No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


NE40E V800R010C10SPC500 Feature Description - Security 01

This is NE40E V800R010C10SPC500 Feature Description - Security
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
IPsec Packet Processing

IPsec Packet Processing

After an IPsec SA is established, IPsec can encrypt or decrypt IP packets. Concepts related to IPsec packet forwarding are as follows:
  • Security Policy Database (SPDB): It defines security services that can be used for IP packets and how to obtain these services. The SPDB determines the SA scope and relevant attributes and is the basis of SA establishment.

  • Security Association Database (SADB): It saves the storage structure of data in all states associated with the SAs. Because a network entity can create multiple pairs of SAs, a database is required to store and manage the SAs.

  • Security Parameter Index (SPI): It is a 32-bit number carried in an AH or ESP header. The receiver determines the SA in the SADB used to protect the received data flow based on the SPI.

Figure 13-30 shows the IPsec packet sending process.
Figure 13-30 IPsec packet sending process
Figure 13-31 shows the IPsec packet receiving process.
Figure 13-31 IPsec packet receiving process
Updated: 2019-01-03

Document ID: EDOC1100055047

Views: 12736

Downloads: 31

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Previous Next