1 Overview of VPN. 2 Private Networks Leased Lines Organization A Site 1 Organization A Site 2 Organization A Site 3 Organization B Site 1 Organization.

Slides:



Advertisements
Similar presentations
Virtual Links: VLANs and Tunneling
Advertisements

APNOMS03 1 A Resilient Path Management for BGP/MPLS VPN Jong T. Park School of Electrical Eng. And Computer Science Kyungpook National University
Haga clic para modificar el estilo de subtítulo del patrón © 2012 – Teldat GmbH – All rights reserved „Port Based Security“ – „Drop-In-Mode“ The ideal.
Juniper Networks, Inc. Copyright © L2 MPLS VPNs Hector Avalos Technical Director-Southern Europe
MPLS-VPN/BGP Approach Hari Rakotoranto Technical Marketing Engineer
1 Configuring Virtual Private Networks for Remote Clients and Networks.
Network Virtualisation – A Service Provider’s Perspective Presented by: Steve Legge, Chief Operating Officer 8 May 2007.
BusinessConnect: International MPLS based Services
Eric Kilroy. Introduction  Virtual Private Network A way to connect to a private network through a public network such as the internet.
Goal of The Paper  What exactly is a VPN?  Why do you need a VPN?  what are some of the technologies used in deploying a VPN?  How does a VPN work?
© 2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.0—3-1 Implementing a Scalable Multiarea Network OSPF- Based Solution Improving Routing Performance.
MPLS L3 and L2 VPNs Virtual Private Network –Connect sites of a customer over a public infrastructure Requires: –Isolation of traffic Terminology –PE,
Institute of Technology, Sligo Dept of Computing Semester 3, version Semester 3 Chapter 3 VLANs.
SMUCSE 8344 MPLS Virtual Private Networks (VPNs).
Copyright Kenneth M. Chipps Ph.D. 1 VPN Last Update
Faten Yahya Ismael.  It is technology creates a network that is physically public, but virtually it’s private.  A virtual private network (VPN) is a.
Virtual Private Network
© 2007 AT&T Knowledge Ventures. All rights reserved. AT&T and the AT&T logo are trademarks of AT&T Knowledge Ventures. Subsidiaries and affiliates of AT&T.
1 Wide Area Network. 2 What is a WAN? A wide area network (WAN ) is a data communications network that covers a relatively broad geographic area and that.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Introducing Routing and Switching in the Enterprise – Chapter 1 Networking.
Introduction to WAN Technologies
VIRTUAL PRIVATE NETWORK By: Tammy Be Khoa Kieu Stephen Tran Michael Tse.
Virtual Private Network (VPN) Topics Discussion What is a VPN? What is a VPN?  Types of VPN  Why we use VPN?  Disadvantage of VPN  Types of.
Virtual Private Networks Warren Toomey. Available WAN Links.
1 Virtual Private Network (VPN) Course: COSC513 Instructor: Professor M. Anvari Student: Xinguang Wang.
Remote Access and Long-Distance Communications. Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Typical Telephone.
Multiprotocol Label Switching (MPLS) Routing algorithms provide support for performance goals – Distributed and dynamic React to congestion Load balance.
Virtual Private LAN Service
SECURITY IN VIRTUAL PRIVATE NETWORKS PRESENTED BY : NISHANT SURESH.
MPLS Virtual Private Networks (VPNs)
Instructor Materials Chapter 1: WAN Concepts
Instructor Materials Chapter 1: WAN Concepts
Instructor Materials Chapter 1: LAN Design
Virtual Private Networks
Networking in the Enterprise
Networking in the Enterprise
Network Overview.
Virtual Private Networks (VPN)
Virtual Private Networks
MPLS VPN Implementation
Virtual Private Network (VPN)
Cisco MPLS Enabling Managed Shared Services for Greater Profitability
Virtual Private Networks
Frame Relay lab1.
Hector Avalos Technical Director-Southern Europe
Module 2: Configure Network Intrusion Detection and Prevention
Wide Area Network.
Virtual Private Networks (VPN)
Virtual LANs.
Chapter 1: WAN Concepts Connecting Networks
… what buyers need to understand … what providers need to communicate
Lecture 1: Introduction to WAN
Need for VPN As a business grows, it might expand to multiple shops or offices across the country and around the world. the people working in those locations.
Virtual Private Network (VPN)
MPLS - How does it work ?.
The Business Value of MPLS VPNs
Seminar Class CS591 Presentation Topic: VPN
Virtual Private Network
Kireeti Kompella Juniper Networks
VPN: Virtual Private Network
Cisco networking CNET-448
How Does MPLS QoS Work?.
Chapter 3 VLANs Chaffee County Academy
Experiences with Implementing MPLS/VPN Services
Virtual Private Network
QoS based pricing in IP Networks
Topic 12: Virtual Private Networks
Private Networks.
AT&T Firewall Battlecard
Multicasting Unicast.
Presentation transcript:

1 Overview of VPN

2 Private Networks Leased Lines Organization A Site 1 Organization A Site 2 Organization A Site 3 Organization B Site 1 Organization B Site 2 Organization B Site 3 Organization A Site 4

3 Private Network Advantages: –Leased lines are secured –Privacy and QoS Guarnteed Disadvantages –Leased lines are very expensive –No of links required grows exponentially if full mesh connectivity is required and network expands. –More nos of CPE ports are required –Network complexity increases as network grows. All existing sites requires reconfiguration in case of a new site addition.

