计算机科学 ›› 2024, Vol. 51 ›› Issue (9): 357-364.doi: 10.11896/jsjkx.240200062
陶志勇1,2, 阳王东2
TAO Zhiyong1,2, YANG Wangdong2
摘要: 针对传统方式构建的VPN不支持承载多种数据类型、承载数据缺乏安全性、标签边缘设备负载过重等问题,提出了集成的VPN解决方案。该方案设计包含GRE VPN的建立、IPSEC VPN的建立、网络设备虚拟化、MPLS VPN的建立、私网数据的识别与隔离5个关键步骤,实现了各VPN技术数据的嵌套与各VPN技术的相互融合,融合后的VPN既支持承载多种数据类型,又支持数据交互的安全,且能实现私网数据访问控制与地址复用,还能实现数据的负载分担。为验证方案的可行性,对方案建立的隧道、网络资源池、标签转发路径等方面进行了测试与验证,达到了预期设定的目标。为凸显方案的优势,与传统方式在背板带宽、端口速率等方面进行了对比分析。分析结果表明,该方案的背板带宽与端口速率随着资源池中设备数的增加而增长,其数据传输能力相比传统方式成倍增长,且在数据的负载分担、数据安全、可管理性与可维护性等方面优于传统方案,为构建实用、可靠、安全的VPN提供了思路。
中图分类号:
[1]HAI P N P,HONG H N,QUOC B B,et al.A Comparative Research on VPN Technologies on Operating System for Routers[C]//2021 International Conference on Advanced Technologies for Communications(ATC).IEEE,2021:89-93. [2]JUMA M,MONEM A A,SHAALAN K.Hybrid end-to-endVPN security approach for smart IoT objects[J].Journal of Network and Computer Applications,2020,158:102598. [3]ESPER D A,DATTA S,ROY M.Implementing Protection on Internal Networks using IPSec Protocol[C]//2022 8th International Conference on Advanced Computing and Communication Systems(ICACCS).IEEE,2022,1:378-383. [4]OJHA P D,HANSDAH R C.A Heuristic Approach to Detect MPLS L3 VPN Misconfiguration in Multi-Homed Multi-VRF Site-Redundant CE Environments[J].IEEE Transactions on Network and Service Management,2020,18(2):2294-2307. [5]SLLAME A M.Performance Evaluation of Multimedia overMPLS VPN and IPSec Networks[C]//2022 IEEE 2nd International Maghreb Meeting of the Conference on Sciences and Techniques of Automatic Control and Computer Engineering(MI-STA).IEEE,2022:32-37. [6]YAN J,LI F.Application of Network Security in Data CenterBased on Private Cloud[C]//2023 5th International Conference on Decision Science & Management(ICDSM).IEEE,2023:178-183. [7]GAO Y.Newenergy vehicle engine speed control method based on vehicle networking technology[J].Journal of Computational Methods in Sciences and Engineering,2022,22(6):2201-2215. [8]VARVELLO M,AZURMENDI I Q,NAPPA A,et al.VPN-zero:a privacy-preserving decentralized virtual private network[C]//2021 IFIP Networking Conference(IFIP Networking).IEEE,2021:1-6. [9]XIE Y,ZHANG C,HE X,et al.Application research of meteoro-logical virtual private network security remote access technology[C]//2023 IEEE 6th Information Technology,Networking,Electronic and Automation Control Conference(ITNEC).IEEE,2023,6:423-426. [10]LIN Q L,HU X M,LI P.Under the epidemic situation,we networking technology research on large-scale live broadcast tea-ching [J].Computer Technology and Development,2021,31(6):140-145. [11]AMALDEEP S,SANKARAN S.Cross Protocol Attack on IPSec-based VPN[C]//2023 11th International Symposium on Digital Forensics and Security(ISDFS).IEEE,2023:1-6. [12]HE W,ZHAO Y,LIU Z,et al.Design of Dual-link Shared GRE over IPSec VPN on P2MP Networks[C]//2023 IEEE 3rd International Conference on Power,Electronics and Computer Applications(ICPECA).IEEE,2023:1781-1783. [13]AMALDEEP S,SANKARAN S.Cross Protocol Attack on IPSec-based VPN[C]//2023 11th International Symposium on Digital Forensics and Security(ISDFS).IEEE,2023:1-6. [14]KOMALA C R,HEMA M,GOYAL H R,et al.PerformanceEvaluation of VPNS over MPLS-Linux Networks[C]//2023 International Conference on Advances in Computing,Communication and Applied Informatics(ACCAI).IEEE,2023:1-7. [15]LI Y F.Based on BGP MPLS VPN Cross-the-domain GroupSimulation Design [J].Laboratory Research and Exploration,2021,40(3):121-128. [16]LI F,SHEN H T,SHI L,et al.A mpls-based power line carrier communication can distinguish the fault recovery mechanism [J].The Journal of Tailhrtz Science and Electronic Information,2023,21(8):997-1001. [17]QURESHI K N,AHMAD E,ANWAR M,et al.Network functions virtualization for mobile core and heterogeneous cellular networks[J].Wireless Personal Communications,2022,122(3):2543-2559. [18]JAFF A.Software Defined Networking Automation Using Open-Daylight and Network Virtualization for security and scalability:A network enterprise case[C]//ITM Web of Conferences.EDP Sciences,2022,42:01014. [19]EMMANUEL T,MICHEL D D E,AGBOR E O B.Virtualization of a 4G Evolved Packet Core Network Using Network Function Virtualization(NFV) Technology with NS3 for Enterprise and Educational Purpose[J].American Journal of Networks and Communications,2024,13(1):1-18. [20]SALAGRAMA S,BIBHU V.Study of it and data center virtua-lization[C]//2022 2nd International Conference on Innovative Practices in Technology and Management(ICIPTM).IEEE,2022,2:274-278. |
|