| 10 Gbit网络访问控制网关的设计与实现 |
| |
| 引用本文: | 张晓军,崔 建,马 皓,张 蓓. 10 Gbit网络访问控制网关的设计与实现[J]. 通信学报, 2014, 35(Z1): 1-4 |
| |
| 作者姓名: | 张晓军 崔 建 马 皓 张 蓓 |
| |
| 作者单位: | 北京大学 计算中心,北京 100871 |
| |
| 基金项目: | 国家发改委2011信息安全专项基金资助项目 |
| |
| 摘 要: | 为适应10 Gbit以太网传输速率,依照开放通用设计原则,重新设计和实现了第二代网络访问控制网关IPcG-10G。该系统根据认证用户的网络授权情况动态控制其访问网络资源,建立起网络实名访问机制,在加强网络安全的同时,保障网络带宽的合理使用。IPcG-10G采用多种优化技术提高10Gbit/s流量转发的性能,突破第一代吉比特IPcG系统的传输瓶颈,解决了速率不匹配带来的诸多问题,便于网络链路的管理和规划。
|
| 关 键 词: | IP控制网关;10 Gbit以太网;网络访问控制;实名制;零拷贝 |
Design and implementation of 10 Gbit network access control gateway |
| |
| Abstract: | To meet the 10 gigabit Ethernet transmission rate, a second generation network access control gateway (IPcG-10G) is redeveloped following the open and general design principle. IPcG-10G can dynamically control authenticated users to access to network resources based on their network authorization, thereby establishing the real-name registration network accessing mechanism in order to strengthen the network security and guarantee the rational use of network bandwidth. By utilizing a variety of optimal techniques, like zero-copy and socket buffer recycling, this system improves the performance of 10Gbps traffic forwarding. IPcG-10G breaks through the transmission bottleneck of the first generation gigabit IPcG, thus solving the mismatched rate problem and facilitating the network link management and planning. |
| |
| Keywords: | IP control gateway 10 Gbit Ethernet network access control real-name registration zero-copy |
|
| 点击此处可从《通信学报》浏览原始摘要信息 |
|
点击此处可从《通信学报》下载全文 |
|
