Title :
Session-Based Tunnel Scheduling Model in Multi-link Aggregate IPSec VPN
Author :
Zhang, Yunhe ; Li, Zhitang ; Mei, Song ; Fu, Cai
Author_Institution :
Sch. of Comput. Sci. & Technol., Huazhong Univ. of Sci. & Technol., Wuhan, China
Abstract :
IPSec VPN is commonly used to implement secure communications between different branch intranets over public networks. Multi-link aggregate IPSec VPN can make better use of multiple physical links of corporation. On the basis of analysis on the insufficiency of packet-based scheduling, a session-based tunnel scheduling model for multi-link aggregate IPSec VPN is proposed. The new model can distribute IPSec traffics over multiple tunnels negotiated on different physical links in unit of session. A prototype system of the new model which adopts Netfilter mechanism is implemented on Linux platform. Analysis on the test result for the prototype system shows that the new model can work effectively, the cost of scheduling is controllable and the performance of model is acceptable.
Keywords :
IP networks; Internet; scheduling; telecommunication security; transport protocols; virtual private networks; Internet; Linux platform; Netfilter mechanism; intranet; multilink aggregate IPSec VPN traffic; packet-based scheduling; public network; secure communication; session-based tunnel scheduling model; virtual private network; Aggregates; Costs; Linux; Performance analysis; Prototypes; Scheduling; System testing; Telecommunication traffic; Traffic control; Virtual private networks; IPSec; scheduling; session;
Conference_Titel :
Multimedia and Ubiquitous Engineering, 2009. MUE '09. Third International Conference on
Conference_Location :
Qingdao
Print_ISBN :
978-0-7695-3658-3
DOI :
10.1109/MUE.2009.89
