Embodiment
Testing apparatus is according to the setting quantity of each classification simulant-client in the embodiment of the invention, simulate the client of the described setting quantity of each classification respective amount, the described client that simulates is dialled in VPNServer, thereby can be when the multiclass client be served simultaneously, carry out the VPNServer volume test, referring to Fig. 2, as follows by testing apparatus test VPNServer capacity detailed process:
Step 201: testing apparatus is simulated the client of each category setting quantity, and the negotiation that makes the client that simulates and VPNServer set up corresponding classification vpn tunneling.
Here, client-class comprises: PPTP, among the L2TP one or both have, therefore, testing apparatus is provided with the different PPTP client parameter of corresponding tricks at first according to the setting quantity of described PPTP client, then according to every cover PPTP client parameter, form the PPTP client of setting quantity, and carry out the negotiation of setting up pptp tunneling between each PPTP client and the VPNServer.And/or,
Testing apparatus is at first according to the setting quantity of described L2TP client, the different L2TP client parameter of corresponding tricks is set, then according to every cover L2TP client parameter, form the L2TP client of setting quantity, and carry out the negotiation of setting up L2TP Tunnel between each L2TP client and the described vpn server.
When test process begins, the capacity of VPNServer there is the scope of an expectation, therefore initial, it can be the maximum client terminal quantity of VPNServer expectation that quantity is set.
Each client that step 202:VPNServer and step 201 simulate, the negotiation of setting up corresponding classification tunnel obtains negotiation result.
Negotiations process, testing apparatus can for each tunnel produces independently negotiation packet, and progressively be consulted according to consensus standard with VPNServer according to every cover client parameter, finishes until negotiation, obtains final negotiation result.
Step 203: testing apparatus is according to the negotiation result in the step 202, and the measuring accuracy of setting, and obtains to insert the result.Here, the negotiation packet that testing apparatus returns according to VPNServer to be consulted the quantity of each classification vpn tunneling of passing through, thereby obtains the quantity of each classification simulant-client.
When the quantity correspondent equal of the setting quantity of each the classification simulant-client in the step 201 and the simulant-client through consultation of corresponding classification, also need to obtain the test specification set according to measuring accuracy, obtain inserting the result.Before quantity that this negotiation is passed through and this were consulted, the relative difference that obtains to consult the quantity passed through was during smaller or equal to measuring accuracy, and then the quantity passed through of this negotiation is in the test specification of setting.
Wherein, when setting quantity is the maximum of expectation, the quantity that negotiation is passed through is the maximum of expectation, and before this negotiation, the quantity that obtains to consult to pass through also is the maximum of expectation, therefore, quantity that negotiation is passed through and peaked difference are zero, less than measuring accuracy, i.e. the quantity that this negotiation is passed through then inserts the result for to insert successfully in the scope of setting.When setting quantity is adjusted quantity, then obtain the relative difference that obtains before consulting the quantity pass through and adjusting between the setting quantity that negotiation passes through, when this relative difference during smaller or equal to measuring accuracy, the quantity that i.e. this negotiation is passed through is in the scope of setting, then insert the result for to insert successfully, otherwise it is unsuccessful for inserting to insert the result.
Corresponding when unequal when the setting quantity of each the classification simulant-client in the step 201 and the quantity of the simulant-client through consultation of corresponding classification, it is unsuccessful for inserting to insert the result.
Step 204: when the access result is unsuccessful for inserting, change step 205 over to, otherwise, change step 206 over to.
Step 205: testing apparatus is adjusted the setting quantity of each classification simulant-client, returns step 201.Here, when the setting quantity of PPTP client is M, when the setting quantity of L2TP client was N, M wherein, N can be respectively the maximum quantity of two class clients expectation, testing apparatus can be according to the measuring accuracy O that sets, only M is adjusted, N remains unchanged, after promptly adjusting, the current capability value of PPTP client is M-O, and the current capability value of L2TP client still is N; Also can only N be adjusted according to the measuring accuracy O that sets, M remains unchanged, and after promptly adjusting, the current capability value of PPTP client is M, and the current capability value of L2TP client still is N-O.Here, can also adopt dichotomy that the setting quantity of each classification simulant-client is adjusted, promptly, then will set the median that quantity is adjusted into expected range, return step 201 then when the maximum of expectation through consultation the time.
Step 206: testing apparatus carries out record with the setting quantity of each classification simulant-client as the capacity of this classification client of described VPNServer.
Above-mentioned testing apparatus specifically can comprise: module 100, lexical analysis module 200 are dialled in the VPNClient simulation.Referring to Fig. 3, wherein,
Module 100 is dialled in the VPNClient simulation, the setting quantity of each the classification simulant-client that is used for issuing according to lexical analysis module 200, simulate the client of the described setting quantity of each classification respective amount, and the described client that will simulate and the VPNServer negotiation of setting up corresponding classification vpn tunneling.This module both can realize the independent simulation of PPTP client or L2TP client, simulation when also can realize PPTP and L2TP client.
Lexical analysis module 200, be used to obtain the quantity that VPNServer consults each classification vpn tunneling of passing through, when the quantity of each classification that obtains equal with the setting quantity of corresponding classification, and the quantity of each classification of described acquisition is in setting range the time, with the setting quantity of described each classification simulant-client capacity as this classification client of VPNServer, otherwise, setting quantity to described each classification simulant-client is adjusted, and dials in the setting quantity that module 100 issues each classification simulant-client to the VPNClient simulation.
Utilize above-mentioned concrete device test the VPNServer capacity method flow chart as shown in Figure 4, concrete implementation is as follows:
Step 401: after the setting quantity of each classification simulant-client of lexical analysis module acquisition VPNServe, with the current capability value of described setting quantity as this classification simulant-client.
Here, the lexical analysis module obtains the classification of simulant-client can have only the PPTP client, also can have only the L2TP client, all right existing PPTP client, the L2TP client is arranged again, therefore, obtain the setting quantity M of the setting quantity N of PPTP client and/or L2TP client when the lexical analysis module after, then will set the current capacity of quantity N, and/or will set the current capability value of quantity M as the L2TP client as the PPTP client.
Step 402: the lexical analysis module is handed down to described VPNClient simulation with the current capability value of each classification simulant-client dials in module.
The current capability value of module according to each classification simulant-client dialled in step 403:VPNClient simulation, simulates the client of each classification respective amount, and the client that all simulate is dialled in VPNServer.
Here, when VPNClient simulation is dialled in current capability value that module acquires the PPTP client and is M, the PPTP client parameter of M tricks is set, thereby forms M PPTP client, and carry out the negotiation of setting up pptp tunneling between each PPTP client and the described vpn server.And/or,
When VPNClient simulation is dialled in current capability value that module acquires the L2TP client and is N, the L2TP client parameter of N tricks is set, thereby form N L2TP client, and carry out the negotiation of setting up pptp tunneling between each L2TP client and the described vpn server.
In the above-described embodiments, every cover client parameter comprises the source address of client tunnel, the title in tunnel, the user name of authentication, password and vpn server address, wherein, every cover client parameter all is unique, but the VPNServer address unanimity in every cover client parameter.
The negotiation that step 404:VPNServer and all clients of dialling in are set up the tunnel obtains negotiation result.
Step 405: the lexical analysis module is according to the negotiation result in the step 404, and the certainty of measurement of setting obtains inserting the result.
Here, in this is consulted, all clients all through consultation, and before the current capability value of each classification and this are consulted, the relative difference of capability value that to consult the corresponding classification passed through is during less than the measuring accuracy set, be the current capability value of each classification in setting range the time, inserting the result is successfully; As long as when in this is consulted, having a client not have through consultation, perhaps before the current capability value of each classification and this negotiation, relative difference that to consult the capability value of the corresponding classification passed through does not satisfy the measuring accuracy of setting, and inserts the result for unsuccessful.Especially, when this negotiation is first to consult, before then this is consulted, such other the current capability value of the capability value that obtains to consult each classification of passing through for issuing for the first time.
Step 406: when the access result of feedback when unsuccessful, execution in step 407; When the access result of feedback is successfully the time, the lexical analysis module is with the current capability value of each the classification simulant-client capacity as this classification client of VPNServer, the line item of going forward side by side.
Step 407: the lexical analysis module is adjusted the current capability value of each classification simulant-client, and with the current capability value of adjusted capability value as each classification simulant-client of correspondence, returns step 402.Here, when the current capability value of the PPTP client that obtains is M, when the current capability value of L2TP client is N, the lexical analysis module can be according to the measuring accuracy O that sets, only M is adjusted, N remains unchanged, after promptly adjusting, the current capability value of PPTP client is M-O, and the current capability value of L2TP client still is N; Also can only N be adjusted according to the measuring accuracy O that sets, M remains unchanged, and after promptly adjusting, the current capability value of PPTP client is M, and the current capability value of L2TP client still is N-O.Also can adjust the setting quantity of each classification simulant-client according to dichotomy.
In concrete the application, testing apparatus can be one and dial in the device that module and lexical analysis module two big modules are formed by VPNClient simulation, also can dial in two devices that module and lexical analysis module correspondence go out and form by VPNClient simulation, below with the VPNClient simulation dial in module and lexical analysis module respectively correspondence go out two to install the composition testing apparatuss be that example describes in further detail.
Utilize system as shown in Figure 5, the capacity of test VPNServer, this system comprises VPNServer501, VPNClient analogue means 502 and lexical analysis device 503.Wherein,
VPNServer501 is an equipment under test.
VPNClient analogue means 502 is concrete devices that module is dialled in the VPNClient simulation, can be that prototype designs with a high performance router, type and each classification corresponding simulating client terminal quantity of being used for the simulant-client that issues according to lexical analysis device 503, the client that simulates corresponding types and quantity is dialled in VPNServer501, and the access result that VPNServer501 returns is fed back to lexical analysis device 503.
Lexical analysis device 503 is the concrete device of lexical analysis module, be used for the authentication result to simulant-client according to VPNServer, and measuring accuracy obtains to insert the result, and according to described access outcome record or adjust each classification corresponding simulating client terminal quantity, and adjusted each classification corresponding simulating client terminal quantity is handed down to analogue means 502.Lexical analysis device 503 is by being specifically designed to the port that the network equipment is configured and manages, for example the CONSOLE port links to each other with VPNServer501 with VPNClient analogue means 502, move hyperterminal software on the lexical analysis device 503, dispatcher software is realized control to VPNServer501 and VPNClient analogue means 502 by the script of operation appointment.
