Virtual Private Networks under Customer Control

Mun Choon Chan, Aurel A. Lazar, Rolf Stadler

Contact: Rolf Stadler

Emerging ATM-based Virtual Private Network (VPN) services offer customers a flexible way to interconnect Customer Premises Networks (CPNs) via high-speed links. Com pared with traditional leased lines, these services allow for rapid provisioning of VPN bandwidth through cooperative control between customer and provider. Customers can dynamically renegotiate the VPN bandwidth according to their current needs, paying for the resources they actually use. In order to meet the various requirements and demands of different classes of VPN customers, a VPN provider must support customers with the flexibility to choose their own control schemes and objectives. The focus of this project is to enhance the customer's capability of controlling a VPN.

First, we propose a new scheme for a broadband VPN service, which is based on the Virtual Path Group (VPG) concept. In our scheme, the customer performs VP control operations without interacting with the VPN provider. This scheme has the following mer its: (1) the customer can share bandwidth among VPs that traverse the same physical network link in the provider's domain, using the VPN bandwidth more efficiently; (2) cus tomers can perform VP control operations according to their own requirements and con trol objectives.

Second, we develop an architecture for a VPG-based VPN control system, which is operated by the customer. It is structured into three layers of control, which execute on different time scales and interact asynchronously with each other. The functionality of these layers is call processing, VP control, and VPN control, respectively. We can dem onstrate the effectiveness of the control system for different network topologies.

The verification and validation of the network architecture is performed on a high-performance emulation platform. Our approach for validation is based on rea l-time network emulation, which includes executing the behavior of network components and their inter actions on a high-performance machine. The emulation environment allows us to experi ment with the functionality and dynamics of virtual networks (and the underlying transport networks), with greater flexibility and lower cost than implementing compo nents on a real testbed.

This project is supported by the Department of the Air Force under contract F30602-94-C-0150.

References

  • Mun Choon Chan, Aurel A. Lazar and Rolf Stadler, " An Architecture for Externally Controllable Virtual Networks and its Evaluation on NYNET ", CTR Technical Report 469-97-03.

  • Mun Choon Chan, Aurel A. Lazar and Rolf Stadler, " Customer Management and Control of Broadband VPN services" , IFIP/IEEE International Symposium on Integrated Network Management (IM '97), (San Diego, California), May 1997.

  • M.C. Chan, H. Hadama and R. Stadler, "An architecture for broadband virtual networks under customer control", IEEE Network Operations and Management Symposium, (Kyoto, Japan), April 1996.

  • Hyman, J.M., Lazar, A.A. and Pacifici, G., ``VC, VP and VN Resource Assignment Strategies for Broadband Networks'', Proceedings of the 4th International Workshop on Network and Operating System Support for Digital Audio and Video , D. Shepherd, G. Blair, G. Coulson, N. Davies and F. Garcia (eds), Lecture Notes in Computer Science, Vol. 846, Springer-Verlag, 1994.

    Return to the COMET homepage