Satish Raghunath
ABSTRACT
Virtual Private Networks provide secure and reliable communication between customer sites. With increase in number and size of VPNs, providers need efficient provisioning techniques that adapt to customer demand by leveraging a good understanding of VPN properties.
In this paper we analyze two important properties of VPNs that impact provisioning - (a) structure of customer endpoint (CE) interactions and (b) temporal characteristics of CE-CE traffic. We deduce these properties by computing traffic matrices from SNMP measurements. We find that existing traffic matrix estimation techniques are not readily applicable to the VPN scenario due to the scale of the problem and limited measurement information. We begin by formulating a scalable technique that makes the most out of existing measurement information and provides good estimates for common VPN structures.
We then use this technique to analyze SNMP measurement from a large IP VPN service provider. We find that even with limited measurement information we can realize adaptive provisioning for a significant fraction of VPNs, namely, those constituting the "Hub-and-Spoke" category. In addition, the ability to infer the structure of VPNs holds special significance for provisioning tasks arising from topology changes, link failures and maintenance. We are able to provide a classification of VPNs by structure and identify CEs that act as hubs of communication and hence require prioritized treatment during restoration and provisioning.
- N. Duffield, P. Goyal, A. Greenberg, P. Mishra, K. Ramakrishnan, and J. vander Merive. Resource management with hoses: point-to-cloud services for virtual private networks. IEEE/ACM Trans. Networking, 10(5):679--692, Oct. 2002. Google Scholar
Digital Library
- A. Feldmann, A. Greenberg, C. Lund, N. Reingold, J. Rexford, and F. True. Deriving traffic demands for operational IP networks: methodology and experience. IEEE/ACM Trans. Networking, 9(3):265--279, June 2001. Google ScholarDigital Library
- A. Medina, N. Taft, K. Salamatian, S. Bhattacharyya, and C. Diot. Traffic matrix estimation: Existing techniques and new directions. In Proc. of ACM SIGCOMM 2002, Pittsburgh, USA, Aug. 2002. Google ScholarDigital Library
- S. Raghunath and S. Kalyanaraman. Statistical Point-to-Set edge-based quality of service provisioning. In Proc. of QoFIS 2003, Springer Verlag LNCS 2811, volume2, pages 132--141, Oct. 2003.Google ScholarCross Ref
- Y. Zhang, M. Roughan, C. Lund, and D. Donoho. An information-theoretic approach to traffic matrix estimation. In Proc. of ACM SIGCOMM 2003, pages 301--312, 2003. Google ScholarDigital Library
Index Terms
- Measurement based characterization and provisioning of IP VPNs
Recommendations
Measurement-based characterization of IP VPNs
Virtual Private Networks (VPNs) provide secure and reliable communication between customer sites. With the increase in number and size of VPNs, providers need efficient provisioning techniques that adapt to customer demand by leveraging a good ...
Extensions to P2MP RSVP-TE for VPN-specific state provisioning with fair resource sharing
Among the resource provisioning algorithms for the hose-based Virtual Private Network (VPN) Quality of Service (QoS), VPN-specific state provisioning allows the service provider to obtain highest resource multiplexing gains. In this paper, we show that ...
MPLS-TE and MPLS VPNS with openflow
SIGCOMM '11: Proceedings of the ACM SIGCOMM 2011 conferenceWe demonstrate MPLS Traffic Engineering (MPLS-TE) and MPLS-based Virtual Private Networks (MPLS VPNs) using OpenFlow [1] and NOX [6]. The demonstration is the outcome of an engineering experiment to answer the following questions: How hard is it to ...
Comments