Network-Based Virtual Personal Overlay Networks ...

LOUATI LAYOUT

7/21/05

12:49 PM

Page 86

SELF-ORGANIZATION IN NETWORKS TODAY

Network-Based Virtual Personal Overlay Networks Using Programmable Virtual Routers Wajdi Louati and Djamal Zeghlache, Institut National des Télécommunications

ABSTRACT This article explores the use and adaptation of well established VPN technologies to dynamically network at run time devices and services in personal networks. Virtual personal overlay networks are envisaged as an extension of the basic VPN concept to network PN nodes in a secure manner. User managed and provider provisioned-based overlays are analyzed in terms of scalability, management complexity, and security to select the most appropriate VPON deployment and management framework. The dynamic nature of PNs calls for highly flexible self-configuring and self-adaptive VPON architectures. Programmable edge routers and dynamic tunneling mechanisms can be combined to meet the requirements set by PNs. The virtual router model is used in the provider edge to ease the dynamic deployment and management of VPONs. Results of an implementation and a performance evaluation of the VR concept based on open software routers are reported.

INTRODUCTION

This work was partially funded by IST Project MAGNET.

86

Growth in short-range wireless and Internet technologies is shaping future-generation networks and services and gradually leading to the concept of personal area networks and in a larger context to personal networks (PNs) [1]. These networks will encompass heterogeneous technologies and provide users with access to personalized services and applications from anywhere, using any device, and at any time over public and private networks. To support users and their PNs, service providers (SPs) should provision open added value services independent of any underlying technology used to support networking of personal nodes. Access to personal nodes, services, and applications should be achieved in a secure and dependable manner. To meet these expectations and requirements, self-configuration and adaptation frameworks are needed to achieve automated networking, and manage user mobility and roaming.

0163-6804/05/$20.00 © 2005 IEEE

Even if virtual private network (VPN) [2] solutions exist for corporate users, there are no dedicated frameworks today for establishing tunnels and overlays for PNs. This article consequently explores the networking aspects of PNs and focuses on the establishment at runtime of dynamic tunnels and VPNs between personal devices and nodes. The objective of this document is to analyze how dynamic networking within a PN can be achieved with the support of SPs and edge router technologies.

PERSONAL NETWORKS A PN consists of a number of clusters, including a wireless bubble around the user called the private personal area network (P-PAN) as defined in [1]. Communication between clusters is achieved via interconnecting structures that can be public, private, or shared wired/wireless networks. From the security point of view, the P-PAN should create a secure self-configured connection to access any services in remote clusters within the PN. In order to provide such private and secure PN communication, virtual private networking is needed to ensure connectivity over interconnecting structures. Secure cluster gateway nodes are required to provide this communication with external networks. Personal nodes are also assumed to have been imprinted with common secrets to pre-establish a long-term trust relationship [3] specific to the PN nodes. The article does not, however, focus on security requirements for PN; nor does it analyze in depth mobility and roaming protocols and frameworks. These aspects will be covered from the standpoint of dynamic tunneling and VPN establishment according to dynamic changes in PN configuration and structure. Possible solutions for mobility management and intra-PN transport security are nonetheless presented. Even if P-PAN formation and connectivity to legacy cellular networks are not directly addressed, concepts and technologies investigated in this work can be suggested for integration in these networks to support PN services.

IEEE Communications Magazine • July 2005

LOUATI LAYOUT

7/21/05

12:49 PM

Page 87

CHALLENGES AND MOTIVATION Just as employees require access to their intranet and corporate accounts, a PN user seeks access to remote personal services and clusters, from anywhere using any device and at any time in a private and secure manner. Currently, VPNs are the most effective method to keep private and secure communications between distant networks across a shared backbone. The Internet Engineering Task Force (IETF) IP VPNs working groups [2] are currently defining and specifying solutions to meet enterprise connectivity requirements. By analogy with VPN, the P-PAN user is equivalent to an employee requiring remote access. Hence, the choice of a VPN technology to network PN clusters will naturally be inspired and based on current and existing enterprise VPN solutions. To distinguish between enterprise and personal VPNs, this article introduces a new term, virtual personal overlay networks (VPONs), to designate virtual interconnecting network communications between personal clusters. The main difference between a VPN and a VPON is that a VPN is shared between several private sites and users, whereas a VPON relates and virtually belongs to a single PN user. Following the VPN taxonomy [4], we further analyze and compare VPON approaches. The criteria for selection of appropriate models to set up a VPON depend on scalability, management complexity, and security. The major challenge in PN networking is the number of simultaneously supported VPONs and PN clusters. P-PAN dynamics, mobility, and roaming increase the management complexity and cause additional burden on the PN user and the SPs. This has an impact on the VPON scalability. The challenge is to provide VPON solutions that minimize management complexity for both the SP and the PN user while improving scalability. The second aspect of the challenge is the PN dynamics mostly present in the P-PAN. Selforganization and auto-configuration in the PN are necessary to support the establishment at runtime of dynamic tunneling between nodes during cluster changes. Establishing and maintaining secure tunnels dynamically requires processing resources from nodes involved in the VPON service. These requirements are unlikely to be met by the P-PAN and cluster nodes that have limited resources and battery power. Infrastructure edge nodes are more adequate to trigger, control, and manage the dynamic tunnels and personal overlays. Edge nodes must be flexible and preferably programmable at runtime to support dynamic tunneling deployment and management. Programmable virtual routers (VRs) [5] meet these requirements and are considered for PN networking since they are modifiable at runtime and flexible enough to ease deployment of VPONs. We introduce the notion of a VPON, and present viable approaches to support scalable and secure PN connectivity. Management, deployment, and mobility scenarios of the selected VPON solution are described. The

