[go: up one dir, main page]

CN109450960A - Processing method, device, equipment, system and the medium of IPsec agreement - Google Patents

Processing method, device, equipment, system and the medium of IPsec agreement Download PDF

Info

Publication number
CN109450960A
CN109450960A CN201910019944.6A CN201910019944A CN109450960A CN 109450960 A CN109450960 A CN 109450960A CN 201910019944 A CN201910019944 A CN 201910019944A CN 109450960 A CN109450960 A CN 109450960A
Authority
CN
China
Prior art keywords
data
processing
agreement
ipsec
pending data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910019944.6A
Other languages
Chinese (zh)
Inventor
王振江
王朝辉
满宏涛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhengzhou Yunhai Information Technology Co Ltd
Original Assignee
Zhengzhou Yunhai Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhengzhou Yunhai Information Technology Co Ltd filed Critical Zhengzhou Yunhai Information Technology Co Ltd
Priority to CN201910019944.6A priority Critical patent/CN109450960A/en
Publication of CN109450960A publication Critical patent/CN109450960A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0485Networking architectures for enhanced packet encryption processing, e.g. offloading of IPsec packet processing or efficient security association look-up
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/04Protocols for data compression, e.g. ROHC

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

本发明实施例公开了一种IPsec协议的处理方法、装置、设备、系统及计算机可读存储介质。其中,系统包括FPGA板卡、主机服务器及网卡,FPGA板卡和主机服务器通过PCIE进行数据通信,FPGA板卡与网卡相连。FPGA板卡包括用于对从主机服务器内存读取的待处理数据进行压缩处理,以及对网卡发送的IP数据包进行解压处理的数据压缩/解压模块和用于对数据进行IP协议处理的IPsec数据处理模块。本申请设计简单,结构清晰,便于实现,实现了使用FPGA对IPsec协议处理进行硬件加速,还可通过FPGA定制网卡结构;通过对数据进行压缩,使实际数据带宽可以超过光纤限制,从而提升网络带宽;根据任务变更或者数据量的增加,可以在对服务器硬件不进行变更时只改变网卡,从而实现成本的降低。The embodiment of the invention discloses a processing method, device, device, system and computer readable storage medium of the IPsec protocol. The system includes an FPGA board, a host server, and a network card. The FPGA board and the host server communicate data through PCIE, and the FPGA board is connected to the network card. The FPGA board includes a data compression/decompression module for compressing the data to be processed read from the memory of the host server, and a data compression/decompression module for decompressing the IP data packet sent by the network card, and IPsec data for performing IP protocol processing on the data. Processing module. The application is simple in design, clear in structure, easy to implement, realizes hardware acceleration using IPsec protocol processing by FPGA, and can customize network card structure through FPGA; by compressing data, the actual data bandwidth can exceed the fiber limitation, thereby improving network bandwidth According to the task change or the increase in the amount of data, it is possible to change only the network card when the server hardware is not changed, thereby achieving cost reduction.

