Session-based Tunnel Scheduling Model in Multi-link Aggregate IPSec VPN

被引：0

作者：

Zhang, Yunhe ^{[1
]}

Li, Zhitang ^{[1
]}

Mei, Song ^{[1
]}

Fu, Cai ^{[1
]}

机构：

[1] Huazhong Univ Sci & Technol, Sch Comp Sci & Technol, Wuhan 430074, Peoples R China

来源：

THIRD INTERNATIONAL CONFERENCE ON MULTIMEDIA AND UBIQUITOUS ENGINEERING (MUE 2009) | 2009年

关键词：

IPSec; session; scheduling;

D O I：

10.1109/MUE.2009.89

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

IPSec VPN is commonly used to implement secure communications between different branch intranets over public networks. Multi-link aggregate IPSec VPN can make better use of multiple physical links of corporation. On the basis of analysis on the insufficiency of packet-based scheduling, a session-based tunnel scheduling model for multi-link aggregate IPSec VPN is proposed. The new model can distribute IPSec traffics over multiple tunnels negotiated on different physical links in unit of session. A prototype system of the new model which adopts Netfilter mechanism is implemented on Linux platform. Analysis on the test result for the prototype system shows that the new model can work effectively, the cost of scheduling is controllable and the performance of model is acceptable.

引用

页码：505 / 510

页数：6

共 10 条

[1] Doraswamy N., 1999, IPSec: The New Security Standard for the Internet, Intranets, and Virtual Private Networks
[2] Elkeelany O, 2002, 2002 IEEE INTERNATIONAL CONFERENCE ON COMMUNICATIONS, VOLS 1-5, CONFERENCE PROCEEDINGS, P1164, DOI 10.1109/ICC.2002.997033
[3] Harkins D., 1998, The internet key exchange (IKE)
[4] HU Xiao-ying, 2006, COMPUTER ENG DESIGN, V27, P3541
[5] Kent S., 1998, Security Architecture for the Internet Protocol
[6] Kent S., 1998, IP Authentication Header
[7] Kent S.y., 1998, IP Encapsulating Security Payload (ESP)
[8] Lin J C, 2003, 17 INT C ADV INF NET, P206
[9] Performance evaluation of software virtual private networks (VPN)
Peña, CJC
Evans, J
[J]. 25TH ANNUAL IEEE CONFERENCE ON LOCAL COMPUTER NETWORKS - PROCEEDINGS, 2000, : 522 - 523
[10] Zhao Da-yuan, 2005, Wuhan University Journal of Natural Sciences, V10, P98, DOI 10.1007/BF02828626

← 1 →