4 Internet Based Private Network Organization A Site 1 Organization A Site 2 Organization A Site 3 Organization B Site 1 Organization B Site 2 Organization B Site 3 Organization A Site 4 Internet Shared Infrastructure

5 Internet Based Private Network Advantages: –Single physical connectivity at each site. –No reconfiguration required at existing sites in case of addition of new site to the network. –Saving on CPE ports –Huge saving in annual connectivity charges. Disadvantages: –Highly insecure environment –No guarantee of Privacy and QoS –Any unauthorized traffic can enter in private network

6 Virtual Private Network Different solutions are available to make communication over internet safe, secure and it can also ensure desired grade of quality of service. These solutions are known as VPN solutions. Different protocols like L2TP, PPTP, IPSec etc are available to provide VPN solutions to customers. These Protocols take care of data authenticity, data integrity, and if required data confidentiality.

7 Virtual Private Network Organization A Site 1 Organization A Site 2 Organization A Site 3 Organization B Site 1 Organization B Site 2 Organization B Site 3 Organization A Site 4 Internet Firewalls

8 Deploying VPNs in the 21st Century Uses IP Infrastructure –May be shared with Internet services Increasing importance of IP/MPLS (not ATM/FR) Subscriber requirements –Lower operational expenses –A single network connection for multiple services Provider requirements –Multiservice infrastructure –Create additional source of revenue Internet Remote Access IntranetIntranet ExtranetExtranet Mobile Users and Telecommuters BranchOffice CorporateHeadquarters Suppliers, Partners and Customers

9 Virtual Private Network Categories VPN can be classified in two categories –Customer Provisioned VPN Tunnels originate and terminate at customer premises Provisioning of equipment and allied activities is the responsibility of the customer Provider may not be aware of the VPN tunneling through his network –Provider Provisioned VPN Tunnels originate and terminate at the service provider’s edge Responsibilities of creating and maintaining these tunnels lies with the provider

10 Customer Provisioned VPNs Organization A Site 1 Organization B Site 1 Organization B Site 2 Internet Organization B Site 3 Secured Tunnels

11 Provider Provisioned VPNs Organization A Site 1 Organization B Site 1 Organization B Site 2 Internet Organization B Site 3 Secured Tunnels

12 MPLS Based VPNs MPLS Based Layer 3 VPNs –Provider’s router participates incustomer’s layer 3 routing –Provider router manages VPN-specific routing tables, distributes routes to remote sites –CPE routers advertise their routes to the provider MPLS Based Layer 2 VPNs –Customer maps their layer 3 routing to the circuit mesh –Provider delivers Layer 2 circuits to the customer, one for each remote site –Customer routes are transparent to provider

13 MPLS Based Layer 3 VPN P P P PE 2 VPN A Site 3 VPN A Site 1 VPN B Site2 Site 1 PE 1 PE 3 VPN A Site2 CE–A1 CE–B1 CE–A3 CE–A2 CE–B2 P VPN B Site3 CE–B3 CE–C1 VPN C Site 1 VPN C Site 2 CE–C2 A VRF is created for each VPN connected to the PE Static Routes OSPF Routing E-BGP

14 MPLS Based Layer 3 VPNs Each VRF is populated with: –Routes received from directly connected CE routers associated with the VRF –Routes received from other PE routers with acceptable BGP attributes Only the VRF associated with a VPN is used for packets from a site of that VPN –Provides isolation between VPNs

15 MPLS Based Layer 3 VPNs Customers can use overlapping IP addresses Customers are free to use any IP address even private IP addresses. Very little manual configuration. Auto discovery of new sites. No reconfiguration of existing sites in case of new site addition. Cheaper than leased lines as it works on MPLS based IP infrastructure which is a shared infrastructure. QoS can be assured as MPLS has the capability to provide differentiated QoS

16 MPLS Based Layer 3 VPNs Customers can create intranet as well as extranet with the help of layer 3 VPNs. Extranet allows the customers to allow business partners, suppliers to access their network. 100 % secured intranet as well as extranet. Single physical connectivity at every site resulting in very simple network topology. Provider participates in customer’s routing process.

