Gateway VXLAN selectable encrypted data transmission method

A technology of selective encryption and data transmission, applied in the direction of digital transmission system, transmission system, data exchange network, etc., can solve the hidden dangers of VXLAN transmission data security, and achieve the effect of increasing security

Active Publication Date: 2020-08-11
网经科技(苏州)有限公司
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] At present, VXLAN adopts the way of transmitting data in clear text, which creates certain security risks for using VXLAN to transmit data across regions. Therefore, as a gateway device provider, it has become a practical demand to provide a VXLAN mode that supports encrypted data transmission.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Gateway VXLAN selectable encrypted data transmission method
  • Gateway VXLAN selectable encrypted data transmission method
  • Gateway VXLAN selectable encrypted data transmission method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0051] In order to have a clearer understanding of the technical features, purposes and effects of the present invention, specific implementations are now described in detail.

[0052] VXLAN uses plain text to transmit data. There are certain security risks for using VXLAN to transmit data across regions. Therefore, it is necessary to provide a method that supports encrypted data transmission in VXLAN mode.

[0053] Such as figure 1 As shown, the gateway VXLAN can choose the encrypted data transmission method, and the VXLAN local end negotiation can choose encrypted data transmission. Before the local end that supports VXLAN encrypted data transmission sends data to the opposite end, it first tries to negotiate the encryption option, and starts data encryption after the negotiation is successful. transmission, including the following steps:

[0054] 1) The VXLAN local end sends an optional encryption request message to the peer end;

[0055] 2) The VXLAN local end waits for ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a gateway VXLAN selectable encrypted data transmission method. A VXLAN home terminal negotiates selectable encrypted data transmission, a home terminal supporting VXLAN encrypted data transmission tries to negotiate an encryption option before sending data to an opposite terminal, and starts data encryption transmission after negotiation succeeds, and the method comprisesthe following steps that the VXLAN home terminal sends a selectable encryption request message to the opposite terminal; the VXLAN home terminal waits for an optional encryption response message; theVXLAN home terminal sends an encrypted message of an agreed plaintext to the opposite terminal; the VXLAN home terminal waits for a key negotiation result message; and after negotiation, the VXLAN home terminal sends the data packet. The VXLAN supports encryptable negotiation and data transmission, and the gateway starts a VXLAN function to negotiate whether to select encryption or not with the opposite end VTEP; the gateway negotiates encryption detailed configuration with the opposite terminal and confirms the consistency of the secret key; the gateway and the opposite terminal start data encryption transmission; and a symmetric encryption mode is selected, so that the security is high.

Description

technical field [0001] The invention relates to a method for a gateway VXLAN to selectively encrypt data transmission. Background technique [0002] At present, VXLAN (Virtual eXtensible Local Area Network) is a tunneling technology that can establish a layer-2 Ethernet network tunnel on the basis of a layer-3 network, thereby realizing cross-regional layer-2 interconnection. [0003] VXLAN adopts the encapsulation format of encapsulating original Ethernet packets in UDP packets. Encapsulate the original Layer 2 data frame plus the VXLAN header into a UDP packet. The VXLAN header contains a VXLAN identifier (VNI, VXLAN Network Identifier), and only virtual machines on the same VXLAN can communicate with each other. [0004] At present, VXLAN adopts the way of transmitting data in plain text, which creates certain security risks for the use of VXLAN to transmit data across regions. Therefore, as a gateway equipment provider, it has become a practical demand to provide a VXL...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/46H04L29/06
CPCH04L12/4641H04L12/4675H04L63/0435
Inventor 吴东明金宁刘继明陈浮王力成
Owner 网经科技(苏州)有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap