CN102281161A - Multi-agent virtual private network (VPN) tunnel concurrent testing system and multi-agent load balancing method - Google Patents
Multi-agent virtual private network (VPN) tunnel concurrent testing system and multi-agent load balancing method Download PDFInfo
- Publication number
- CN102281161A CN102281161A CN2011102734148A CN201110273414A CN102281161A CN 102281161 A CN102281161 A CN 102281161A CN 2011102734148 A CN2011102734148 A CN 2011102734148A CN 201110273414 A CN201110273414 A CN 201110273414A CN 102281161 A CN102281161 A CN 102281161A
- Authority
- CN
- China
- Prior art keywords
- vpnagent
- vpn
- tunnel
- vpnctroler
- module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention discloses a multi-agent virtual private network (VPN) tunnel concurrent testing system and a multi-agent load balancing method. A VPN control end requests a VPN agent end of a capacity vector through a request command; and the VPN control end distributes tunnel number to VPN agents according to the returned capacity vector, so that dynamic load balance is realized. The VPN agent end initiates establishment and revocation of a tunnel by receiving the command of the control end. The VPN agent end periodically sends state information to the system while finishing establishment and revocation of the tunnel, and the VPN control end can monitor the current load of the system in real time. By adopting a multi-agent mode, concurrent test of the real environment can be furthest simulated, and the tunnel can be concurrently established on each agent. The centralized control method is convenient to control and easy to implement.
Description
Technical field
The invention belongs to the network security architecture field, relate in particular to and a kind ofly more act on behalf of vpn tunneling concurrent test system and act on behalf of load-balancing method more.
Background technology
Along with the acceleration of world economic integration process, the effect of trans-corporation in world's economic activity is obvious day by day, and the expense of trans-regional Intranet interconnection is obvious day by day, and traditional private-line mode costs an arm and a leg.The appearance of Virtual Private Network (Virtual Private Network; VPN) solved long-distance user, remote branch secure access to the company's internal network resource; can guarantee safe transmission on the passage of encrypting; between client and corporate gateway (Gateway), set up a virtual tunnel; this tunnel adopts high-intensity cryptographic algorithm protection on the basis through authentication, can guarantee the security attributes such as data security, integrality on the tunnel.And the tunnel is based upon the tunnel on the Internet, can realize designated lane on the net at public Internet.For the load performance (linear speed, total tunnel number, throughput etc.) of measuring vpn gateway, need a plurality of clients of simulation to bring in the maximum performance of measuring gateway, but general gate performance is very powerful, single agency (VPNAgent) can not make gateway reach maximum performance, so need a plurality of agencies, but before measuring and do not know the ability of gateway, so how many agencies can not determine needs, the just configuration that need repeat according to the situation of test, cause two problems easily: (1) does not reach performance, repeated configuration; (2) may partly act on behalf of excess load, and it is very low partly to act on behalf of load, causes the wasting of resources and fault.
Summary of the invention
The objective of the invention is at the deficiencies in the prior art, provide a kind of and act on behalf of vpn tunneling concurrent test system more and act on behalf of load-balancing method more.
The objective of the invention is to be achieved through the following technical solutions: act on behalf of vpn tunneling concurrent test system a kind of, it comprises VPN control end, VPN agent list, vpn gateway and application server more; Wherein, described VPN control end is connected by the IPv4 network with the VPN agent list, the VPN agent list has two to be connected with vpn gateway, bottom is set up the tunnel by the IPv6 network and is connected, the upper strata is set up application data by the IPv6 network and is connected, and vpn gateway is transmitted the application data bag to application server.
Further, described VPN agent list comprises several VPN agencies, and each VPN agency is connected with the VPN control end by the IPv4 network respectively.
Further, described VPN control end comprises: basic configuration module, application data layer configuration module, advanced configuration module, L2tp configuration module, IKEv1 configuration module, IKEv2 configuration module, IKEv2+EAP configuration module, communication module, XML package module, real-time status display module and control end primary module; Described control end primary module call XML package module encapsulation user's order and parameter are the XML form, and the calling communication module sends data after the XML package module encapsulation of data; When communication module was received packet, call XML package module decapsulation XML formatted data was called the real-time status display module then.
