Presentation is loading. Please wait.

Presentation is loading. Please wait.

COPS Common Open Policy Service Vemuri Namratha Kandaswamy Balasubramanian Venreddy Nireesha.

Published byBruno Wheeler Modified over 9 years ago

Similar presentations

Presentation on theme: "COPS Common Open Policy Service Vemuri Namratha Kandaswamy Balasubramanian Venreddy Nireesha."— Presentation transcript:

1 COPS Common Open Policy Service Vemuri Namratha Kandaswamy Balasubramanian Venreddy Nireesha

2 COPS Introduction Introduction Architecture Architecture Models Models Operations Operations Applications Applications Event flows, message formats Event flows, message formats Issues Issues Questions Questions

3 Introduction COPS is a simple query and response protocol, used to exchange information between PDP and PEP COPS is a simple query and response protocol, used to exchange information between PDP and PEP PDP : Policy Enforcement Point PDP : Policy Enforcement Point Routers Routers PDP : Policy Decision Point PDP : Policy Decision Point Servers containing policy statements Servers containing policy statements

4 What are Policies The Basic regulations negotiated for ensuring Qos to the users. The Basic regulations negotiated for ensuring Qos to the users. Like allocation of Resources, Priorities and hierarchal authorization.etc Like allocation of Resources, Priorities and hierarchal authorization.etc

5 COPS Client and Server model. Client and Server model. Allocation of resources to desired priorities of services. Allocation of resources to desired priorities of services. COPS with RSVP COPS with RSVP Uses TCP as transport protocol for message passing. Uses TCP as transport protocol for message passing.

6 ARCHITECTURE Policy Mgmt Tool PEP PDP COPS Human network manager Policy console Policy editor Policy repository

7 PURPOSE COPS allows the router (PEP) to communicate with PDP about the allocation of requested resources for different kinds of traffic COPS allows the router (PEP) to communicate with PDP about the allocation of requested resources for different kinds of traffic Admission control: Sees if there are enough resources to satisfy the request Admission control: Sees if there are enough resources to satisfy the request Policy control: Whether the request should be considered. Considers priority. Policy control: Whether the request should be considered. Considers priority.

8

9 Client Types COPS-PR "COPS Usage for Policy Provisioning" is the protocol that is used when policy decisions are "pushed" from the PDP to PEPs. In this provisioning model PDP can send policy decisions to PEPs without having specific request from PEP.

10 COPS_RSVP COPS_RSVP "COPS Usage for RSVP" is the protocol that is used when policy decision is "pulled" from PDP. When an RSVP message requiring a policy decision is received by PEP the relevant RSVP objects from the message are put into a COPS Request message, which is sent to PDP. The PDP determines what to do with RSVP message and sends a COPS Decision message back to the PEP,

11 MODELS

12 Outsourcing: The PEP always explicitly asks the PDP for a given amount of resources The PEP always explicitly asks the PDP for a given amount of resources Flexibility and Efficiency Flexibility and Efficiency Resource allocation requests are properly aggregated Resource allocation requests are properly aggregated Aggregate state information is kept in PDP/BB Aggregate state information is kept in PDP/BB

13 Provisioning model More scalable More scalable Inflexibility : difficult to handle modification of configuration. Inflexibility : difficult to handle modification of configuration. Not explicitly customized to handle dynamic QoS Not explicitly customized to handle dynamic QoS

14 COPS The way it works.. PEP is responsible for initiating a persistent TCP connection to a PDP. PEP is responsible for initiating a persistent TCP connection to a PDP. The PEP uses this TCP connection to send requests The PEP uses this TCP connection to send requests Communication between the PEP and remote PDP is mainly a request/decision exchange. Communication between the PEP and remote PDP is mainly a request/decision exchange. Sometimes unsolicited decision Sometimes unsolicited decision

15 PEP’S Responsibilities The PEP has to report to the PDP about successful enforcement of the decision. The PEP has to report to the PDP about successful enforcement of the decision. The PEP is responsible for notifying the PDP when a request state has changed. The PEP is responsible for notifying the PDP when a request state has changed. In simple words….it needs to keep things synchronized i.e keep the PDP informed. In simple words….it needs to keep things synchronized i.e keep the PDP informed. And also local policy decision via its Local Policy Decision Point (LPDP) And also local policy decision via its Local Policy Decision Point (LPDP)

16 Messages/Requests/Decisions request states request states the type of request the type of request previously installed requests previously installed requests policy decisions policy decisions error reports error reports client information. client information.