IEEE Communications Magazine • July 2005

design and implementation of programmable VRs to establish dynamic tunnels for the most appropriate solution are presented. Performance and scalability results of the VR developed using open and programmable software are reported.

A Personal Cluster can have several active Gateway nodes with different access technology.

VIRTUAL PERSONAL OVERLAY NETWORK A VPON is the set of tunnels that determines a virtual overlay of personal clusters on top of physical interconnecting structures. The VPON nodes are the edge nodes that trigger and maintain the endpoints of the tunnels forming the overlay network. In this article only IP VPONs are considered with VPON nodes based on IP addresses. The access links between the clusters and the SP backbone can be wireless or wireline access networks (e.g., WLAN or Internet access). In this article the IPSec [6] tunneling technology has been employed for intra-PN communications to support security and data encryption where a VPON is established across non-secure networks.

Due to node status and environment conditions, sessions and services can be moved from gateway to gateway. This requires some form of mobility management support.

SECURE CLUSTER GATEWAY In the context of PNs, the P-PAN and clusters potentially could be composed of devices and nodes with low processing power and limited battery power. Implementing secure IPSec tunneling mechanisms in these nodes and devices can become inefficient. Hence, it would be more appropriate to have a secure cluster gateway within each personal cluster to provide secure connectivity on behalf of the PN nodes. In each PN cluster, gateways would partake in the establishment of tunnels and overlay networks. In this case they need to implement VPON IPSec clients. A personal cluster can have several active gateway nodes with different access technologies. Due to node status and environment conditions, sessions and services can be moved from gateway to gateway. This requires some form of mobility management support as described later.

VPON TAXONOMY By analogy with the VPN classification defined in [4], two major models are presented in the PN context to manage and deploy a VPON: • User-managed-based VPON: The VPON service is deployed and managed by the PN user. The SP is not involved with any particular service function. This solution is applied when users do not trust any third party or area outside their premises. • Provider-provisioned-based VPON: The SP is responsible for deploying and managing the VPON service on behalf of the PN user. A trust relationship [7] must be established between the user and the SP that can see user traffic. Note that in this work the SP is both the IP VPON provider and the network provider. In provider-provisioned-based solutions, two approaches are considered:

87

LOUATI LAYOUT

7/21/05

12:49 PM

Page 88

Management of complexity for PN user

Management of complexity for service provider

Scalability

Security (trust)

User managed gateway-based VPON

Higher complexity

No complexity

Poor

–Secure end-to-end tunnel –Trust with SP not required

Provider provisioned gatewaybased VPON

No complexity

Higher complexity

Poor

–Secure end-to-end tunnel –Trust with SP required

Provider provisioned networkbased VPON

No complexity

Lower complexity

Good

–No secure end-to-end tunnel –Trust with SP required

Provider provisioned networkbased remote access VPON

Lower complexity

Lower complexity

Good

–Secure concatenated tunnels –Trust with SP required

n Table 1. A comparison between VPON approaches. • Provider provisioned gateway-based VPON: where the VPON service is provisioned by the SP in the PN secure cluster gateways that play the role of the VPON nodes in this case. • Provider provisioned network-based VPON: where the SP deploys and manages the VPON tunnels inside its backbone. The VPON nodes are the provider edge (PE) routers. Relying on these different approaches, the next section seeks suitable and viable VPON solutions to support intra-PN communications. The criteria for selection of viable solutions are scalability, topology, management complexity, and trust relationship.

