簡易檢索 / 詳目顯示
| 研究生: |
林俐瑋 Li-wei Lin |
|---|---|
| 論文名稱: |
以SIP 為基礎的行動虛擬私人網路之效能分析 Performance Analyses of SIP-based Mobile VPN |
| 指導教授: |
陳志成
Jyh-Cheng Chen |
| 口試委員: | |
| 學位類別: |
碩士 Master |
| 系所名稱: |
電機資訊學院 - 通訊工程研究所 Communications Engineering |
| 論文出版年: | 2005 |
| 畢業學年度: | 93 |
| 語文別: | 英文 |
| 論文頁數: | 46 |
| 中文關鍵詞: | 行動虛擬私人網路 、換手 |
| 外文關鍵詞: | Mobile VPN, handoff |
| 相關次數: | 點閱:3 下載:0 |
| 分享至: |
| 查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報 |
SIP-based mobile VPN 是本實驗室針對即時性應用所提出的一個移動虛擬私人網路的解決方法。目前,大部分的方法多是採用MIP與IPSec來達到移動與資料安全的目的。MIP tunnel與IPSec tunnel會增加封包長度約100bytes,但是即時性應用的封包通常比一般應用的封包小(約40bytes),因此使用MIP與IPSec會使得即時性應用的封包大幅增大,以及需要更多的頻寬。此外當使用者移動至新的網路、取得新位址時,MIP與IPSec tunnel必須被重新建立,而造成換手延遲(handoff delay)增長。由於即時性應用對於可用頻寬與換手延遲較為敏感,因此,SIP-based mobile VPN捨棄一般方法所使用的MIP與IPSec,採用SIP註冊(registration)與重新邀請(re-invitation)來管理使用者的位置。並結合SRTP與cRTP,使整個封包都可以被保護。此外利用DIAMETER SIP Application來提供認證、授權、計費以及金鑰管理的工作。而金鑰交換的工作,則是由MIKEY負責。MIKEY與IPSec所使用的IKE相比,它只需要較少的訊息交換便可完成金鑰交換。
SIP-based mobile VPN依據移動方式的不同,共有三種換手方式,分別是(1)從內部網路移動至外部網路、(2)從一個外部網路移至另一個外部網路、(3)從外部網路移回內部網路。在第(1)種換手方式,使用者與內部網路之間會建立一條經過虛擬私人網路閘道的通道,此閘道負責加密內部網路送往外部網路使用者的封包,以及將位於外部網路使用者的封包進行解密。在第(2)種換手方式,只有使用者與閘道之間的通道需要更新,使閘道知道使用者的最新位置。在第(3)種換手方式,當使用者回到內部網路,不需要透過通道,便可直接與內部網路溝通。
本論文即針對SIP-based mobile VPN,提出有關信號成本(signaling cost)與換手延遲的數學分析。並且以NS2模擬SIP-based mobile VPN。
This thesis presents the mathematical analyses and simulation of SIP-based mobile VPN.
SIP-based mobile VPN is a mobile VPN solution, especially designed to provide real-time
applications better performance and faster handoff. It uses several existing IETF protocols,
SIP, RTP, SRTP, MIKEY and Diameter SIP Application but not MIP and IPSec, which most
other mobile VPN solutions use. For example, IETF proposed a MIP- and IPSec-based mobile
VPN solution, which uses 2 MIP tunnels and 1 IPSec tunnel to forward mobile node
(MN)s packets. However, the IETF solution increases the packet length greatly especially
for real-time applications and these 3 tunnels need to be re-established once MN enters a
new foreign network. These two facts make more bandwidth consumption longer handoff
delay and are harmful to real-time application, which are sensitive to bandwidth and handoff
delay. To overcome these drawbacks, SIP-based mobile VPN utilize SIP registration and
re-invitation to management MN location. Besides, the combination of SRTP and cRTP can
protect MN packets. DIAMETER server takes charge of not only authentication, authorization
and accounting but also key management. MIKEY distributes key material with a few
message exchanges.