17 The Context of Request The context of each request corresponds to the type of event that triggered it. The context of each request corresponds to the type of event that triggered it. COPS identifies three types of events: COPS identifies three types of events: (1) the arrival of an incoming message (2) allocation of local resources (3) the forwarding of an outgoing message.

18 Message Format Each COPS message consists of the COPS header followed by a number of typed objects. Each COPS message consists of the COPS header followed by a number of typed objects.

19 The fields in the header are: Version: 4 bits COPS version number. Current version is 1. Version: 4 bits COPS version number. Current version is 1. Flags: 0x1 Solicited Message Flag Bit 0 otherwise. Flags: 0x1 Solicited Message Flag Bit 0 otherwise. Op Code: 8 bits (Explained in next slide). Op Code: 8 bits (Explained in next slide). Client-type: 16 bits Client-type: 16 bits Message Length: 32 bits Message Length: 32 bits

20 Op Code: 8 bits The COPS operations: 1 = Request (REQ) 1 = Request (REQ) 2 = Decision (DEC) 2 = Decision (DEC) 3 = Report State (RPT) 3 = Report State (RPT) 4 = Delete Request State (DRQ) 4 = Delete Request State (DRQ) 5 = Synchronize State Req (SSQ) 5 = Synchronize State Req (SSQ) 6 = Client-Open (OPN) 6 = Client-Open (OPN) 7 = Client-Accept (CAT) 7 = Client-Accept (CAT) 8 = Client-Close (CC) 8 = Client-Close (CC) 9 = Keep-Alive (KA) 9 = Keep-Alive (KA) 10= Synchronize Complete (SSC) 10= Synchronize Complete (SSC)

21 Better Explained with an application IP-Telephony VOIP IP-Telephony VOIP We need to assure Qos to the users. We need to assure Qos to the users. Now lets look at the message flow.

22 APPLICATION (IP-TELEPHONY)

23 MESSAGE FLOW

24

25 MESSAGE FLOWS Client Open (CO) PEP->PDP Client Open (CO) PEP->PDP Client Accept (CA) PEP->PDP Client Accept (CA) PEP->PDP Client Close (CC) PEP PDP Client Close (CC) PEP PDP Request (REQ) PEP->PDP Request (REQ) PEP->PDP Decision (DEC) PDP->PEP Decision (DEC) PDP->PEP Report State (RPT) PEP->PDP Report State (RPT) PEP->PDP Synchronize State Request (SSQ) PDP->PEP Synchronize State Request (SSQ) PDP->PEP Synchronize State Complete (SSC) PEP->PDP Synchronize State Complete (SSC) PEP->PDP Keep Alive (KA) PEP PDP Keep Alive (KA) PEP PDP

26 EVENT FLOW

27 CALL FLOW EXPLAINED PDPAgent: The functional unit which supports PDP threads. PDPAgent: The functional unit which supports PDP threads. PDPThread:Currently Excuted PDP program, on the state of execution PDPThread:Currently Excuted PDP program, on the state of execution COSPIntf: COPS and OSP interface COSPIntf: COPS and OSP interface OSP: Open Settlement Protocol OSP: Open Settlement Protocol

28 STATE DIAGRAM

29 Issues and Extensions

30 Issues related to COPS Scalability issues in heterogenous networks Scalability issues in heterogenous networks PDP only control limited number of PEP devices within a domain PDP only control limited number of PEP devices within a domain Inter vendor COPS compatibility is less. Inter vendor COPS compatibility is less. Not directly transferable among PDPs Not directly transferable among PDPs No load sharing and balancing mechanisms at PDP No load sharing and balancing mechanisms at PDP

31 Good Thing??! About COPS According to RFC 2748 and net archives. According to RFC 2748 and net archives. So far No vulnerability has been listed. So far No vulnerability has been listed. There have been claims for Denial of Service attacks….but no authenticate reports. There have been claims for Denial of Service attacks….but no authenticate reports.

