RPKI(Resource Public Key Infrastructure,互联网码号资源公钥证书体系)中的签名对象由 RP(Relying Party,依赖方)端同步下载后处理成 IP 地址块与 AS (Autonomous System,自治域)号的真实授权关系,用于指导 BGP 路由.当前的 RP 使用软件 rsync (Remote Sync)来同步,而 rsync 的同步算法并未考虑 RPKI 中文件(目录)的特点,导致同步效率并不理想.通过分析并结合 RPKI 中文件(目录)的特点,设计并实现了一种基于有序哈希树的 RPKI 资料库同步工具 htsync.实验结果表明,与 rsync 相比较, htsync 在同步时的数据传输量较少,同步时间较短.在设计的3种实验场景下,同步时间平均加速比分别为38.70%、30.13%和3.63%,有效地减少了同步时的时间和资源的消耗.%RP(Relying Party) downloads signed objects in RPKI(Resource Public Key Infrastructure) and processes those objects into authorised relations between IP addresses and AS(Autonomous System), which is used to guide the BGP routing. The current RP uses rsync to realize the synchronization, but rsync(Remote Sync) synchronization algorithm does not take the characteristics of the files (directorise) in the RPKI into account. So the synchronization is not efficient. Through the analysis and combining with the characteristics of the files (directories) in the RPKI, this paper designs and realizes a RPKI repository synchronization tool named htsync which is based on ordered hash tree. The experimental results show that, compared with rsync, htsync transmits less data and costs less time during synchronization. In three designed experimental scenario, average speedup ratios of synchronization time are 38.70%, 30.13% and 3.63%, effectively reduce the consumption of time and resources.
展开▼