Embodiment 1, utilizes system as shown in Figure 6, the PPTP client capacity of test VPNServer.
Here, device being tested VPNServer501 allows the PPTP agreement to dial in.After the system of the PPTP client capacity that has made up test VPNServer, the user also is required to be simulation PPTP client and has distributed specific address; Be VPNClient analogue means 502 configuration interface IP addresses, and the necessary route that arrives VPNServer, the initial range and the accuracy value of the capacity of PPTP client also need be set in lexical analysis device 503 at last, in the present embodiment, the initial value of the PPTP client that is provided with is 100-200, and accuracy value is 10.Concrete implementation is referring to Fig. 6:
Step 601: lexical analysis device 503 sends to VPNClient analogue means 502 with the maximum of the capacity of the PPTP client of setting, and promptly lexical analysis device 503 is handed down to VPNClient analogue means 502 with 200.
Step 602:VPNClient analogue means 502 simulates the PPTP client of the quantity correspondence that lexical analysis device 503 issues and dials in VPNServer501.
Here, simulating the quantity that lexical analysis device 503 issues is 200, in order to guarantee the PPTP client of simulation on the VPNClient analogue means 502, be from different clients for VPNServer, just be necessary for each client the unique client parameter of a corresponding cover is set.And on VPNServer, mainly distinguish different clients by following Several Parameters: client address (Remote Address), client name (Remote Name) and user's name (Username).Because, the user has distributed specific address for simulation PPTP client, and be VPNClient analogue means 502 configuration interface IP addresses, therefore, used different source address (Source Address) for the PPTP client of each simulation on the VPNClient analogue means 502, different client name (Local name) and different user's names (Username), be that VPNClient analogue means 502 can be provided with 200 cover different clients parameters, thereby simulated 200 PPTP clients.
After 200 cover different clients parameters are set, just simulated 200 PPTP clients, VPNClient analogue means 502 can carry out the negotiation of setting up pptp tunneling between each PPTP client and the VPNServer501.In negotiations process, according to every cover PPTP client parameter, for each tunnel generates independently negotiation packet, and negotiation packet carried out the PPTP protocol encapsulation, form the PPTP negotiation packet of each tunnel correspondence, arrive the necessary route of VPNServer501 by the VPNClient analogue means set up 502, VPNClient analogue means 502 carries out the mutual of PPTP negotiation packet with VPNServer501.
The PPTP client that step 603:VPNServer501 and step 602 simulate is set up the negotiation of pptp tunneling, obtains negotiation result.
Step 604:VPNClient analogue means 502 is according to negotiation result, and the measuring accuracy of setting obtains to insert the result.
If consult for the first time, when the PPTP of 200 simulations client has all been passed through negotiation, 200 and the maximum 200 of scope between difference be 0,0<10, then 200 in the scope of setting, insert the result for to insert successfully, the PPTP client of the simulation when 200 has not all been passed through negotiation, and it is unsuccessful for inserting to insert the result.If second and third,,, inferior negotiation, when the PPTP client of the simulation of adjusted quantity has all been passed through negotiation, and the relative mistake that obtains the quantity that negotiation passes through before the quantity of consulting to pass through is consulted with this is smaller or equal to 10, the quantity of then consulting to pass through is in the scope of setting, insert the result for to insert successfully, otherwise it is unsuccessful for inserting to insert the result.
Step 605: when inserting the result is when inserting successfully, execution in step 606; When the access result is unsuccessful for inserting, thus execution in step 607.
Step 606: lexical analysis module 503 obtains the capacity of the PPTP client of this VPNServer501 according to the quantity of the PPTP client that inserts successful corresponding simulating.
Lexical analysis module 503 will insert the quantity of the PPTP client of successful corresponding simulating and note, i.e. lexical analysis module 503 obtains the capacity of the PPTP client of this VPNServer501.
Step 607: lexical analysis module 503 is adjusted the maximum of the capacity of PPTP client according to the accuracy value of setting.Here accuracy value is 10, can adjust maximum 200 according to dichotomy, is adjusted into 150 with 200.
Step 608: lexical analysis module 503 is handed down to VPNClient analogue means 502 with the maximum of the capacity of adjusted PPTP client, continues execution in step 502.Here, lexical analysis module 503 is handed down to VPNClient analogue means 502 with 150.
In the embodiment of the invention, when 150 obtain to consult to pass through, then continue to adjust, be adjusted into 125 150 according to dichotomy.If 125 consult to pass through, because before adjusting, the setting quantity that does not obtain to consult to pass through is 150, then differ 25,25 accuracy value 10 greater than test between 150 and 125, then 125 in the scope of setting, insert the result for unsuccessful, need proceed to adjust, be adjusted into 138 125.If 138 also obtain to consult to pass through, and before adjusting, the setting quantity that does not obtain to consult to pass through is 150, then differ 12,12 accuracy value 10 greater than test between 138 and 150, then 138 also in the scope of setting, insert the result for unsuccessful, continue to adjust, be adjusted into 144 138.If 144 consult to pass through, before adjusting, it is 6 that the setting quantity 150 that obtains to consult to pass through differs, and therefore, here, the capacity of the PPTP client of acquisition is 144.
By said method, lexical analysis module 503 can obtain the capacity of the PPTP client of this VPNServer501.