A kind ofly use the above-mentioned load-balancing method of acting on behalf of of acting on behalf of vpn tunneling concurrent test system, this method comprises the steps: more more
(1) VPNCtroler operates in the Windows system, and VPNAgent runs on Windows or the linux system, and a plurality of VPNAgent forms VPNCluster; On the high performance blade server of the general operation of VPNServer, in actual environment as the gateway of internal network and external network;
(2) tunnel is based upon between VPNAgent and the VPNServer, by the load balancing between the centralized control realization VPNAgent of VPNCtroler;
(3) application server (APPServer) runs on after the VPNServer, is certain service of carrying on the tunnel, comprises FTP service, HTTP service, UDP message service and tcp data service;
(4) VPNCtroler by the IPv4 network of present large scale deployment realize with VPNAgent between communicate by letter, the tunnel of VPNAgent and VPNServer is based on IPv4 or IPv6;
(5) VPNCtroler is as required to VPNAgent request current energy force vector and payload values thereof, VPNAgent returns its ability vector sum payload values at once after receiving the request of VPNCtroler, VPNCtroler selects weighing vector W according to the tunnel type when Pretesting after receiving the response of VPNAgent, calculates actual ability value then
, at last the normalization of practical capacity value is obtained normalized value
(6) obtain a normalized vector after the VPNCtroler process step (5)
, the VPNCtroler basis
Pro rate tunnel number and throughput;
(7) about the load balancing step of linear speed test, the linear speed index is the tunnel number that can set up for interior VPNServer between the measuring unit, in order better to meet the requirement of testing linear speed;
(8) VPNAgent and APPServer set up after the tunnel, carry data on the tunnel, and an end of data comes from the application request program (APPClient) on the VPNAgent, and the data other end is application server (APPServer);
(9) VPNAgent timing tunnel state, the statistical information data that system is current sends to VPNCtroler, and VPNCtroler comes out by interface display;
(10) after communication data passes through the form encapsulation of XML between VPNAgent and the VPNCtroler, adopt Socket to send.
Further, described step (7) realizes by following substep:
(a) VPNCtroler distributes the newly-built tunnel number of fixed value, sends to each VPNAgent, and VPNAgent sets up the tunnel of VPNCtroler apportioning cost quantity;
(b) each VPNAgent collects own energy force vector during setting up the tunnel
, VPNAgent will collect then
Send to VPNCtroler;
(c) if VPNAgent does not beam back in preset time
, VPNCtroler will send a request message to VPNAgent, ask its energy force vector;
(d) VPNCtroler send a request message after collecting all VPNAgent energy force vectors, requires VPNAgent to remove all tunnels;
(e) VPNCtroler distributes new tunnel number according to rapid (5) and (6) after the set time is waited in step (d) back.
The invention has the beneficial effects as follows, the present invention has realized a kind of distributed vpn tunneling test macros of acting on behalf of more, each is acted on behalf of distributed earth and is arranged in local network, the initiation tunnel test that each agency can walk abreast, the initiation tunnel test that each agency is concurrent can be simulated near real environment for use; Native system is distributed many agencies in addition, is easy to expansion, for current large-scale blade vpn gateway server, can go out its unit interval tunnel by extend testing and set up speed, indexs such as maximum tunnel number.The present invention has designed a kind of method of acting on behalf of load balancing more in addition, can realize the dynamic load leveling between a plurality of VPN agencies, thereby economizes on resources and reduce fault.
Description of drawings
Fig. 1 is a system configuration of the present invention;
Fig. 2 is the modular structure figure of control end of the present invention;
Fig. 3 is the modular structure figure of agent side of the present invention.
Embodiment
Below in conjunction with the drawings and specific embodiments the utility model is further specified.
The present invention proposes the method that realizes load balancing between a kind of distributed multi-agent vpn tunneling test macro and the VPN agent side (VPNAgent), a plurality of agencies are distributed in each place in the network in the system, mutually without perception, all VPN agencies constitute one VPN bunch (VPNCluster) together between them; Control end in the system (VPNCtroler) is positioned on the logical machine of a Daepori, and communicating by letter between VPNCtroler and the VPNAgent is to adopt present ubiquitous IPV4 agreement.Vpn gateway in the system (VPNServer) is the IUT(Implementation Under Test of system), generally be positioned on the high performance blade server, and the tunnel is present between VPNAgent and the VPNServer; Application server in the system (APPServer) is positioned at after the VPNServer, is transmitted to APPServer behind the data process VPNAgent of VPNAgent and the VPNServer tunnel.
On above-mentioned distributed multi-agent vpn tunneling test macro basis, realized the load balancing between many agencies.In the former test environment, the tunnel number that static earlier configuration VPNAgent sets up, linear speed (the tunnel number that the unit interval sets up) and throughput, be separate between each VPNAgent, can only rule of thumb come to carry out static configuration by the keeper by VPNCtroler.The present invention has designed a kind of centralized implementation algorithms of acting on behalf of load balancing more, VPNCtroler comes to distribute tunnel number for VPNAgent according to the ability vector information of returning of VPNAgent, if some VPNAgent loads are too high, then do not distribute new tunnel or distribute a spot of tunnel number for it.Through operation after a while, each VPNAgent has obtained corresponding load, and this load is suitable with corresponding VPNAgent ability, ability takies percentage, network by the CPU of current machine and takies percentage, EMS memory occupation percentage, disk and take percentage, the representative of I/O byte number, uses vector
The expression ability, the tunnel that the present invention relates to comprises: L2tp, L2tp Over IpSec, Ikev1, Ikev2, Ikev2+EAP be totally 5 kinds of tunnels, and it is different that every kind of tunnel requires CPU, internal memory etc., so provide a weighing vector
, be multiplied by corresponding weighing vector for different tunnels with energy force vector C and obtain the practical capacity value
, VPNCtroler goes out the practical capacity value according to the ability vector calculation that VPNAgent returns, and uses method for normalizing to calculate the normalization ability value of each VPNAgent at last
, VPNCtroler is according to the pro rate tunnel number of VPNAgent normalized value, throughput equivalence.Thereby can dynamically realize load balancing between each VPNAgent.
Overall system structure of the present invention as shown in Figure 1, structure comprises following several sections:
A plurality of agencies are distributed in each place in the network in the system, and perception mutually between them is among all VPNAgent(Fig. 1 102) constitute among a VPNCluster(Fig. 1 103 together); Among VPNCtroler(Fig. 1 in the system 101) be positioned on the logical machine of a Daepori, communicating by letter between VPNCtroler and the VPNAgent is to adopt present ubiquitous IPV4 agreement, and all exists between VPNCtroler and each VPNAgent and be connected.Vpn gateway in the system (VPNServer) (among Fig. 1 104) is the IUT(Implementation Under Test of system), generally be positioned on the high performance blade server, and the tunnel is present between VPNAgent and the VPNServer, and the tunnel is based on the tunnel of IPv6 agreement; Application server in the system (APPServer) (among Fig. 1 105) is positioned at after the VPNServer, and the data of VPNAgent are transmitted to APPServer after through the tunnel between VPNAgent and VPNServer.Being connected between VPNServer and the APPServer is IPv4 or IPv6.
106 is control connections among Fig. 1, is present between VPNCtroler and the VPNAgent, be used for VPNCtroler to the control of VPNAgent and VPNAgent to the VPNCtroler return data.107 is that the tunnel connects among Fig. 1, is present between VPNAgent and the VPNServer.108 is that data connect among Fig. 1, comprises 2 parts: a part is on tunnel 107 connects, and the client that is equivalent in the actual environment is passed through the borde gateway that unsafe the Internet arrives company, is the tunnel carryings by safety in order to guarantee this part data of safety; Another part is equivalent to the internal network in the actual environment between VPNServer and APPServer, be considered to safe, so do not need protecting tunnel.