APPROPRIATE VPON SOLUTION FOR INTRA-PN COMMUNICATIONS The selection of a VPN approach depends on several factors including existing business models and organizations of the value chain between PN users and providers. Recent studies to select VPN solutions using scalability, security, and management complexity have been addressed in [4, 8]. This section extends the study to VPONs by defining requirements and criteria for intraPN communications. The three previously suggested VPON establishment methods are compared to identify the scenarios where a given approach is more appropriate, required, or preferred. Requirements and Criteria for VPON Type Selection — A major constraint is that PN gateway nodes are limited in terms of memory size, processing capability, and battery power. These nodes cannot establish and maintain large numbers of tunnels when the number of clusters and sessions increases. This scalability problem is exacerbated by P-PAN mobility and roaming, requiring frequent tunnel teardown and establishment by gateway nodes. This increases the management complexity, and causes an additional burden on the PN user and SP. Therefore, scalability must be considered in the selection of a VPON framework in terms of user/SP management complexity and VPON node capacity [8]. This entails assessment of:

88

• The number of management sessions the SP management system can support. This is related to the complexity of VPON node configuration and management, which depends on the number of VPONs an SP can support and the number of potentially involved clusters per VPON. • The capacity of VPON nodes: based on the number of tunnels that can be supported. VPON Comparison — An analysis and a comparison of the VPON approaches using the previous criteria and security has been conducted. A summary is reported in Table 1. •User-managed gateway-based VPON: This approach provides secure gateway-to-gateway tunnels but poor scalability and higher management complexity. The scalability limitation is due to the secure cluster gateway and the number of supported clusters. Additional processing power and resources are required in the cluster gateways for each added tunnel as the number of involved clusters grows or the clusters dynamics increase. The PN user also has to manage and maintain all information concerning the tunneling deployment and management. Due to mobility and roaming of the PN clusters, these operations will induce additional load and management complexity on the PN user. •Provider provisioned gateway-based VPON: The trusted SP has to establish a secure session with each cluster gateway to manage and provision the VPON-specific configuration information through a secured tunnel or channel. Therefore, the scalability remains the main constraint in this case since the growing number of supported PN clusters and VPONs increases the management complexity for the SP. •Provider provisioned network-based VPON: The network-based VPON has better scalability than the gateway-based solutions since it reduces VPON management complexity and allows providers to offer new value added services in a scalable and flexible manner. The number of managed VPON edge nodes (PE nodes) is reduced from the number of user edge nodes in the gateway-based approach. Concerning node capacity, the PE routers are powerful in terms of

IEEE Communications Magazine • July 2005

LOUATI LAYOUT

7/21/05

12:49 PM

Page 89

Virtual personal overlay network

Service management system

P-PAN cluster Access network

Always on connectivity

Provider edge

Home cluster Secure cluster gateway

User 1 (wireless or Secure wireline) Secure cluster provider gateway gateway Remote access VPON

VPON service provider network

Office cluster

Provider edge

Secure cluster gateway Access network

Secure Provider provider edge gateway

Car cluster Secure cluster gateway

n Figure 1. The provider provisioned network-based remote access VPON approach. packet processing and have sufficient memory. Hence, they are capable of supporting a large number of VPONs. However, the major drawback of this approach is that the access link between PN clusters, and the SP backbone may not be trusted. •Provider provisioned network-based remote access VPON: This hybrid solution overcomes the security problem of the network-based method and the scalability limitation of the gateway-based solutions. As shown in Fig. 1, the VPON nodes are the PEs and secure gateway nodes. In order to reach the SP network in a secure manner, the cluster needs to establish a voluntary remote access from the secure cluster gateways to the network provider. As a result, secure concatenated tunnels will be established between remote clusters. A trust relationship is required between the PN user and the SP that can see the PN traffic in the intermediate points of the three concatenated tunnels. Concerning scalability, the secure gateway involved in the VPON deployment should establish only one tunnel to the SP that would then maintain tunnels toward the other remote clusters. An increase in the number of clusters has no impact on VPON scalability as far as node capacity is concerned. According to the VPON comparison summarized in Table 1, the network-based remote access VPON solution is the most appropriate and suitable approach to support a large number of PN clusters and VPONs in a scalable and flexible manner. This VPON approach is further analyzed and explored in the next sections.

IEEE Communications Magazine • July 2005

NETWORK-BASED REMOTE ACCESS VPON: DEPLOYMENT AND MANAGEMENT SCENARIOS This section presents the network-based remote access architecture for implementing dynamic intra-PN communications.

IPSEC-BASED REMOTE ACCESS VPON Two types of clusters are considered: static (e.g., home cluster) and roaming (e.g., P-PAN cluster). An “always on” connection paradigm is adequate between a static cluster and the SP backbone. An IPSec tunnel can be established between the secure cluster gateway and a secure provider gateway to ensure secure and private connectivity. To control access and protect the always connected clusters, a firewall service should be installed at the cluster gateway attached directly to the public Internet. Connecting a roaming cluster to the service PE in a secure and private manner can be achieved by a voluntary remote access IPSec technology. The roaming clusters establish a secure IPsec tunnel from their secure cluster gateways (via an IPsec client) to the secure provider gateway to reach their VPON. The secure provider gateway, which can be integrated in the PE, is responsible for terminating the tunnels and authenticating and authorizing the roaming clusters to access the VPON. The access control to the VPON can be achieved by a security server located in the VPON management plane.

