本文關(guān)鍵詞：基于網(wǎng)閘的雙機(jī)熱備系統(tǒng)的設(shè)計(jì)與實(shí)現(xiàn)　出處：《北京理工大學(xué)》2015年碩士論文　論文類型：學(xué)位論文

  更多相關(guān)文章： 網(wǎng)閘 高可用 雙機(jī)熱備 心跳

【摘要】：隨著互聯(lián)網(wǎng)的不斷普及和廣泛使用,越來越多的行業(yè)開始向信息化方向發(fā)展,企業(yè)的開放性日益增強(qiáng),然而當(dāng)一切數(shù)據(jù)都成為信息在網(wǎng)絡(luò)上存儲(chǔ)、傳播和處理時(shí),計(jì)算機(jī)網(wǎng)絡(luò)面臨著越來越復(fù)雜的安全威脅。尤其是對(duì)一些對(duì)安全要求企業(yè),其核心數(shù)據(jù)不能被泄露,所以要保證其核心網(wǎng)絡(luò)的相對(duì)隔離。網(wǎng)閘作為一種物理隔離交換設(shè)備,兼顧有物理隔離和數(shù)據(jù)交換的功能,非常適用于上面所述場(chǎng)景。然而,鑒于網(wǎng)閘的特點(diǎn),它往往是不同安全等級(jí)網(wǎng)絡(luò)之間連接的唯一橋梁,擔(dān)負(fù)著整個(gè)網(wǎng)絡(luò)所有數(shù)據(jù)流量的處理,極易成為瓶頸。一旦網(wǎng)閘形成了單點(diǎn)故障(Single Points of Failures,簡(jiǎn)稱SPOFs),將對(duì)系統(tǒng)的可用性影響很大,甚至影響整個(gè)系統(tǒng),而從單點(diǎn)故障中恢復(fù)系統(tǒng)往往需要很長(zhǎng)的時(shí)間,這不僅對(duì)很多業(yè)務(wù)來說是不可忍受的,而且會(huì)使企業(yè)蒙受損失。此外,由于網(wǎng)閘“單設(shè)備雙系統(tǒng)”的特性,目前的高可用性方案無法滿足這一需求,因此,研究網(wǎng)閘的高可用性方案并具體實(shí)現(xiàn),具有重要的理論和實(shí)用價(jià)值。本課題首先對(duì)一個(gè)現(xiàn)有的網(wǎng)閘高可用協(xié)議進(jìn)行了改進(jìn),并給出了一個(gè)基于網(wǎng)閘的雙機(jī)熱備方案。其次,在研究現(xiàn)有心跳機(jī)制的基礎(chǔ)上,結(jié)合網(wǎng)閘的特點(diǎn)設(shè)計(jì)了一個(gè)適用于本方案的心跳檢測(cè)模型,該心跳檢測(cè)模型能夠很好的平衡心跳頻率、故障檢測(cè)延遲和誤檢率之間的矛盾,并廣泛適用于基于網(wǎng)閘的雙機(jī)熱備系統(tǒng)。最后,本課題以一個(gè)基于網(wǎng)閘的視頻會(huì)議系統(tǒng)為依托,設(shè)計(jì)并實(shí)現(xiàn)了滿足該系統(tǒng)需求的雙機(jī)熱備系統(tǒng),并進(jìn)行了系統(tǒng)功能、性能上的測(cè)試。經(jīng)測(cè)試,該雙機(jī)熱備系統(tǒng)能夠滿足母系統(tǒng)的各項(xiàng)需求,為視頻會(huì)議系統(tǒng)提供高可用性服務(wù),從而提升了基于網(wǎng)閘的視頻會(huì)議系統(tǒng)在同類產(chǎn)品中的競(jìng)爭(zhēng)力,并且該系統(tǒng)已經(jīng)投入使用。
[Abstract]:With the continuous popularization and extensive use of the Internet, more and more industries begin to develop towards the direction of information, and the openness of enterprises is increasing. However, when all data becomes information stored on the network. Computer network is facing more and more complex security threats when it is transmitted and processed. Especially for some enterprises whose core data can not be leaked. Therefore, to ensure the relative isolation of its core network. As a physical isolation switching equipment, the network gate has the functions of physical isolation and data exchange, which is very suitable for the above scenario. However, in view of the characteristics of the network gate. It is often the only bridge between networks of different security levels, and it is responsible for the processing of all the data traffic in the whole network. It is easy to become a bottleneck. Once the single Points of failure is formed in the grid gate, it will have a great impact on the availability of the system. It even affects the entire system, and recovering the system from a single point of failure often takes a long time, which is not only intolerable for many businesses, but also makes the enterprise suffer losses. Because of the characteristic of "single equipment and double system", the current high availability scheme can not meet this demand. Therefore, the high availability scheme of the gate is studied and realized. It has important theoretical and practical value. Firstly, this paper improves an existing high availability protocol of grid gate, and gives a dual-machine hot standby scheme based on grid gate. Secondly. On the basis of studying the existing heartbeat mechanism and combining the characteristics of the gridlock, a heartbeat detection model suitable for this scheme is designed. The heartbeat detection model can balance the heartbeat frequency very well. The contradiction between fault detection delay and false detection rate is widely used in dual-machine hot-standby system based on net-gate. Finally, this topic is based on a video-conferencing system based on net-gate. The design and implementation of a dual-machine hot standby system to meet the requirements of the system, and the system functions, performance tests. After testing, the dual-machine hot standby system can meet the requirements of the parent system. It provides high availability services for video conferencing system, which enhances the competitiveness of video conferencing system based on network gate in similar products, and the system has been put into use.
【學(xué)位授予單位】：北京理工大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2015
【分類號(hào)】：TP393.08

【參考文獻(xiàn)】

相關(guān)期刊論文 前6條

1 谷和啟;網(wǎng)閘在網(wǎng)絡(luò)安全中的應(yīng)用[J];當(dāng)代通信;2004年22期

2 孫鵬程;周利華;;Linux環(huán)境下syslog日志管理系統(tǒng)研究[J];電子科技;2007年07期

3 蔡智勇;黃輝;;一種基于VRRP的網(wǎng)閘高可用性協(xié)議模型[J];計(jì)算機(jī)工程;2013年09期

4 唐六華;馬永強(qiáng);李春福;;基于TCP協(xié)議的雙機(jī)熱備份系統(tǒng)[J];信息安全與通信保密;2006年08期

5 王飛;曹桂均;;雙機(jī)熱備系統(tǒng)心跳失效的防護(hù)方案[J];鐵路計(jì)算機(jī)應(yīng)用;2013年03期

6 彭杰;應(yīng)啟戛;;工業(yè)以太網(wǎng)實(shí)時(shí)性能評(píng)價(jià)的分析[J];微計(jì)算機(jī)信息;2007年01期

相關(guān)博士學(xué)位論文 前1條

1 董劍;分布式系統(tǒng)故障檢測(cè)的關(guān)鍵技術(shù)研究[D];哈爾濱工業(yè)大學(xué);2007年

相關(guān)碩士學(xué)位論文 前1條

1 柳陽;基于HA集群的Linux多機(jī)互備份系統(tǒng)的研究與應(yīng)用[D];華南理工大學(xué);2011年

，

本文編號(hào)：1357247