共查询到20条相似文献,搜索用时 31 毫秒
1.
Schroeder M.D. Birrell A.D. Burrows M. Murray H. Needham R.M. Rodeheffer T.L. Satterthwaite E.H. Thacker C.P. 《Selected Areas in Communications, IEEE Journal on》1991,9(8):1318-1335
Autonet is a self-configuring local area network composed of switches interconnected by 100 Mb/s, full-duplex, point-to-point links. The switches contain 12 ports that are internally connected by a full crossbar. Switches use cut-through to achieve a packet forwarding latency as low as 2 ms/switch. Any switch port can be cabled to any other switch port or to a host network controller. A processor in each switch monitors the network's physical configuration. A distributed algorithm running on the switch processor computes the routes packets are to follow and fills in the packet forwarding table in each switch. With Autonet, distinct paths through the set of network links can carry packets in parallel, allowing many pairs of hosts to communicate simultaneously at full link bandwidth. A 30-switch network with more than 100 hosts has been the service network for Digital's Systems Research Center since February 1990 相似文献
2.
This article reviews the key differences between traditional IP routing and the emerging multiprotocol label switching (MPLS) approach, and identifies where MPLS adds value to IP networking. In various corners of the industry MPLS has been held up as the solution to IP QoS, gigabit forwarding, network scaling, and traffic engineering. Each of these expectations is critically considered in the light of developments in conventional gigabit IP routers. It is shown that MPLS adds the ability to forward packets over arbitrary non-shortest paths, and emulate high-speed “tunnels” between IP-only domains-capabilities critical to service providers who need to better manage resources around their backbones, or who are planning IP VPN services. However, it is also argued that the technology required to support IP QoS and gigabit forwarding is not unique to MPLS. A network of gigabit IP routers or switches may be entirely sufficient for QoS and performance if traffic engineering is not a requirement 相似文献
3.
针对DoS攻击的IP跟踪技术研究 总被引:1,自引:0,他引:1
IP追踪技术是检测和防御分布式拒绝服务攻击的重要手段,它的主要目的是想办法追踪到攻击数据包的源地址,弥补IP协议的不足。成熟的IP追踪技术可以有效抑制DDoS攻击的发生,对网络故障的诊断和减少数据包欺骗将有很大的帮助。文中对当前现有的IP追踪和攻击源定位技术作了系统的分类,分别对它们作了全面的分析并比较了相互之间的异同及优缺点。同时,针对当前的IP追踪和攻击源定位技术现状,讨论了其未来的发展趋势。 相似文献
4.
The question that we consider here is the following: "How can a source verify the quality of service (QoS) experienced by its packet(s) at each hop to the destination in a multihop wireless network?" For example, if Bob needs to forward packets within some maximum delay of delta B , how can the source verify that Bob in fact forwarded the packets within this bound? Answering this question will enable innovations in multihop wireless network deployments, where nodes may receive payment not only for forwarding packets but also for meeting some QoS guarantees. In this paper, we present protocols that enable verification of delivered QoS for individual packets, as well as verification of statistical QoS for groups of packets. The protocols are proven to be cheat proof. We also provide expressions for the minimum verifiable delay. 相似文献
5.
IP组播技术分析与应用实现 总被引:3,自引:0,他引:3
介绍了一种IP组播的网络技术,分析了其工作机理及技术前提条件.并提供了使用Windows Sockets加入组播组从而进行发送、接收组播数据包的一整套方法。 相似文献
6.
该文在信源定位方案中提出了一种基于Bloom filter存储的概率采样日志记录方法。该方法对经过路由器的所有数据实现概率采样,存储采用了高效的Bloom filter存储结构,使得采样信息能够在一定时间内存储在内存中便于查找。基于此方法该文提出信源定位服务器的概念,从而使得核心网络路由器除了路由转发功能之外,只需要完成对数据包的概率采样即可。文中还对相关参数的选择进行了理论分析,从理论上分析了信源定位服务的存储开销以及信源定位有效性,方案具有存储开销小、效率高的特点,从而为进一步的实际网络部署提供了理论依据。 相似文献
7.
