Abstract
IPsec based VPNs are widely used to secure connections in the Internet. As the bandwidth in the Internet grows there is a need to create more powerful fault tolerant IPsec systems. We present an IPsec clustering model based on sharing the processing of each IPsec connection to all cluster nodes using a master node. This clustering model offers good scalability, fine graded load balancing, and fault tolerance while maintaining all IPsec security features. We also present a test implementation of the clustering model with test results.
Chapter PDF
Keywords
References
David L. Mills: Network Time Protocol (Version 3). Request For Comments 1305, March 1992.
Randall Atkinson, Stephen Kent: Security Architecture for IP. Request For Comments 2401, November 1998.
Randall Atkinson, Stephen Kent: IP authentication header (AH). Request For Comments 2402, November 1998.
Randall Atkinson, Stephen Kent: IP Encapsulating Security Payload (ESP). Request For Comments 2406, November 1998.
Dave Carrel, Dan Harkins: The Internet Key Exchange (IKE). Request For Comments 2409, November 1998.
Steven M. Bellovin: Problem Areas for the IP Security Protocols. Proceedings of the Sixth Usenix UNIX Security Symposium, July 1996.
Ethan Blanton, Mark Allman: On making TCP more robust to packet reordering. ACM Computer Communication Review, 32(1), January 2002.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 IFIP International Federation for Information Processing
About this paper
Cite this paper
Nuopponen, A., Vaarala, S., Virtanen, T. (2004). IPsec Clustering. In: Deswarte, Y., Cuppens, F., Jajodia, S., Wang, L. (eds) Security and Protection in Information Processing Systems. SEC 2004. IFIP — The International Federation for Information Processing, vol 147. Springer, Boston, MA. https://doi.org/10.1007/1-4020-8143-X_24
Download citation
DOI: https://doi.org/10.1007/1-4020-8143-X_24
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-8016-1
Online ISBN: 978-1-4020-8143-9
eBook Packages: Springer Book Archive