Embodiment 2, the same system that utilizes as shown in Figure 5, the L2TP client capacity of test VPNServer.Here, device being tested VPNServer501 allows the L2TP agreement to dial in.
After the system of the L2TP client capacity that has made up test VPNServer, the user also is required to be simulation L2TP client and has distributed specific address; Be VPNClient analogue means 502 configuration interface IP addresses, and the necessary route that arrives VPNServer, the initial range and the accuracy value of the capacity of L2TP client also need be set in lexical analysis device 503 at last, in the present embodiment, the initial value of the L2TP client that is provided with is 100-200, and accuracy value is 10.Concrete implementation is referring to Fig. 7:
Step 701: lexical analysis device 503 is handed down to VPNClient analogue means 502 with the maximum of the capacity of the L2TP client of setting, and promptly lexical analysis device 503 is handed down to VPNClient analogue means 502 with 200.
Step 702:VPNClient analogue means 502 simulates the L2TP client of the quantity correspondence that lexical analysis device 503 issues and dials in VPNServer501.
Here, simulating the quantity that lexical analysis device 503 issues is 200, and VPNClient analogue means 502 is provided with 200 cover different clients parameters, thereby has simulated 200 L2TP clients.L2TP client parameter comprises Source Address, Local name, Username.After 200 cover different clients parameters are set, just simulated 200 L2TP clients, VPNClient analogue means 502 can carry out the negotiation of setting up L2TP Tunnel between each L2TP client and the VPNServer501.In negotiations process, according to every cover client parameter, for each tunnel generates independently negotiation packet, and negotiation packet carried out the L2TP protocol encapsulation, form the L2TP negotiation packet of each tunnel correspondence, arrive the necessary route of VPNServer501 by the VPNClient analogue means set up 502, VPNClient analogue means 502 carries out the mutual of L2TP negotiation packet with VPNServer501.
Step 703:VPNServer501 carries out the negotiation of pptp tunneling to the L2TP client that step 702 simulates, and obtains negotiation result.
Step 704:VPNClient analogue means 502 obtains to insert the result according to negotiation result.When the L2TP client of this all simulation of holding consultation has all been passed through negotiation, and before the quantity and this negotiation consulting to pass through, when the difference of consulting the quantity passed through satisfies measuring accuracy, the quantity that negotiation is passed through is in the scope of setting, inserting the result for to insert successfully, all is access failure otherwise insert the result.
Step 705: when inserting the result is when inserting successfully, execution in step 706; When the access result is unsuccessful for inserting, thus execution in step 707.
Step 706: lexical analysis module 503 obtains the capacity of the L2TP client of this VPNServer501 according to the quantity of the L2TP client that inserts successful corresponding simulating.
Here, 200 messages are authentication success all, and then lexical analysis module 503 is noted 200, i.e. the capacity that lexical analysis module 503 obtains the L2TP client of these VPNServer501 is 200.
Step 707: lexical analysis module 503 is adjusted the maximum of the capacity of L2TP client according to the accuracy value of setting.Here accuracy value is 10, here, can directly adjust maximum 200 according to measuring accuracy, is adjusted into 190 with 200.
Step 708: lexical analysis module 503 is handed down to VPNClient analogue means 502 with the maximum of the capacity of adjusted L2TP client, continues execution in step 702.Here, lexical analysis module 503 is handed down to VPNClient analogue means 502 with 170.
In the embodiment of the invention, lexical analysis module 503 can only be adjusted the capability value of the L2TP client that issues according to the accuracy value of setting 10, for example, if 200 are not through consultation, then be adjusted into 190, also do not have not through consultation, then be adjusted into 180 190 as if 190 with 200, so analogize, when adjusting to 140, consult to have passed through, before then this is adjusted, not having quantity through consultation is 150, then both to differ be 10, smaller or equal to accuracy value 10, therefore, here, the capacity of the L2TP client of acquisition is 140.
By said method, lexical analysis module 503 can obtain the capacity of the L2TP client of this VPNServer501.
Embodiment 3, utilize system as shown in Figure 5, the PPTP client of test VPNServer and the mixing capacity of L2TP client.Here, device being tested VPNServer501 allows PPTP agreement and L2TP agreement to dial in.
After the system of PPTP client that has made up test VPNServer and L2TP client mixing capacity, the user also is required to be simulation PPTP client and the L2TP client has been distributed specific address; Be VPNClient analogue means 502 configuration interface IP addresses, and the necessary route that arrives VPNServer, the initial range and the accuracy value of the capacity of PPTP client and L2TP client also need be set in lexical analysis device 503 at last, in the present embodiment, the initial value of the PPTP client that is provided with is 100-200, and the initial value of L2TP client is 10 for the 100-200 accuracy value also.Concrete implementation is referring to Fig. 8:
Step 801: lexical analysis device 503 sends to VPNClient analogue means 502 with the maximum of the capacity of the PPTP client that is provided with and L2TP client, be the maximum 200 of lexical analysis device 503, and the maximum 200 of the capacity of L2TP client is handed down to VPNClient analogue means 502 with the capacity of PPTP client.
Step 802:VPNClient analogue means 502, the PPTP client and the L2TP client that simulate the quantity correspondence that lexical analysis device 503 issues are dialled in VPNServer501, promptly simulate 200 PPTP clients, and 200 L2TP clients are dialled in VPNServer501.
