IPSec VPN communication service processing method and system under IPv6 environment

A communication service and environment technology, applied in the field of data communication, can solve the problems of IPSecVPN communication supervision difficulties, improve the monitoring efficiency and achieve the effect of supervision

Active Publication Date: 2013-07-03
CHINA TELECOM CORP LTD
View PDF2 Cites 19 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The VPN gateway of the target customer is located on the user side, and the operator cannot control it and realize supervision
Therefore, it is a difficult point for IPSec VPN communication supervision under the environment of Internet Protocol Version 4 (IPv4) and Internet Protocol Version 6 (IPv6)

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • IPSec VPN communication service processing method and system under IPv6 environment
  • IPSec VPN communication service processing method and system under IPv6 environment
  • IPSec VPN communication service processing method and system under IPv6 environment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0032] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

[0033] The length of the IPv6 address is extended to 128 bits. The representation of the IPv6 prefix is ​​similar to the Classless Inter-Domain Routing (hereinafter referred to as: CIDR) mechanism in the IPv4 address. An IPv6 address prefix is ​​represented as: IPv6 address / prefix length . In actual use, the IPv6 public address of a terminal usually has a 64-bit prefix, and the last 64 bits are an interface identifier, which is used to identify a unique host in a s...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention discloses an IPSec (Internet Protocol Security) VPN (Virtual Private Network) communication service processing method and a system under an IPv6 (Internet Protocol Version 6) environment. The method comprises the steps that access equipment receives an IPv6 data package sent by a client side; whether a source IPv6 address is a static address is identified according to static route identification information in top 64 route prefixes in the source IPv6 address in the IPv6 data package; if the source IPv6 address is the static address, the access equipment identifies whether the IPv6 data package is an IPSec VPN data package according to access type identification in the top 64 route prefixes; if the IPv6 data package is the IPSec VPN data package, certification information in rear 64 route prefixes in the source IPv6 address is certificated; if certification is not passed, the IPSec VPN data package is discarded; and if the certification is passed, the IPSec VPN data package is forwarded to a unified access IPSec VPN gateway or other targeted VPN gateways according to a destination address in the IPSec VPN data package. According to the IPSec VPN communication service processing method and the system, an IPSec VPN flow under the IPv6 environment can be supervised, and the monitoring efficiency is improved.

Description

technical field [0001] The invention relates to network security technology in the field of data communication, in particular to an IPSec VPN communication service processing method and system under the IPv6 environment. Background technique [0002] The Internet Protocol Security (Internet Protocol Security, hereinafter referred to as: IPSec) protocol is an open standard framework structure. Specific communication parties use encryption and data summary (hash) at the IP network layer to ensure that data packets are transmitted on the Internet. (Internet) privacy, integrity and authenticity when transmitted. The IPSec protocol provides two security protocols, including an Authentication Header (hereinafter referred to as: AH) and an Encapsulation Safety Payload (hereinafter referred to as: ESP) header. Among them, AH can realize data authentication and data integrity, and can effectively prevent replay (Replay) attacks. The ESP header can provide data confidentiality, data...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/12H04L29/06H04L12/46
Inventor 王帅沈军金华敏汪来富余晓光何明冯明
Owner CHINA TELECOM CORP LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap