Algorithms for Provisioning Virtual Private Networks in the Hose Model Source: Sigcomm 2001, to appear in IEEE/ACM Transactions on Networking Author: Amit Kumar, Rajeev Rastogi, Avi Siberschatz and Bulent Yener
Outline Introduction Provisioning algorithms Determination of link bandwidth Problem Statement Symmetric bandwidth case Asymmetric bandwidth case Experimental study
Introduction A VPN establishes connectivity between a set of endpoints over a shared network infrastructure. Issues of offering customers with guaranteed bandwidth VPN service has received little attention. This paper addresses the problem of provisioning VPN services with bandwidth guarantees.
Introduction Two popular models for providing QoS in VPNs : Pipe model Hose model
Introduction In the pipe model, customer specifies QoS requirements between every pair of endpoints. This requires the customer to know the complete traffic matrix. However, the number of endpoints per VPN is constantly increasing and the communication patterns between endpoints are becoming increasingly complex. Predicting traffic characteristics between pairs of endpoint is a difficult task for customers.
Introduction In the hose model, the customer specifies QoS requirements per endpoint and not every pair of endpoints. Each endpoint is associated with an ingress bandwidth and an egress bandwidth. Ingress bandwidth: the amount of incoming traffic from all the other endpoints into the endpoint. Egress bandwidth: the amount of traffic the endpoint can send to the other endpoints.
Introduction The customer only needs to specify QoS requirement on a per endpoint basis. As a result, the hose model place less burden on VPN customers.
Introduction The hose model provides customers with the the following advantages over the pipe model: Ease of Spec Flexibility Multiplexing Gain Characterization In order to to realize these benefits, efficient algorithms must be devised for provisioning hoses.
Provisioning algorithms Hose provisioning algorithms need to set up paths between every pair of VPN endpoints such that the aggregate bandwidth reserved is minimum. The provisioning algorithms also need to reserve sufficient bandwidth to accommodate the traffic that meets ingress and egress bandwidth constraints.
Provisioning algorithms Network Graph
Provisioning algorithms Independent Shortest pathsLink Sharing Among Paths Reserved bandwidth=6Reserved bandwidth=8
Provisioning algorithms In order to take advantage of the multiplexing gain due to hoses, this paper connects endpoints using a tree structure. A VPN tree has several benefits: Sharing of bandwidth reservation Scalability Simplicity of Routing Ease of Restoration
Provisioning algorithms This paper develops algorithms for computing optimal VPN trees under four scenarios: Network links capacity Endpoints Bandwidth requirement infinitelimited Symmetric ingress and egress bandwidths O(mn) Both the problem and it’s approximation algorithms are NP-hard. Asymmetric ingress and egress bandwidths NP-hard Both the problem and it’s approximation algorithms are NP-hard.
Determination of link bandwidth Network graph
Determination of link bandwidth A VPN tree
Problem Statement Optimal VPN tree without link capacity constraints: Given a set of VPN endpoints, and their ingress and egress bandwidths, compute a VPN tree whose leaves are endpoints and for which aggregated bandwidth reserved is minimum. [3] has suggested that Steiner tree can be used to connect the VPN endpoints, however, it may be suboptimal.
Problem Statement Network graph
Problem Statement Reserved bandwidth=10008 Steiner tree
Problem Statement Optimal VPN tree Reserved bandwidth=4012
Problem Statement Optimal VPN tree with link capacity constraints: The same with bandwidth infinite case, except that bandwidth reserved on VPN tree links must be no more than their residual bandwidth.
Symmetric bandwidths with infinite link capacity Define
Symmetric bandwidths with infinite link capacity Q(T,0)=2*(1000*3+1*5+1*3+1*3+1*5+1000*3)=12032 =C T. Q(T,X)=2*(1000*2+1*6+1*4+1*4+1*6+1000*4)=12080 X
Symmetric bandwidths with infinite link capacity Find a BFS tree T v rooted at v
Asymmetric bandwidths with infinite link capacity
Biased edge : e.g. (6,7) Balanced edge : e.g. (5,6) We refer to a node of T as a core node if a balanced edge is incident on it. Lemma 4.3 : The sum of the bandwidths reserved on a balanced edge (I,j) of a VPN tree T in both directions is C T (i,j)+C T (j,i)
Asymmetric bandwidths with infinite link capacity
minimize Subject to
Asymmetric bandwidths with infinite link capacity Since we know that S must contain a node from V, we can compute the optimal tree by performing the following steps: –For each node v V, solve the integer program to compute Sv, the optimalset of nodes containing v. –Return the tree T(Sv) whose cost is minimum.
Rounding Based Approximation Algorithm LP (Relaxation of IP)
Use Lin & Vitter to obtain a solution By ellipsoid algorithm, solve the LP in polynomial time Let 0 < c < 1 be a constant Π α
Steps of the Rounding Algorithm
Experimental Study