{"id":477088,"date":"2023-08-09T09:06:59","date_gmt":"2023-08-09T09:06:59","guid":{"rendered":""},"modified":"2023-09-05T11:13:58","modified_gmt":"2023-09-05T11:13:58","slug":"encapsulating-security-payload","status":"publish","type":"wiki","link":"https:\/\/oneproxy.pro\/vn\/wiki\/encapsulating-security-payload\/","title":{"rendered":"\u0110\u00f3ng g\u00f3i t\u1ea3i tr\u1ecdng b\u1ea3o m\u1eadt"},"content":{"rendered":"

\u0110\u00f3ng g\u00f3i t\u1ea3i tr\u1ecdng b\u1ea3o m\u1eadt (ESP) l\u00e0 m\u1ed9t giao th\u1ee9c b\u1ea3o m\u1eadt cung c\u1ea5p s\u1ef1 k\u1ebft h\u1ee3p gi\u1eefa quy\u1ec1n ri\u00eang t\u01b0, t\u00ednh to\u00e0n v\u1eb9n, x\u00e1c th\u1ef1c v\u00e0 b\u1ea3o m\u1eadt d\u1eef li\u1ec7u cho c\u00e1c g\u00f3i d\u1eef li\u1ec7u \u0111\u01b0\u1ee3c g\u1eedi qua m\u1ea1ng IP. N\u00f3 l\u00e0 m\u1ed9t ph\u1ea7n c\u1ee7a b\u1ed9 IPsec (B\u1ea3o m\u1eadt Giao th\u1ee9c Internet) v\u00e0 \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng r\u1ed9ng r\u00e3i trong c\u00e1c k\u1ebft n\u1ed1i VPN (M\u1ea1ng ri\u00eang \u1ea3o) \u0111\u1ec3 \u0111\u1ea3m b\u1ea3o truy\u1ec1n d\u1eef li\u1ec7u an to\u00e0n qua c\u00e1c m\u1ea1ng kh\u00f4ng \u0111\u00e1ng tin c\u1eady.<\/p>\n

Truy t\u00ecm ngu\u1ed3n g\u1ed1c c\u1ee7a vi\u1ec7c \u0111\u00f3ng g\u00f3i t\u1ea3i tr\u1ecdng b\u1ea3o m\u1eadt<\/h2>\n

Kh\u00e1i ni\u1ec7m \u0110\u00f3ng g\u00f3i t\u1ea3i tr\u1ecdng b\u1ea3o m\u1eadt n\u1ed5i l\u00ean nh\u01b0 m\u1ed9t ph\u1ea7n trong n\u1ed7 l\u1ef1c c\u1ee7a L\u1ef1c l\u01b0\u1ee3ng \u0111\u1eb7c nhi\u1ec7m k\u1ef9 thu\u1eadt Internet (IETF) nh\u1eb1m ph\u00e1t tri\u1ec3n IPsec, m\u1ed9t b\u1ed9 giao th\u1ee9c \u0111\u1ec3 b\u1ea3o v\u1ec7 th\u00f4ng tin \u0111\u01b0\u1ee3c truy\u1ec1n qua m\u1ea1ng IP. L\u1ea7n \u0111\u1ea7u ti\u00ean \u0111\u1ec1 c\u1eadp \u0111\u1ebfn ESP c\u00f3 th\u1ec3 b\u1eaft ngu\u1ed3n t\u1eeb n\u0103m 1995 v\u1edbi RFC 1827, sau \u0111\u00f3 \u0111\u00e3 b\u1ecb RFC 2406 l\u1ed7i th\u1eddi v\u00e0o n\u0103m 1998 v\u00e0 cu\u1ed1i c\u00f9ng l\u00e0 RFC 4303 v\u00e0o n\u0103m 2005, phi\u00ean b\u1ea3n hi\u1ec7n \u0111ang \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng.<\/p>\n

