Research And Implementation Of Dynamic VPN Based On Improved Directory Service Technology

With the rapid development of Internet, the current business activities of enterprises increasingly rely on Internet, but the Internet as a public transmission medium can not meet the requirements of the confidentiality of business information. Thus, it introduces the concept of VPN (Virtual Private Network). As a collection of various network technologies, VPN offers dedicated communications services with the public Internet infrastructure. VPN technology is very mature now, more and more enterprises want to set up VPN in the public network to connect multiple branch offices in different geographical location.But with the expansion of networking, the issues of networking through traditional VPN technologies have been exposed. Such as networking and configuration complexity, can not adapt to dynamic IP, maintainability and scalability is poor and so on. Especially in the applications of enterprise network, there are a lot of enterprise branch in general, and part of them access to internet with dynamic IP address. Thus it is impossible to config the public address of other side in the way of static configuration.This makes it difficult to establish tunnel directly between the branchs. Moreover, when one branch has established tunnel changed configuration, all the nodes have established with the branch need to change the configuration of the tunnel.To solve these problems, the paper proposes the DVPN (Dynamic Virtual Private Network) solution based on improved directory service technology and does the following work:Firstly, Analyzed the deficiencies of traditional VPN technologies in detail, compared the main technologis of setting up VPN when the nodes access to the Internet with dynamic ip addres, and selected the improved technology of directory service as the basis for dynamic IP networking; Secondly, Systematically analyzed the design of the VPN solution base on the improved technology of directory service. The DVPN network level, the dynamic tunneling mechanism, the way of getting dynamic address and DVPN networking are analyzed respectively in detail. And we clearly know the requirement of DVPN solution; Thirdly, The processing of VAM and the dynamic tunneling mechanisms of DVPN were snalyzed in detail, and we designed DVPN tunnel header; Fourthly, in the support of Comware that is a network operating system platform, I participated in the design and implementation of DVPN system, and independently completed the sub-modules of DVPN module, such as configuration module, session module, forwarding module and timer module.