Packet filtering allows a network gateway to control the network traffic flows and protect the computer system. Most of the recent research works on the filtering systems mainly concern the performance, reliability and defence against common network attacks. However, since the gateway might be controlled by red an untrusted attacker, who might try to infer the identity privacy of the sender host and mount IP tracking to its data packets. IP spoofing is another problem. To avoid data packets to be filtered in the packet filtering system, the malicious sender host might use a spoofed source IP address. Therefore, to preserve the source IP privacy and provide source IP authentication simultaneously in the filtering system is an interesting and challenging problem. To deal with the problem, we construct a data packet filtering scheme, which is formally proved to be semantic secure against the chosen IP attack and IP guessing attack. Based on this filtering scheme, we propose the first privacy-preserving packet filtering system, where the data packets whose source IP addresses are at risk are filtered, the privacy of the source IP is protected and its correctness can be verified by the recipient host. The analysis shows that our protocol can fulfil the objectives of a data packet filtering system. The performance evaluation demonstrates its applicability in the current network systems. We also presented a packet filtering scheme, where the data packets from one subnet can be filtered with only one filter policy. 相似文献
8.
9.
On-demand loop-free routing with link vectors 总被引:1,自引:0,他引:1
Garcia-Luna-Aceves J.J. Roy S. 《Selected Areas in Communications, IEEE Journal on》2005,23(3):533-546
We present the on-demand link vector (OLIVE) protocol, a routing protocol for ad hoc networks based on link-state information that is free of routing loops and supports destination-based packet forwarding. Routers exchange routing information reactively for each destination in the form of complete paths, and each node creates a labeled source graph based on the paths advertised by its neighbors. A node originates a broadcast route request (RREQ) to obtain a route for a destination for which a complete path does not exist in its source graph. When the original path breaks, a node can select an alternative path based on information reported by neighbors, and a node can send a unicast RREQ to verify that the route is still active. A node that cannot find any alternate path to a destination sends route errors reliably to those neighbors that were using it as next hop to the destination. Using simulation experiments in ns2, OLIVE is shown to outperform dynamic source routing, ad hoc on-demand distance vector, optimized link-state routing protocol, and topology broadcast based on reverse-path forwarding, in terms of control overhead, throughput, and average network delay, while maintaining loop-free routing with no need for source routes. 相似文献
10.
李桂云 《电信工程技术与标准化》2001,(3):51-54
本旨在介绍移动IP提供的隧道传送机制,即一种“向离开本地网的移动主机路由IP包”的方案,其中主要介绍了机制本身和隧道传送实现的相关技术。 相似文献
11.
In wireless networks, mobile hosts must update the network with their current location in order to get packets delivered. Paging facilitates efficient power management at the mobile host by allowing the host to update the network less frequently at the cost of providing the network with only approximate location information. The network determines the exact location of a mobile host through paging before delivering packets destined to the mobile host. In this paper, we propose the concept of paging as an IP service. IP paging enables a common infrastructure and protocol to support the different wireless interfaces such as CDMA, GPRS, wireless LAN, avoiding the duplication of several application layer paging implementations and the inter-operability issues that exist today. We present the design, implementation, and detailed qualitative and quantitative evaluation, using measurements and simulation, of three IP-based paging protocols for mobile hosts. 相似文献
12.
Single-packet IP traceback 总被引:2,自引:0,他引:2
Snoeren A.C. Partridge C. Sanchez L.A. Jones C.E. Tchakountio F. Schwartz B. Kent S.T. Strayer W.T. 《Networking, IEEE/ACM Transactions on》2002,10(6):721-734
The design of the IP protocol makes it difficult to reliably identify the originator of an IP packet. Even in the absence of any deliberate attempt to disguise a packet's origin, widespread packet forwarding techniques such as NAT and encapsulation may obscure the packet's true source. Techniques have been developed to determine the source of large packet flows, but, to date, no system has been presented to track individual packets in an efficient, scalable fashion. We present a hash-based technique for IP traceback that generates audit trails for traffic within the network, and can trace the origin of a single IP packet delivered by the network in the recent past. We demonstrate that the system is effective, space efficient (requiring approximately 0.5% of the link capacity per unit time in storage), and implementable in current or next-generation routing hardware. We present both analytic and simulation results showing the system's effectiveness. 相似文献
13.
