IPv6 Network Mobility

Network Authentication, Authorization, and Accounting has been used since before the days of the Internet as we know it today. Authentication asks the question, “Who or what are you?” Authorization asks, “What are you allowed to do?” And fi nally, accounting wants to know, “What did you do?” These fundamental security building blocks are being used in expanded ways today. The fi rst part of this two-part series focused on the overall concepts of AAA, the elements involved in AAA communications, and highlevel approaches to achieving specifi c AAA goals. It was published in IPJ Volume 10, No. 1[0]. This second part of the series discusses the protocols involved, specifi c applications of AAA, and considerations for the future of AAA

Multi Protocol Label Switching: Quality of Service, Traffic Engineering application, and Virtual Private Network application

This thesis discusses the QoS feature, Traffic Engineering (TE) application, and Virtual Private Network (VPN) application of the Multi Protocol Label Switching (MPLS) protocol. This thesis concentrates on comparing MPLS with other prominent technologies such as Internet Protocol (IP), Asynchronous Transfer Mode (ATM), and Frame Relay (FR). MPLS combines the flexibility of Internet Protocol (IP) with the connection oriented approach of Asynchronous Transfer Mode (ATM) or Frame Relay (FR). Section 1 lists several advantages MPLS brings over other technologies. Section 2 covers architecture and a brief description of the key components of MPLS. The information provided in Section 2 builds a background to compare MPLS with the other technologies in the rest of the sections. Since it is anticipate that MPLS will be a main core network technology, MPLS is required to work with two currently available QoS architectures: Integrated Service (IntServ) architecture and Differentiated Service (DiffServ) architecture. Even though the MPLS does not introduce a new QoS architecture or enhance the existing QoS architectures, it works seamlessly with both QoS architectures and provides proper QoS support to the customer. Section 3 provides the details of how MPLS supports various functions of the IntServ and DiffServ architectures. TE helps Internet Service Provider (ISP) optimize the use of available resources, minimize the operational costs, and maximize the revenues. MPLS provides efficient TE functions which prove to be superior to IP and ATM/FR. Section 4 discusses how MPLS supports the TE functionality and what makes MPLS superior to other competitive technologies. ATM and FR are still required as a backbone technology in some areas where converting the backbone to IP or MPLS does not make sense or customer demands simply require ATM or FR. In this case, it is important for MPLS to work with ATM and FR. Section 5 highlights the interoperability issues and solutions for MPLS while working in conjunction with ATM and FR. In section 6, various VPN tunnel types are discussed and compared with the MPLS VPN tunnel type. The MPLS VPN tunnel type is concluded as an optimal tunnel approach because it provides security, multiplexing, and the other important features that are reburied by the VPN customer and the ISP. Various MPLS layer 2 and layer 3 VPN solutions are also briefly discussed. In section 7 I conclude with the details of an actual implementation of a layer 3 MPLS VPN solution that works in conjunction with Border Gateway Protocol (BGP)

A Comparative Analysis of Unicast Routing Protocols for MPLS-VPN

MPLS-VPN technology is introduced to provide secure transmission with minimum propagation delay. This paper presents a comparative analysis of unicast routing protocols for MPLSVPN enabled networks. The motive behind this analysis is to observe the consequence of unicast routing protocols on the performance of MPLS-VPN enabled networks and to choose most suitable routing protocol for such type of networks. To conduct the analysis, a test bed is established in GNS3 simulator. Three main unicast routing protocols i.e. Enhanced Interior Gateway Routing Protocol (EIGRP), Open Shortest Path First (OSPF) and Routing Information Protocol (RIP) has been considered in this work. Round-Trip-Time, Jitter and Administrative-distance are used as performance measure metrics. The experimental analysis indicates that EIGRP is the most suitable protocol among the aforementioned protocols for MPLS-VPN

Secure Network Access via LDAP

Networks need the ability to be access by secure accounts and users. The goal of this project is to configure and expand on LDAP configurations with considerations for AAA via TACACS+ and Radius for network equipment. This will provide adequate security for any given network in terms of access and prevent lose of access to devices which happens all to often with locally configured accounts on devices

A survey of Virtual Private LAN Services (VPLS): Past, present and future

Virtual Private LAN services (VPLS) is a Layer 2 Virtual Private Network (L2VPN) service that has gained immense popularity due to a number of its features, such as protocol independence, multipoint-to-multipoint mesh connectivity, robust security, low operational cost (in terms of optimal resource utilization), and high scalability. In addition to the traditional VPLS architectures, novel VPLS solutions have been designed leveraging new emerging paradigms, such as Software Defined Networking (SDN) and Network Function Virtualization (NFV), to keep up with the increasing demand. These emerging solutions help in enhancing scalability, strengthening security, and optimizing resource utilization. This paper aims to conduct an in-depth survey of various VPLS architectures and highlight different characteristics through insightful comparisons. Moreover, the article discusses numerous technical aspects such as security, scalability, compatibility, tunnel management, operational issues, and complexity, along with the lessons learned. Finally, the paper outlines future research directions related to VPLS. To the best of our knowledge, this paper is the first to furnish a detailed survey of VPLS.University College DublinAcademy of Finlan

Utilization of RADIUS Protocol AV Pairs for Dynamic Configuration of Remote Access into Virtual Private Networks

Import 04/07/2011V této diplomové práci se zabývám návrhem a realizací dynamické konfigurace mechanizmů vzdáleného přístupu do virtuálních privátních sítí, založených na technologii MPLS/VPN. Pro přistup, jsou využívány technologie ISDN, PSTN, DSL, které jsou podpořeny protokolem RADIUS k umožnění dynamického předá\-vání konfigurace síťovým prvkům. V konfiguraci, jež je takto předávána, je sdělená nutnost budování síťových tunelů, které zapouzdřují daný provoz klientů, a umožňuje logické oddělení datových toků. Tyto tunely jsou zakončovány virtuálním přístupovým rozhraním umožňující předá\-vání toku dat do příslušných VRF daných zákazníků.In this diploma thesis I deal with design and realization of a dynamic configuration mechanism of remote access to virtual private networks, based on MPLS/VPN technology. For access, ISDN, PSTN, DLS technologies are used. These technologies are supported by protocol RADIUS which enables dynamic configuration transfer to network elements. In the configuration, which is so transferred exist necessity for building a network of tunnels that encapsulate the client operations, and allows logical separation of dataflows. These tunnels are terminated by virtual access interface which allows transmission of dataflow to the customer’s VRF.460 - Katedra informatikyvelmi dobř