This paper evaluates the performance of Internet Protocol Security (IPSec) based Multiprotocol Label Switching (MPLS) virtual private network (VPN) in a small to medium sized organization. The demand for security in d...This paper evaluates the performance of Internet Protocol Security (IPSec) based Multiprotocol Label Switching (MPLS) virtual private network (VPN) in a small to medium sized organization. The demand for security in data networks has been increasing owing to the high cyber attacks and potential risks associated with networks spread over distant geographical locations. The MPLS networks ride on the public network backbone that is porous and highly susceptible to attacks and so the need for reliable security mechanisms to be part of the deployment plan. The evaluation criteria concentrated on Voice over Internet Protocol (VoIP) and Video conferencing with keen interest in jitter, end to end delivery and general data flow. This study used both structured questionnaire and observation methods. The structured questionnaire was administered to a group of 70 VPN users in a company. This provided the study with precise responses. The observation method was used in data simulations using OPNET Version 14.5 Simulation software. The results show that the IPSec features increase the size of data packets by approximately 9.98% translating into approximately 90.02% effectiveness. The tests showed that the performance metrics are all well within the recommended standards. The IPSec Based MPLS Virtual private network is more stable and secure than one without IPSec.展开更多
Software-defined networking(SDN) has received tremendous attention from both industry and academia.The centralized control plane in SDN has a global view of the network and can be used to provide more effective soluti...Software-defined networking(SDN) has received tremendous attention from both industry and academia.The centralized control plane in SDN has a global view of the network and can be used to provide more effective solutions for complex problems,such as traffic engineering.This study is motivated by recent advancement in SDN and increasing popularity of multicasting applications.We propose a technique to increase the resiliency of multicasting in SDN based on the subtree protection mechanism.Multicasting is a group communication technology,which uses the network infrastructure efficiently by sending the data only once from one or multiple sources to a group of receivers that share a common path.Multicasting applications,e.g.,live video streaming and video conferencing,become popular,but they are delay-sensitive applications.Failures in an ongoing multicast session can cause packet losses and delay,which can significantly affect quality of service(Qo S).In this study,we adapt a subtree-based technique to protect a multicast tree constructed for Open Flow switches in SDN.The proposed algorithm can detect link or node failures from a multicast tree and then determines which part of the multicast tree requires changes in the flow table to recover from the failure.With a centralized controller in SDN,the backup paths can be created much more effectively in comparison to the signaling approach used in traditional multiprotocol label switching(MPLS) networks for backup paths,which makes the subtree-based protection mechanism feasible.We also implement a prototype of the algorithm in the POX controller and measure its performance by emulating failures in different tree topologies in Mininet.展开更多
文摘This paper evaluates the performance of Internet Protocol Security (IPSec) based Multiprotocol Label Switching (MPLS) virtual private network (VPN) in a small to medium sized organization. The demand for security in data networks has been increasing owing to the high cyber attacks and potential risks associated with networks spread over distant geographical locations. The MPLS networks ride on the public network backbone that is porous and highly susceptible to attacks and so the need for reliable security mechanisms to be part of the deployment plan. The evaluation criteria concentrated on Voice over Internet Protocol (VoIP) and Video conferencing with keen interest in jitter, end to end delivery and general data flow. This study used both structured questionnaire and observation methods. The structured questionnaire was administered to a group of 70 VPN users in a company. This provided the study with precise responses. The observation method was used in data simulations using OPNET Version 14.5 Simulation software. The results show that the IPSec features increase the size of data packets by approximately 9.98% translating into approximately 90.02% effectiveness. The tests showed that the performance metrics are all well within the recommended standards. The IPSec Based MPLS Virtual private network is more stable and secure than one without IPSec.
文摘Software-defined networking(SDN) has received tremendous attention from both industry and academia.The centralized control plane in SDN has a global view of the network and can be used to provide more effective solutions for complex problems,such as traffic engineering.This study is motivated by recent advancement in SDN and increasing popularity of multicasting applications.We propose a technique to increase the resiliency of multicasting in SDN based on the subtree protection mechanism.Multicasting is a group communication technology,which uses the network infrastructure efficiently by sending the data only once from one or multiple sources to a group of receivers that share a common path.Multicasting applications,e.g.,live video streaming and video conferencing,become popular,but they are delay-sensitive applications.Failures in an ongoing multicast session can cause packet losses and delay,which can significantly affect quality of service(Qo S).In this study,we adapt a subtree-based technique to protect a multicast tree constructed for Open Flow switches in SDN.The proposed algorithm can detect link or node failures from a multicast tree and then determines which part of the multicast tree requires changes in the flow table to recover from the failure.With a centralized controller in SDN,the backup paths can be created much more effectively in comparison to the signaling approach used in traditional multiprotocol label switching(MPLS) networks for backup paths,which makes the subtree-based protection mechanism feasible.We also implement a prototype of the algorithm in the POX controller and measure its performance by emulating failures in different tree topologies in Mininet.