VPONS DEPLOYMENT AND MANAGEMENT This section presents the deployment and management architecture of multiple VPONs using

89

LOUATI LAYOUT

7/21/05

12:49 PM

Page 90

PN agent VPON membership table Cluster @IP

VPON VPON1

Edge @IP

@G of P-PAN @IP edge1

VPON1

@G of home @IP edge2

VPON2

@G of P-PAN @IP edge1

VPON2

@G of office @IP edge2

(VR, edge @IP)

VPON-ID

(Cluster @IP, edge @IP)

VPON1

(VR1, @IP edge1); (VR1, @IP edge2) (Hotel, @IP edge1); (Home, @IP edge2)

VPON2

(VR2, @IP edge1); (VR2, @IP edge2) (Airport, @IP edge1); (Office, @IP edge2)

Service management system

PN agent

Network management servers

P-PAN (VPON1)

IPsec User 1 key Secure cluster gateway

Directory servers (service/user profile)

Access network (wireless or wireline)

Secure provider gateway

RIB RIB

Always on connectivity (VPON1)

Tunnel VPON1 FIB FIB

FIB

IPSec tunnel Tunnel VPON2

FIB

Service provider network

Provider edge router (virtual router model) @IP edge 1

Remote access VPON2

RIB RIB

Secure Firewall gateway @G of home

Secure provider gateway Access network

Office cluster VPON2

Provider edge router (virtual router model) connectivity @IP edge 2 (VPON2) Secure gateway

User 2 Secure cluster gateway

Security servers

PN configuration manager information Remote access VPON 1

Home cluster (VPON1)

P-PAN (VPON2)

n Figure 2. The VR-based remote access VPON concept for PN. the virtual router (VR) concept identified previously as suitable for establishing VPONs. VR Concept-Based Provider Edge — The VR model has been recently applied successfully to the PE-based VPN approach to separate traffic coming from different VPNs [5]. For the PN context, each VPON should have its private routing and addressing space. The SP must separate traffic between distinct VPONs handled by their edge routers. The VR concept is a good candidate for use in the provider routers to provide per-VPON routing, addressing, quality of service (QoS), and management capabilities. Figure 2 depicts two VPONs (VPON1 and VPON2) that share two PE routers. Each VPON is supported by a VR pair installed in the two edge routers. Many VR instances may be running on a single physical router with each VR having independent routing and forwarding tables isolated from each other (Fig. 2). This feature can be used to isolate traffic between VPONs. The key functions performed by a VR are: • The determination of the appropriate path between VPON clusters via routing tables maintaining addresses of the personal nodes • The forwarding of packets to the next hops within the VPON domain This concept is adopted as a PE technology to establish VPON connectivity supported by the network-based remote access paradigm.

90

PN Agent Concept — To provide cluster location information for tunneling and assist PN management, the concept of a PN agent has been introduced in [3]. The agent can be either a centralized or distributed functionality maintaining up-to-date information about the PN clusters and their points of attachment. The PN agent is a repository holding a table of registered clusters (secure gateways’ IP addresses) and the IP addresses of the edge routers that are serving as their ingress and egress tunnel endpoints (Fig. 2). The PN agent can also assist mobility management. Deployment and Management Scenarios — Diagram 1 of Fig. 4 illustrates a step by step scenario describing the deployment and management of a network-based remote access VPON depicted in Fig. 2. Once the remote static cluster is connected to the secure PE via an always on connection, the following actions take place: 1 The PE router, on the static cluster side, sends a request to the PN agent including its IP address and the secure cluster gateway IP address. 2 The PN agent adds the entry in its repository and interacts with the VPON membership information and defines the VPON-ID [9] needed for the VPON creation and establishment. The VPON membership information determines which VRs and PN clusters are members of a

IEEE Communications Magazine • July 2005

LOUATI LAYOUT

7/21/05

12:49 PM

Page 91

PN agent VPON Repository update

Cluster @IP

Edge @ IP

VPON1

@G of home Edge2 @ IP

VPON1

@G of P-PAN Edge1 @ IP

VPON1

@G of P-PAN Edge3 @ IP

PN agent update (IP @ of the new point of attachment)

Management table update

VPON memebership table (VR, Edge @IP)

VPON-ID VPON1

(Cluster @IP, Edge @IP)

(VR, Edge3 @IP); (VR, Edge2 @IP) (@G of P-PAN, Edge3 @IP); (@G of home, Edge2 @IP) Home cluster (VPON1)

P-PAN (VPON1)

User 1

IPSec key

New remote access VPON 1 Secure provider gateway

Secure cluster gateway

Cluster mobility

RIB

New dynamic tunnel VPON1 FIB

Edge3 @IP

Access network (wireless or wireline)

RIB

Secure provider gateway

Service provider network Old tunnel VPON1

FIB

RIB

connectivity Access network

Provider edge router edge2 @IP

Secure gateway @G of home

FIB

Provider edge router edge1 @IP User 1

IPsec key

Tear down Old remote access VPON 1

P-PAN (VPON1)

n Figure 3. Cluster mobility management using the dynamic tunneling approach.