17 MPLS Based Layer 2 VPNs Provider edge device delivers Layer 2 circuit IDs (DLCI, VPI/VCI, or VLAN ID) to the customer –Customer sees standard FR or ATM PVCs –From my site, one for each reachable site Provider edge device maps the circuit ID to an MPLS LSP to traverse the provider core –Label stacking could be used to improve scalability Customer maps their own routing architecture to the circuit mesh –Customer routes are transparent to provider –Separation of administrative responsibility

18 MPLS Based Layer 2 VPNs P P P PE 2 VPN A Site 3 VPN A Site 1 VPN B Site2 Site 1 PE 1 PE 3 VPN A Site2 CE–A1 CE–B1 CE–A3 CE–A2 CE–B2 P A VFT is created for each CE connected to the PE ATM ATM ATM  Each VFT is populated with:  The information provisioned for the local CEs  VPN Connection Tables received from other PEs via BGP or LDP FR

19 MPLS Based Layer 2 VPNs Layer 2 VPN supported Technologies –Frame Relay –ATM –Ethernet –Ethernet VLANs –HDLC –PPP

20 MPLS Based Layer 2 VPNs Separation of customer’s and provider’s routing provides extra confidence to customer about security of his network. Customer can choose any layer 2 connectivity which is supported by layer 2 VPN.

21 Virtual Private LAN Service VPLS Different sites of customer’s network can get connected to MPLS network on Ethernet just like they connect with any LAN switch. With auto discovery of MAC addressed of devices each site can learn about the machines connected with VPLS service. To customer it appears very much like a ordinary Ethernet connectivity. To customer MPLS network appears like a huge LAN switch with which its different site are connected just like connected with Ethernet LAN switch.

22 P P P PE 2 VPN A Site 3 VPN A Site 1 VPN B Site2 Site 1 PE 1 VPN A Site2 CE–A1 CE–B1 CE–A3 CE–A2 CE–B2 P Virtual Private LAN Service A private Ethernet network constructed over a ‘shared’ infrastructure which may span several metro areas Multipoint to Multipoint Ethernet connectivity where the SP network looks like an Ethernet broadcast domain Compliments Layer and Layer 2 VPNs PE 3

23 What is Quality of Service Desktop Conferencing, Distance Learning Mission-Critical Applications FTP

Role of QoS Protect mission-critical applications –Voice, ERP, data warehouse, sales force automation Prioritize groups of users –Finance, sales, suppliers Enable multimedia applications –Distance learning, desktop video conferencing

25 Quality of Service (QoS) MPLS has got very powerful tools like traffic prioritization, traffic scheduling, traffic shaping, traffic policing etc to ensure proper grade of quality of service to customer. Broadly three grades of services are available at present in MPLS VPN Service –Gold (Guaranteed bandwidth, delivery, Jitter and latency) –Silver (Guaranteed delivery) –Bronze (Best effort)

26 Three Classes of Service Three class of service according to the customers requirement (Gold, Silver & Bronze) –If customer requirement is more than 2 Mbps then tariff will be n x tariff for 2 Mbps. Sl No. Class of Service Comitted Bandwidth (%) Tariff per Annum (Rs in Lakhs)64 kbps 128 kbps 256 kbps 512 kbps 1 Mbps2 Mbps 1.Gold Silver Bronze

27 Service Tax & Discount No of PortsDiscount on VPN Port 2 to 510 % 6 to 1012 % 11 to 1515 % 16 and above20 % Service 10% will be charged w.e.f 10/9/2004 and Education 2 % of the service tax will also be levied in addition to service tax

28 Tariff for Leased Line Data Circuits S.N. Distance (kms) 64 Kbps (Rs.) 2 Mbps (Rs.) 8 Mbps (Rs.) 34 Mbps (Rs.) 140 Mbps (Rs.) 15034,3193,48,64213,94,56855,78,2722,23,13, ,6465,38,45421,53,81686,15,2643,44,61, ,4129,51,43138,05,7241,52,22,8966,08,91, ,17813,64,40754,57,6282,18,30,5128,73,22, ,94417,77,38471,09,5362,84,38,14411,37,52, ,71021,90,36087,61,4403,50,45,76014,01,83,040 7 Beyond ,000 (Fixed) 22,00,000 (Fixed) 88,00,000 (Fixed) 3,52,00,000 (Fixed) 14,08,00,000 (Fixed)

29 Tariff for 128 kbps to 960 kbps CapacityCoefficient 960 kbps kbps kbps kbps kbps kbps kbps kbps1.8 The tariffs for 128 kbps to 960 kbps is equal to –the tariff for 64 kbps x by the coefficients as below

30 ICICI Bank Case Study Total nos of Leased Lines of Various capacities across the Country – 82 Total Annual charges paid – Rs /- 75 links were possible to be shifted on VPN Cost of 75 VPNs of different capacities – Rs- 7,30,00,000/- Cost of rest 7 leased lines – Rs-50,00,000/ Total cost – 7,80,00,000/-

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.