Abstract
A network-based Virtual Private Network (VPN) architecture by using fundamental routing mechanism is proposed. This network is a virtual overlay network based on the relay of IP-in-IP tunneling of virtual routing modules. The packet format employs the encapsulation of IPSec ESP (Encapsulating Security Payload), an impact path code and an extended DS (Differentiated Services) code to support multi-path routing and QoS. Comparing with other models of VPN, this network system can be deployed in the current network with little investment, and it is easy to implement. The simulation result shows its performance is better than the traditional VPN system of black box mode.
Similar content being viewed by others
References
Dierks T, Allen C. The TLS Protocol Version 1. 0, IETF REFC2246.http://www.ietf.org, Jan 1999.
Kent S, Atkinson S. IP Encapsulation Security Payload (ESP), IETF RFC2406.http://www.ietf.org, Nov 1998.
Duan Hai-xin, Wu Jian-ping. An Entity Security Architecture for Computer Networks.Chinese Journal of Computer, 2001,24(8):853–859 (Ch).
Boswell A. Specification and Validation of A Security Policy Model.IEEE Transactions on Software Engineering, 1995,21(2):63–68.
Rosen E, Rekhter Y. BGP/MPLS VPNs, IETF RFC2547.http://www.ietf.org, March 1999.
Rao N S V, Radhakrishnan S, Cheol B Y. NetLets: Measurement-Based Routing Daemons for Low End-to-End Delays over Networks.Computer Communications, 2003,26(8): 834–844.
Touch J. Dynamic Internet Overlay Deployment and Management Using the X-Bone.Computer Networks, 2001,36 (2–3):117–135.
Kalyanaraman H T. BANANAS: An Evolutionary Framework for Explicit and Multi-Path Routing in the Internet.Proceedings of the ACM SIGCOMM Workshop on Future Directions in Network Architecture. New York: ACM Press, 2003, 277.
Eppstein D. Finding thek Shortest Paths.SIAM J Computing, 1998,28(2): 652–673.
Stoica I, Zhang H. LIRA: An Approach for Service Differentiation in the Internet.Proceedings of NOSSDAV' 98 Cambridge, London: IEEE Computer Society Press, 1998. 115.
Pippas J B, Venieris I S. Applying Delay Random Early Detection to IP Gateways.Computer Communications, 2001,24 (14):1370–1379.
Author information
Authors and Affiliations
Corresponding author
Additional information
Foundation item: Supported by the National Natural Science Foundation of China (90104029)
Biography: ZHANG Bao-liang (1969-), male, Ph. D candldate, research direction: network security, processing of intelligent information, network architecture.
Rights and permissions
About this article
Cite this article
Bao-liang, Z., Han-ping, H., Xiao-gang, W. et al. A network-based VPN architecture using virtual routing. Wuhan Univ. J. Nat. Sci. 10, 161–164 (2005). https://doi.org/10.1007/BF02828640
Received:
Issue Date:
DOI: https://doi.org/10.1007/BF02828640