计算机工程 ›› 2008, Vol. 34 ›› Issue (14): 129-131.doi: 10.3969/j.issn.1000-3428.2008.14.046

• 网络与通信 • 上一篇    下一篇

基于虚拟以太网的VPN系统

田权斌,李立新,周雁舟   

  1. (解放军信息工程大学电子技术学院,郑州 450004)
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2008-07-20 发布日期:2008-07-20

VPN System Based on Virtual Ethernet

TIAN Quan-bin, LI Li-xin, ZHOU Yan-zhou   

  1. (Institute of Electronic Technology, PLA Information Engineering University, Zhengzhou 450004)
  • Received:1900-01-01 Revised:1900-01-01 Online:2008-07-20 Published:2008-07-20

摘要: 研究基于虚拟以太网的VPN系统,该系统通过在内核构建虚拟网卡实现核心态和用户态的交互,并虚拟了一个以太网的工作环境,在用户态构建安全隧道,实现基于数字证书系统的身份认证、传输加密、数据完整性验证和抗重放攻击等功能。测试表明,在实现VPN功能的基础上,该系统在穿越网络设备、支持多种协议等方面具有良好的性能。

关键词: 虚拟以太网, VPN系统, 隧道

Abstract: This paper studies the virtual Ethernet technology, and develops a VPN system. The system transports packets between kernel space and user space, and simulates a virtual Ethernet environment by constructing virtual NIC in kernel. It realizes the functions of identity authentication based on digital certificate system, traffic encryption, integrality validating and resistance to replay attack by constructing secure tunnel in user space. Test results demonstrate that, besides the primary function of VPN, the system has good performance on passing through net devices and can support multiple net protocols, etc.

Key words: virtual Ethernet, VPN system, tunnel

中图分类号: