| 支持多路负载平衡的IPSec VPN系统的设计与实现 |
| |
| 引用本文: | 胡晓英,徐敬东,刘晓欣,吴功宜.支持多路负载平衡的IPSec VPN系统的设计与实现[J].计算机工程与设计,2006,27(19):3541-3544. |
| |
| 作者姓名: | 胡晓英 徐敬东 刘晓欣 吴功宜 |
| |
| 作者单位: | 南开大学,计算机科学与技术系,天津,300071;南开大学,计算机科学与技术系,天津,300071;南开大学,计算机科学与技术系,天津,300071;南开大学,计算机科学与技术系,天津,300071 |
| |
| 摘 要: | VPN解决全球化企业联网的能力使其越来越受到关注.IPSec作为网络层的安全协议族,是实现VPN的重要途径.文章针对现有IPSecVPN系统存在的问题,提出并实现了一种基于Linux平台的、支持多路负载平衡功能的IPSecVPN网关系统.该系统利用Netfilter框架的HOOK机制实现IP层处理、IPSec处理及多路负载平衡功能的有机结合,使VPN网关之间的流量能够在多条链路之间合理分配,提高了VPN系统的性能和可靠性.
|
| 关 键 词: | 虚拟专用网 IPSec Netfilter PF KEY 安全关联 多路负载平衡 |
| 文章编号: | 1000-7024(2006)19-3541-04 |
| 收稿时间: | 2005-08-05 |
| 修稿时间: | 2005-08-05 |
Design and implementation of IPSec VPN system supporting multi-link load balance |
| |
| HU Xiao-ying,XU Jing-dong,LIU Xiao-xin,WU Gong-yi.Design and implementation of IPSec VPN system supporting multi-link load balance[J].Computer Engineering and Design,2006,27(19):3541-3544. |
| |
| Authors: | HU Xiao-ying XU Jing-dong LIU Xiao-xin WU Gong-yi |
| |
| Affiliation: | Department of Computer Science and Technology, Nankai University, Tianjin 300071, China |
| |
| Abstract: | The ability of solving globalization networking of VPN makes it gradually comes to front.IPSec provides security service for traffic at the IP layer,and it's an important approach to implement VPN.On the basis of analyses the feature of existing IPSec VPN systems,the architecture of an IPSec VPN gateway system is presented which supports multi-link load balance and is implements on Linux platform.This system uses Netfilter frame to combine IP process,IPSec process,and multi-link load balance function efficiently.The traffic to multiple links between VPN gateways reasonably is assigned,and the capability and reliability of VPN system are enhanced. |
| |
| Keywords: | IPSec Netfilter PF KEY |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
