28 September 2006 A high performance parallel IPSec-VPN gateway design
Author Affiliations +
Proceedings Volume 6354, Network Architectures, Management, and Applications IV; 635432 (2006) https://doi.org/10.1117/12.688171
Event: Asia-Pacific Optical Communications, 2006, Gwangju, South Korea
IPSec (IP Security) provides a standard, robust, and extensible mechanism in which to provide security to IP and upper-layer protocols. But the encryption and message authentication services provided by IPsec require significant computation time. Consequently, IPsec can degrade performance obviously. The paper presents a parallel hardware structure of high performance IPSec VPN gateway to speed up the IPSec packets process, and introduces the IPSec software design in detail includes modified FreeS/WAN IPSec implementation and extended Internet Key Exchange protocol. The result of network performance test proves that the structure can fulfill the need of gigabit fast network. The paper also proposes multiple small packets assembling algorithm which is used to accelerate small packets process. The algorithm significantly improves the performance of small packets.
© (2006) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Weiming Li, Weiming Li, Zhitang Li, Zhitang Li, Yunfeng Xie, Yunfeng Xie, } "A high performance parallel IPSec-VPN gateway design", Proc. SPIE 6354, Network Architectures, Management, and Applications IV, 635432 (28 September 2006); doi: 10.1117/12.688171; https://doi.org/10.1117/12.688171


Back to Top