Abstract
Under the development trend of high throughput, large capacity and strong time effective data security transmission of the second generation data relay system in China, the high-performance processing requirements for the firewall of the backbone network security protection equipment are constantly improving. Focusing on the characteristics of the second generation data relay system, the key technologies of the transmission processing of the 10 Gigabit firewall based on the x86 architecture for different data flows are researched, the optimization design of the CPU allocation and scheduling mode, the function judgment mechanism of the network card characteristics and the kernel state write operation function of the 10 Gigabit firewall are completed. The test results show that the optimized 10 Gigabit firewall gives full play to its maximum transmission performance, and provides a better security transmission service guarantee for the integrated data relay users.
Highlights
The second generation data relay satellite ground application system firewall is the core equipment to realize the security protection of the computer network architecture
The 10 Gigabit firewall deployed in the backbone transmission network of data relay satellite system is based on the mainstream x86 hardware architecture, which has the advantages of mature technology, good functionality and scalability
When the network interface card of 10 Gigabit firewall receives the first packet of a data stream, it will first check a series of security rules such as "two-layer filtering" and "five tuple filtering", and use HASH algorithm to calculate the queue index[7]
Summary
The second generation data relay satellite ground application system firewall is the core equipment to realize the security protection of the computer network architecture. The transmission network of data relay satellite system is oriented to the space laboratory, space station, spacecraft and other manned spacecraft, as well as the integrated users of satellites, launch vehicles, etc[2] It carries a variety of application data streams, such as measurement and control messages, video voice, image data, experimental data, file data, website data, etc[3]. In order to match the real-time and high-speed processing requirements of the transmission network of data relay satellite system for key services such as video and voice, the firewall needs to have the function of keeping the order of the processed data flow, that is, to keep the same data flow through the firewall without changing the transmission order of all data packets. The overload of some CPUs directly affects the UDP multicast in the firewall processing performance
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