3

4 5

6 7 8

9

specific VPON. As shown in Fig. 2, the VPON membership table includes entries composed of a vector containing the VR and the edge IP address where the VR is located, and the cluster IP address along with its serving edge IP address. Each entry is identified by a unique VPON-ID that specifies the VPON membership information. The management network then installs the VR instance in the edge according to the (VR logical address, edge IP address) pair. The cluster gateway sends a routing table containing the list of cluster nodes to the created VR instance. When a P-PAN node wants to communicate with a PN node located in the connected remote cluster, the P-PAN gateway establishes an IPSec remote access from its secure cluster gateway to the network provider. The secure provider gateway that terminates the remote access tunnel performs the access control of the remote user. Repeat steps 1, 2, and 3. The VRs, associated with the VPON, can now establish dynamic tunnels across the SP backbone to connect the clusters. Upon establishment of tunnels, the involved VRs will exchange the contents of their routing tables.

IEEE Communications Magazine • July 2005

CLUSTER MOBILITY MANAGEMENT USING A DYNAMIC TUNNELING APPROACH The previous section emphasized cluster registration and the creation of tunnels to establish secure intra-PN communications. This section explores the mobility aspect of a roaming cluster using dynamic tunneling mechanisms. Figure 3 depicts a scenario for a moving PPAN changing its attachment point with the network. In this scenario the mobility results in a change in PE. To maintain connectivity, management of cluster mobility must be combined with the dynamic tunneling framework. This change in attachment point is reflected by an update in the PN agent, which consequently interacts with VPON management to adapt PN networking according to the dynamic changes in the clusters. When roaming clusters change their point of attachment, the following steps take place in the VPON nodes (bottom, Fig. 4): • The old remote access with PE 1 is torn down, and a new remote access is established by the P-PAN with PE 3. • The actions described earlier are repeated to establish a new intercluster connectivity. The PN agent and VPON membership table are updated at runtime with the new cluster gateway IP address and PE router 3 IP address. • A new VR instance is created in PE 3 that interacts with PE 2 to establish a new dynamic tunnel. All PEs collaborate to

91

LOUATI LAYOUT

7/21/05

12:49 PM

Roaming P-PAN cluster

Page 92

Provider edge 1 (integrated secure provider gateway)

PN agent

VPON membership table

Provider edge 2 (integrated secure provider gateway)

Diagrmam 1: deployment and management scenario

Edge IP address + secure gateway IP address Synchronized interaction

IPSec remote access (IPSec tunnel)

Virtual router instance creation

Access control (AAA server)

Remote static cluster

connectivity (IPSec tunnel) Routing information exchange

Edge IP address + secure gateway IP @ Virtual router instance creation

Routing information exchange

Synchronized interaction

IPSec tunnel creation Routing information exchange

Diagrmam 2: mobility scenario

P-PAN changes its point of attachement (new provider edge router)

Provider edge 3 (integrated secure provider gateway)

New IPSec remote access (IPSec tunnel)

Access control (AAA server) Edge IP address + secure gateway IP @ New virtual router instance creation

Routing information exchange

PN agent update Synchronized interaction

New IPSec tunnel creation

n Figure 4. The network-based remote access VPON management, deployment, and mobility scenario. achieve fast forwarding of context data and pending packets in the old PE 1. Cluster mobility is achieved by cooperation of the PE routers with the PN agent. When a change in gateways in the P-PAN occurs even without any change in connectivity with the PE, the gateway IP address associated with active tunnels will change. This requires an update in the PN agent that will subsequently interact with VPON management to update the VPON membership information.

PROGRAMMABLE PROVIDER EDGE ROUTER The creation of a new dynamic tunnel between two edge routers entails the dynamic creation of new VR instances at runtime. In order to provide this quasi real-time dynamic aspect, the PE router must be flexible, configurable, self-organizing, and adaptive to ensure dynamic intercluster connectivity. Open programmable frameworks offer the increased flexibility needed for the PN while at the same time providing dynamic auto-configuration behavior. In the next section a programmable VR that has been designed, implemented, and evaluated to support the PN requirements of dynamic tunneling establishment is presented.

