Congestion avoidance and control
SIGCOMM '88 Symposium proceedings on Communications architectures and protocols
On estimating end-to-end network path properties
SIGCOMM LA '01 Workshop on Data communication in Latin America and the Caribbean
Chord: A scalable peer-to-peer lookup service for internet applications
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
SOSP '01 Proceedings of the eighteenth ACM symposium on Operating systems principles
Fault-tolerant routing in peer-to-peer systems
Proceedings of the twenty-first annual symposium on Principles of distributed computing
Pastry: Scalable, Decentralized Object Location, and Routing for Large-Scale Peer-to-Peer Systems
Middleware '01 Proceedings of the IFIP/ACM International Conference on Distributed Systems Platforms Heidelberg
Experimental Study of Internet Stability and Backbone Failures
FTCS '99 Proceedings of the Twenty-Ninth Annual International Symposium on Fault-Tolerant Computing
Fault-Tolerant Virtual Private Networks within An Autonomous System
SRDS '02 Proceedings of the 21st IEEE Symposium on Reliable Distributed Systems
Automatic VPN Client Recovery from IPsec Pass-through Failures
LCN '05 Proceedings of the The IEEE Conference on Local Computer Networks 30th Anniversary
Why do internet services fail, and what can be done about it?
USITS'03 Proceedings of the 4th conference on USENIX Symposium on Internet Technologies and Systems - Volume 4
BitVisor: a thin hypervisor for enforcing i/o device security
Proceedings of the 2009 ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
The case for enterprise-ready virtual private clouds
HotCloud'09 Proceedings of the 2009 conference on Hot topics in cloud computing
Hi-index | 0.00 |
Cloud computing is widely used to provide today's Internet services. Since its service scope is being extended to a wide range of business applications, the security of network communications between clients and clouds are becoming important. Several cloud vendors support virtual private networks (VPNs) for connecting their clouds. Unfortunately, cloud services become unavailable when a VPN failure occurred in a VPN gateway or networks. We propose a transparent VPN failure recovery scheme that can hide VPN failures from users and operating systems (OSs). This scheme transparently recovers from VPN failures by establishing VPN connections in a virtualization layer. When a VPN failure occurs, a client virtual machine monitor (VMM) automatically reconnects to an available VPN gateway which is geographically distributed and connected via leased lines in clouds. IP address changes are hidden from client OSs and servers via a packet relay system implemented by a relay client in the client VMM and a relay server. We implemented a prototype system based on BitVisor, a small client VMM supporting IPsec VPN, and evaluated the prototype system in a wide-area distributed Internet environment in Japan. Experimental results show that our scheme can maintain TCP connections on VPN failures, and performance overhead with the virtualization layer is around 0.6 ms to latency and 8%-30% to throughput.