A Flexible Model for Resource Management in Virtual Private Networks Sanket Naik CS590F Fall 2000.

Slides:

Advertisements

Similar presentations

Virtual Links: VLANs and Tunneling

Advertisements

Encrypting Wireless Data with VPN Techniques

Virtual Private Networks COSC541 Project Jie Qin & Sihua Xu October 11, 2014.

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Introducing VPNs.

Agenda Virtual Private Networks (VPNs) Motivation and Basics Deployment Topologies IPSEC (IP Security) Authentication Header (AH) Encapsulating Security.

A Flexible Model for Resource Management in Virtual Private Networks Presenter: Huang, Rigao Kang, Yuefang.

Module 5: Configuring Access for Remote Clients and Networks.

Copyright © 2004 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 Provider Opportunities for Enterprise MPLS APRICOT 2006, Perth Matt.

Differentiated Services. Service Differentiation in the Internet Different applications have varying bandwidth, delay, and reliability requirements How.

1 Fall 2005 Network Characteristics: Ownership, Service Paradigm, Performance Qutaibah Malluhi CSE Department Qatar University.

FINAL EXAM TUE 5/16 MRST : open book/open notes - 25% of final grade - off campus students will receive exam by postal mail.

The call path remains constant and bandwidth is dedicated throughout the duration of the call. - Unused bandwidth is not recovered. - Traffic.

UCB Implementing QoS Jean Walrand EECS. UCB Outline What? Bandwidth, Delay Where? End-to-End, Edge-to-Edge, Edge-to-End, Overlay Mechanisms Access Control.

EE 4272Spring, 2003 Protocols & Architecture A Protocol Architecture is the layered structure of hardware & software that supports the exchange of data.

Virtual Private Networks Shamod Lacoul CS265 What is a Virtual Private Network (VPN)? A Virtual Private Network is an extension of a private network.

A Policy-Based Optical VPN Management Architecture.

1 Networking Basics: A Review Carey Williamson iCORE Professor Department of Computer Science University of Calgary.

© 2007 AT&T Knowledge Ventures. All rights reserved. AT&T and the AT&T logo are trademarks of AT&T Knowledge Ventures. Subsidiaries and affiliates of AT&T.

Selecting a WAN Technology Lecture 4: WAN Devices &Technology.

Polycom Conference Firewall Solutions. 2 The use of Video Conferencing Is Rapidly Growing More and More people are adopting IP conferencing Audio and.

1 Wide Area Network. 2 What is a WAN? A wide area network (WAN ) is a data communications network that covers a relatively broad geographic area and that.

1 The SpaceWire Internet Tunnel and the Advantages It Provides For Spacecraft Integration Stuart Mills, Steve Parkes Space Technology Centre University.

Algorithms for Provisioning Virtual Private Networks in the Hose Model Source: Sigcomm 2001, to appear in IEEE/ACM Transactions on Networking Author: Amit.

DaVinci: Dynamically Adaptive Virtual Networks for a Customized Internet Jennifer Rexford Princeton University With Jiayue He, Rui Zhang-Shen, Ying Li,

Monitoring Architecture for Lawful Interception in VoIP Networks Second International Conference on Internet Monitoring and Protection (ICIMP 2007), IEEE.

Integrated Services Digital Network (ISDN)

Girish P. Saraph April 25, 2005 ELITEX 2005 Dr. Girish P. Saraph Associate Professor Department of Electrical Engineering Indian Institute of Technology.

Some Basic Networking Concepts: LANs, WANs, Switching, and Multiplexing Carey Williamson Department of Computer Science University of Calgary.

1 Chapter 12: VPN Connectivity in Remote Access Designs Designs That Include VPN Remote Access Essential VPN Remote Access Design Concepts Data Protection.

© 2006 Cisco Systems, Inc. All rights reserved. Optimizing Converged Cisco Networks (ONT) Module 4: Implement the DiffServ QoS Model.

Virtual Private Networks Warren Toomey. Available WAN Links.

Some Networking Basics: LANs, WANs, Switching, and Multiplexing Carey Williamson Department of Computer Science University of Calgary.

Postacademic Interuniversity Course in Information Technology – Module C1p1 Chapter 5 Multiplexing.

Module 5: Configuring Access for Remote Clients and Networks.

Yu-Liang Liu1 On the Bandwidth Management for Hose-Model VPN Service GRADUATE INSTITUTE OF INFORMATION MANAGEMENT NATIONAL TAIWAN UNIVERSITY.

S4-Chapter 3 WAN Design Requirements. WAN Technologies Leased Line –PPP networks –Hub and Spoke Topologies –Backup for other links ISDN –Cost-effective.

Slide title In CAPITALS 50 pt Slide subtitle 32 pt Static Call Admission Control and Dimensioning of Media Gateways in IP based Mobile Core Networks Mika.

Computer Security Workshops Networking 101. Reasons To Know Networking In Regard to Computer Security To understand the flow of information on the Internet.

