175 research outputs found
Tiered Based Addressing in Internetwork Routing Protocols for the Future Internet
The current Internet has exhibited a remarkable sustenance to evolution and growth; however, it is facing unprecedented challenges and may not be able to continue to sustain this evolution and growth in the future because it is based on design decisions made in the 1970s when the TCP/IP concepts were developed. The research thus has provided incremental solutions to the evolving Internet to address every new vulnerabilities. As a result, the Internet has increased in complexity, which makes it hard to manage, more vulnerable to emerging threats, and more fragile in the face of new requirements.
With a goal towards overcoming this situation, a clean-slate future Internet architecture design paradigm has been suggested by the research communities.
This research is focused on addressing and routing for a clean-slate future Internet architecture, called the Floating Cloud Tiered (FCT) internetworking model. The major goals of this study are: (i) to address the two related problems of routing scalability and addressing, through an approach which would leverage the existing structures in the current Internet architecture, (ii) to propose a solution that is acceptable to the ISP community that supports the Internet, and lastly (iii) to provide a transition platform and mechanism which is very essential to the successful deployment of the proposed design
Optimal route reflection topology design
An Autonomous System (AS) is a group of Internet Protocol-based networks with a single and clearly defined external routing policy, usually under single ownership, trust or administrative control. The AS represents a connected group of one or more blocks of IP addresses, called IP prefixes, that have been assigned to that organization and provides a single routing policy to systems outside the AS.
The Internet is composed of the interconnection of several thousands of ASes, which use the Border Gateway Protocol (BGP) to exchange network prefixes (aggregations of IP addresses) reachability advertisements. BGP advertisements (or updates) are sent over BGP sessions administratively set between pairs of routers.
BGP is a path vector routing protocol and is used to span different ASes. A path vector protocol defines a route as a pairing between a destination and the attributes of the path to that destination. Interior Border Gateway Protocol (iBGP) refers to the BGP neighbor relationship within the same AS. When BGP neighbor relationship are formed between two peers belonging to different AS are called Exterior Border Gateway Protocol (eBGP). In the last case, BGP routers are called Autonomous System Border Routers (ASBRs), while those running only iBGP sessions are referred to as Internal Routers (IRs).
Traditional iBGP implementations require a full-mesh of sessions among routers of each AS
Aspects of proactive traffic engineering in IP networks
To deliver a reliable communication service over the Internet
it is essential for
the network operator to manage the traffic situation in the network.
The traffic situation is controlled by
the routing function which determines what path traffic follows from source
to destination.
Current practices for setting routing parameters in IP networks are
designed to be simple to manage. This can lead to congestion in
parts of the network while other parts of the network are
far from fully utilized. In this thesis we explore issues related
to optimization of the routing function to balance load in the network
and efficiently deliver a reliable communication service to the users.
The optimization takes into account not only the traffic situation under
normal operational conditions, but also traffic situations that appear
under a wide variety of circumstances deviating from the nominal case.
In order to balance load in the network knowledge of the traffic
situations is needed. Consequently, in this thesis
we investigate methods for efficient derivation of the
traffic situation. The derivation is based on estimation of
traffic demands from link load measurements. The advantage
of using link load measurements is that they are easily obtained and consist
of a limited amount of data that need to be processed. We evaluate and demonstrate how estimation
based on link counts gives the operator a fast and accurate description
of the traffic demands. For the evaluation we have access to a unique data
set of complete traffic demands from an operational
IP backbone.
However, to honor service level agreements at all times the variability
of the traffic needs to be accounted for in the load balancing.
In addition, optimization techniques are often sensitive to errors and
variations in input data. Hence, when an optimized routing setting is
subjected to real traffic demands in the network, performance often
deviate from what can be anticipated from the optimization. Thus,
we identify and model different traffic uncertainties and describe
how the routing setting can be optimized, not only for a nominal case,
but for a wide range of different traffic situations that might appear
in the network.
Our results can be applied in MPLS enabled networks as well as in
networks using link state routing protocols such as the widely used
OSPF and IS-IS protocols. Only minor changes may be needed in current
networks to implement our algorithms.
