Implementing High Performance VPN Router using Cavium-s CN2560 Security Processor
نویسنده
چکیده
IPsec protocol[1] is a set of security extensions developed by the IETF and it provides privacy and authentication services at the IP layer by using modern cryptography. In this paper, we describe both of H/W and S/W architectures of our router system, SRS-10. The system is designed to support high performance routing and IPsec VPN. Especially, we used Cavium’s CN2560 processor to implement IPsec processing in inline-mode. Keywords—IP, router, VPN, IPsec.
منابع مشابه
Implementing High Performance VPN Router using Cavium ’ s CN 2560 Security Processor Sang
IPsec protocol[1] is a set of security extensions developed by the IETF and it provides privacy and authentication services at the IP layer by using modern cryptography. In this paper, we describe both of H/W and S/W architectures of our router system, SRS-10. The system is designed to support high performance routing and IPsec VPN. Especially, we used Cavium’s CN2560 processor to implement IPs...
متن کاملA 10 Gbit/s IPSEC Gateway Implementation
Internet Security (IPSEC) protocol is part of a design consideration in Virtual Private Networks (VPN). In this paper, we design and implement a 10 Gbit/s gateway router for IPSEC processing using the Intel network processor IXP2850. In particular, using software and hardware partitioning on a complex multi processor system, i.e., selecting appropriate processors to offload computational intens...
متن کاملA High Performance Parallel IP Lookup Technique Using Distributed Memory Organization and ISCB-Tree Data Structure
The IP Lookup Process is a key bottleneck in routing due to the increase in routing table size, increasing traıc and migration to IPv6 addresses. The IP address lookup involves computation of the Longest Prefix Matching (LPM), which existing solutions such as BSD Radix Tries, scale poorly when traıc in the router increases or when employed for IPv6 address lookups. In this paper, we describe a ...
متن کاملA High Performance Parallel IP Lookup Technique Using Distributed Memory Organization and ISCB-Tree Data Structure
The IP Lookup Process is a key bottleneck in routing due to the increase in routing table size, increasing traıc and migration to IPv6 addresses. The IP address lookup involves computation of the Longest Prefix Matching (LPM), which existing solutions such as BSD Radix Tries, scale poorly when traıc in the router increases or when employed for IPv6 address lookups. In this paper, we describe a ...
متن کاملA 10 Giga VPN Accelerator Board for Trust Channel Security System
This paper proposes a VPN Accelerator Board (VPN-AB), a virtual private network (VPN) protocol designed for trust channel security system (TCSS). TCSS supports safety communication channel between security nodes in internet. It furnishes authentication, confidentiality, integrity, and access control to security node to transmit data packets with IPsec protocol. TCSS consists of internet key exc...
متن کامل