Overall system structure of the present invention comprises VPN control end 101 as shown in Figure 1, VPN agent list 103, vpn gateway 104, application server 105.VPN control end 101 is connected by the IPv4 network with VPN agent list 103, VPN agent list 103 has 2 to be connected with vpn gateway 104, bottom is set up the tunnel by the IPv6 network and is connected, the upper strata is set up application data by the IPv6 network and is connected, and vpn gateway 104 is transmitted the application data bag to application server 105.
The concrete structure of VPN control end 101 as shown in Figure 2, comprise: basic configuration module 201, application data layer configuration module 202, advanced configuration module 203, L2tp configuration module 204, IKEv1 configuration module 205, IKEv2 configuration module 206, IKEv2+EAP configuration module 207, communication module 208, XML package module 209 and real-time status display module 210, control end primary module 211.Control end primary module call XML package module 209 encapsulation users' order and parameter are the XML form, and calling communication module 208 sends data after XML package module 209 encapsulation of data.When communication module 208 was received packet, call XML package module decapsulation XML formatted data was called real-time status display module 210 then.
The characteristics and the function of each module are as follows:
Application data layer configuration module 202 is application data configuration modules, comprises the application layer protocol selection, and the optional agreement of native system has UDP, TCP, FTP, HTTP4 kind agreement; Server ip address and port; Load length; The flow size.
XML package module 209 is XML package modules, is responsible for data are carried out the XML encapsulation and the XML file is resolved.
Real-time status display module 210 is real-time status display modules, to the state information real-time update that receives to the interface.
IKEv2+EAP configuration module 207 is IKEv2+EAP configuration modules, comprises the authentication mode in stage 1, and native system has 2 kinds, with name with the IP address; Stage 1 cryptographic algorithm, identifying algorithm, certification mode, D-H group; IPSEC agreement in stage 2, the AH identifying algorithm, ESP encrypts and identifying algorithm; The username and password of EAP authentication; The senior time interval that transmission keep-alive packet is set; The IKE SA time, the IPSEC SA time.
VPNAgent master control module 302 is cores of whole system, controls other several modules operation according to different tunnel test-types.VPN agent side communication module 305 is modules of the bottom, use the packet of Socket programming reception from VPNCtroler, VPN agent side XML package module 303 also is the module of relative bottom module with VPN agent side XML decapsulation module 304, give VPN agent side XML decapsulation module 304 through the data message after 305 processing of VPN agent side communication module, VPN agent side XML decapsulation module 304 can the analyzing XML file, parses order and parameter that VPNCtroler transmits; Same VPN agent side XML package module 303 is given VPN agent side communication module 305 after data and parameter are packaged into the XML file, and VPN agent side communication module 305 sends to VPNCtroler by the mode of Socket with packet.
It is that module is removed in tunnel generation module and tunnel that module 308 is removed in VPN agent side tunnel generation module 307 and VPN agent side tunnel, when carrying out linear speed test and tunnel sum test, VPNAgent master control module invokes module 307, module 307 can initiate to set up corresponding tunnel according to configuration, every kind of tunnel has corresponding configuration parameters, comprises cryptographic algorithm, completeness check algorithm, authentication method, Diffie-Hellman group.Hold consultation with VPNServer according to selected parameter and to set up corresponding tunnel,, differ several times as the CPU calculating of DES-CBC and AES-256 cipher mode correspondence for different parameters.
The kind that the tunnel is set up in negotiation comprises: L2tp, L2tp Over IpSec, Ikev1, Ikev2, Ikev2+EAP.
Cryptographic algorithm comprises: DES-CBC, 3DES-CBC, AES-128, AES-192, AES-256.
Completeness check algorithm: SHA1-128, SHA1-256, MD5
Authentication method: wildcard (PSK), certificate verification
VPN agent side ability computing module 301 is ability computing modules, calculates current CPU every time T and takies percentage, network and take percentage, EMS memory occupation percentage, disk and take percentage, I/O byte number, is expressed as vector
, when module 302 request energy force vectors, module 301 computing capabilitys vector mean value
The time T size definition is 100ms, and N is the number of time interval T.