92

PROGRAMMABLE VR DESIGN AND IMPLEMENTATION Our purpose is to design and implement a programmable VR using a software router toolkit. A comparative study of modular and extensible software routers conducted in [10] proposes the Click router [11] as a software architecture to ease the design and development of the router forwarding plane. This Click modular router has been selected in this work to build IP packet forwarding in the VR data plane. This softwarebased router works only on Linux Operating Systems. A Click router is built by assembling software components into a directed graph. The XORP routing software [12] is used in conjunction with the Click router to provide routing protocols for the VR. Each VR instance has a unique logical address within the PE. In order to separate the incoming traffic among all created VR instances, an IP classifier element is added with the interface elements as depicted in Fig. 5. The IP classifier parameters include the VPON-ID and the destination logical IP address of the other VRs forming the same VPON.

IEEE Communications Magazine • July 2005

LOUATI LAYOUT

7/21/05

12:49 PM

Page 93

Network management XML configuration interface

XML configuration interface

XML-RPC

IPSec key negotiation

Click router (FIB)

XORP routing software (RIB)

Click router (FIB)

XORP routing software (RIB)

Click router (FIB)

Forwarding configuration manager engine

IPClassifier

XORP routing software (RIB)

IPClassifier

Forwarding configuration manager engine



XML-RPC

VPONs tunnels

Click router (FIB)

XORP routing software (RIB)

Click router (FIB)

XORP routing software (RIB)

Click router (FIB)

XORP routing software (RIB)

n Figure 5. Programmable VR design.

VR PERFORMANCE The number of VR instances in a PE is equal to the number of VPONs supported by the PE. The scalability constraint in PN networking is

IEEE Communications Magazine • July 2005

Interpacket delay (MS) 5 0.35 0.3 0.25 0.2 0.15 0.1 0.05 0

4 3 2 1 0 1

3

5

7

9

11

13

15

Packet lost (%)

The VR instance and IP classifier parameters are added at runtime when a new VPON-ID is provisioned by the management plane into the PE. For each new VPON connectivity handled by a PE router, a VR instance is created to ensure VPON packets processing and routing within the PE. The auto connectivity of dynamic tunnels is achieved by creating at runtime each VR instance by the interconnection of packet processing Click elements and the creation of new XORP routing instances. These Click forwarding elements and the routing instances are added dynamically to the basic router configuration already installed in the PE. In order to create and install at runtime the forwarding plane of the programmable VR instance, a forwarding path configuration manager engine (FPCME) [13] has been developed with Perl scripts to achieve automatic runtime configuration of the Click router. The FPCME is responsible for determining and installing the appropriate combination of Click elements necessary to create the VR instance. As shown in Fig. 5, the FPCME consults the XML interface created by the management plane, retrieves the VPON parameters, and translates them into a set of Click elements and arguments. These actions create the new configurations of the Click VR and install them in the Linux kernel mode.

17

Number of VR instances

n Figure 6. The effect of the number of VR instances on inter-UDP packet delay and percentage of lost packets.

this number of VPON connections (VR instance creations) to be supported by the PE router. The purpose of this section is to assess scalability of the developed VR software by evaluating the effect of runtime installation of VR instances in the PE on other supported VPONs. A testbed based on the flexible Click router architecture has been used. It includes a management server (the VPON management system) and two Linux-based quadri-processor PCs playing the role of PE routers. The management system installs a new VR instance in the two edge routers every 5 s. Once the VRs are installed, VPONs tunnels are established between the PE nodes. A traffic

93

LOUATI LAYOUT

7/21/05

12:49 PM

The promising results produced by this study for the establishment of overlays for PNs should lead to added investigation to enhance the architecture and extend the concepts to inter-PN communications.

Page 94

generator transmits TCP and UDP traffic into the VPON tunnels. Results of a first experiment show that only 17 simultaneous VR instances can be installed in the physical router. This is due to the memory limitation in the kernel mode of Click. There is insufficient memory in the Linux/proc/click file system to install generated Click configuration files containing more than 17 router instances. Future and careful optimization and software engineering should allow the installation of more dynamic VR instances in the software routers. A second experiment has been conceived to address the effect of dynamic VR (VPON) creations on UDP flows. Seventeen VPONs (as per the VR instances limitation) are considered in this experiment. Every 5 s, an additional VPON is created. Each VPON generates a 3 Mb/s UDP traffic flow. Figure 6 depicts the effect of VPON creation at runtime on interpacket delays and also reports packet delay performance (curve in the lower right corner). The lower curve for interpacket delay corresponds to the very first VPON connection. The upper curve represents the average interpacket delay of all 17 simultaneous connections established between the two PEs. Starting from the 13th connection, the interpacket delay is affected for the two cases, but the interpacket delay increase is confined to a value of less than 1 ms. The percentage of UDP packets that are lost increases from 0 percent to only 0.35 percent when the number of created VR instances grows from 1 to 17. These packet losses represent a marginal degradation for the UDP flows if we realize that all dynamic configurations and VR instances creations are conducted at runtime. The same experiment was also conducted on TCP traffic. The experienced interpacket delay variation for this case did not exceed more than 2 ms deviation from the generated constant interpacket delay of 4 ms. The higher variability is due to retransmissions following interactions with TCP flow and congestion control mechanisms.

