This paper evaluates the performance of Internet Protocol Security (IPSec) based Multiprotocol Label Switching (MPLS) virtual private network (VPN) in a small to medium sized organization. The demand for security in d...This paper evaluates the performance of Internet Protocol Security (IPSec) based Multiprotocol Label Switching (MPLS) virtual private network (VPN) in a small to medium sized organization. The demand for security in data networks has been increasing owing to the high cyber attacks and potential risks associated with networks spread over distant geographical locations. The MPLS networks ride on the public network backbone that is porous and highly susceptible to attacks and so the need for reliable security mechanisms to be part of the deployment plan. The evaluation criteria concentrated on Voice over Internet Protocol (VoIP) and Video conferencing with keen interest in jitter, end to end delivery and general data flow. This study used both structured questionnaire and observation methods. The structured questionnaire was administered to a group of 70 VPN users in a company. This provided the study with precise responses. The observation method was used in data simulations using OPNET Version 14.5 Simulation software. The results show that the IPSec features increase the size of data packets by approximately 9.98% translating into approximately 90.02% effectiveness. The tests showed that the performance metrics are all well within the recommended standards. The IPSec Based MPLS Virtual private network is more stable and secure than one without IPSec.展开更多
In conventional shared risk link group (SRLG)-diverse path selection (CSPS) algorithm in survivable GMPLS networks, SRLG is taken into account when selecting the backup paths, while the primary path selection meth...In conventional shared risk link group (SRLG)-diverse path selection (CSPS) algorithm in survivable GMPLS networks, SRLG is taken into account when selecting the backup paths, while the primary path selection method is the sarne as the algorithms without SRLG constraint. A problem of CSPS algorithm is that, after a primary path is selected, the success probability to select an SRLG-diverse backup path for it is low. If SRLG is taken into account when computing the primary path, then the probability to successfully select an SRLG-diverse backup path will be much increased. Based on this idea, an active SRLG-diverse path selection (ASPS) algorithm is proposed. To actively avoid selecting those SRLG links, when computing the primary path, a link that share risk with more links is assigned a larger link cost. To improve the resource utilization ratio, it is permitted that the bandwidth resources are shared among backup paths. What is more, differentiated reliability (DiR) requirements of different customers are considered in ASPS algorithm. The simulation results show that, compared with CSPS algorithm, ASPS algorithm not only increases successful protection probability but also improves resource utilization ratio.展开更多
In this paper, we give an overview of mobile backhaul solutions and propose an MPLS-centered solution that takes intoaccount timing synchronization, OAM, and protection: We also propose an evolved protection bandwidt...In this paper, we give an overview of mobile backhaul solutions and propose an MPLS-centered solution that takes intoaccount timing synchronization, OAM, and protection: We also propose an evolved protection bandwidth allocation mechanism that makes the transport network as efficient as possible.展开更多
The technologies of IP over WDM have presently received increasing attention owing to the rapid growth in Internet traffic and the need for next generation Internet technologies. The challenge now is how to i...The technologies of IP over WDM have presently received increasing attention owing to the rapid growth in Internet traffic and the need for next generation Internet technologies. The challenge now is how to integrate the services of IP over WDM optical networks to take full advantages of WDM technologies and IP technologies, and yield a high throughput optical platform directly underpinning next generation data networks. This article discusses some of the architecture and technology issues for the design of IP over WDM optical networks.展开更多
Software-defined networking(SDN) has received tremendous attention from both industry and academia.The centralized control plane in SDN has a global view of the network and can be used to provide more effective soluti...Software-defined networking(SDN) has received tremendous attention from both industry and academia.The centralized control plane in SDN has a global view of the network and can be used to provide more effective solutions for complex problems,such as traffic engineering.This study is motivated by recent advancement in SDN and increasing popularity of multicasting applications.We propose a technique to increase the resiliency of multicasting in SDN based on the subtree protection mechanism.Multicasting is a group communication technology,which uses the network infrastructure efficiently by sending the data only once from one or multiple sources to a group of receivers that share a common path.Multicasting applications,e.g.,live video streaming and video conferencing,become popular,but they are delay-sensitive applications.Failures in an ongoing multicast session can cause packet losses and delay,which can significantly affect quality of service(Qo S).In this study,we adapt a subtree-based technique to protect a multicast tree constructed for Open Flow switches in SDN.The proposed algorithm can detect link or node failures from a multicast tree and then determines which part of the multicast tree requires changes in the flow table to recover from the failure.With a centralized controller in SDN,the backup paths can be created much more effectively in comparison to the signaling approach used in traditional multiprotocol label switching(MPLS) networks for backup paths,which makes the subtree-based protection mechanism feasible.We also implement a prototype of the algorithm in the POX controller and measure its performance by emulating failures in different tree topologies in Mininet.展开更多
