The Research On Implementation Of The IPSec VPN Gateway Supporting VoIP

With the rapid development of Internet, the requirement of multimedia traffic is increased. As an audio service based on IP, VoIP (Voice over IP) gradually becomes the main body of multimadia traffic. Hence, better performance of network security and network transportation is required. On the one hand, VoIP packages, which are transported in the public networks, may be captured, vandalized and replayed. On the other hand, QoS (Quality of Service) of the real-time traffic is sensitive to delay, jitter and package loss.VPN (Virtual Privare Networks) is an effective and secure communication mode, which is applied broadly in business. Because traffic under VPN environment is monospecific, the consideration on multimedia traffic over VPN is necessary in order to enable VPN to provide with the new value-added service.In order to make full use of the advantage of VPN on security and extend the range of VPN services, the paper presents an idea that VoIP is transported under VPN environment.Firstly, the paper summarizes the limits of VPN to VoIP and analyzes the traditional solutions to these limits.Then, this paper analyzes IPSec protocol in detail, points out its influence on VoIP, and emphasizes the two critial shortages of IPSec VPN gateway. These two key issues are that the process rate of IPSec has worse effect on delay of package and that schedule strategy on the IPSec gateway can not guarantee VoIP QoS. FCFS (Firsr Come Firsr Service) is employed by IPSec VPN gateway before IPSec process is executed. In order to overcome above two disadvantages, the paper comes up with the corresponding solutions. On the one hand, in order to enhance the process rate of IPSec and reduce the end to end delay of VoIP, 3DES encryption algorithm is replaced by AES encryption algorithm, which has the better security and the more rapid encryption rate than 3DES encryption algorithm. On the other hand, combining the study on DiffServ architecture with the analysis on the supporting environment of VPN QoS based on DiffServ, the paper implementes a DiffServ schedule machnism supporting VoIP to assure VoIP QoS.Finally, the paper improves and designs a novel VPN gateway prototype supporting VoIP on the base of the combination of DiffServ framework implementation with IPSec implementation in the operating system Linux. In addition,in order to test the performance of the IPSec VPN gateway, the testing environment is put up.The results suggest that the IPSec VPN gateway supporting VoIP can improve the performance of VoIP QoS in the view of Delay,Package lost and Jitter ?...