32 Extension to COPS protocol COPS-ODRA is a Outsourcing Differentiated Resource Allocation COPS-ODRA is a Outsourcing Differentiated Resource Allocation COPS-DRA is Differentiated Resource Allocation COPS-DRA is Differentiated Resource Allocation

33 COPS-ODRA ODRA stands for Outsourcing Diffserv Resource Allocation. ODRA stands for Outsourcing Diffserv Resource Allocation. Dynamic Admission Control and resource Management in a Differentiated Services network. Dynamic Admission Control and resource Management in a Differentiated Services network. COPS ODRA protocol is used on interface between the Edge Router and the admission / policy control server COPS ODRA protocol is used on interface between the Edge Router and the admission / policy control server

34 COPS vs COPS-ODRA: COPS allocation made by the PEP based on local resources, the PDP is in charge to authorize or deny. specific for RSVP COPS-ODRA resource allocation refers to domain-wide resources. PDP is in control of these resources This allows Dynamic Allocation.

35 COPS-DRA COPS DRA (Diffserv Resource Allocation) COPS DRA (Diffserv Resource Allocation) Dynamic Admission Just like ODRA but has additional flexibility. (Explained later) Dynamic Admission Just like ODRA but has additional flexibility. (Explained later) COPS DRA protocol is also used on interface between the Edge Router and the admission / policy control server. COPS DRA protocol is also used on interface between the Edge Router and the admission / policy control server.

36 COPS-DRA Architecture

37 Important Use of COPS-DRA COPS has two different models COPS has two different models 1. Outsourcing 1. Outsourcing 2. Provisioning 2. Provisioning COPS-DRA can exploit both the models easily and can be set to follow either way. COPS-DRA can exploit both the models easily and can be set to follow either way. While ODRA is specifically meant for Outsourcing model. While ODRA is specifically meant for Outsourcing model.

38 Questions 1. Where is the policy configuration information stored and maintained? (Explanations about Policy server, Policy repositoty and network administrator). (Explanations about Policy server, Policy repositoty and network administrator). 2. What is the protocol used in conjunction with which COPS outsources the policy decisions from a router to the server? (Explanation about COPS and RSVP) (Explanation about COPS and RSVP) 3. What is meant by ‘State-sharing’ in COPS? As long as PDP and PEP are connected,TCP messages are being sent, no other process can make changes to PEP configuration. As long as PDP and PEP are connected,TCP messages are being sent, no other process can make changes to PEP configuration.

39 REFERENCES http://www.ietf.org/proceedings/99mar/slides/rap -cops-99mar/sld002.htm http://www.ietf.org/proceedings/99mar/slides/rap -cops-99mar/sld002.htm http://www.ietf.org/proceedings/99mar/slides/rap -cops-99mar/sld002.htm http://www.ietf.org/proceedings/99mar/slides/rap -cops-99mar/sld002.htm http://www.coritel.it/publications/IP_download/icc 2001.pdf http://www.coritel.it/publications/IP_download/icc 2001.pdf http://www.coritel.it/publications/IP_download/icc 2001.pdf http://www.coritel.it/publications/IP_download/icc 2001.pdf http://www.coritel.it/projects/cops- bb/Download/cops-dra-2.PDF http://www.coritel.it/projects/cops- bb/Download/cops-dra-2.PDF http://www.coritel.it/projects/cops- bb/Download/cops-dra-2.PDF http://www.coritel.it/projects/cops- bb/Download/cops-dra-2.PDF http://www.coritel.it/projects/cops- bb/Download/draft-salsano-issll-cops-odra-00.txt http://www.coritel.it/projects/cops- bb/Download/draft-salsano-issll-cops-odra-00.txt http://www.coritel.it/projects/cops- bb/Download/draft-salsano-issll-cops-odra-00.txt http://www.coritel.it/projects/cops- bb/Download/draft-salsano-issll-cops-odra-00.txt

40 QUESTIONS? QUESTIONS?

41 THANKYOU

Download ppt "COPS Common Open Policy Service Vemuri Namratha Kandaswamy Balasubramanian Venreddy Nireesha."