\u0110i s\u00e2u h\u01a1n v\u00e0o vi\u1ec7c \u0111\u00f3ng g\u00f3i t\u1ea3i tr\u1ecdng b\u1ea3o m\u1eadt<\/h2>\n

ESP v\u1ec1 c\u01a1 b\u1ea3n l\u00e0 m\u1ed9t c\u01a1 ch\u1ebf \u0111\u00f3ng g\u00f3i v\u00e0 m\u00e3 h\u00f3a c\u00e1c g\u00f3i d\u1eef li\u1ec7u IP \u0111\u1ec3 cung c\u1ea5p t\u00ednh b\u1ea3o m\u1eadt, t\u00ednh to\u00e0n v\u1eb9n v\u00e0 t\u00ednh x\u00e1c th\u1ef1c c\u1ee7a d\u1eef li\u1ec7u. N\u00f3 \u0111\u1ea1t \u0111\u01b0\u1ee3c \u0111i\u1ec1u n\u00e0y b\u1eb1ng c\u00e1ch th\u00eam ti\u00eau \u0111\u1ec1 v\u00e0 \u0111o\u1ea1n gi\u1edbi thi\u1ec7u ESP v\u00e0o g\u00f3i d\u1eef li\u1ec7u g\u1ed1c. Sau \u0111\u00f3, g\u00f3i \u0111\u01b0\u1ee3c m\u00e3 h\u00f3a v\u00e0 x\u00e1c th\u1ef1c t\u00f9y ch\u1ecdn \u0111\u1ec3 ng\u0103n ch\u1eb7n truy c\u1eadp v\u00e0 s\u1eeda \u0111\u1ed5i tr\u00e1i ph\u00e9p.<\/p>\n

Trong khi ti\u00eau \u0111\u1ec1 ESP cung c\u1ea5p th\u00f4ng tin c\u1ea7n thi\u1ebft \u0111\u1ec3 h\u1ec7 th\u1ed1ng nh\u1eadn gi\u1ea3i m\u00e3 v\u00e0 x\u00e1c th\u1ef1c d\u1eef li\u1ec7u m\u1ed9t c\u00e1ch ch\u00ednh x\u00e1c, \u0111o\u1ea1n gi\u1edbi thi\u1ec7u ESP bao g\u1ed3m ph\u1ea7n \u0111\u1ec7m \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng \u0111\u1ec3 c\u0103n ch\u1ec9nh trong qu\u00e1 tr\u00ecnh m\u00e3 h\u00f3a v\u00e0 tr\u01b0\u1eddng d\u1eef li\u1ec7u x\u00e1c th\u1ef1c t\u00f9y ch\u1ecdn.<\/p>\n

Ho\u1ea1t \u0111\u1ed9ng b\u00ean trong c\u1ee7a vi\u1ec7c \u0111\u00f3ng g\u00f3i t\u1ea3i tr\u1ecdng b\u1ea3o m\u1eadt<\/h2>\n

T\u1ea3i tr\u1ecdng b\u1ea3o m\u1eadt \u0111\u00f3ng g\u00f3i ho\u1ea1t \u0111\u1ed9ng nh\u01b0 sau:<\/p>\n