VPN agent side tunnel traffic generation module 306 is flow generation modules, and the parameter of transmitting according to VPNCtroler generates corresponding flow, comprises tcp data flow, UDP message flow, ftp flow amount, HTTP flow.
VPN agent side state generation module 309 is state generation modules, is responsible for system's current state is regularly returned to VPNCtroler, comprises the tunnel number of current success negotiation, the tunnel number of failure, the tunnel number of consulting, throughput, draw throughput.Wherein fixed time interval is T=1 second.
Of the present invention in the load balancing that has realized on the said system structure between a plurality of agencies, its realization comprises the steps:
1, VPNCtroler operates in the Windows system, and VPNAgent runs on Windows or the linux system, and a plurality of VPNAgent forms VPNCluster.On the high performance blade server of the general operation of VPNServer, in actual environment as the gateway of internal network and external network.
2, the tunnel is based upon between VPNAgent and the VPNServer, by the load balancing between the centralized control realization VPNAgent of VPNCtroler.
3, application server (APPServer) runs on after the VPNServer, is certain service of carrying on the tunnel, has used four kinds of services among the present invention, is respectively the FTP service, HTTP service, UDP message service, tcp data service.
4, VPNCtroler by the IPv4 network of present large scale deployment realize with VPNAgent between communicate by letter, the tunnel of VPNAgent and VPNServer is based on IPv4 or IPv6.
5, VPNCtroler is as required to VPNAgent request current energy force vector and payload values thereof, VPNAgent returns its ability vector sum payload values at once after receiving the request of VPNCtroler, VPNCtroler selects weighing vector W according to the tunnel type when Pretesting after receiving the response of VPNAgent, calculates actual ability value then
, at last the normalization of practical capacity value is obtained normalized value
Last mask body computing formula comprises:
The tunnel type of last mask body has:
L2tp、L2tp?Over?IpSec?、Ikev1、Ikev2、Ikev2+EAP。
6, obtain a normalized vector after the VPNCtroler process step (5)
, the VPNCtroler basis
Pro rate tunnel number and throughput.
7, about the load balancing step of linear speed test, the linear speed index is the tunnel number that can set up for interior VPNServer between the measuring unit, and in order better to meet the requirement of testing linear speed, the method below we have designed may further comprise the steps:
1) VPNCtroler distributes the newly-built tunnel number of fixed value, sends to each VPNAgent, and VPNAgent sets up the tunnel of VPNCtroler apportioning cost quantity.
2) each VPNAgent collects own energy force vector during setting up the tunnel
, VPNAgent will collect then
Send to VPNCtroler.
3) if VPNAgent does not beam back in preset time
, VPNCtroler will send a request message to VPNAgent, ask its energy force vector.
4) VPNCtroler send a request message after collecting all VPNAgent energy force vectors, requires VPNAgent to remove all tunnels.
5) VPNCtroler distributes new tunnel number according to rapid (5) and (6) after waiting for the set time after the step 4).
8, VPNAgent and APPServer set up after the tunnel, carry data on the tunnel, and an end of data comes from the application request program (APPClient) on the VPNAgent, and the data other end is application server (APPServer).
9, VPNAgent timing tunnel state, the statistical information data that system is current sends to VPNCtroler, and VPNCtroler comes out by interface display.
10, after communication data passes through the form encapsulation of XML between VPNAgent and the VPNCtroler, adopt Socket to send.
Claims (5)
1. act on behalf of vpn tunneling concurrent test system more one kind, it is characterized in that, it comprises VPN control end, VPN agent list, vpn gateway and application server; Wherein, described VPN control end is connected by the IPv4 network with the VPN agent list, the VPN agent list has two to be connected with vpn gateway, bottom is set up the tunnel by the IPv6 network and is connected, the upper strata is set up application data by the IPv6 network and is connected, and vpn gateway is transmitted the application data bag to application server.
2. act on behalf of vpn tunneling concurrent test system according to claim 1 is described more, it is characterized in that, described VPN agent list comprises several VPN agencies, and each VPN agency is connected with the VPN control end by the IPv4 network respectively.