Here, be the specific address that simulation PPTP client and L2TP client are distributed according to the user equally, interface IP address for 502 configurations of VPNClient analogue means, the different PPTP client parameters of VPNClient analogue means 502 configurations, 200 covers, thereby 100 PPTP clients have been simulated, and dispose 200 cover Different L 2TP client parameters, thereby 100 L2TP clients have been simulated.
VPNClient analogue means 502 can carry out the negotiation of setting up pptp tunneling between each PPTP client and the VPNServer501, and the negotiation of setting up L2TP Tunnel between each L2TP client and the VPNServer501.In negotiations process, according to every cover PPTP client parameter, for each pptp tunneling generates independently negotiation packet, and negotiation packet carried out the PPTP protocol encapsulation, form the PPTP negotiation packet of each pptp tunneling correspondence, according to every cover L2TP client parameter, for each L2TP Tunnel generates independently negotiation packet, and negotiation packet carried out the L2TP protocol encapsulation, form the L2TP negotiation packet of each L2TP Tunnel correspondence.Arrive the necessary route of VPNServer501 by the VPNClient analogue means set up 502, VPNClient analogue means 502 and VPNServer501 the mutual of message of holding consultation.
Step 803:VPNServer501 holds consultation to the tunnel request of initiating in the step 802 of setting up, and obtains negotiation result.
Step 804: the PPTP client and the L2TP client of all simulations have all been passed through negotiation in this is consulted, and before the PPTP client terminal quantity and this negotiation consulting to pass through, relative difference that to consult the PPTP client terminal quantity that passes through is smaller or equal to measuring accuracy, and before the L2TP client terminal quantity and this negotiation consulting to pass through, relative difference that to consult the L2TP client terminal quantity that passes through then inserts the result for to insert successfully smaller or equal to measuring accuracy; Otherwise the access result is an access failure.
Step 805:VPNClient analogue means 502 obtains to insert the result according to authentication result.When inserting the result is when inserting successfully, execution in step 806; When the access result is unsuccessful for inserting, thus execution in step 807.
Step 806: lexical analysis module 503 obtains the PPTP client of this VPNServer501 and the mixing capacity of L2TP client according to the quantity of the L2TP client of the quantity of the PPTP client that inserts successful corresponding simulating and simulation.
Step 807: lexical analysis module 503 is adjusted the maximum of the capacity of the capacity of PPTP client and/or L2TP client according to the accuracy value of setting.Here accuracy value is 10, can keep the maximum 200 of capacity of PPTP client constant, only adjusts the maximum of the capacity of L2TP client, promptly can be adjusted into 150 with 200; Also can keep the maximum 200 of capacity of L2TP client constant, only adjust the maximum of the capacity of PPTP client, promptly can be adjusted into 150 200.
Step 808: lexical analysis module 503 is handed down to VPNClient analogue means 502 with the maximum of the capacity of adjusted PPTP client and L2TP client, continues execution in step 702.Here, lexical analysis module 503 can be with the maximum 200 of the capacity of PPTP client, and the maximum 150 of the capacity of L2TP client is handed down to VPNClient analogue means 502; Also can be with the maximum 150 of the capacity of PPTP client, the maximum 200 of the capacity of L2TP client is handed down to VPNClient analogue means 502.
Pass through said method, lexical analysis module 503 can be when setting maximum at the capacity of the PPTP of this VPNServer501 client, obtain the capacity of the L2TP client of this VPNServer501, be in the present embodiment, the mixing capacity of this VPNServer501 is 200 PPTP clients, L L2TP client.Lexical analysis module 503 can also be when setting maximum at the capacity of the L2TP of this VPNServer501 client, obtain the capacity of the PPTP client of this VPNServer501, be in the present embodiment, the mixing capacity of this VPNServer501 is 200 L2TP clients, P PPTP client.
In the system of as shown in Figure 5 test VPNServer, VPNClient analogue means 502 further comprises: dispensing unit, VPN data processing unit and reception/transmitting element.
Dispensing unit, the quantity of each the classification simulant-client that is used for issuing according to lexical analysis device 503, the different simulant-client parameter of corresponding tricks is set, every cover simulation client parameter comprises the source address of client tunnel, the title in tunnel, the user name of authentication, password and vpn server address, wherein, every cover simulation client parameter all is unique, but the VPNServer address unanimity in every cover simulation client parameter.
The VPN negotiation element is used for forming the client of each classification respective amount according to every cover client parameter, and carries out the negotiation of the corresponding vpn tunneling of foundation between each client and the described vpn server.
The VPN data processing unit is used for the application that connects according to each simulant-client classification corresponding protocols, and the negotiation packet of negotiations process is carried out deblocking or encapsulation.
Reception/transmitting element is used for the negotiation packet after the encapsulation is transmitted to described vpn server, and receives the negotiation packet that described vpn server returns.
Further, the VPN negotiation element comprises: PPTP consults subelement and L2TP consults subelement.
PPTP consults subelement, is used for forming the PPTP client of setting quantity, and carrying out the negotiation of setting up pptp tunneling between each PPTP client and the described vpn server according to every cover simulation PPTP client parameter.L2TP consults subelement, and the user forms the L2TP client of setting quantity, and carries out the negotiation of setting up L2TP Tunnel between each L2TP client and the described vpn server according to every cover simulation 12TP client parameter.
