摘要
:隧道技术是实现VPN的关键技术 ,本文首先对GRE ,L2TP ,IPSec和IP/IP等隧道协议进行了比较研究 ;然后提出了在现有条件下实现VPN的隧道协议的集成方案 ,该方案利用“隧道”模式的IPSec作为基本的数据封装手段和隧道的安全保障 ,利用Internet密钥交换协议IKE作为隧道配置的信令协议 ,借鉴IP/IP协议中的“软状态”机制作为隧道维护和管理的手段 ;最后我们给出了在VPN网关上隧道实现的模块结构。
Tunneling technique is the key technique to implement VPN In this paper,we first perform a comparative research on the existing tunneling protocols including GRE,L2TP,IPSec and IP/IP Then we propose an integrated scheme of tunneling mechanism to support VPN under current condition In this scheme,we use“tunneling”mode IPSec as the basic data encapsulation method and the security guarantee of the tunnels,make use of Internet Key Exchange protocol as the signal protocol for tunnel establishment,and refer to the “soft state”mechanism in IP/IP protocol to implement tunnel maintenance and management At last we give the implementation architecture of the scheme in the VPN gateway
出处
《通信学报》
EI
CSCD
北大核心
2000年第6期85-91,共7页
Journal on Communications
基金
国家 86 3高科技发展计划项目!"Extranet关键技术研究"资助项目
