Implementation and Performance Evaluation of IPSec VPN Based on Netfilter

被引:7
作者
ZHAO Da-yuan
机构
来源
WuhanUniversityJournalofNaturalSciences | 2005年 / 01期
关键词
IPSec; virtual private network; netfilter;
D O I
暂无
中图分类号
TP393 [计算机网络];
学科分类号
081201 ; 1201 ;
摘要
We mainly explore two problems when combining IPSec module into TCP/IP stack by porting the famous IPSec software (FreeS/WAN) into a security gateway. One is how to implement the IPSec module based on Netfilter in Linux 2.4.x kernel. The other problem is the performance evaluation. We test the throughput of our security gateway before and after applying IPSec with different encryption/decryption algorithms, including the software-based and hardware-based method. With these testing data, we analyze further system performance bottleneck. In the end, we also infer the quantitative relation between the system throughput and the speed of encryption/decryption algorithm and propose some valuable conclusions for improving performance.
引用
收藏
页码:98 / 102
页数:5
相关论文
共 50 条
  • [21] Implementation of Virtual Private Network based on IPSec Protocol
    Wu, Jianwu
    2009 ETP INTERNATIONAL CONFERENCE ON FUTURE COMPUTER AND COMMUNICATION (FCC 2009), 2009, : 138 - 141
  • [22] IPSec VPN的工程应用对比研究
    蒋建锋
    蒋建峰
    科技信息, 2012, (32) : 297 - 298
  • [23] THE DEVELOPMENT RESEARCH OF IPSEC-VPN BASED ON ADDRESS-SPLIT-MAPPING MECHANISM
    Zhou Huachun
    Liu Ying
    Guan Jianfeng
    PROCEEDINGS OF 2009 2ND IEEE INTERNATIONAL CONFERENCE ON BROADBAND NETWORK & MULTIMEDIA TECHNOLOGY, 2009, : 602 - 607
  • [24] P4-IPsec: Site-to-Site and Host-to-Site VPN With IPsec in P4-Based SDN
    Hauser, Frederik
    Haeberle, Marco
    Schmidt, Mark
    Menth, Michael
    IEEE ACCESS, 2020, 8 : 139567 - 139586
  • [25] A Performance Evaluation of IPsec with Post-Quantum Cryptography
    Bae, Seungyeon
    Chang, Yousung
    Park, Hyeongjin
    Kim, Minseo
    Shin, Youngjoo
    INFORMATION SECURITY AND CRYPTOLOGY - ICISC 2022, 2023, 13849 : 249 - 266
  • [26] 浅谈IPSec VPN技术及应用过程
    李建光
    网络安全技术与应用, 2015, (01) : 62+64 - 62
  • [27] Session-based Tunnel Scheduling Model in Multi-link Aggregate IPSec VPN
    Zhang, Yunhe
    Li, Zhitang
    Mei, Song
    Fu, Cai
    THIRD INTERNATIONAL CONFERENCE ON MULTIMEDIA AND UBIQUITOUS ENGINEERING (MUE 2009), 2009, : 505 - 510
  • [28] Implementation of a Host-to-Host VPN based on UDP tunnel and Open VPN Tap Interface in Java']Java and its performance Analysis
    Meng, Du
    PROCEEDINGS OF THE 2013 8TH INTERNATIONAL CONFERENCE ON COMPUTER SCIENCE & EDUCATION (ICCSE 2013), 2013, : 940 - 943
  • [29] Implementation of IPsec on performance enhancing proxies for long distance wireless and satellite networks
    Gulzar, Wahab Ali
    Khan, Zubair A.
    Nawaz, Rab
    2012 15TH INTERNATIONAL MULTITOPIC CONFERENCE (INMIC), 2012, : 395 - 402
  • [30] Multi-VLAN Design over IPSec VPN for Campus Network
    Tongkaw, Sasalak
    Tongkaw, Aumnat
    2018 IEEE CONFERENCE ON WIRELESS SENSORS (ICWISE), 2018, : 66 - 71
12345