Description

Processing method, device, equipment, system and the medium of IPsec agreement
Technical field
The present embodiments relate to IPsec protocol technology field, more particularly to a kind of IPsec agreement processing method, Device, equipment, system and computer readable storage medium.
Background technique
As Internet network develops rapidly, data traffic does not increase exponentially on network, and corresponding backstage takes The processing capacity of business device faces difficult challenge, important indicator of the delay and bandwidth of network as promotion server handling ability, Especially in large-scale internet data processing center application scenarios, huge data interaction amount currently challenges service The iteration cost and processing capacity of device hardware.
In order to save hardware cost and avoid hardware resource waste, the processor ability of existing server is improved, is please referred to Shown in Fig. 1, the relevant technologies realize IPsec (Internet Protocol Security by using acceleration network card chip Internet, protocol safety) processor function unloading effect, the acceleration network card chip have individually to IPsec agreement Then the data handled well are directly supplied to CPU (Central Processing Unit, central processing unit) by processing capacity, The IPsec protocol processes work for discharging CPU processor, allows CPU to carry out other vital tasks, the data of Lai Tigao server Processing capacity.Server is connected by the network interface card for having agreement to unload engine with network, is then unloaded engine and is transferred data to Server, the general function need to realize by driving configuration network interface card.
But network interface card can not achieve customization at intrinsic chip mode;Function that server rank on the market uses at present Energy network interface card is expensive, if using the heart in data handling, cost is too high;In addition, unloading network card chip is all foreign-made, It is not appropriate for if it is applied to science and techniques of defence or other secure environments.
Summary of the invention
The embodiment of the present disclosure provides the processing method of IPsec agreement a kind of, device, equipment, system and computer-readable Storage medium reduces cost, realizes acceleration and the data band of IPsec protocol processes, it can be achieved that the network interface card of different function customizes Wide increase.
In order to solve the above technical problems, the embodiment of the present invention the following technical schemes are provided:
On the one hand the embodiment of the present invention provides a kind of processing system of IPsec agreement, comprising:
Including FPGA board, host server and network interface card, the FPGA board and the host server by PCIE into Row data communication, the FPGA board are connected with the network interface card;
The FPGA board includes Data compression/decompression module and IPsec data processing module, the data compression/solution Die block is used to carry out the pending data read from host server memory compression processing, and the network interface card is sent IP data packet carries out decompression processing;The IPsec data processing module is used to carry out IP agreement processing to data.
Optionally, the FPGA is used to directly access the memory of the host server by PCIE, reads the memory In pending data;Compression processing is carried out to the pending data, and IP agreement is carried out to compressed pending data Processing, by treated, data are sent to the network interface card.
Optionally, the FPGA is used to receive the IP data packet that the network interface card is sent, and carries out IP association to the IP data packet View processing;Decompression processing is carried out to the IP data packet by IP agreement processing;Data after decompression are write direct into host services In the memory of device, so that the host server reads data from memory.
Optionally, the Data compression/decompression module includes multiple compression/decompression submodules, each compression/decompression submodule Block is corresponding with the task type that the host server is run, and is matched according to the task type of the host server corresponding Compression/decompression submodule handles data.
Optionally, the FPGA board is connected with the network interface card by optical fiber network interface.
On the other hand the embodiment of the present invention provides a kind of processing method of IPsec agreement, be applied to FPGA board, packet It includes:
Obtain pending data;
Judge whether the pending data is compressed data;
If so, to the pending data carry out IP agreement processing, and to by IP agreement processing IP data packet into Row decompression processing;
If it is not, then carrying out compression processing to the pending data, and IP agreement is carried out to compressed pending data Processing.
Optionally, described to include: to pending data progress compression processing
The corresponding targeted compression algorithm of identification information match carried according to the pending data;
Compression processing is carried out to the pending data using the targeted compression algorithm;
Wherein, the identification information is used to identify the task type of the pending data, the type of compression algorithm and institute The task type for stating pending data is mutually unique corresponding.
The embodiment of the invention also provides a kind of processing units of IPsec agreement, are applied to FPGA board, comprising:
Data acquisition module, for obtaining pending data;
Judgment module, for judging whether the pending data is compressed data;
First data processing module is compressed data for the pending data, then carries out to the pending data IP agreement processing, and decompression processing is carried out to the IP data packet by IP agreement processing;
Second data processing module is not compressed data for the pending data, then to the pending data into Row compression processing, and IP agreement processing is carried out to compressed pending data.
