跳到主要內容

臺灣博碩士論文加值系統

::: 網站導覽| 首頁| 關於本站| 聯絡我們| 國圖首頁| 常見問題| 操作說明
English |FB 專頁 |Mobile
  • 一般民眾
  • 研究人員
  • 校院系所及研究生

    功能切換導覽列

  • 論文查詢
  • 排行榜
  • 影音圖像
  • 主題館(另開新視窗)
  • 我的研究室
  • NDLTD查詢(另開新視窗)
(216.73.216.172) 您好!臺灣時間:2025/09/12 05:16
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示
第一頁 上一頁 下一頁 最後一頁
/1
我願授權國圖
: 
twitterline
研究生:許勝凱
研究生(外文):Sheng-Kai Hsu
論文名稱:降低叢集架構式IPSec閘道之封包失序現象
論文名稱(外文):Reducing Packet Out-of-Order Syndrome on Clustered IPSec Gateways
指導教授:謝續平謝續平引用關係
指導教授(外文):Shiuh-Pyng Shieh
學位類別:碩士
校院名稱:國立交通大學
系所名稱:資訊工程系
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2001
畢業學年度:89
語文別:英文
論文頁數:57
中文關鍵詞:IPSec 閘道封包失序現象
外文關鍵詞:IPSec GatewayPacket Out-of-Order Syndrome
相關次數:
  • 被引用被引用:0
  • 點閱點閱:212
  • 評分評分:
  • 下載下載:0
  • 收藏至我的研究室書目清單書目收藏:0
儘管計算能力與可靠度的提昇能夠提供叢集架構式IPSec閘道相當程度的改善,然而此種架構之IPSec閘道會產生一種封包失序的現象。此種現象導因於叢集式的系統架構與IPSec中防封包重送機制(Anti-Replay Window)的衝突,進而影響叢集架構式IPSec閘道的整體效能。在這篇論文中,我們針對兩種可能的叢集式IPSec閘道系統架構進行研究,並對其所造成的封包失序現象加以分析。根據這些分析,我們對這兩種架構設計實驗並模擬其產生的現象。實驗的結果能夠提供我們調整在叢集架構式IPSec閘道中防封包重送機制(Anti-Replay Window),進而降低封包失序所帶來的影響。
Despite the improvements of both computing power and reliability brought by clustered IPSec gateways, the overall network throughput can be affected by a side effect called packet out-of-order syndrome on the gateways. The syndrome results from the conflict between the clustered architecture and anti-replay window mechanism of IPSec protocol. In this thesis, we analyze the packet out-of-order syndrome on two possible system architectures of clustered IPSec gateway solutions. Based on the analysis, simulations are performed on the two clustered architectures. The results of the simulations can help reducing the out-of-order syndrome by properly adjusting the anti-replay window size on the IPSec gateway.
CHAPTER 1 INTRODUCTION
1.1 BACKGROUND
1.1.1 IPSec Protocols
1.1.2 Design Issues of Clustered IPSec Gateway
1.2 PACKET OUT-OF-ORDER SYNDROME
1.3 CONTRIBUTIONS
1.4 SYNOPSIS
CHAPTER 2 RELATED WORK
2.1 SCHEDULING SOFT REAL-TIME TASKS FOR A CLUSTER SYSTEM
2.2 ANALYZING OF THE HIERARCHICAL TASK QUEUE
2.3 SYMMARY
CHAPTER 3 SYSTEM ARCHITECTURE AND MODEL ANALYSIS
3.1 SYSTEM ARCHITECTURE
3.1.1 Centralized Architecture
3.1.2 Flat Architecture
3.2 ARRIVAL PROCESS
3.3 BASIC MODEL
3.4 THE WORST CASE OF THE MODEL
3.5 MULTIPLE SAs CASE
3.6 SUMMARY
CHAPTER 4 SIMULATIONS
4.1 SIMULATION ENVIRONMENT
4.2 SCENARIOS DESCRIPTIONS AND RESULTS ANALYSIS
4.2.1 Service Rate
4.2.2 Arrival Rate
4.2.3 Packet Size
4.2.4 Ratio of SA
4.2.5 Multiple SAs
4.3 SUMMARY
CHAPTER 5 CONCLUSION AND FUTURE WORK
REFERENCE
[1] B. Kao and H. Garcia-Molina, “Scheduling Soft Real-Time
Jobs over Dual Non-Real-Time Servers,” IEEE Transactions
on Parallel and Distributed Systems, volume: 7 issue: 1,
pages 56~68, Jan. 1996.
[2] D. Fowler, “Virtual Private Networks. Making the Right
