Performance Implications of Instantiating IPsec over BGP Enabled RFC 4364 VPNs

@article{Pezeshki2007PerformanceIO,
  title={Performance Implications of Instantiating IPsec over BGP Enabled RFC 4364 VPNs},
  author={Jonah Pezeshki and L. Jeffress and V. Chao and W. Hall},
  journal={MILCOM 2007 - IEEE Military Communications Conference},
  year={2007},
  pages={1-7}
}
Needs for internetworking private networks over a commonly shared public network have expanded the usage of Virtual Private Networks (VPNs). Customers, through the use of a RFC 4364 VPN, use service provider (SP) backbones to establish private connectivity between geographically disparate networks. As a direct result of SPs migrating towards an Internet Protocol (IP) over a Multi-Protocol Label Switching (MPLS) infrastructure, as observed within the Defense Information Switched Network (DISN… 
View on IEEE
doi.org
2 Citations
Background Citations
1

2 Citations

An IPSec Mediation Approach for Safe Establishment of Inter-domain VPNs

A new solution to increase the security of BGP/MPLS IP VPNs established across multiple domains and improves the dynamic composition of multi-domain VPNs, thus reducing the effort and time required to provide such VPNs.

A High Efficient Selective Content Encryption Method Suitable for Satellite Communication System

The variable modulus encryption method is proposed to solve the problem of variable length code encryption and can improve the efficiency of encryption and achieve fast, secure, and high efficient encryption of satellite communication system.

References

SHOWING 1-8 OF 8 REFERENCES

Applying 4364 Virtual Private Networks to the Global Information Grid

This paper details 4364 VPN operation and explores several use-cases for application between various components of the GIG, as the network architectures of GIG may significantly deviate from the SP-customer network topologies found on the Internet.

Applying 2547bis virtual private networks to the global information grid

This paper investigates 2547bis VPN operation and details use-cases for application between various components of the GIG, and presents various 25 47bis VPN architecture alternatives and enhancements, which helps the scaling and deployment of 2547 Bis VPNs in large-scale IP networks.

OSPF as the Provider/Customer Edge Protocol for BGP/MPLS IP Virtual Private Networks (VPNs)

This document extends the base specification for BGP/MPLS IP VPNs by allowing the routing protocol on the PE/CE interface to be the Open Shortest Path First (OSPF) protocol.

BGP/MPLS IP Virtual Private Networks (VPNs)

This document describes a method by which a Service Provider may use an IP backbone to provide IP Virtual Private Networks (VPNs) for its customers. This method uses a "peer model", in which the

Use of Provider Edge to Provider Edge (PE-PE) Generic Routing Encapsulation (GRE) or IP in BGP/MPLS IP Virtual Private Networks

This document describes an implementation strategy for BGP/MPLS IP Virtual Private Networks (VPNs) in which the outermost MPLS label (i.e., the tunnel label) is replaced with either an IP header or

A Security Architecture for the Internet Protocol

The design, rationale, and implementation of a security architecture for protecting the secrecy and integrity of Internet traffic at the Internet Protocol (IP) layer, which includes a modular key management protocol, called MKMP, is presented.

IP Encapsulating Security Payload (ESP)

This document describes an updated version of the Encapsulating Security Payload (ESP) protocol, which is designed to provide a mix of security services in IPv4 and IPv6. ESP is used to provide

Security Architecture for the Internet Protocol

This document describes an updated version of the "Security Architecture for IP", which is designed to provide security services for traffic at the IP layer. This document obsoletes RFC 2401