The embodiment of the invention also provides a kind of processing equipment of IPsec agreement, including processor, the processor is used for It is realized when executing the computer program stored in memory as described in preceding any one the step of the processing method of IPsec agreement.
The embodiment of the present invention finally additionally provides a kind of computer readable storage medium, the computer readable storage medium On be stored with the processing routine of IPsec agreement, realize when the processing routine of the IPsec agreement is executed by processor as preceding any The step of processing method of the item IPsec agreement.
The advantages of technical solution provided by the present application, is that design is simple, clear in structure, is easy to implement.Utilize FPGA plate Card handles IPsec agreement, does not need host server and expends resource, reduces processing delay, improves host services The data processing performance of device, realize using FPGA to IPsec protocol processes carry out it is hardware-accelerated, can also customize net by FPGA Card structure;In addition, limiting real data bandwidth more than optical fiber, to promote Netowrk tape by compressing to data It is wide;According to task change or the increase of data volume, it can only change network interface card when to server hardware without changing, thus The reduction of cost of implementation.
In addition, the embodiment of the present invention provides corresponding method, apparatus, equipment also directed to the processing system of IPsec agreement And computer readable storage medium, further such that the system has more practicability, the method, device, equipment and calculating Machine readable storage medium storing program for executing has the advantages that corresponding.
It should be understood that the above general description and the following detailed description are merely exemplary, this can not be limited It is open.
Detailed description of the invention
It, below will be to embodiment or correlation for the clearer technical solution for illustrating the embodiment of the present invention or the relevant technologies Attached drawing needed in technical description is briefly described, it should be apparent that, the accompanying drawings in the following description is only this hair Bright some embodiments for those of ordinary skill in the art without creative efforts, can be with root Other attached drawings are obtained according to these attached drawings.
Fig. 1 is the principle signal that a relevant technologies provided in an embodiment of the present invention realize that server handling ability improves Figure;
Fig. 2 is a kind of specific embodiment structure chart of the processing system of IPsec agreement provided in an embodiment of the present invention;
Fig. 3 is a kind of flow diagram of the processing method of IPsec agreement provided in an embodiment of the present invention;
Fig. 4 is the flow diagram of the processing method of another kind IPsec agreement provided in an embodiment of the present invention;
Fig. 5 is the flow diagram of the processing method of another IPsec agreement provided in an embodiment of the present invention;
Fig. 6 is a kind of specific embodiment structure chart of the processing unit of IPsec agreement provided in an embodiment of the present invention.
Specific embodiment
In order to enable those skilled in the art to better understand the solution of the present invention, with reference to the accompanying drawings and detailed description The present invention is described in further detail.Obviously, described embodiments are only a part of the embodiments of the present invention, rather than Whole embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art are not making creative work premise Under every other embodiment obtained, shall fall within the protection scope of the present invention.
The description and claims of this application and term " first ", " second ", " third " " in above-mentioned attached drawing Four " etc. be for distinguishing different objects, rather than for describing specific sequence.Furthermore term " includes " and " having " and Their any deformations, it is intended that cover and non-exclusive include.Such as contain a series of steps or units process, method, System, product or equipment are not limited to listed step or unit, but may include the step of not listing or unit.
After describing the technical solution of the embodiment of the present invention, the various non-limiting realities of detailed description below the application Apply mode.
Referring first to Fig. 2, Fig. 2 is a kind of processing system of IPsec agreement provided in an embodiment of the present invention in a kind of implementation Structural framing figure under mode, including FPGA board 21, host server 22 and network interface card 23.
FPGA board 21 and host server 22 are by PCIE progress data communication, to realize FPGA board 21 and host The rapid data interaction of server 22.FPGA board 21 passes through PCIE (Peripheral Component Interconnect Expres, peripheral hardware interconnection standard bus) memory that can directly access host server 22, thus from the memory of host server 22 Middle reading data, or data are write direct by PCIE in the memory of host server 22.FPGA board 21 and network interface card 23 are connected, such as network interface card 23 can be connected with FPGA board 21 by optical fiber network interface.
FPGA board 21 includes Data compression/decompression module and IPsec data processing module, Data compression/decompression module For carrying out compression processing to the pending data that reads from host server memory, and IP data packet that network interface card is sent into Row decompression processing;IPsec data processing module is used to carry out IP agreement processing to data.
Data are generated by host server and are sent by network, please refer to shown in Fig. 2, server transmission data Flow diagram, in this process, FPGA board 21 directly access the memory of host server 21 by PCIE, read in memory Pending data;Compression processing is carried out to pending data, and IP agreement processing is carried out to compressed pending data, most The data after compression processing are sent to network interface card 23 afterwards.
