The main purpose of this thesis is to propose and to implement a new and novel solution on simulators and real devices to solve the mobility problem in a VPN. The new solution adds mobility support to existing L2TP/IPsec (Layer 2 Tunneling Protocol/IP Security) tunnels. It tunnels Layer 2 packets between a VPN client and a VPN server without using Mobile IP, Chapter 1: Introduction Page 3 © 2009 Chen Xu Page 3 without incurring tunnel-re-establishment at handoff, without losing packets during handoff, achieves better security than current mobility solutions for VPN, and supports fast handoff in IPv4 networks. The new solution has particular application when several persons inside a moving vehicle are connected to a network at layer 2 (for example a PPP link [39]). An L2TP/IPsec concentrator inside the vehicle is used to encapsulate Layer 2 packets and then to tunnel to the company network. It is also possible to encapsulate IP packets inside the L2TP/IPsec tunnel. The real world topology of the solution is shown in Figure 1-1. The new solution explained in this thesis handles the situation perfectly and quickly when the vehicle is moving and the L2TP/IPsec concentrator inside the vehicle changes IP addresses from time to time. Figure 1-1 Real World Topology This thesis focuses on reducing the VPN handoff time as much as possible. The time for VPN handoff is mainly caused by the time to get an IP address and the time for VPN negotiation. The time to get a new IP address varies from situation to situation as the new IP address can be got from UTMS, WiMAX [77] or even a wireless access point. Therefore, the main goal of this thesis is to reduce the VPN negotiation time. In the simulation, the time to get a new IP address was minimized by using the "ifconfig" command and a very small VPN handoff time was
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.