3. according to the described vpn tunneling concurrent test systems of acting on behalf of of claim 1 more, it is characterized in that described VPN control end comprises: basic configuration module, application data layer configuration module, advanced configuration module, L2tp configuration module, IKEv1 configuration module, IKEv2 configuration module, IKEv2+EAP configuration module, communication module, XML package module, real-time status display module and control end primary module; Described control end primary module call XML package module encapsulation user's order and parameter are the XML form, and the calling communication module sends data after the XML package module encapsulation of data; When communication module was received packet, call XML package module decapsulation XML formatted data was called the real-time status display module then.
4. an application rights requires the 1 described load-balancing methods of acting on behalf of of acting on behalf of vpn tunneling concurrent test system more more, it is characterized in that it comprises the steps:
(1) VPNCtroler operates in the Windows system, and VPNAgent runs on Windows or the linux system, and a plurality of VPNAgent forms VPNCluster; On the high performance blade server of the general operation of VPNServer, in actual environment as the gateway of internal network and external network;
(2) tunnel is based upon between VPNAgent and the VPNServer, by the load balancing between the centralized control realization VPNAgent of VPNCtroler;
(3) application server (APPServer) runs on after the VPNServer, is certain service of carrying on the tunnel, comprises FTP service, HTTP service, UDP message service and tcp data service;
(4) VPNCtroler by the IPv4 network of present large scale deployment realize with VPNAgent between communicate by letter, the tunnel of VPNAgent and VPNServer is based on IPv4 or IPv6;
(5) VPNCtroler is as required to VPNAgent request current energy force vector and payload values thereof, VPNAgent returns its ability vector sum payload values at once after receiving the request of VPNCtroler, VPNCtroler selects weighing vector W according to the tunnel type when Pretesting after receiving the response of VPNAgent, calculates actual ability value then
, at last the normalization of practical capacity value is obtained normalized value
(6) obtain a normalized vector after the VPNCtroler process step (5)
, the VPNCtroler basis
Pro rate tunnel number and throughput;
(7) about the load balancing step of linear speed test, the linear speed index is the tunnel number that can set up for interior VPNServer between the measuring unit, in order better to meet the requirement of testing linear speed;
(8) VPNAgent and APPServer set up after the tunnel, carry data on the tunnel, and an end of data comes from the application request program (APPClient) on the VPNAgent, and the data other end is application server (APPServer);
(9) VPNAgent timing tunnel state, the statistical information data that system is current sends to VPNCtroler, and VPNCtroler comes out by interface display;
(10) after communication data passes through the form encapsulation of XML between VPNAgent and the VPNCtroler, adopt Socket to send.
5. act on behalf of load-balancing method according to claim 4 is described more, it is characterized in that described step (7) realizes by following substep:
(a) VPNCtroler distributes the newly-built tunnel number of fixed value, sends to each VPNAgent, and VPNAgent sets up the tunnel of VPNCtroler apportioning cost quantity;
(b) each VPNAgent collects own energy force vector during setting up the tunnel
, VPNAgent will collect then
Send to VPNCtroler;
(c) if VPNAgent does not beam back in preset time
, VPNCtroler will send a request message to VPNAgent, ask its energy force vector;
(d) VPNCtroler send a request message after collecting all VPNAgent energy force vectors, requires VPNAgent to remove all tunnels;
