| With the development of the computer network, the LANs of the departments and enterprises are becoming larger and larger. VLAN technology is a very effective way to resolve the LAN's broadcast problem and enhance the LAN's security. But there are also some problems along with it, because the hosts in the different VLANs may request for communicating across. Moreover, some hosts in the different VLANs may hope that the information must not be captured or modified by some vicious persons in the LAN when they are communicating.IPSec protocol is being used to resolve the IP security problem, it can keep the IP packets from being attacked by providing data integrity, authentication and confidentiality of the IP packets.The VLAN system based on the IPSec technology which this dissertation implements can support VLAN communicating across, and can also authenticate and encrypt/decrypt of the IP packets. The whole system can put into the original LAN transparently without other configuration of network.Firstly, the dissertation discusses the LAN/VLAN technology and analyses their deficiency, then gives my own opinion and solution: Implementation of VLAN system with the SA of IPSec.Secondly, the dissertation introduces the IPSec protocol structure that consists of the SPD, SADB, AH, ESP, IKE and IPSec transmission processing, and makes a conclusion of the IPSec's advantages and applications.Thirdly, the dissertation introduces and analyses the Linux Bridge... |
PDF Full Text Request