The process that network interface card end is handled after receiving the data please refers to shown in Fig. 4, in this process, FPGA21 board The IP data packet that network interface card 23 is sent is received, IP agreement processing is carried out to IP data packet;To the IP data packet by IP agreement processing Carry out decompression processing;Finally the data after decompression are write direct in the memory of host server 22, so that host server 22 Data are read from memory.
In order to improve data-handling efficiency, it can realize that customized data compression and decompression are calculated in FPGA board 21 Method, by carrying out compressed encoding to mass data, realization proposes the further bandwidth of transmission channel on the basis of original bandwidth It rises.The module can be customized according to the operation task type of host server 22, and same plus decompression pressure algorithm is to difference Task type data treatment effeciency it is different, therefore a variety of plus decompression can be set according to the task type of host server and calculated Method.That is, Data compression/decompression module includes multiple compression/decompression submodules, each compression/decompression submodule and master The task type of machine server operation is corresponding, matches corresponding compression/decompression submodule according to the task type of host server Block handles data.For example, data are being directly acquired from 21 memory of host server, is then passing through data buffer storage Pond loads data into network interface card 23;The task type of pending data is identified, corresponding sub- compression algorithm is then transferred to Module carries out compression processing.In the case where FPGA resource allows, multiple compression algorithms can be increased, one can also be compressed Algorithm realizes assembly line mechanism, accelerates the processing speed to proprietary task.
Identification information (such as ID number) can be increased for pending data in advance, identification information is for identifying task type, and one For kind task type for a kind of compression algorithm (pressurization algorithm and decompression algorithm are corresponding), FPGA board 21 can be directly according to mark The task type of information identification pending data improves entire data processing to be handled using corresponding compression algorithm Efficiency.
IPsec data processing module completely reproduces IPsec process flow, by the IP data packet of the processor of host server Parsing job sharing come, reduce the resource that handle IP agreement of CPU, promotion CPU handles the efficiency of other vital tasks.It should Module can also carry out the customization of function while meeting IPsec agreement, and to the verification algorithm that needs are realized, encryption and decryption is calculated Method is screened.Finally after the completion of data processing, high speed fibre network interface is sent to, realize external network output.
In addition, acceleration can also be customized to upper layer task using the resource if FPGA board resource has redundancy, it can root Corresponding Processing Algorithm is embedded in FPGA board according to actual application scenarios to realize the customization of function, specific accelerating engine It is determined by task.
In technical solution provided in an embodiment of the present invention, design is simple, clear in structure, is easy to implement.Utilize FPGA plate Card handles IPsec agreement, does not need host server and expends resource, reduces processing delay, improves host services The data processing performance of device, realize using FPGA to IPsec protocol processes carry out it is hardware-accelerated, can also customize net by FPGA Card structure;In addition, limiting real data bandwidth more than optical fiber, to promote Netowrk tape by compressing to data It is wide;According to task change or the increase of data volume, it can only change network interface card when to server hardware without changing, thus The reduction of cost of implementation.
The embodiment of the present invention provides corresponding implementation method also directed to the processing system of IPsec agreement, below to this hair The processing method for the IPsec agreement that bright embodiment provides is introduced, and Fig. 5 is a kind of IPsec association provided in an embodiment of the present invention The flow diagram of the processing method of view, the embodiment of the present invention may include the following contents:
S501: pending data is obtained.
S502: judging whether pending data is compressed data, if so, S503 is executed, if it is not, then executing S504.
S503: IP agreement processing is carried out to pending data, and the IP data packet by IP agreement processing is decompressed Processing.
It, can be according to the corresponding target decompression algorithm of identification information match of pending data carrying in S503;Utilize mesh Mark decompression algorithm unzips it processing to pending data;Wherein, identification information is used to identify the task class of pending data The type of type, decompression algorithm is mutually unique corresponding with the task type of pending data.
S504: compression processing is carried out to pending data, and IP agreement processing is carried out to compressed pending data.
It, can be according to the corresponding targeted compression algorithm of identification information match of pending data carrying in S504;Utilize mesh It marks compression algorithm and compression processing is carried out to pending data;Wherein, identification information is used to identify the task type of pending data, The type of compression algorithm is mutually unique corresponding with the task type of pending data.
The realization process of each step sees the associated description of above-described embodiment, herein, is not just repeating.
