370 likes | 520 Vues
On the Bandwidth Management for Hose-Model VPN Service. GRADUATE INSTITUTE OF INFORMATION MANAGEMENT NATIONAL TAIWAN UNIVERSITY. Outline. An Introduction to VPN VPN Service Models (Bandwidth management) The pipe model The hose model Implementation Alternatives of the Hose Model VPN
E N D
On the Bandwidth Management for Hose-Model VPN Service GRADUATE INSTITUTE OF INFORMATION MANAGEMENT NATIONAL TAIWAN UNIVERSITY Yu-Liang Liu
Outline An Introduction to VPN VPN Service Models (Bandwidth management) The pipe model The hose model Implementation Alternatives of the Hose Model VPN Hose-Model VPN Service Provisioning Future Works Yu-Liang Liu
Private Network A Private Network (PN) is established by dedicated leased lines connecting several geographically dispersed sites (endpoints). Each site is a campus or a branch office of an enterprise. Since the lines are dedicated, security and Quality of Service (QoS) are ensured. But connecting a large number PN sites with dedicated lines is expensive. Yu-Liang Liu
Virtual Private Network Virtual Private Network (VPN) is a replacement for Private Network. A VPN establishes connectivity between a set of endpoints over a shared network infrastructure (eg: MPLS network backbone). The goal of VPN is to provide endpoints with a service comparable to Private Network. Thus providers of VPN services need to address QoS and security issues. Yu-Liang Liu
VPN Three Types In terms of commercial applications, VPN can be classified into three types: Access VPN (a.k.a Remote Access VPN) Intranet VPN (a.k.a Enterprise VPN) Extranet VPN (a.k.a E-commerce VPN) Yu-Liang Liu
VPN Three Types (con’t) Nomadic user Enterprise B Shard Network or Enterprise A Enterprise A Yu-Liang Liu
Outline An Introduction to VPN VPN Service Models (Bandwidth management) The pipe model The hose model Implementation Alternatives of the Hose Model VPN Hose-Model VPN Service Provisioning Future Works Yu-Liang Liu
VPN Service Models VPN customers need a flexible ways to specify their bandwidth requirement. Two common VPN service Models are The Customer-pipe model The Hose model Yu-Liang Liu
The Customer-Pipe Model In this model, VPN customers buy a customer-pipe for each endpoints pair. VPN customers need to specify bandwidth requirement of each customer-pipe in advance. VPN service provider uses a path between endpoints pair to implement a customer-pipe. VPN service provider also need to allocate adequate bandwidth along the path. Yu-Liang Liu
The Customer-Pipe Model (con’t) Yu-Liang Liu
The Pro and Cons of the Customer Pipe Model Pro The task of bandwidth allocation becomes more simple. Con It requires the customer to have precise knowledge of the bandwidth requirement of each endpoints pair in advance. Bandwidth made available to a customer pipe cannot be allocated to other traffic. Yu-Liang Liu
Motivation for the Hose-Model VPN customers may unwilling to unable to know the bandwidth requirement between each endpoints pair in advance. This is especially true when the number of endpoints per VPN is large. Yu-Liang Liu
The Hose Model In this model, VPN customers only need to specify two parameters for each endpoint: Egress bandwidth requirement: the bandwidth for aggregate outgoing traffic from the endpoint to all the other endpoints. Ingress bandwidth requirement: the bandwidth for aggregate incoming traffic out of all the other endpoints to this endpoint. Yu-Liang Liu
Advantages of the Hose Model Ease of specification Flexibility Yu-Liang Liu
Challenge of Provision the Hose Model VPN From a VPN service provider’s perspective, it is more challenging to support the hose model VPN: The need to meet the bandwidth requirement with a very weak specification. This complicate the VPN’s bandwidth management issue. Yu-Liang Liu
Outline An Introduction to VPN VPN Service Models The pipe model The hose model Implementation Alternatives of the Hose Model Hose-Model VPN Service Provisioning Future Works Yu-Liang Liu
Implementation Alternatives of the Hose Model The most important implementation alternatives for the hose model VPNs are: Provider-pipe algorithm Hose-specific state algorithm VPN-specific state algorithm Tree routing algorithm Yu-Liang Liu
Provider-Pipe scheme Yu-Liang Liu
Hose-specific state scheme Yu-Liang Liu
VPN-specific state scheme Yu-Liang Liu
Tree RoutingScheme Yu-Liang Liu
Is the Hose Model a Viable Alternative • The main question to introduce the hose model in ISP networks is how does it relate to the customer pipe solution in terms of bandwidth efficiency. • The flexibility of the hose model will never pay off if it requires significant overprovisioing compared to customer-pipe models. Yu-Liang Liu
Generate Comparable Hose Model Parameters Customer-Pipe Model parameters: Hose-Model parameters: Yu-Liang Liu
Overprovisioning Factor • The ratio between the bandwidth reservation of the hose and the customer-pipe model is called overporvisioning factor. It is a good indicator of the required extra capacity. Yu-Liang Liu
Experimental Results Provider-pipe VPN-specific state Hose-specific state Tree routing Yu-Liang Liu
Experimental Results Yu-Liang Liu
Outline An Introduction to VPN VPN Service Models (Bandwidth management) The pipe model The hose model Implementation Alternatives of the Hose Model VPN Hose-Model VPN Service Provisioning Future Works Yu-Liang Liu
Hose-Model VPN Service Provisioning • In terms of VPN service provisioning, service provider must establish multiple VPNs on the network backbone in an on-line manner. • The available bandwidth for VPN service on links of the network backbone is finite. • VPN setup request arrive one by one independently. • Each VPN setup request corresponds to a Hose-Model VPN to be established. • Information about future VPN setup request is unknown. Yu-Liang Liu
Hose-Model VPN Service Provisioning • If there is not enough residual bandwidth on the link when the bandwidth is being allocated, vri will be rejected. • In this scenario, the performance metric for comparing different VPN provisioning algorithm is rejection ratio. Yu-Liang Liu
Example • In this scenario, even tree routing algorithm cannot achieve rejection ratio. • Service provider received two VPN setup requests vr1=(2,3,3) and vr2=(3,3,3). • The available bandwidth on all links is 5 units. Yu-Liang Liu
Rejection Ratio of Tree Routing Scheme vr2 will be rejected, the rejection ratio achieved is 50%. Yu-Liang Liu
Optimal Arrangement Both VPN setup requests will be accepted, the rejection ratio achieved is 0%. Yu-Liang Liu
Modified Tree Routing Algorithm • The design philosophy of MTRA is to look after both bandwidth allocation efficiency and load balance. • It can reduce rejection ratio effectively. Yu-Liang Liu
Parameters Configuration Yu-Liang Liu
Experimental Results Yu-Liang Liu
Future Works • In order to ensure service quality and availability of VPN services, seamless recovery from failures is essential. • Failure restoration algorithm for Hose-Model VPN. Yu-Liang Liu
1 2 3 Recovery from Link Failure Tree Link (1,4) fail and the corresponding backup path is activated: 4 Yu-Liang Liu