The VPN data processing unit comprises: tcp data handles subelement and UDP message is handled subelement, wherein, tcp data is handled subelement, is used for the application according to the TCP connection, the negotiation packet between each PPTP client and the described vpn server is carried out the encapsulation or the deblocking of tcp module.UDP message is handled subelement, is used for the application according to the UDP connection, the negotiation packet between each L2TP client and the described vpn server is carried out the encapsulation or the deblocking of UDP module.
Reception/transmitting element comprises: PPTP subelement and L2TP subelement, wherein, the PPTP subelement is used for the negotiation packet after the TCP encapsulation is transmitted to described vpn server, and receives the negotiation packet that described vpn server returns to each PPTP client.The L2TP subelement is used for the negotiation packet after the UTP encapsulation is transmitted to described vpn server, and receives the negotiation packet that described vpn server returns to each L2TP client.
In the system of as shown in Figure 5 test VPNServer, lexical analysis device 503 further comprises: obtain the unit, judging unit, capacity unit and adjustment unit.Wherein, obtain the unit, be used to obtain quantity by each classification client of described vpn server authentication; Judging unit is used to judge whether the quantity of each classification of acquisition equates with the setting quantity of corresponding classification; The capacity unit is used for setting quantity when the quantity of each classification that obtains and corresponding classification when equal, with the setting quantity of described each the classification simulant-client capacity as this classification client of described vpn server; Adjustment unit, be used for when the quantity of each classification that obtains is unequal with the setting quantity of corresponding classification, according to the measuring accuracy of setting the setting quantity of described each classification simulant-client is adjusted, and dialled in the setting quantity that module issues each classification simulant-client to described VPN client simulation.
In inventive embodiments, obtained the capacity of VPNServer after, testing apparatus also needs the forwarding performance of this VPNServer is tested, its concrete test process as described in Figure 9:
Step 901: testing apparatus is simulated the client of the described capacity respective amount of each classification after obtaining the capacity of each classification client of VPNServe, and sets up the vpn tunneling of the corresponding classification between each simulant-client and the described VPNServer.
Here, can obtain the capacity of each classification client according to the method for the VPNServer of test described in the foregoing description capacity, promptly can obtain the capacity of the PPTP client of VPNServe, the perhaps capacity of L2TP client, the perhaps mixing capacity of PPTP client and L2TP client.
Testing apparatus is simulated the PPTP client of this capacity respective amount according to the capacity of the PPTP client of VPNServe, and sets up the pptp tunneling between each PPTP client and the VPNServer; Or,
Testing apparatus is simulated the L2TP client of this capacity respective amount according to the capacity of the L2TP client of VPNServe, and sets up the L2TP Tunnel between each L2TP client and the VPNServer; Or,
Testing apparatus is according to the capacity of the PPTP client of VPNServe, simulate the PPTP client of this capacity respective amount, and set up pptp tunneling between each PPTP client and the VPNServer, and according to the capacity of the L2TPC client of VPNServe, simulate the L2TP client of this capacity respective amount, and set up the L2TPC tunnel between each L2TP client and the VPNServer.
Step 902: testing apparatus is collected the source IP address and the purpose IP address of every vpn tunneling, and disposes the test data stream of every vpn tunneling correspondence.
Step 903: testing apparatus sends to described VPNServer by every vpn tunneling with the test data stream of correspondence.
Step 904: testing apparatus is according to the test data stream that sends, and the data flow returned of described VPNServer, generates test report.
In the device of the capacity of testing VPNServer referring to Fig. 3, the textural requirement that can't satisfy VPNServer performance test of module in performance and many data flow dialled in the VPNClient simulation, therefore, in the device of the performance of testing VPNServer, also need the performance test module.Referring to Figure 10, the device of the performance of test VPNServer comprises: module 100, lexical analysis module 200 and performance test module 300 are dialled in the VPNClient simulation.Wherein:
Module 100 is dialled in the VPNClient simulation, the setting quantity of each the classification simulant-client that is used for issuing according to lexical analysis module 200, simulate the client of the described setting quantity of each classification respective amount, and set up the vpn tunneling between each each simulant-client and the VPNServer.
Lexical analysis module 200 is used to collect source IP address and the purpose IP address that every vpn tunneling of module 100 foundation is dialled in the VPNClient simulation, and after constructing the data flow of described every vpn tunneling, sends to the performance test module.
Performance test module 300, be used for source IP address and purpose IP address according to every the vpn tunneling that receives, and the data flow of every vpn tunneling, dispose the test data stream of every vpn tunneling correspondence, and the test data stream of correspondence is sent to described VPNServer by every vpn tunneling, and according to the test data stream that sends, and the data flow returned of described VPNServer, generate test report.
Utilize above-mentioned concrete device test the VPNServer performance method flow chart as shown in figure 11, concrete implementation is as follows:
Step 1101: according to the method for above-mentioned test VPNServer capacity, the lexical analysis module obtains the capacity of each classification client of this VPNServer.
Here, the capacity of the client that lexical analysis module 200 obtains can be the capacity of PPTP client, also can be the capacity that has only the L2TP client, and capacity that can also existing PPTP client has the capacity of L2TP client again.