A Dynamic VPN Architecture for Private Cloud Computing

Voice Over Internet Protocol

Module 10: Providing Secure Access to Remote Offices.

Department of Electronic Engineering City University of Hong Kong EE3900 Computer Networks Protocols and Architecture Slide 1 Use of Standard Protocols.

Resource Allocation in Network Virtualization Jie Wu Computer and Information Sciences Temple University.

SCTP: A new networking protocol for super-computing Mohammed Atiquzzaman Shaojian Fu Department of Computer Science University of Oklahoma.

Virtual Private Networks Ed Wagner CS Overview Introduction Types of VPNs Encrypting and Tunneling Pro/Cons the VPNs Conclusion.

Presented By: Gavin Worden Leased Lines vs. Internet Based VPNs.

Internet Traffic Engineering Motivation: –The Fish problem, congested links. –Two properties of IP routing Destination based Local optimization TE: optimizing.

Tunneling Continued/ End-to-End Principle CS 4251: Computer Networking II Nick Feamster Spring 2008.

Bearer Control for VoIP and VoMPLS Control Plane Francois Le Faucheur Bruce Thompson Cisco Systems, Inc. Angela Chiu AT&T March 30, 2000.

MPLS Introduction How MPLS Works ?? MPLS - The Motivation MPLS Application MPLS Advantages Conclusion.

Multiprotocol Label Switching (MPLS) Routing algorithms provide support for performance goals – Distributed and dynamic React to congestion Load balance.

Virtual Private Network Wo Yan Lam. Overview What is Virtual Private Network Different types of VPN –Remote-Access VPN –Site-to-site VPN Security features.

Planning the Addressing Structure

Lab A: Planning an Installation

Architecture and Algorithms for an IEEE 802

Potential Areas of Research Activity – March 2000

Switching and High-Speed Networks

Establishing End-to-End Guaranteed Bandwidth Network Paths Across Multiple Administrative Domains The DOE-funded TeraPaths project at Brookhaven National.

Wide Area Network.

QOS Requirements for Real-Time Services over IP

MLEF Without Capacity Admission Does Not Satisfy MLPP Requirements

Lecture 1: Introduction to WAN

Virtual Private Networks

Planning the Addressing Structure

Networking Basics: A Review

Optical communications & networking - an Overview

Chapter-5 Traffic Engineering.

Private Networks.

Chapter 8 – Data switching and routing

Presentation transcript:

A Flexible Model for Resource Management in Virtual Private Networks Sanket Naik CS590F Fall 2000

What Is a Virtual Private Network? Virtual private networks (VPN) provide an encrypted connection between a user's distributed sites over a public network (e.g., the Internet). By contrast, a private network uses dedicated circuits and possibly encryption. Tom Dunigan, Network Research Group, Oak Ridge National Lab (ORNL)

Requirements for IP-based VPNs Opaque packet transport Data security Quality of service guarantees Tunneling mechanism A framework for IP based VPNs - RFC 2764 (informational)

Resource Management in VPN? Isolation from other flows Guaranteed bandwidth, loss and delay characteristics Over an existing public network Yet, same performance assurances as a private network!

Hose Model Customer's interface into the network Performance guarantee based on the "aggregate" traffic To and from a given endpoint to the set of all other endpoints

Hose Model

Advantages for customer Ease of specification - one rate per endpoint vis-a-vis one rate per pair of endpoints Flexibility - traffic to multiple endpoints multiplexed on one hose Multiplexing gain - Total of hose rates < Aggregate rate in a Private network Characterization - Statistical variability over multiple pairs smoothed into hose Billing - Resize hose capacities dynamically

Implementation Scenarios

Provisioned VPNs Worst-case traffic split - provider-pipes between each pair of end-points Resource sharing - aggregate overlapping pipes for an end-point Explicit routing - shortest paths VPN specific state - aggregate overlapping pipes for the VPN

Dynamically Resized VPNs Disadvantage of provisioned VPNs Reserved capacity may not be used Resized provider pipes Resized trees Resized trees with explicit routing Resource aggregation across a VPN

Requirements for Dynamically Resized VPNs Prediction of required capacity based on traffic measurement - technique suggested Signaling protocols to dynamically reserve resources - future work

Prediction of Traffic Rate T meas - measurement window T ren - next window for which rate is renegotiated T samp - regularly spaced samples R i - average rate over inter-sample intervals Local maximum predictor R ren = max{R i } Local Gaussian predictor R ren = m +  v m = mean of R i v = variance of R i  = Multiplier

Simulation Experiments 2 sets of traces – voice and data PSTN traffic == IP telephony traffic? Benefits for customer Traffic matrix does change Statically provisioned access hose-gain Hose resizing gain Predictor tracks actual traffic quite closely Dynamically resized access hose gain

Benefits for Provider Statically provisioned tree gain Dynamic resizing gains Provider-pipes Trees VPNs

Conclusions Pros Most efforts in IP-based VPNs focussed on security rather than performance guarantees Simulation results look positive Cons Model is incomplete - signaling primitives required How was dynamic resizing done for simulation?

Questions?