    \n
  1. D\u1eef li\u1ec7u g\u1ed1c (t\u1ea3i tr\u1ecdng) \u0111\u01b0\u1ee3c chu\u1ea9n b\u1ecb \u0111\u1ec3 truy\u1ec1n.<\/li>\n
  2. Ti\u00eau \u0111\u1ec1 ESP \u0111\u01b0\u1ee3c th\u00eam v\u00e0o \u0111\u1ea7u d\u1eef li\u1ec7u. Ti\u00eau \u0111\u1ec1 n\u00e0y bao g\u1ed3m Ch\u1ec9 m\u1ee5c tham s\u1ed1 b\u1ea3o m\u1eadt (SPI) v\u00e0 s\u1ed1 th\u1ee9 t\u1ef1.<\/li>\n
  3. \u0110o\u1ea1n gi\u1edbi thi\u1ec7u ESP \u0111\u01b0\u1ee3c th\u00eam v\u00e0o cu\u1ed1i d\u1eef li\u1ec7u. N\u00f3 ch\u1ee9a ph\u1ea7n \u0111\u1ec7m \u0111\u1ec3 c\u0103n ch\u1ec9nh, \u0111\u1ed9 d\u00e0i ph\u1ea7n \u0111\u1ec7m, ti\u00eau \u0111\u1ec1 ti\u1ebfp theo (cho bi\u1ebft lo\u1ea1i d\u1eef li\u1ec7u \u0111\u01b0\u1ee3c ch\u1ee9a) v\u00e0 d\u1eef li\u1ec7u x\u00e1c th\u1ef1c t\u00f9y ch\u1ecdn.<\/li>\n
  4. To\u00e0n b\u1ed9 g\u00f3i (d\u1eef li\u1ec7u g\u1ed1c, ti\u00eau \u0111\u1ec1 ESP v\u00e0 \u0111o\u1ea1n gi\u1edbi thi\u1ec7u ESP) sau \u0111\u00f3 \u0111\u01b0\u1ee3c m\u00e3 h\u00f3a b\u1eb1ng thu\u1eadt to\u00e1n m\u00e3 h\u00f3a \u0111\u01b0\u1ee3c ch\u1ec9 \u0111\u1ecbnh.<\/li>\n
  5. T\u00f9y ch\u1ecdn, l\u1edbp x\u00e1c th\u1ef1c \u0111\u01b0\u1ee3c th\u00eam v\u00e0o, cung c\u1ea5p t\u00ednh to\u00e0n v\u1eb9n v\u00e0 x\u00e1c th\u1ef1c.<\/li>\n<\/ol>\n

    Qu\u00e1 tr\u00ecnh n\u00e0y \u0111\u1ea3m b\u1ea3o r\u1eb1ng tr\u1ecdng t\u1ea3i \u0111\u01b0\u1ee3c gi\u1eef b\u00ed m\u1eadt trong qu\u00e1 tr\u00ecnh v\u1eadn chuy\u1ec3n v\u00e0 \u0111\u1ebfn \u0111\u00edch kh\u00f4ng thay \u0111\u1ed5i v\u00e0 \u0111\u01b0\u1ee3c x\u00e1c minh.<\/p>\n

    C\u00e1c t\u00ednh n\u0103ng ch\u00ednh c\u1ee7a \u0111\u00f3ng g\u00f3i t\u1ea3i tr\u1ecdng b\u1ea3o m\u1eadt<\/h2>\n

    C\u00e1c t\u00ednh n\u0103ng ch\u00ednh c\u1ee7a ESP bao g\u1ed3m:<\/p>\n

      \n
    1. T\u00ednh b\u1ea3o m\u1eadt: Th\u00f4ng qua vi\u1ec7c s\u1eed d\u1ee5ng c\u00e1c thu\u1eadt to\u00e1n m\u00e3 h\u00f3a m\u1ea1nh m\u1ebd, ESP b\u1ea3o v\u1ec7 d\u1eef li\u1ec7u kh\u1ecfi b\u1ecb truy c\u1eadp tr\u00e1i ph\u00e9p trong qu\u00e1 tr\u00ecnh truy\u1ec1n.<\/li>\n
    2. X\u00e1c th\u1ef1c: ESP x\u00e1c minh danh t\u00ednh c\u1ee7a b\u00ean g\u1eedi v\u00e0 b\u00ean nh\u1eadn, \u0111\u1ea3m b\u1ea3o d\u1eef li\u1ec7u kh\u00f4ng b\u1ecb ch\u1eb7n ho\u1eb7c thay \u0111\u1ed5i.<\/li>\n
    3. T\u00ednh to\u00e0n v\u1eb9n: ESP \u0111\u1ea3m b\u1ea3o r\u1eb1ng d\u1eef li\u1ec7u kh\u00f4ng b\u1ecb thay \u0111\u1ed5i trong qu\u00e1 tr\u00ecnh truy\u1ec1n.<\/li>\n
    4. B\u1ea3o v\u1ec7 ch\u1ed1ng ph\u00e1t l\u1ea1i: V\u1edbi s\u1ed1 th\u1ee9 t\u1ef1, ESP b\u1ea3o v\u1ec7 ch\u1ed1ng l\u1ea1i c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng ph\u00e1t l\u1ea1i.<\/li>\n<\/ol>\n

