Multimedia and Ubiquitous Engineering, International Conference on (2009)
June 4, 2009 to June 6, 2009
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MUE.2009.89
IPSec VPN is commonly used to implement secure communications between different branch intranets over public networks. Multi-link aggregate IPSec VPN can make better use of multiple physical links of corporation. On the basis of analysis on the insufficiency of packet-based scheduling, a session-based tunnel scheduling model for multi-link aggregate IPSec VPN is proposed. The new model can distribute IPSec traffics over multiple tunnels negotiated on different physical links in unit of session. A prototype system of the new model which adopts Netfilter mechanism is implemented on Linux platform. Analysis on the test result for the prototype system shows that the new model can work effectively, the cost of scheduling is controllable and the performance of model is acceptable.
IPSec; session; scheduling
C. Fu, S. Mei, Y. Zhang and Z. Li, "Session-Based Tunnel Scheduling Model in Multi-link Aggregate IPSec VPN," Multimedia and Ubiquitous Engineering, International Conference on(MUE), Qingdao, China, 2009, pp. 505-510.