文摘This paper evaluates the performance of Internet Protocol Security (IPSec) based Multiprotocol Label Switching (MPLS) virtual private network (VPN) in a small to medium sized organization. The demand for security in data networks has been increasing owing to the high cyber attacks and potential risks associated with networks spread over distant geographical locations. The MPLS networks ride on the public network backbone that is porous and highly susceptible to attacks and so the need for reliable security mechanisms to be part of the deployment plan. The evaluation criteria concentrated on Voice over Internet Protocol (VoIP) and Video conferencing with keen interest in jitter, end to end delivery and general data flow. This study used both structured questionnaire and observation methods. The structured questionnaire was administered to a group of 70 VPN users in a company. This provided the study with precise responses. The observation method was used in data simulations using OPNET Version 14.5 Simulation software. The results show that the IPSec features increase the size of data packets by approximately 9.98% translating into approximately 90.02% effectiveness. The tests showed that the performance metrics are all well within the recommended standards. The IPSec Based MPLS Virtual private network is more stable and secure than one without IPSec.
基金supported by the National Natural Science Foundation of China (60673142)Applied Basic ResearchProject of Sichuan Province (2006J13-067).
文摘In conventional shared risk link group (SRLG)-diverse path selection (CSPS) algorithm in survivable GMPLS networks, SRLG is taken into account when selecting the backup paths, while the primary path selection method is the sarne as the algorithms without SRLG constraint. A problem of CSPS algorithm is that, after a primary path is selected, the success probability to select an SRLG-diverse backup path for it is low. If SRLG is taken into account when computing the primary path, then the probability to successfully select an SRLG-diverse backup path will be much increased. Based on this idea, an active SRLG-diverse path selection (ASPS) algorithm is proposed. To actively avoid selecting those SRLG links, when computing the primary path, a link that share risk with more links is assigned a larger link cost. To improve the resource utilization ratio, it is permitted that the bandwidth resources are shared among backup paths. What is more, differentiated reliability (DiR) requirements of different customers are considered in ASPS algorithm. The simulation results show that, compared with CSPS algorithm, ASPS algorithm not only increases successful protection probability but also improves resource utilization ratio.
文摘In this paper, we give an overview of mobile backhaul solutions and propose an MPLS-centered solution that takes intoaccount timing synchronization, OAM, and protection: We also propose an evolved protection bandwidth allocation mechanism that makes the transport network as efficient as possible.
文摘The technologies of IP over WDM have presently received increasing attention owing to the rapid growth in Internet traffic and the need for next generation Internet technologies. The challenge now is how to integrate the services of IP over WDM optical networks to take full advantages of WDM technologies and IP technologies, and yield a high throughput optical platform directly underpinning next generation data networks. This article discusses some of the architecture and technology issues for the design of IP over WDM optical networks.
文摘Software-defined networking(SDN) has received tremendous attention from both industry and academia.The centralized control plane in SDN has a global view of the network and can be used to provide more effective solutions for complex problems,such as traffic engineering.This study is motivated by recent advancement in SDN and increasing popularity of multicasting applications.We propose a technique to increase the resiliency of multicasting in SDN based on the subtree protection mechanism.Multicasting is a group communication technology,which uses the network infrastructure efficiently by sending the data only once from one or multiple sources to a group of receivers that share a common path.Multicasting applications,e.g.,live video streaming and video conferencing,become popular,but they are delay-sensitive applications.Failures in an ongoing multicast session can cause packet losses and delay,which can significantly affect quality of service(Qo S).In this study,we adapt a subtree-based technique to protect a multicast tree constructed for Open Flow switches in SDN.The proposed algorithm can detect link or node failures from a multicast tree and then determines which part of the multicast tree requires changes in the flow table to recover from the failure.With a centralized controller in SDN,the backup paths can be created much more effectively in comparison to the signaling approach used in traditional multiprotocol label switching(MPLS) networks for backup paths,which makes the subtree-based protection mechanism feasible.We also implement a prototype of the algorithm in the POX controller and measure its performance by emulating failures in different tree topologies in Mininet.
