Implementation and Performance Evaluation of IPSec VPN Based on Netfilter

被引:7
作者
ZHAO Da-yuan
机构
来源
WuhanUniversityJournalofNaturalSciences | 2005年 / 01期
关键词
IPSec; virtual private network; netfilter;
D O I
暂无
中图分类号
TP393 [计算机网络];
学科分类号
081201 ; 1201 ;
摘要
We mainly explore two problems when combining IPSec module into TCP/IP stack by porting the famous IPSec software (FreeS/WAN) into a security gateway. One is how to implement the IPSec module based on Netfilter in Linux 2.4.x kernel. The other problem is the performance evaluation. We test the throughput of our security gateway before and after applying IPSec with different encryption/decryption algorithms, including the software-based and hardware-based method. With these testing data, we analyze further system performance bottleneck. In the end, we also infer the quantitative relation between the system throughput and the speed of encryption/decryption algorithm and propose some valuable conclusions for improving performance.
引用
收藏
页码:98 / 102
页数:5
相关论文
共 50 条
  • [41] VPN: a Boon or Trap? A Comparative Study of MPLS, IPSec, and SSL Virtual Private Networks
    Zhang Zhipeng
    Chandel, Sonali
    Sun Jingyao
    Yan Shilin
    Yu Yunnan
    Zang Jingji
    PROCEEDINGS OF THE 2ND INTERNATIONAL CONFERENCE ON COMPUTING METHODOLOGIES AND COMMUNICATION (ICCMC 2018), 2018, : 510 - 515
  • [42] Adopting IPsec to SIP Network for On-Demand VPN Establishment between Home Networks
    Mizuno, Shintaro
    Haruyama, Takahiro
    Yamada, Hideki
    Abe, Tsuyoshi
    Kawashima, Masahisa
    Mizuno, Osamu
    GLOBECOM 2008 - 2008 IEEE GLOBAL TELECOMMUNICATIONS CONFERENCE, 2008,
  • [43] Speech Quality Evaluation in IPsec Environment
    Voznak, Miroslav
    Rezac, Filip
    Halas, Michal
    RECENT ADVANCES IN NETWORKING, VLSI AND SIGNAL PROCESSING, 2010, : 49 - +
  • [44] Some concerns on key management protocols for IPsec implementation
    Li, Hua
    Nickle, Elspeth
    WMSCI 2005: 9th World Multi-Conference on Systemics, Cybernetics and Informatics, Vol 8, 2005, : 327 - 329
  • [45] FPGA implementation of IPsec protocol suite for multigigabit networks
    Korona, Mateusz
    Skowron, Krzysztof
    Trzepinski, Mateusz
    Rawski, Mariusz
    2017 INTERNATIONAL CONFERENCE ON SYSTEMS, SIGNALS AND IMAGE PROCESSING (IWSSIP), 2017,
  • [46] VPN on DCE: From reference configuration to implementation
    Gaspoz, JP
    Gbaguidi, C
    Meinkohn, J
    BRINGING TELECOMMUNICATION SERVICES TO THE PEOPLE - IS&N '95, 1995, 998 : 249 - 260
  • [47] Implementation of 10 giga VPN Accelerator Board
    Kim, KH
    Yoo, JH
    Chung, KI
    8th International Conference on Advanced Communication Technology, Vols 1-3: TOWARD THE ERA OF UBIQUITOUS NETWORKS AND SOCIETIES, 2006, : U1552 - U1556
  • [48] Performance Analysis of VPN Gateways
    Pudelko, Maximilian
    Emmerich, Paul
    Gallenmueller, Sebastian
    Carle, Georg
    2020 IFIP NETWORKING CONFERENCE AND WORKSHOPS (NETWORKING), 2020, : 325 - 333
  • [49] IPsec WIT: The NIST IPsec Web-based interoperability test system
    Glenn, R
    Frankel, S
    Montgomery, D
    IEEE 9TH INTERNATIONAL WORKSHOPS ON ENABLING TECHNOLOGIES: INFRASTRUCTURE FOR COLLABORATIVE ENTERPRISES, PROCEEDINGS, 2000, : 147 - 152
  • [50] Optimizations for High-Performance IPsec Execution
    Iatrou, Michael G.
    Voyiatzis, Artemios G.
    Serpanos, Dimitrios N.
    E-BUSINESS AND TELECOMMUNICATIONS, 2011, 130 : 199 - 211
12345