From the foregoing, it will be observed that the embodiment of the present invention realize using FPGA to IPsec protocol processes carry out it is hardware-accelerated, can also lead to Cross FPGA customization network interface card structure;By compressing to data, limit real data bandwidth more than optical fiber, to be promoted Network bandwidth;According to task change or the increase of data volume, it can only change net when to server hardware without changing Card, thus the reduction of cost of implementation.
The embodiment of the present invention provides corresponding realization device also directed to the processing method of IPsec agreement, further such that The method has more practicability.The processing unit of IPsec agreement provided in an embodiment of the present invention is introduced below, hereafter The processing unit of the IPsec agreement of description can correspond to each other reference with the processing method of above-described IPsec agreement.
Referring to Fig. 6, Fig. 6 is the processing unit of IPsec agreement provided in an embodiment of the present invention in a kind of specific embodiment Under structure chart, the device can include:
Data acquisition module 601, for obtaining pending data.
Judgment module 602, for judging whether pending data is compressed data.
First data processing module 603 is compressed data for pending data, then carries out IP agreement to pending data Processing, and decompression processing is carried out to the IP data packet by IP agreement processing.
Second data processing module 604, is not compressed data for pending data, then compresses to pending data Processing, and IP agreement processing is carried out to compressed pending data.
The function of each functional module of the processing unit of IPsec agreement described in the embodiment of the present invention can be according to above method reality The method specific implementation in example is applied, specific implementation process is referred to the associated description of above method embodiment, herein no longer It repeats.
From the foregoing, it will be observed that the embodiment of the present invention realize using FPGA to IPsec protocol processes carry out it is hardware-accelerated, reduce at This.
The embodiment of the invention also provides a kind of processing equipments of IPsec agreement, specifically can include:
Memory, for storing computer program;
Processor realizes the processing side of IPsec agreement described in any one embodiment as above for executing computer program The step of method.
The function of each functional module of the processing equipment of IPsec agreement described in the embodiment of the present invention can be according to above method reality The method specific implementation in example is applied, specific implementation process is referred to the associated description of above method embodiment, herein no longer It repeats.
From the foregoing, it will be observed that the embodiment of the present invention realize using FPGA to IPsec protocol processes carry out it is hardware-accelerated, reduce at This.
The embodiment of the invention also provides a kind of computer readable storage mediums, are stored with the processing routine of IPsec agreement, As above the processing method of IPsec agreement described in any one embodiment when the processing routine of the IPsec agreement is executed by processor The step of.
The function of each functional module of computer readable storage medium described in the embodiment of the present invention can be according to above method reality The method specific implementation in example is applied, specific implementation process is referred to the associated description of above method embodiment, herein no longer It repeats.
From the foregoing, it will be observed that the embodiment of the present invention realize using FPGA to IPsec protocol processes carry out it is hardware-accelerated, reduce at This.
Each embodiment in this specification is described in a progressive manner, the highlights of each of the examples are with it is other The difference of embodiment, same or similar part may refer to each other between each embodiment.For being filled disclosed in embodiment For setting, since it is corresponded to the methods disclosed in the examples, so being described relatively simple, related place is referring to method part Explanation.
Professional further appreciates that, unit described in conjunction with the examples disclosed in the embodiments of the present disclosure And algorithm steps, can be realized with electronic hardware, computer software, or a combination of the two, in order to clearly demonstrate hardware and The interchangeability of software generally describes each exemplary composition and step according to function in the above description.These Function is implemented in hardware or software actually, the specific application and design constraint depending on technical solution.Profession Technical staff can use different methods to achieve the described function each specific application, but this realization is not answered Think beyond the scope of this invention.
The step of method described in conjunction with the examples disclosed in this document or algorithm, can directly be held with hardware, processor The combination of capable software module or the two is implemented.Software module can be placed in random access memory (RAM), memory, read-only deposit Reservoir (ROM), electrically programmable ROM, electrically erasable ROM, register, hard disk, moveable magnetic disc, CD-ROM or technology In any other form of storage medium well known in field.
It above can to a kind of processing method, device, equipment, system and the computer of IPsec agreement provided by the present invention Storage medium is read to be described in detail.Specific case used herein explains the principle of the present invention and embodiment It states, the above description of the embodiment is only used to help understand the method for the present invention and its core ideas.It should be pointed out that for this skill For the those of ordinary skill in art field, without departing from the principle of the present invention, several change can also be carried out to the present invention Into and modification, these improvements and modifications also fall within the scope of protection of the claims of the present invention.