(e) VPNCtroler distributes new tunnel number according to rapid (5) and (6) after the set time is waited in step (d) back.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201110273414.8A CN102281161B (en) | 2011-09-15 | 2011-09-15 | Multi-agent virtual private network (VPN) tunnel concurrent testing system and multi-agent load balancing method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201110273414.8A CN102281161B (en) | 2011-09-15 | 2011-09-15 | Multi-agent virtual private network (VPN) tunnel concurrent testing system and multi-agent load balancing method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN102281161A true CN102281161A (en) | 2011-12-14 |
CN102281161B CN102281161B (en) | 2014-04-16 |
Family
ID=45106358
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201110273414.8A Expired - Fee Related CN102281161B (en) | 2011-09-15 | 2011-09-15 | Multi-agent virtual private network (VPN) tunnel concurrent testing system and multi-agent load balancing method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN102281161B (en) |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103067290A (en) * | 2012-11-30 | 2013-04-24 | 成都卫士通信息产业股份有限公司 | Virtual Private Network (VPN) tunnel implementation method based on virtual network adapter adaptable load balancing network |
CN103441894A (en) * | 2013-08-20 | 2013-12-11 | 迈普通信技术股份有限公司 | Method and system for L2TP concurrent connection performance test |
CN104731635A (en) * | 2014-12-17 | 2015-06-24 | 华为技术有限公司 | Virtual machine access control method and virtual machine access control system |
CN106559779A (en) * | 2016-11-30 | 2017-04-05 | 上海斐讯数据通信技术有限公司 | A kind of data transmission method, device and system |
CN103716209B (en) * | 2013-12-31 | 2017-12-19 | 北京神州绿盟信息安全科技股份有限公司 | A kind of tunnel concurrent test system and equipment |
CN108540559A (en) * | 2018-04-16 | 2018-09-14 | 北京航空航天大学 | A kind of SDN controllers for supporting IPSec VPN load balancing |
CN111091900A (en) * | 2019-11-25 | 2020-05-01 | 中电健康云科技有限公司 | Medical grading diagnosis and treatment method and system based on block chain intelligent contracts |
CN114244621A (en) * | 2021-12-24 | 2022-03-25 | 北京科电航宇空间技术有限公司 | High-safety-intensity communication system with multi-level fragmentation |
CN115174433A (en) * | 2022-07-07 | 2022-10-11 | 东软睿驰汽车技术(大连)有限公司 | Simulation method, simulation device and simulation system for multi-terminal access gateway |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1642109A (en) * | 2004-09-30 | 2005-07-20 | 迈普(四川)通信技术有限公司 | Method for realizing communication load equilibrium and gateway, central gateway thereof |
CN1856790A (en) * | 2003-07-22 | 2006-11-01 | 基诺技术公司 | Information access using ontologies |
CN101753401A (en) * | 2008-12-03 | 2010-06-23 | 北京天融信科技有限公司 | A method for realizing backup and load of IPSec virtual private network tunnel |
WO2010069058A1 (en) * | 2008-12-17 | 2010-06-24 | Nortel Networks Limited | Secure remote access public communication environment |
-
2011
- 2011-09-15 CN CN201110273414.8A patent/CN102281161B/en not_active Expired - Fee Related
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1856790A (en) * | 2003-07-22 | 2006-11-01 | 基诺技术公司 | Information access using ontologies |
CN1642109A (en) * | 2004-09-30 | 2005-07-20 | 迈普(四川)通信技术有限公司 | Method for realizing communication load equilibrium and gateway, central gateway thereof |
CN101753401A (en) * | 2008-12-03 | 2010-06-23 | 北京天融信科技有限公司 | A method for realizing backup and load of IPSec virtual private network tunnel |
WO2010069058A1 (en) * | 2008-12-17 | 2010-06-24 | Nortel Networks Limited | Secure remote access public communication environment |
Non-Patent Citations (1)
Title |
---|
王宇等: "多服务器负载平衡和QoS策略的研究与实现", 《装备指挥技术学院学报》, vol. 13, no. 6, 31 December 2002 (2002-12-31), pages 80 - 82 * |
Cited By (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103067290B (en) * | 2012-11-30 | 2016-06-01 | 成都卫士通信息产业股份有限公司 | The VPN tunnel implementation of load balancing network is adapted to based on virtual network interface card |
CN103067290A (en) * | 2012-11-30 | 2013-04-24 | 成都卫士通信息产业股份有限公司 | Virtual Private Network (VPN) tunnel implementation method based on virtual network adapter adaptable load balancing network |
CN103441894A (en) * | 2013-08-20 | 2013-12-11 | 迈普通信技术股份有限公司 | Method and system for L2TP concurrent connection performance test |
CN103716209B (en) * | 2013-12-31 | 2017-12-19 | 北京神州绿盟信息安全科技股份有限公司 | A kind of tunnel concurrent test system and equipment |
