| Firewall plays an important role in network security. There are many indicators to evaluate the firewall,and its performance is one of the most important term. Firewall based on NP (network processor) performs better than that based on the traditional X86-architecture, and more flexible than ASIC architecture. NP architecture is used widely at present.With the development of network technology, gigabit access is used more and more widely in government, military, financial industry and so on. Firewall based on NP4GS3 network processor belongs to gigabit series of products. But current product only has four gigabit ports at most and can not meet the customers in several network export environment, especially in high availability environment. So gigabit port extension has practical significance. The contrubitions of this thesis mainly includes:1. Do some research on structure of firewall based on NP4GS3 network processor. This thesis proposes solution for NP recognising ports in channel, bridge, route on bridge and route mode. And it puts forward packets processing solution at egress side of NP. Then, Solution for supporting high availability environment is raised. Then all of them are implemented by coding.2. It designs the improved solution with static table to get port configuration information, according to the frame and function of data management level of CP (Control Processor) and data processing level of NP software.3. This thesis designs a solution to simulate FPGA using firewall based on NP4GS3 network processor, and builds the test platform for early software development.4. It brings forward scheme to identify different types of hardware for port extension. And I make some tests on new product for the performance and function. |
PDF Full Text Request