摘要
针对VPN互访问题,根据IPSec-VPN互访方法的不足,提出动态MPLS-VPN方法。利用随机分配的标签,在需要互访的不同VPN网络节点之间构建MPLS通道,利用互访规则集检验节点的连接申请,根据过滤规则控制数据包的传输,通过设定传输时长限制节点互访的时间,实现VPN之间按节点、按方向、按时间的细粒度互访控制,确保数据传输的安全性和高效性。给出动态MPLS-VPN方法实现互访的步骤,对方法进行分析比较。
To meet the demand of the exchange visit between the VPNs, the dynamic MPLS-VPN model was put forward based on the shortages of the IPSec-VPN method. The MPLS gallery was built by using randomly distributed label, the node' s connec- tion application was inspected by the comparison with exchange visit rule sets, the transmission of node 's data packets was controlled according to filter rules, and the exchange visit time of nodes was limited by setting the transmission time. The finegrained exchange visit controlling is achieved according to the nodes, the packet flows, and the transmission time, and the safety and the high-efficiency of the data transmission are ensured. Detail steps of the dynamic MPLS-VPN method achieving exchange visit goals were given, and the method was compared with the IPSec-VPN exchange visit method.
出处
《计算机工程与设计》
CSCD
北大核心
2014年第9期3018-3023,共6页
Computer Engineering and Design