Step 1102: lexical analysis module 200 is handed down to the VPNClient simulation with the capacity of each classification client of this VPNServer dials in module 100.
According to step 1101, the capacity of the client that lexical analysis module 200 issues can be the capacity of PPTP client, also can be the capacity that has only the L2TP client, and capacity that can also existing PPTP client has the capacity of L2TP client again.
The capacity of module 100 according to each the classification client that obtains dialled in step 1103:VPNClient simulation, set up each classification respective amount and VPNServer between vpn tunneling.Here each tunnel all is unique, local unique sign (Tunnel Local ID) is set can for each tunnel and is used for distinguishing different clients.
Here, dial in the capacity of the PPTP client of having only VPNServe that module 100 obtains when VPNClient simulation, then set up respective amount and VPNServer between pptp tunneling.
Dial in the capacity of the L2TP client of having only VPNServe that module 100 obtains when VPNClient simulation, then set up respective amount and VPNServer between L2TP Tunnel.
Dial in module 100 when the VPNClient simulation and obtained the PPTP client of VPNServe and the mixing capacity of L2TP client, then set up the PPTP client the capacity respective amount and VPNServer between pptp tunneling, set up the L2TP client the capacity respective amount and VPNServer between L2TP Tunnel.
Step 1104: source IP address and purpose IP address that lexical analysis module 200 is collected every vpn tunneling setting up in the step 1101, and the data flow of constructing every vpn tunneling, and with the source IP address and the purpose IP address of every vpn tunneling, and the data flow of good every the vpn tunneling of structure sends to described performance test module 300.
Step 1105: performance test module 300 is according to the source IP address and the purpose IP address of every the vpn tunneling that obtains, and the data flow of every vpn tunneling, dispose the test data stream of every vpn tunneling correspondence, and the test data stream of correspondence is sent to VPNServer by every vpn tunneling.
Step 1106:VPNServer transmits every the test data stream that receives, and every test data stream receiving is sent to the performance test module.
Step 1107: performance test module 300 is according to the test data stream that sends out, and the data flow returned of VPNServer, generates test report.
Equally, in concrete the application, the testing apparatus of performance of test VPNServer can be one and dial in the device that module, lexical analysis module and performance test module three big modules are formed by the VPNClient simulation, also can dial in three devices that module, lexical analysis module and performance test module correspondence go out and form by VPNClient simulation, below with the VPNClient simulation dial in module, lexical analysis module and performance test module respectively correspondence go out three to install the composition testing apparatuss be that example describes in further detail.
Utilize concrete system as shown in figure 12, the performance of test VPNServer, this system comprises VPNServer1201, VPNClient analogue means 1202, lexical analysis device 1203 and tester 1204.Wherein,
VPNServer1201 is an equipment under test.
VPNClient analogue means 1202 is concrete devices that module is dialled in the VPNClient simulation, can be that prototype designs with a high performance router.
Lexical analysis device 1203 is the concrete device of lexical analysis module.
Tester 1204 is devices of the general test performance of industry, and as Smartbits, IXIA etc., this device can be constructed the IP message of appointment as requested, receives the performance that these messages calculate tested equipment by sending.This tester can be constructed the parallel transmitting-receiving of many data flow simultaneously, and performance is very high, can satisfy the requirement of the test of the performance under many vpn tunnelings of test situation.
Lexical analysis device 1203 can link to each other with VPNServer1201 with VPNClient analogue means 1202 by the CONSOLE port, move hyperterminal software on the lexical analysis device 1203, dispatcher software is realized control to VPNServer1201 and VPNClient analogue means 1202 by the script of operation appointment.Lexical analysis device 1203 can pass through application programming interfaces (API, Application ProgrammingInterface) to be realized by script tester 1204 being controlled.
In embodiments of the present invention, after having set up test macro as shown in figure 12, the transmission mode of use VPNClient analogue means 1202 back test VPNServer1201 as shown in figure 13, directly set up PPTP and/or L2TP Tunnel between VPNClient analogue means 1202 and the VPNServer1201, each tunnel is safeguarded separately, finish the dialing procedure of whole VPN, thereby, can be similar to a real client, these all clients all operate on the public physical link, thereby reach the effect of a large amount of client of simulation.
Utilize concrete system as shown in figure 12, can test separately, when having only the PPTP client, the performance of VPNServer; Also can test separately, when having only the L2TP client, the performance of VPNServer; Can also test, when PPTP client and L2TP client all exist, the performance of VPNServer.
Embodiment 4: utilize concrete system as shown in figure 12, and when PPTP client and L2TP client all exist, the performance of test VPNServer.
Device being tested VPNServer1201 allows PPTP agreement and L2TP agreement to dial in.The user also is required to be simulation PPTP client and the L2TP client has been distributed specific address; Be VPNClient analogue means 1202 configuration interface IP addresses, and the necessary route that arrives VPNServer1201, the initial range and the accuracy value of the capacity of PPTP client and L2TP client also need be set in lexical analysis device 1203 at last, in the present embodiment, the initial value of the PPTP client that is provided with is 0-120, the initial value of L2TP client also is 0-120, and accuracy value is 12.Concrete implementation is referring to Figure 14:
Step 1401: according to embodiment 3 described flow processs, the mixing capacity that lexical analysis device 1203 obtains this VPNServer1201 is a M PPTP client, L L2TP client, or P PPTP client, and M L2TP client, M can be 120 here.