CN104731635B (en) * | 2014-12-17 | 2018-10-19 | 华为技术有限公司 | A kind of virtual machine access control method and virtual machine access control system |
CN104731635A (en) * | 2014-12-17 | 2015-06-24 | 华为技术有限公司 | Virtual machine access control method and virtual machine access control system |
CN106559779B (en) * | 2016-11-30 | 2020-10-30 | 上海斐讯数据通信技术有限公司 | Data transmission method, device and system |
CN106559779A (en) * | 2016-11-30 | 2017-04-05 | 上海斐讯数据通信技术有限公司 | A kind of data transmission method, device and system |
CN108540559A (en) * | 2018-04-16 | 2018-09-14 | 北京航空航天大学 | A kind of SDN controllers for supporting IPSec VPN load balancing |
CN108540559B (en) * | 2018-04-16 | 2020-12-18 | 北京航空航天大学 | SDN controller supporting IPSec VPN load balancing |
CN111091900A (en) * | 2019-11-25 | 2020-05-01 | 中电健康云科技有限公司 | Medical grading diagnosis and treatment method and system based on block chain intelligent contracts |
CN114244621A (en) * | 2021-12-24 | 2022-03-25 | 北京科电航宇空间技术有限公司 | High-safety-intensity communication system with multi-level fragmentation |
CN114244621B (en) * | 2021-12-24 | 2023-11-28 | 北京科电航宇空间技术有限公司 | High-safety intensity communication system with multi-level fragmentation |
CN115174433A (en) * | 2022-07-07 | 2022-10-11 | 东软睿驰汽车技术(大连)有限公司 | Simulation method, simulation device and simulation system for multi-terminal access gateway |
Also Published As
Publication number | Publication date |
---|---|
CN102281161B (en) | 2014-04-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102281161B (en) | Multi-agent virtual private network (VPN) tunnel concurrent testing system and multi-agent load balancing method | |
CN106209413B (en) | Communication means, the Centralized Controller equipment of network and the network equipment in network | |
CN104753887B (en) | Security management and control implementation method, system and cloud desktop system | |
CN202206418U (en) | Traffic management device, system and processor | |
CN104247367B (en) | Lift IPsec performances and anti-eavesdrop security | |
Khan et al. | Design and implementation of security gateway for synchrophasor based real-time control and monitoring in smart grid | |
CN104219217B (en) | Security association negotiation method, device and system | |
CN103929299B (en) | Self-securing lightweight network message transmitting method with address as public key | |
CN104823412B (en) | Peer-to-peer brings back to life the method and device of detection | |
CN104065398B (en) | A kind of electric power communication network network merges method for designing and the system of test platform | |
CN105072213B (en) | A kind of two-way traversing method of IPSec NAT, system and vpn gateway | |
CN110213233B (en) | Simulation method and simulation platform for defending against power grid distributed denial of service attack and establishment method thereof | |
CN115085943B (en) | Edge computing method and platform for safe encryption of electric power Internet of things in north and south directions | |
CN101471839B (en) | Method for asynchronously implementing IPSec vpn through multi-nuclear | |
CN105635076B (en) | A kind of media transmission method and equipment | |
Kimmerlin et al. | Network expansion in OpenStack cloud federations | |
CN104038931B (en) | Adapted electrical communication system and its communication means based on LTE network | |
CN107135190A (en) | The data traffic ownership recognition methods connected based on Transport Layer Security and device | |
CN104254062B (en) | A kind of direct connected link communication means and relevant device, system | |
Gourisetti et al. | A cyber secure communication architecture for multi-site hardware_in_the_loop Co_simulation of DER control | |
Hamad et al. | Implementation and performance evaluation of embedded ipsec in microkernel os | |
CN105591869B (en) | A kind of method and apparatus selecting L2TP Network Server | |
CN107277044B (en) | The method and device of publication and access network encryption lock service | |
Li et al. | SDN-based access authentication and automatic configuration for IPsec | |
Li et al. | SDIG: Toward software-defined IPsec gateway |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20140416 Termination date: 20140915 |
|
EXPY | Termination of patent right or utility model |