A drawback of the conventional Internet routing architecture is that its route computation and packet forwarding mechanisms
are poorly integrated with congestion control mechanisms. Any datagram offered to the network is accepted; routers forward
packets on a best-effort basis and react to congestion only after the network resources have already been wasted. A number
of proposals improve on this to support multimedia applications; a promising example is the Integrated Services Packet Network
(ISPN) architecture. However, these proposals are oriented to networks with fairly static topologies and rely on the same
conventional Internet routing protocols to operate. This paper presents a routing architecture for mobile integrated services
networks in which network nodes (routers) can move constantly while providing end-to-end performance guarantees. In the proposed
connectionless routing architecture, packets are individually routed towards their destinations on a hop by hop basis. A packet
intended for a given destination is allowed to enter the network if and only if there is at least one path of routers with
enough resources to ensure its delivery within a finite time. Once a packet is accepted into the network, it is delivered
to its destination, unless resource failures prevent it. Each router reserves resources for each active destination, rather
than for each source–destination session, and forwards a received packet along one of multiple loop-free paths towards the
destination. The resources and available paths for each destination are updated to adapt to congestion and topology changes.
This mechanism could be extended to aggregate dissimilar flows as well.
This revised version was published online in June 2006 with corrections to the Cover Date. 相似文献
14.
15.
16.
The concept of a forwarding node, which receives packets from upstream nodes and then transmits these packets to downstream nodes, is a key element of any multihop network, wired or wireless. While high-speed IP router architectures have been extensively studied for wired networks, the concept of a "wireless IP router" has not been addressed so far. We examine the limitations of the IEEE 802.11 MAC protocol in supporting a low-latency and high-throughput IP datapath comprising multiple wireless LAN hops. We first propose a wireless IP forwarding architecture that uses MPLS with modifications to 802.11 MAC to significantly improve packet forwarding efficiency. We then study further enhancements to 802.11 MAC that improve system throughput by allowing a larger number of concurrent packet transmissions in multihop 802.11-based IP networks. With 802.11 poised to be the dominant technology for wireless LANs, we believe a combined approach to MAC, packet forwarding, and transport layer protocols is needed to make high-performance multihop 802.11 networks practically viable. 相似文献
17.
In an ad-hoc network, mobile stations communicate with each other using multi-hop wireless links. There is no stationary infrastructure such as base stations. Each node in the network also acts as a router, forwarding data packets for other nodes. In this architecture, mobile stations have a multi-hop path, via other mobile stations acting as intermediaries or relays, to indirectly forward packets from source to destination. Adjusting the transmitted power is extremely important in ad-hoc networks due to at least the following reasons. The transmitted power of the radio terminals determines the network topology. The network topology in turn has considerable impact on the throughput (fraction of packets, sent by a source, and successfully received at the receiver) performance of the network. The need for power efficiency must be balanced against the lifetime of each individual node and the overall life of the network. Power control problem can be classified in one of three categories. The first class comprises of strategies to find an optimal transmitted power to control the connectivity properties of the network. The second class of approaches could be called power aware routing. Most schemes use some shortest path algorithm with a power based metric, rather than a hop count based metric. The third class of approaches aim at modifying the mac layer. We use distributed power control algorithms initially proposed for cellular networks. We establish a classification of power control algorithms for wireless ad-hoc networks. We evaluate these algorithms in anIeee 802.11b multi-hop wireless ad-hoc LAN environment. Results show the advantage of power control in maximizing signal-to-interference ratio and minimizing transmitted power. 相似文献
18.
针对软件定义网络(SDN)中缺乏安全高效的数据来源验证机制问题,该文提出基于密码标识的报文转发验证机制。首先,建立基于密码标识的报文转发验证模型,将密码标识作为IP报文进出网络的通行证。其次,设计SDN批量匿名认证协议,将SDN控制器的验证功能下放给SDN交换机,由SDN交换机进行用户身份验证和密码标识验证,快速过滤伪造、篡改等非法报文,提高SDN控制器统一认证与管理效率,同时可为用户提供条件隐私保护。提出基于密码标识的任意节点报文抽样验证方案,任何攻击者无法通过推断采样来绕过报文检测,确保报文的真实性的同时降低其处理延迟。最后,进行安全性分析和性能评估。结果表明该机制能快速检测报文伪造和篡改及抵抗ID分析攻击,但同时引入了大约9.6%的转发延迟和低于10%的通信开销。 相似文献
19.
IP traceback with deterministic packet marking 总被引:5,自引:0,他引:5
We propose a new approach for IP traceback which is scalable and simple to implement, and introduces no bandwidth and practically no processing overhead. It is backward compatible with equipment which does not implement it. The approach is capable of tracing back attacks, which are composed of just a few packets. In addition, a service provider can implement this scheme without revealing its internal network topology. 相似文献