      C\u00e1c lo\u1ea1i t\u1ea3i tr\u1ecdng b\u1ea3o m\u1eadt \u0111\u00f3ng g\u00f3i<\/h2>\n

      C\u00f3 hai ch\u1ebf \u0111\u1ed9 ho\u1ea1t \u0111\u1ed9ng trong ESP: Ch\u1ebf \u0111\u1ed9 v\u1eadn chuy\u1ec3n v\u00e0 ch\u1ebf \u0111\u1ed9 \u0110\u01b0\u1eddng h\u1ea7m.<\/p>\n\n\n\n\n\n\n
      C\u00e1ch th\u1ee9c<\/th>\nS\u1ef1 mi\u00eau t\u1ea3<\/th>\n<\/tr>\n<\/thead>\n
      Chuy\u00ean ch\u1edf<\/td>\n\u1ede ch\u1ebf \u0111\u1ed9 n\u00e0y, ch\u1ec9 t\u1ea3i tr\u1ecdng c\u1ee7a g\u00f3i IP \u0111\u01b0\u1ee3c m\u00e3 h\u00f3a v\u00e0 ti\u00eau \u0111\u1ec1 IP g\u1ed1c \u0111\u01b0\u1ee3c gi\u1eef nguy\u00ean. Ch\u1ebf \u0111\u1ed9 n\u00e0y th\u01b0\u1eddng \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng trong giao ti\u1ebfp gi\u1eefa m\u00e1y ch\u1ee7 v\u1edbi m\u00e1y ch\u1ee7.<\/td>\n<\/tr>\n
      \u0110\u01b0\u1eddng h\u1ea7m<\/td>\n\u1ede ch\u1ebf \u0111\u1ed9 n\u00e0y, to\u00e0n b\u1ed9 g\u00f3i IP \u0111\u01b0\u1ee3c m\u00e3 h\u00f3a v\u00e0 \u0111\u00f3ng g\u00f3i trong g\u00f3i IP m\u1edbi v\u1edbi ti\u00eau \u0111\u1ec1 IP m\u1edbi. Ch\u1ebf \u0111\u1ed9 n\u00e0y th\u01b0\u1eddng \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng trong c\u00e1c VPN y\u00eau c\u1ea7u li\u00ean l\u1ea1c an to\u00e0n gi\u1eefa c\u00e1c m\u1ea1ng qua m\u1ea1ng kh\u00f4ng \u0111\u00e1ng tin c\u1eady.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

      C\u00e1c \u1ee9ng d\u1ee5ng v\u00e0 th\u00e1ch th\u1ee9c c\u1ee7a vi\u1ec7c \u0111\u00f3ng g\u00f3i t\u1ea3i tr\u1ecdng b\u1ea3o m\u1eadt<\/h2>\n

      ESP ch\u1ee7 y\u1ebfu \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng trong vi\u1ec7c t\u1ea1o c\u00e1c \u0111\u01b0\u1eddng h\u1ea7m m\u1ea1ng an to\u00e0n cho VPN, b\u1ea3o m\u1eadt li\u00ean l\u1ea1c gi\u1eefa c\u00e1c m\u00e1y ch\u1ee7 v\u00e0 trong li\u00ean l\u1ea1c gi\u1eefa c\u00e1c m\u1ea1ng. Tuy nhi\u00ean, n\u00f3 g\u1eb7p ph\u1ea3i nh\u1eefng th\u00e1ch th\u1ee9c nh\u01b0:<\/p>\n