CONCLUSION Among the analyzed paradigms to establish dynamic tunnels and overlays for PN, the network-based remote access VPON provides a good scalability, management complexity and security trade-off. The results show that combining the Programmable VR and the PN Agent concepts to support dynamic VPON deployment and management, according to PN dynamics and

94

mobility, is feasible and viable for PN networking. The programmable VR concept has been found attractive to establish runtime connectivity between PN clusters. The promising results produced by this study for the establishment of overlays for PNs should lead to added investigation to enhance the architecture and extend the concepts to inter-PN communications.

REFERENCES [1] J. Hoebeke et al., “Architectures and Protocols for AdHoc Self-Configuration, Interworking, Routing and Mobility,” IST-507102 MAGNET/WP2/Task4/D2.4.1/PU/ 001/22.12.2004, Dec. 2004. [2] L. Anderssonet al., “Provider Provisioned VPN Terminology,” IETF RFC 4026, Mar. 2005. [3] D. Zeghlache et al., “Conceptual Secure PN Architecture,” IST507102 MAGNET/WP2/INT/D2.1.1/PU/001, Jan. 2005. [4] P. Knight and C. Lewis, “Layer 2 and 3 Virtual Private Networks: Taxonomy, Technology, and Standardization Efforts,” IEEE Commun. Mag., vol. 42, no. 6, June 2004, pp. 124–31. [5] P. Knight et al., “Network Based IP VPN Architecture Using Virtual Routers,” draft-ietf-l3vpn-vpn-vr-02, Apr. 2004, work in progress. [6] S. Kent et al., “Security Architecture for the Internet Protocol,” IETF RFC 2401, Nov. 1998. [7] N. Mezzetti, “Towards a Model for Trust Relationships in Virtual Enterprises,” DEXA Wksps. 2003, pp. 420–24. [8] J. De Clercq and O. Paridaens. “Scalability Implications of Virtual Private Networks,” IEEE Commun. Mag., vol.40, no.5, May 2002. [9] B. Fox and B. Gleeson, “Virtual Private Networks Identifier,” IETF RFC 2685, Sept. 1999. [10] Y. Gottlieb and L. Peterson, “A Comparative Study of Extensible Routers,” OpenArch ’02, June 2002. [11] E. Kohler et al., “The Click Modular Router,” ACM Trans. Comp. Sys., vol. 18, no. 3, Aug. 2000, pp. 263–97. [12] M. Handley et al., “Designing Extensible IP Router Software,” Proc. 2nd USENIX Symp. Net. Sys. Design and Implementation, Boston, MA, May 2005. [13] W. Louati, B. Jouaber, and D. Zeghlache, “Configurable Software based Edge Router Architecture,” 4th Wksp. Apps. and Svcs. in Wireless Net., Boston, MA, Aug. 2004, http://www.freazer.com/perso/wajdi/JournalASWN04.pdf

BIOGRAPHIES M. WAJDI LOUATi ([email protected]) received an M.S. degree in computer science (2003) from Pierre et Marie Curie University, Paris, France. Currently, he is a Ph.D. student at Institut National des Télécommunications, Evry, France, in the Wireless Networks and Multimedia Services Department. His main research interests include programmable routers and networks and overlay networks with a current focus on personal networks. DJAMAL ZEGHLACHE ([email protected]) graduated from Southern Methodist University, Dallas, Texas, in 1987 with a Ph.D. in electrical engineering and the same year joined Cleveland State University as an assistant professor. In 1992 he joined the Institut National des Télécommunications, where he currently heads the Wireless Networks and Multimedia Services Department. He has sustained research and scholarly activities in the field of wireless networks and services with actual emphasis on awareness, cooperation, and adaptation in wireless and personal networks.

