摘要
NAT技术是IETF提出的有效解决IPv4面临的网络地址枯竭问题的方案之一。由于传统的基于GP-CPU或ASIC的NAPT处理复杂、负荷过重而造成性能瓶颈,本文提出了一种基于可编程网络处理器IXP2400的NAT/NAPT的实现方案,并设计、实现了基于两块Intel IXP2400所组成的具有安全防火墙功能的NAT系统。针对该NAT系统进行了性能分析,它实现了基于有效的全局地址或用户配置的饱和度来执行NAT模式与NAPT模式的动态切换,而且能够支持六十多万并发TCP/UDP的连接容量与全线速为2Gb/s以太网连接速率,同时又成功地实现了网络地址复用,有效地提高了NAT/NAPT的操作速度,克服了传统NAT实现方案中的性能瓶颈。
NAT is one of the effective solutions developed by IETE to the network address exhaustion of IPv4.Owing to the bottle-neck of performance resulting from complicated implementation and overcharge of NAPT based on GP-CPU or ASIC in the past,an implementation scheme was put forward in the paper,which is called NAT/NAPT based on Programmable Network Processors IXP2400.Meanwhile,the NAT system which has firewall function and contains a pair of Intel IXP2400 was designed and implement-ed by the author.And the per...
出处
《微计算机信息》
北大核心
2008年第3期87-89,11,共4页
Control & Automation
基金
国家自然科学基金资助项目"动态变化网络路由协议理论及关键技术"(国家自然科学基金委员会)(No.60473001)
Intel"IXA大学合作计划"资助项目