Claims (10)

1. a kind of processing system of IPsec agreement, which is characterized in that described including FPGA board, host server and network interface card By PCIE progress data communication, the FPGA board is connected with the network interface card for FPGA board and the host server;
The FPGA board includes Data compression/decompression module and IPsec data processing module, the data compression/decompression mould Block is used to carry out the pending data read from host server memory compression processing, and to the IP number that the network interface card is sent Decompression processing is carried out according to packet;The IPsec data processing module is used to carry out IP agreement processing to data.
2. the processing system of IPsec agreement according to claim 1, which is characterized in that the FPGA is for passing through PCIE The memory for directly accessing the host server reads the pending data in the memory;The pending data is carried out Compression processing, and IP agreement processing is carried out to compressed pending data, by treated, data are sent to the network interface card.
3. the processing system of IPsec agreement according to claim 1, which is characterized in that the FPGA is described for receiving The IP data packet that network interface card is sent carries out IP agreement processing to the IP data packet;To by IP agreement processing IP data packet into Row decompression processing;Data after decompression are write direct in the memory of host server, so that the host server is from memory Middle reading data.
4. according to claim 1 to the processing system of IPsec agreement described in 3 any one, which is characterized in that the data pressure Contracting/decompression module includes multiple compression/decompression submodules, what each compression/decompression submodule and the host server were run Task type is corresponding, according to the task type of the host server match corresponding compression/decompression submodule to data into Row processing.
5. the processing system of IPsec agreement according to claim 4, which is characterized in that the FPGA board and the net Card is connected by optical fiber network interface.
6. a kind of processing method of IPsec agreement, which is characterized in that be applied to FPGA, comprising:
Obtain pending data;
Judge whether the pending data is compressed data;
If so, carrying out IP agreement processing to the pending data, and the IP data packet by IP agreement processing is solved Pressure processing;
If it is not, then carrying out compression processing to the pending data, and IP agreement processing is carried out to compressed pending data.
7. the processing method of IPsec agreement according to claim 6, which is characterized in that described to be carried out to pending data Compression processing includes:
The corresponding targeted compression algorithm of identification information match carried according to the pending data;
Compression processing is carried out to the pending data using the targeted compression algorithm;
Wherein, the identification information is used to identify the task type of the pending data, the type of compression algorithm and it is described to The task type for handling data is mutually unique corresponding.
8. a kind of processing unit of IPsec agreement, which is characterized in that be applied to FPGA board, comprising:
Data acquisition module, for obtaining pending data;
Judgment module, for judging whether the pending data is compressed data;
First data processing module is compressed data for the pending data, then carries out IP association to the pending data View processing, and decompression processing is carried out to the IP data packet by IP agreement processing;
Second data processing module is not compressed data for the pending data, then presses the pending data Contracting processing, and IP agreement processing is carried out to compressed pending data.
9. a kind of processing equipment of IPsec agreement, which is characterized in that including processor, the processor is for executing memory The step of processing method of IPsec agreement as claimed in claims 6 or 7 is realized when the computer program of middle storage.
10. a kind of computer readable storage medium, which is characterized in that be stored with IPsec on the computer readable storage medium It is realized as claimed in claims 6 or 7 when the processing routine of the processing routine of agreement, the IPsec agreement is executed by processor The step of processing method of IPsec agreement.
CN201910019944.6A 2019-01-08 2019-01-08 Processing method, device, equipment, system and the medium of IPsec agreement Pending CN109450960A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910019944.6A CN109450960A (en) 2019-01-08 2019-01-08 Processing method, device, equipment, system and the medium of IPsec agreement

