高级检索

    基于虚拟拓扑的多级可信传输体系及路由计算

    Packets Transmission with Multiple Levels of Credibility and Routing Calculation Based on Virtual Topologies

    • 摘要: 路由器及转发路径的安全可信一直备受关注.不同厂商的网络设备或处于不同管理环境中的同一款网络设备,都具有不同的安全可信度.人们期望为不同安全需求的流量提供相应可信级别的转发路径,实现网络数据的可信传输.设计了多级可信传输机制(credible transmission with multiple levels, CETML),提出了基本的可信管理策略.所有路由节点和IP前缀都被指定可信级别,网络流量也基于源、目的IP被设置可信级别.CETML为不同可信级别的传输网络构建虚拟拓扑,确保网络中的报文必须通过不小于其可信级别的路由器进行转发.路由器转发项要包含多个下一跳信息,会引入极少量的存储开销.面向SDN网络环境,分析多级虚拟拓扑的关联,基于Floyd算法思想设计了可依次迭代的多关联拓扑路由计算方法,计算时间相对典型的路由算法显著降低.

       

      Abstract: The credibility of routers and forwarding paths in the Internet has been a popular topic. Not only network equipment of different vendors, but also the same one in different management environments has different credibility. The network flows with diverse credibility requirements are supposed to be transmitted along paths with the corresponding credibility levels (CR). In this paper, the credible transmission mechanism with multiple levels (CETML) is proposed, and the fundamental credible management strategies are suggested. Both routers and IP prefixes are associated with a CR, and the CR of a network flow is obtained according to its source and destination IP addresses. CETML constructs different virtual topologies for every transmission network with different CR, and insures that IP packets is forwarded by the routers whose CR is not less than the CR of these packets. Because the forwarding entries include multiple next hops, a small quantity of additional memory overhead is introduced in CETML. Analyzing the relevancy of the multi-level virtual topologies, we design a new routing calculating method based on Floyd algorithm in SDN environment. All the routing tables of virtual topologies can be achieved during the process of successive iterating calculation. Compared with current typical routing algorithms, the calculation time of CETML is significantly reduced.

       

    /

    返回文章
    返回