of GRE for later.
To summarize – both End-to-End and Link encryption will protect the confidentiality of the data. End-to-End will NOT protect the IP information thus leaving you open to traffic analysis.
Link encryption will provide confidentiality to both your data and the IP information, but can have issues related to keys management and plaintext appearing in routing devices.
I feel like I have written a book here, thank you for reading this, and I hope it helps. Let me know if you need further explanation. If you are preparing for the CISSP exam keep in mind that encryption will be only a small part of your exam and these details are only a small part of cryptography.