Research And Application Of Tunnel Technology In P2P Network Communication

As the most important network application on the Internet,the Peer-to-Peer (P2P)networks load of more than 60 percent of the transmission flow,and this kind of network's performance is very important to improve the performance of Internet network service quality.Along with the quantity of P2P network user and new service's unceasing increase,the network operator must provide the best service and the broader application scope for the user with every effort to obtain a better development in the intense market competition environment. Under such background,the P2P network performance becomes the focal point more and more.However,while people are paying attention to the performance of network, the network transmission's security is also under their consideration.AS one kind of important safety technology,the tunnel technology obtain more and more widespread application,but the network address translation(NAT)which is massively used on customer network edge possibly affects the network security protocle,for example:IPSec normal operation.The tunnel technology is one of present network mainstream technology. Its essence is the seal that is grouping one kind of protocle type into another. However,the present tunnel technology and the NAT technology are incompatible because these two kind of outstanding technologies are unable to coexist at the same time in the network,and the basic reason is that the application of NAT technology destroys the encryption tunnel.VPN carries on the encryption and the decipher work on the data packet address or the value of verification when it establish correspondence tunnel,but NAT changes them.If this question can be solved,the user may carry on the safe data exchange by lower cost,which has a very good application prospect.At present,this kind of technology is becoming the hot spot.One kind of new technology which is called IPSec NAT traversing(NAT-T)is standardized by Internet project duty group's IPSec network work team.IPSec NAT-T is described on the Internet draft of the "UOSec the package of UDP seal" (draft-ietf-ipsec-udp-encaps-02.txt)and "the IKE NAT traversing consults" (draft-ietf-ipsec-nat-t-ike-02.txt).IPSec NAT-T has made the revision to the consultative process,and has defined the different methods of transmissing the data which is underIPSec protection.This article firstly introduces peer-to-peer and NAT,including some of the basic concepts,the type of NAT in the network and the communication strategies of the host behind NAT,introduces the tunnel technology in detail, analizes the characteristics and the basic telnets of IPSec protocol and proposes some improvements against their shortcoming at the end.Improvements of the agreement includes the following aspects:Firstly,under the research of the programme on NAT traversal and the current IKE in the NAT traversal,on the basis of the consultation proposes the overall programme of NAT crossing; secondly,explains the work model and process of the IKE protocol,and further more expands and improves the agreement in order to complete the corresponding requirements;Thirdly,studys the based format of existing IPSec packets,in view of its shortcomings,presents a multiple package programme, and reduces the shortcomings of the original package programme;Finally,on the background of the overall plan,designs the two packages programmes, makes a pilot programme in the NS,and summarizes the performance of the communications.This paper is mainly on the research of the P2P network secure communication.Based on traditional "UDP burrow technology",it uses the UDP protocle to transmiss data in the transmission layer,employs IPSec as the network security tunnel agreement,and establishes the tunnel to solve the problem of communication between two host computers which belong to two different NAT subnets.