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910019944.6A CN109450960A (en) 2019-01-08 2019-01-08 Processing method, device, equipment, system and the medium of IPsec agreement

Publications (1)

Publication Number Publication Date
CN109450960A true CN109450960A (en) 2019-03-08

Family

ID=65544060

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910019944.6A Pending CN109450960A (en) 2019-01-08 2019-01-08 Processing method, device, equipment, system and the medium of IPsec agreement

Country Status (1)

Country Link
CN (1) CN109450960A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110177083A (en) * 2019-04-26 2019-08-27 阿里巴巴集团控股有限公司 A kind of network interface card, data transmission/method of reseptance and equipment
CN110493209A (en) * 2019-08-09 2019-11-22 苏州浪潮智能科技有限公司 A kind of data processing method, device and FPGA and storage medium
US11082410B2 (en) 2019-04-26 2021-08-03 Advanced New Technologies Co., Ltd. Data transceiving operations and devices
CN118276787A (en) * 2024-06-03 2024-07-02 浪潮电子信息产业股份有限公司 Data compression storage method, device, system, medium and computer program product

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102970228A (en) * 2012-11-22 2013-03-13 杭州华三通信技术有限公司 Message transmission method and equipment based on IPsec (Internet Protocol Security)
CN103457952A (en) * 2013-09-05 2013-12-18 杭州华三通信技术有限公司 IPSec processing method and device based on encrypting engine
CN104184744A (en) * 2014-09-11 2014-12-03 东南大学 IPSec security alliance hardware lookup device and method based on IPv6
US20160359622A1 (en) * 2015-06-05 2016-12-08 Nutanix, Inc. Optimizable full-path encryption in a virtualization environment
WO2017046789A1 (en) * 2015-09-15 2017-03-23 Gatekeeper Ltd. System and method for securely connecting to a peripheral device
CN107172072A (en) * 2017-06-09 2017-09-15 中国电子科技集团公司第四十研究所 A kind of IPSec data flow high speeds processing system and method based on FPGA

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102970228A (en) * 2012-11-22 2013-03-13 杭州华三通信技术有限公司 Message transmission method and equipment based on IPsec (Internet Protocol Security)
CN103457952A (en) * 2013-09-05 2013-12-18 杭州华三通信技术有限公司 IPSec processing method and device based on encrypting engine
CN104184744A (en) * 2014-09-11 2014-12-03 东南大学 IPSec security alliance hardware lookup device and method based on IPv6
US20160359622A1 (en) * 2015-06-05 2016-12-08 Nutanix, Inc. Optimizable full-path encryption in a virtualization environment
WO2017046789A1 (en) * 2015-09-15 2017-03-23 Gatekeeper Ltd. System and method for securely connecting to a peripheral device
CN107172072A (en) * 2017-06-09 2017-09-15 中国电子科技集团公司第四十研究所 A kind of IPSec data flow high speeds processing system and method based on FPGA

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110177083A (en) * 2019-04-26 2019-08-27 阿里巴巴集团控股有限公司 A kind of network interface card, data transmission/method of reseptance and equipment
WO2020215837A1 (en) * 2019-04-26 2020-10-29 创新先进技术有限公司 Network card, data transmission/reception method, and device
US11082410B2 (en) 2019-04-26 2021-08-03 Advanced New Technologies Co., Ltd. Data transceiving operations and devices
TWI743651B (en) * 2019-04-26 2021-10-21 開曼群島商創新先進技術有限公司 Network card, data sending/receiving method and equipment
CN110493209A (en) * 2019-08-09 2019-11-22 苏州浪潮智能科技有限公司 A kind of data processing method, device and FPGA and storage medium
CN110493209B (en) * 2019-08-09 2021-12-03 苏州浪潮智能科技有限公司 Data processing method and device, FPGA (field programmable Gate array) and storage medium
CN118276787A (en) * 2024-06-03 2024-07-02 浪潮电子信息产业股份有限公司 Data compression storage method, device, system, medium and computer program product

Similar Documents

Publication Publication Date Title
CN109450960A (en) Processing method, device, equipment, system and the medium of IPsec agreement
US20090319547A1 (en) Compression Using Hashes
CN104144081A (en) General application log management method, device and system
CN108848082A (en) Data processing method, device, storage medium and computer equipment
CN102148833A (en) Method for transmitting data report, server, client and system
CN113452688B (en) Image encryption and decryption method and device based on SM4 and SM2 algorithms
CN103346800B (en) A kind of data compression method and device
CN112491989A (en) Data transmission method, device, equipment and storage medium
CN110377226A (en) Compression method, device and storage medium based on storage engines bluestore
CN115643310B (en) Method, device and system for compressing data
CN106161224B (en) Method for interchanging data, device and equipment
CN108881454B (en) File transmission method, mobile terminal and storage medium
CN116455559B (en) Implementation method, device and electronic equipment of high-speed cryptographic equipment with software and hardware cooperation
CN107070942A (en) A kind of data security method and related system
CN113176992A (en) A/B experiment shunting method, device, equipment and computer readable storage medium
WO2023159820A1 (en) Image compression method, image decompression method, and apparatuses
CN115276969A (en) Wireless channel key generation method and device, computer equipment and storage medium
CN115378664B (en) Data encryption transmission method, device, equipment and storage medium
CN110995391A (en) Data transmission method in isolated network, server and terminal
CN116880778A (en) User privacy protection method based on regenerative coding and distributed storage
CN113138969A (en) Data transmission method and device, electronic equipment and computer readable storage medium
KR20240149458A (en) Encoding/decoding system and method
CN105592030B (en) IP packet processing method and processing device
CN114465820A (en) Data encryption method, data encryption device, electronic device, program, and medium
CN114154392A (en) Model co-construction method, device and equipment based on block chain and federal learning

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20190308

RJ01 Rejection of invention patent application after publication