IEEE Communications Magazine • July 2005

August 2005, Vol. 43 No. 8

IEEE www.comsoc.org

MAGAZINE —

EE IE

IN

C IRCUITS

FOR

N ETWORKS

(

T OPICS

IN

S — ION UE AT ISS UNIC IS M TH OM ) IN AL C E 33 G TIC PA

OP

S ELF-O RGANIZATION

C OMMUNICATIONS

A Publication of the IEEE Communications Society

®

®

LYT-GUEST EDIT-Dixit

7/21/05

12:46 PM

Page 77

GUEST EDITORIAL

SELF-ORGANIZATION IN NETWORKS TODAY

Sudhir Dixit

Amardeo Sarma

T

his feature topic, “Self-Organization in Networks Today,” takes a look at approaches currently followed in the area of self-organization. While a previous issue looked at some long-term and more revolutionary approaches, this issue focuses on how self-organizing principles can ease the life of users and system administrators in the shorter term. A typical example of early self-organization was the Dynamic Host Configuration Protocol that allowed hosts to be connected without the user having to configure the IP address manually. The question naturally arises of how such concepts, often based on some rules and policies, can be extended to further simplify network operation while at the same time ensuring that the systems remain under control. Potential application areas begin with large existing IPbased networks, now becoming larger by the day, and their (self-) organization, and go on to network types that have recently gained more attention, such as ad hoc and wireless sensor networks. Current solutions are reaching their limits, requiring novel approaches to the problem. This issue covers self-organization for large networks, the establishment of personal “overlay” networks, and wireless sensor networks. The first of three articles in this feature topic is “Network and Domain Autoconfiguration: A Unified Approach for Large Dynamic Networks” by Manousakis, McAuley, Morera, and Baras, and presents a unified framework for completely autoconfiguring hosts, routers, and servers with regard to addresses, routing protocols, and routing hierarchies. Based around the IP autoconfiguration suite, they show a configuration tool for future networks, especially when applied in emergency situations or dynamic large-scale networks. The authors show that the tool performs conflict-free and robust address allocation based on the distribution of address pools. In addition to configuring the network-based simple heuristics, it also optimizes the network performance. In the second article, “Network-Based Virtual Personal Overlay Networks Using Programmable Virtual Routers,” Louati and Zeghlache describe the use of the virtual router concept to support personal networks composed of a wireless bubble around the user connected to local and remote public and private services. The concept is deployed over programmable and software-based edge routers, capable of dynamic configuration and networking at runtime, to meet personal network requirements. Remote access is especially considered to provide secure networking of personal devices, nodes, services, and applications.

IEEE Communications Magazine • August 2005

In the third article, “A Self-Managed Wireless Sensor Network,” Ruiz et al. address the problem of designing smart, autonomous, and self-aware wireless sensor networks (WSNs). Using a specific scenario of a WSN that monitors temperature and humidity and evaluates fire risks, the authors propose a self-management solution that promotes network resource productivity and quality of service. The main focus of the article is on self-organization, self-configuration, self-service, selfknowledge, self-awareness, and self-maintenance. The article also evaluates the effectiveness of the integrated management solution. The guest editors thank the contributing authors to this Feature Topic that we hope will give you a good view of selforganization in practice today. Please write to us and to the authors to contribute to the ongoing discussion on self-organization.

BIOGRAPHIES SUDHIR DIXIT [SM’95] ([email protected], [email protected]) is currently a Nokia Research Fellow and works on next-generation wireless networks. From 1996 to October 2003 he was a senior research manager, focusing on IP/ATM, wireless networks, content networks and optical networks. Prior to that he held various management or engineering positions at NYNEX Science & Technology (now Verizon), GTE (now Verizon), Codex Motorola, Wang, Harris, and STL (now Nortel Europe Labs). He received the B.E. degree from MANIT, Bhopal, India, the M.E. degree from BITS, Pilani, India, the Ph.D. degree from the University of Strathclyde, Glasgow, Scotland, and the M.B.A. degree from Florida Institute of Technology, Melbourne, Florida. He has published or presented over 150 papers, published 3 books, and holds 12 patents. He is on the editorial boards of numerous International journals, has been a frequent guest editor in various publications, and has served in various capacities in numerous conferences. He represents Nokia on the Steering Board of the WWRF (Wireless World Research Forum), and is also the Vice Chair of the SIG on Self-Organization of Wireless World Systems. AMARDEO SARMA [SM’04] ([email protected]) is a manager at NEC Network Laboratories, Heidelberg, Germany, where he leads a department dealing with mobility, network security, and intervehicle communications. A current major focus is leading the heterogeneous networks work of the EU IST Integrated Project Daidalos. In the past he has worked on communication protocols and formal specification techniques in the context of broadband and access networks at Deutsche Telekom and is co-author of two textbooks on SDL. In the late 1990s he was a project supervisor at Eurescom, Heidelberg. He received his Bachelor of Technology degree from the Indian Institute of Technology, Delhi, and his Master’s degree (Dip.Ing.) from the Technical University of Darmstadt, both in electrical engineering. He is a Steering Board member of the Wireless World Research Forum and was Chairman of International Telecommunication Union — Telecommunication Standardization Sector Study Group 10, 1996–2002, and Co-Chair of the merged Study Group 17, 2002–2004.

77