Connection,” Morgan Kaufmann Publishers, Inc., San
Francisco, California, 1999.
[3] D. Harkins and D. Carrel, “The Internet Key Exchange
(IKE),” November 1998. Internet RFC 2409.
[4] D. Maughan, M. Schertler, M. Schneider, and J. Turner,
“Internet Security Association and Key Management Protocol
(ISAKMP),” November 1998. Internet RFC 2408.
[5] D. Piper, “The Internet IP Security Domain of
Interpretation for ISAKMP,” November 1998. Internet
RFC 2407.
[6] E. G. Coffman, Jr., S. Halfin,. A. Jean-Marie, P. Robert,
“Stochastic Analysis of a Slotted FIFO Communication
Channel,” IEEE Transactions on Information Theory,
volume: 39 issue: 5, pages 1555~1566, Sept. 1993.
[7] H. Orman, “The OAKLEY Key Determination Protocol,”
November 1998. Internet RFC 2412.
[8] R. Thayer, N. Doraswamy, and R. Glenn, “IP Security
Document Roadmap,” November 1998. Internet RFC 2411.
[9] S. Ayachi and S. P. Dandamudi, “A Hierarchical Processor
Scheduling Policy for Multiprocessor Systems,” Eighth
IEEE Symposium on Parallel and Distributed Processing,
pages 100~109, 1996.
[10] S. Kent and R. Atkinson, “IP Authentication Header
(AH),” November 1998. Internet RFC 2402.
[11] S. Kent and R. Atkinson, “IP Encapsulating Security
Payload (ESP),” November 1998. Internet RFC 2406
[12] S. Kent and R. Atkinson, “Security Architecture for the
Internet Protocol,” November 1998. Internet RFC 2401.
[13] S. O’Guin, C. K. Williams, and N. Selimis, “Application
of virtual private networking technology to standards-
based management protocols across heterogeneous firewall-
protected networks,” IEEE Military Communications
Conference Proceedings, volume: 2, pages 1251-1255, 1999.
[14] S. P. Dandamudi and P. S. P. Cheng, “A Hierarchical Task
Queue Organization for Shared-Memory Multiprocessor
Systems,” IEEE Transactions on Parallel and Distributed
Systems, vol. 6, issue: 1, Jan. 1995. pp. 1-16.
[15] SSH IPSEC Express, http://www.ipsec.com/products/ipsec/
[16] T. Schroeder, S. Goddard, and B. Ramamurhy, “Scalable Web
Server Clustering Technologies”. IEEE Network, May 2000.
[17] W. Zhu and B. D. Fleisch, “Performance Evaluation of Soft
Real-Time Scheduling for Multicomputer Cluster,”
Proceedings, 20th International Conference on Distributed
Computing Systems, 2000, pp. 610-617.
[18] W. Zhu, T. Liang, and C. K. Shieh, “Cluster Queue
Structure for Shared-Memory Multiprocessor Systems,”
Proceedings, 1998 International Conference on Parallel and
Distributed System, 1998, pp. 420-427.
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top
  簡易查詢 | 進階查詢 | 熱門排行 | 我的研究室
本系統(Web1)共收集:論文已授權全文:798708 筆、書目與摘要:1499753
目前上線人數:9743 / 訪客人次(自99年6月):737594677 / 檢索次數(自99年6月):6457232915 / 指導單位: 教育部
國家圖書館著作權聲明 Copyright © 2010 All rights reserved.
本館地址:100201 臺北市中山南路20號 電話:02-2361-9132 (本系統服務窗口請轉分機 172、870)
本網站最佳瀏覽解析度為 1600 x 900
無障礙網站