The contributions of this thesis is that we: demonstrate that it is
possible to estimate the traffic matrix with acceptable precision, and
we develop methods and models for common traffic uncertainties to
account for these uncertainties in the optimization of the routing
configuration. In addition, we identify important properties in the
structure of the traffic to successfully balance uncertain and
varying traffic demands
Link State Contract Routing
The Internet's simple design resulted in huge success in basic telecommunicationservices. However, the current Internet architecture has failed in terms of introducingmany innovative technologies as end-to-end (E2E) services such as multicasting,guaranteed quality of services (QoS) and many others. We argue that contractingover static service level agreements (SLA) and point-to-anywhere service definitionsare the main reasons behind this failure. In that sense, the Internet architecture needsmajor shifts since it neither allows (i) users to indicate their value choices at sufficientgranularity nor (ii) providers to manage risks involved in investment for new innovativeQoS technologies and business relationships with other providers as well as users.To allow these much needed economic flexibilities, we introduce contract-switching asa new paradigm for the design of future Internet architecture. In this work, we implementcontract-routing framework with specific focus on long-term contracted servicesin Link State Contract Routing scheme. Our work shows that E2e guaranteed QoSservices can be achieved in routing over contracted edge-to-edge service abstractionswhich are built on today's popular protocols with reasonable protocol overhead
Performance Evaluation of Distributed Security Protocols Using Discrete Event Simulation
The Border Gateway Protocol (BGP) that manages inter-domain routing on the Internet lacks security. Protective measures using public key cryptography introduce complexities and costs. To support authentication and other security functionality in large networks, we need public key infrastructures (PKIs). Protocols that distribute and validate certificates introduce additional complexities and costs. The certification path building algorithm that helps users establish trust on certificates in the distributed network environment is particularly complicated. Neither routing security nor PKI come for free. Prior to this work, the research study on performance issues of these large-scale distributed security systems was minimal. In this thesis, we evaluate the performance of BGP security protocols and PKI systems. We answer the questions about how the performance affects protocol behaviors and how we can improve the efficiency of these distributed protocols to bring them one step closer to reality. The complexity of the Internet makes an analytical approach difficult; and the scale of Internet makes empirical approaches also unworkable. Consequently, we take the approach of simulation. We have built the simulation frameworks to model a number of BGP security protocols and the PKI system. We have identified performance problems of Secure BGP (S-BGP), a primary BGP security protocol, and proposed and evaluated Signature Amortization (S-A) and Aggregated Path Authentication (APA) schemes that significantly improve efficiency of S-BGP without compromising security. We have also built a simulation framework for general PKI systems and evaluated certification path building algorithms, a critical part of establishing trust in Internet-scale PKI, and used this framework to improve algorithm performance
Network-provider-independent overlays for resilience and quality of service.
PhDOverlay networks are viewed as one of the solutions addressing the inefficiency and slow
evolution of the Internet and have been the subject of significant research. Most existing
overlays providing resilience and/or Quality of Service (QoS) need cooperation among
different network providers, but an inter-trust issue arises and cannot be easily solved.
In this thesis, we mainly focus on network-provider-independent overlays and investigate
their performance in providing two different types of service. Specifically, this thesis
addresses the following problems:
Provider-independent overlay architecture: A provider-independent overlay
framework named Resilient Overlay for Mission-Critical Applications (ROMCA)
is proposed. We elaborate its structure including component composition and
functions and also provide several operational examples.
Overlay topology construction for providing resilience service: We investigate the topology design problem of provider-independent overlays aiming to provide resilience service. To be more specific, based on the ROMCA framework, we
formulate this problem mathematically and prove its NP-hardness. Three heuristics are proposed and extensive simulations are carried out to verify their effectiveness.
Application mapping with resilience and QoS guarantees: Assuming application mapping is the targeted service for ROMCA, we formulate this problem as
an Integer Linear Program (ILP). Moreover, a simple but effective heuristic is
proposed to address this issue in a time-efficient manner. Simulations with both
synthetic and real networks prove the superiority of both solutions over existing
ones.
Substrate topology information availability and the impact of its accuracy on overlay performance: Based on our survey that summarizes the methodologies available for inferring the selective substrate topology formed among a group
of nodes through active probing, we find that such information is usually inaccurate
and additional mechanisms are needed to secure a better inferred topology. Therefore, we examine the impact of inferred substrate topology accuracy on overlay
performance given only inferred substrate topology information
- …