Similar presentations

Photonic TeraStream and ODIN By Jeremy Weinberger The iCAIR iGRID2002 Demonstration Shows How Global Applications Can Use Intelligent Signaling to Provision.

Photonic TeraStream and ODIN By Jeremy Weinberger The iCAIR iGRID2002 Demonstration Shows How Global Applications Can Use Intelligent Signaling to Provision.
VoIP Dynamic Resource Allocation in IP DiffServ Domain:

VoIP Dynamic Resource Allocation in IP DiffServ Domain:
Internetworking II: MPLS, Security, and Traffic Engineering

Internetworking II: MPLS, Security, and Traffic Engineering
CPSC 441 - Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-

CPSC Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-
思科网络技术学院理事会. 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.

思科网络技术学院理事会. 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.
CCNA – Network Fundamentals

CCNA – Network Fundamentals
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.

Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 7: Transport Layer Introduction to Networking.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 7: Transport Layer Introduction to Networking.
1 Chapter 3 TCP and IP. Chapter 3 TCP and IP 2 Introduction Transmission Control Protocol (TCP) Transmission Control Protocol (TCP) User Datagram Protocol.

1 Chapter 3 TCP and IP. Chapter 3 TCP and IP 2 Introduction Transmission Control Protocol (TCP) Transmission Control Protocol (TCP) User Datagram Protocol.
CPSC 601.43 Topics in Multimedia Networking A Mechanism for Equitable Bandwidth Allocation under QoS and Budget Constraints D. Sivakumar IBM Almaden Research.

CPSC Topics in Multimedia Networking A Mechanism for Equitable Bandwidth Allocation under QoS and Budget Constraints D. Sivakumar IBM Almaden Research.
Slide 1 Client / Server Paradigm. Slide 2 Outline: Client / Server Paradigm Client / Server Model of Interaction Server Design Issues C/ S Points of Interaction.

Slide 1 Client / Server Paradigm. Slide 2 Outline: Client / Server Paradigm Client / Server Model of Interaction Server Design Issues C/ S Points of Interaction.
Differentiated Services. Service Differentiation in the Internet Different applications have varying bandwidth, delay, and reliability requirements How.

Differentiated Services. Service Differentiation in the Internet Different applications have varying bandwidth, delay, and reliability requirements How.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
What we will cover… Home Networking: Network Address Translation (NAT) Mobile Routing.

What we will cover… Home Networking: Network Address Translation (NAT) Mobile Routing.
Resource Management – a Solution for Providing QoS over IP Tudor Dumitraş, Frances Jen-Fung Ning and Humayun Latif.

Resource Management – a Solution for Providing QoS over IP Tudor Dumitraş, Frances Jen-Fung Ning and Humayun Latif.
ACN: IntServ and DiffServ1 Integrated Service (IntServ) versus Differentiated Service (Diffserv) Information taken from Kurose and Ross textbook “ Computer.

ACN: IntServ and DiffServ1 Integrated Service (IntServ) versus Differentiated Service (Diffserv) Information taken from Kurose and Ross textbook “ Computer.
Multicast Communication

Multicast Communication
CS335 Networking & Network Administration Tuesday, April 20, 2010.

CS335 Networking & Network Administration Tuesday, April 20, 2010.
VSP Video Station Protocol Presented by : Mittelman Dana Ben-Hamo Revital Ariel Tal Instructor : Sela Guy Presented by : Mittelman Dana Ben-Hamo Revital.

VSP Video Station Protocol Presented by : Mittelman Dana Ben-Hamo Revital Ariel Tal Instructor : Sela Guy Presented by : Mittelman Dana Ben-Hamo Revital.
Gursharan Singh Tatla Transport Layer 16-May-2011 1

Gursharan Singh Tatla Transport Layer 16-May

Similar presentations

Ads by Google