This thesis presents the mathematical analyses of SIP-based mobile VPN to evaluate
the signaling cost and handoff delay. Besides, NS2 simulation results of SIP-based mobile
VPN are included in this thesis as well.
[1] V. Consortium, “VPN Technologies: Definitions and Requirements.” VPN Consortium,
Jan. 2003.
[2] C. E. Perkins, “IP Mobility support for IPv4.” IETF RFC 3220, Jan. 2002.
[3] J. Rosenberg, H. Schulzrinne, G. Camarillo, A. Johnston, J. Peterson, R. Sparks,
M. Handley, and E. Schooler, “SIP: Session Initiation Protocol.” IETF RFC 3261, June
2002.
[4] M. Baugher, D. McGrew, M. Naslund, E. Carrara, and K. Norrman, “The Secure Realtime
Transport Protocol (SRTP).” IETF RFC 3771, Mar. 2004.
[5] J. Arkko, E. Carrara, F. Lindholm, M. Naslund, and K. Norrman, “MIKEY: Multimedia
Internet KEYing.” IETF Internet-Draft draft-ietf-msec-mikey-08, Dec. 2003.
[6] P. Calhoun, J. Loughney, E. Guttman, G. Zorn, and J. Arkko, “Diameter Base Protocol.”
IETF RFC 3588, Sept. 2003.
[7] F. Adrangi and H. Levkowetz, “Problem Statement: Mobile IPv4 Traversal of VPN
Gateways.” IETF Internet-Draft draft-ietf-mip4-vpn-problem-statement-02.txt, Feb.
2004.
[8] F. Adrangi and H. Levkowetz, “Problem Statement: Mobile IPv4 Traversal of
VPN Gateways.” IETF Internet-Draft draft-ietf-mobileip-vpn-problem-statement-req-
03, June 2003.
[9] M. Handley and V. Jacobson, “SDP: Session Description Protocol.” IETF RFC 2327,
Apr. 1998.
[10] E. Wedlund and H. Schulzrinne, “Mobility Support using SIP.”
[11] H. Schulzrinne, S. Casner, R. Frederick, and V. Jacobson, “RTP: A Transport Protocol
for Real-Time Applications.” IETF RFC 3550, July 2003.
[12] S. Casner and V. Jacobson, “Compressing IP/UDP/RTP Headers for Low-Speed Serial
Links.” IETF RFC 2508, Feb. 1999.
[13] C. Rigney, S. Willens, A. Rubens, and W. Simpson, “Remote Authentication Dial In
User Service (RADIUS).” IETF RFC 2865, June 2000.
[14] M. Garcia-Martin, M. Belinchon, M. Pallares-Lopez, C. Canales, and K. Tammi, “Diameter
Session Initiation Protocol (SIP) Application.” <draft-ietf-aaa-diameter-sipapp-
03.txt>, July 2004.
[15] P. Srisuresh, J. Kuthan, J. Rosenberg, A. Molitor, and A. Rayhan, “Middlebox communication
architecture and framework.” IETF RFC 3303, Aug. 2002.
[16] D. L. Mills, “Network Time Protocol (Version 3) Specication, Implementation and
Analysis.” RFC 1305, Mar. 1992.
[17] S. Vaarala (Ed.), “Mobile IPv4 traversal across IPsec-based VPN gateways.” <draftietf-
mobileip-vpn-problem-solution-03.txt>, Sept. 2003.
[18] D. Gross, C. M.Harris , “Fundamentals of Queueing Theory 3rd Eddition.”
[19] S. C. Huang, J. C. Chen, “SIP-Based Mobile VPN for Real-Time Applications.” IEEE
WCNC, 2005.
[20] Y.-B Lin, “Reducing Location Update Cost in a PCS Network.” IEEE/ACM Transactions
on Networing, vol. 5, no. 1, pp. 25.33, 1997.
全文公開日期 本全文未授權公開 (校內網路)全文公開日期 本全文未授權公開 (校外網路)