Step 1402: lexical analysis device 1203 issues the mixing capacity that obtains this VPNServer1201 to VPNClient analogue means 1202, i.e. M PPTP client, L L2TP client, or P PPTP client, M L2TP client.
Step 1403:VPNClient analogue means 1202 simulates the client of respective amount, sets up the simulant-client of respective amount and the vpn tunneling between the VPNServer, and for every vpn tunneling different Tunnel Local ID is set.Here, can set up M bar PPTP Tunnel, L bar L2TP Tunnel.Perhaps, set up P bar PPTP Tunnel, M bar L2TP Tunnel.
Step 1404: lexical analysis device 1203 is collected the source IP address and the purpose IP address of every vpn tunneling setting up, and the data flow of constructing every vpn tunneling, and above-mentioned parameter is sent to tester 1204.
Step 1405: tester 1204 is according to the test data stream of every the vpn tunneling of parametric configuration that receives.The test data stream of every vpn tunneling can be source IP address and the purpose IP address that comprises every vpn tunneling, and the IP message of every vpn tunneling Tunnel Local ID.
Here can be M bar PPTP data flow, L bar L2TP data flow.Perhaps, set up P bar PPTP data flow, M bar L2TP data flow
Step 1406: tester 1204 will be constructed the vpn tunneling of good test data stream by correspondence and be sent to VPNServer1201.
Here, M bar PPTP data flow sends to VPNServer1201 by the M bar PPTP Tunnel of correspondence, and L bar PPTP data flow sends to VPNServer1201 by the L bar L2TP Tunnel of correspondence.Perhaps, P bar PPTP data flow sends to VPNServer1201 by the P bar PPTP Tunnel of correspondence, and M bar PPTP data flow sends to VPNServer1201 by the M bar L2TP Tunnel of correspondence.
Every test data stream that step 1407:VPNServer1201 is docked to is transmitted, and every test data stream receiving is sent to tester 1204.
Step 1408: the data flow of returning that tester 1204 will receive, carry out comparison with the test data stream that sends, and according to whether packet loss, adjust the size of flow, generate test report at last.
Here, the test report of generation can be that the mixing capacity of VPNServer1201 is a M PPTP client, during L L2TP client, and the forwarding performance test report of this VPNServer1201; The mixing capacity that also can be VPNServer1201 is a P PPTP client, during M L2TP client, and the forwarding performance test report of this VPNServer1201.
In the system of as shown in figure 12 test VPNServer, VPNClient analogue means 1202 further comprises: dispensing unit, VPN negotiation element, VPN data processing unit and reception/transmitting element
Dispensing unit, the quantity of each the classification simulant-client that is used for issuing according to the lexical analysis module is provided with the different simulant-client parameter of corresponding tricks, wherein, every cover simulation client parameter comprises the simulant-client address, user name, password and VPNServer address.
The VPN negotiation element is used for setting up the simulant-client of each classification respective amount and the vpn tunneling between the VPNServer, and realizing management and control that vpn tunneling connects according to every cover simulation client parameter.This unit comprises PPTP and consults subelement and L2TP negotiation subelement.PPTP consult that subelement is responsible for finishing and VPNServer between the foundation and the maintenance of pptp tunneling, L2TP consult that subelement is responsible for finishing and VPNServer between the foundation and the maintenance of L2TP Tunnel.
The VPN data processing unit is used to realize VPN data flow encapsulation reconciliation encapsulation process process.Negotiation at VPN is finished, set up vpn tunneling after, the transmitting-receiving of data flow will encapsulate the reconciliation encapsulation process through this module, be transmitted to reception/transmitting element.Wherein, PPTP consults submodule and is based on the application that TCP connects, and the PPTP data flow can be through the encapsulation or the decapsulation of tcp module; L2TP consults submodule and is based on the application that UDP connects, and the L2TP data flow can pass to reception/transmitting element and further transmit at last through the encapsulation or the decapsulation of UDP module.
Reception/transmitting element: be used for realizing the transmitting-receiving of every vpn tunneling data flow.Its realization is fully according to relevant RFC standard, and is consistent with common router, comprises the PPTP subelement, is used for receiving and sending the PPTP message; The L2TP subelement is used for receiving and sending the L2TP message.
In the embodiment of the invention, in the system of the system of test VPNServe capacity and test VPNServe performance, the VPNClient analogue means can be simulated a large amount of PPTP and L2TP client, form a large amount of multi-class simulant-clients, thereby the client that when test VPNServe capacity, does not need a large amount of reality, and on this basis, test macro can be automatical and efficient test the capacity of VPNServer under two kinds of service coexistences of PPTP and L2TP, and behind the capacity of PPTP client that obtains VPNServe and L2TP client, the VPNClient analogue means is set up the VPN link between each simulant-client and the VPNServer, and according to the data flow of each VPN link, tested when jumbo PPTP and the coexistence of L2TP client the forwarding performance of VPNServer.
Obviously, those skilled in the art can carry out various changes and modification to the present invention and not break away from the spirit and scope of the present invention.Like this, if of the present invention these are revised and modification belongs within the scope of claim of the present invention and equivalent technologies thereof, then the present invention also is intended to comprise these changes and modification interior.