1 / 41

COPS Common Open Policy Service

COPS Common Open Policy Service. Vemuri Namratha Kandaswamy Balasubramanian Venreddy Nireesha. COPS. Introduction Architecture Models Operations Applications Event flows, message formats Issues Questions. Introduction.

fiorenza-gorman
Télécharger la présentation

COPS Common Open Policy Service

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. COPSCommon Open Policy Service Vemuri Namratha Kandaswamy Balasubramanian Venreddy Nireesha

  2. COPS • Introduction • Architecture • Models • Operations • Applications • Event flows, message formats • Issues • Questions

  3. Introduction COPS is a simple query and response protocol, used to exchange information between PDP and PEP PDP : Policy Enforcement Point Routers PDP : Policy Decision Point Servers containing policy statements

  4. What are Policies • The Basic regulations negotiated for ensuring Qos to the users. • Like allocation of Resources, Priorities and hierarchal authorization.etc

  5. COPS • Client and Server model. • Allocation of resources to desired priorities of services. • COPS with RSVP • Uses TCP as transport protocol for message passing.

  6. ARCHITECTURE Human network manager Policy COPS Policy editor PEP Mgmt Tool Policy console PDP COPS PEP PEP COPS Policy repository

  7. PURPOSE • COPS allows the router (PEP) to communicate with PDP about the allocation of requested resources for different kinds of traffic • Admission control: Sees if there are enough resources to satisfy the request • Policy control: Whether the request should be considered. Considers priority.

  8. Client Types COPS-PR "COPS Usage for Policy Provisioning" is the protocol that is used when policy decisions are "pushed" from the PDP to PEPs. In this provisioning model PDP can send policy decisions to PEPs without having specific request from PEP.

  9. COPS_RSVP "COPS Usage for RSVP" is the protocol that is used when policy decision is "pulled" from PDP. When an RSVP message requiring a policy decision is received by PEP the relevant RSVP objects from the message are put into a COPS Request message, which is sent to PDP. The PDP determines what to do with RSVP message and sends a COPS Decision message back to the PEP,

  10. MODELS

  11. Outsourcing: • The PEP always explicitly asks the PDP for a given amount of resources • Flexibility and Efficiency • Resource allocation requests are properly aggregated • Aggregate state information is kept in PDP/BB

  12. Provisioning model • More scalable • Inflexibility : difficult to handle modification of configuration. • Not explicitly customized to handle dynamic QoS

  13. COPS The way it works.. • PEP is responsible for initiating a persistent TCP connection to a PDP. • The PEP uses this TCP connection to send requests • Communication between the PEP and remote PDP is mainly a request/decision exchange. • Sometimes unsolicited decision

  14. PEP’S Responsibilities • The PEP has to report to the PDP about successful enforcement of the decision. • The PEP is responsible for notifying the PDP when a request state has changed. • In simple words….it needs to keep things synchronized i.e keep the PDP informed. • And also local policy decision via its Local Policy Decision Point (LPDP)

  15. Messages/Requests/Decisions • request states • the type of request • previously installed requests • policy decisions • error reports • client information.

  16. The Context of Request • The context of each request corresponds to the type of event that triggered it . • COPS identifies three types of events: (1) the arrival of an incoming message (2) allocation of local resources (3) the forwarding of an outgoing message.

  17. Message Format • Each COPS message consists of the COPS header followed by a number of typed objects.

  18. The fields in the header are: • Version: 4 bits COPS version number. Current version is 1. • Flags: 0x1 Solicited Message Flag Bit 0 otherwise. • Op Code: 8 bits (Explained in next slide). • Client-type: 16 bits • Message Length: 32 bits

  19. Op Code: 8 bits The COPS operations: • 1 = Request (REQ) • 2 = Decision (DEC) • 3 = Report State (RPT) • 4 = Delete Request State (DRQ) • 5 = Synchronize State Req (SSQ) • 6 = Client-Open (OPN) • 7 = Client-Accept (CAT) • 8 = Client-Close (CC) • 9 = Keep-Alive (KA) • 10= Synchronize Complete (SSC)

  20. Better Explained with an application • IP-Telephony VOIP • We need to assure Qos to the users. Now lets look at the message flow.

  21. APPLICATION (IP-TELEPHONY)

  22. MESSAGE FLOW

  23. MESSAGE FLOWS • Client Open (CO) PEP->PDP • Client Accept (CA) PEP->PDP • Client Close (CC) PEP<->PDP • Request (REQ) PEP->PDP • Decision (DEC) PDP->PEP • Report State (RPT) PEP->PDP • Synchronize State Request (SSQ) PDP->PEP • Synchronize State Complete (SSC) PEP->PDP • Keep Alive (KA) PEP<->PDP

  24. EVENT FLOW

  25. CALL FLOW EXPLAINED • PDPAgent: The functional unit which supports PDP threads. • PDPThread:Currently Excuted PDP program, on the state of execution • COSPIntf: COPS and OSP interface • OSP: Open Settlement Protocol

  26. STATE DIAGRAM

  27. Issues and Extensions

  28. Issues related to COPS • Scalability issues in heterogenous networks • PDP only control limited number of PEP devices within a domain • Inter vendor COPS compatibility is less. • Not directly transferable among PDPs • No load sharing and balancing mechanisms at PDP

  29. Good Thing??! About COPS • According to RFC 2748 and net archives. • So far No vulnerability has been listed. • There have been claims for Denial of Service attacks….but no authenticate reports.

  30. Extension to COPS protocol • COPS-ODRA is a Outsourcing Differentiated Resource Allocation • COPS-DRA is Differentiated Resource Allocation

  31. COPS-ODRA • ODRA stands for Outsourcing Diffserv Resource Allocation . • Dynamic Admission Control and resource Management in a Differentiated Services network. • COPS ODRA protocol is used on interface between the Edge Router and the admission / policy control server

  32. COPS vs COPS-ODRA: COPS • allocation made by the PEP based on local resources, the PDP is in charge to authorize or deny. • specific for RSVP COPS-ODRA • resource allocation refers to domain-wide resources . • PDP is in control of these resources • This allows Dynamic Allocation.

  33. COPS-DRA • COPS DRA (Diffserv Resource Allocation) • Dynamic Admission Just like ODRA but has additional flexibility. (Explained later) • COPS DRA protocol is also used on interface between the Edge Router and the admission / policy control server.

  34. COPS-DRA Architecture

  35. Important Use of COPS-DRA • COPS has two different models 1. Outsourcing 2. Provisioning • COPS-DRA can exploit both the models easily and can be set to follow either way. While ODRA is specifically meant for Outsourcing model.

  36. Questions • Where is the policy configuration information stored and maintained? • (Explanations about Policy server, Policy repositoty and network administrator). • What is the protocol used in conjunction with which COPS outsources the policy decisions from a router to the server? (Explanation about COPS and RSVP) • What is meant by ‘State-sharing’ in COPS? • As long as PDP and PEP are connected,TCP messages are being sent, no other process can make changes to PEP configuration.

  37. REFERENCES • http://www.ietf.org/proceedings/99mar/slides/rap-cops-99mar/sld002.htm • http://www.coritel.it/publications/IP_download/icc2001.pdf • http://www.coritel.it/projects/cops-bb/Download/cops-dra-2.PDF • http://www.coritel.it/projects/cops-bb/Download/draft-salsano-issll-cops-odra-00.txt

  38. QUESTIONS?

  39. THANKYOU

More Related