81 research outputs found
Method And Implementation of MPLS Tunnel Selection On Nokia Metro-E Devices
Tunneling is an interconnection solution between local networks separated by remote over a public IP. The current issue does not have proper guidelines for using tunneling techniques. Tunneling selection is generally only based on the beliefs and experience of network management operators or following SOP. The brand of tunneling device is widely used by telecommunication operators in Indonesia (especially P. Java) is Nokia. In this study, implementation, testing and analysis of MPLS techniques on Nokia devices to produce recommendations when to use MPLS tunnels according to network topology appropriately. The software used in this study was FTP, Tfgen and Wireshark. FTP and Tfgen as network traffic generators and Wireshark to record throughput, delay and downtime. Analysis of MPLS on Nokia devices is conducted based on recording results for various traffic engineering scenarios including loadless conditions, and various other conditions in case of network disruption. Mpls research results when without load all went well with an average throughput of 1.08 Mbps and delay of 10 ms. When with load has a stability delay of 10 ms, when when network disruption using ICMP get 1 Request Time Out or 4s. MPLS techniques are used on established networks because it can provide alternative density lines
Multi-Link Failure Effects on MPLS Resilient Fast-Reroute Network Architectures
Ā© 2021 IEEE.MPLS has been in the forefront of high-speed Wide Area Networks (WANs), for almost two decades [1, 12]. The performance advantages in implementing Multi-Protocol Label Switching (MPLS) are mainly its superior speed based on fast label switching and its capability to perform Fast Reroute rapidly when failure(s) occur ā in theory under 50 ms [16, 17], which makes MPLS also interesting for real-time applications. We investigate the aforementioned advantages of MPLS by creating two real testbeds using actual routers that commercial Internet Service Providers (ISPs) use, one with a ring and one with a partial mesh architecture. In those two testbeds we compare the performance of MPLS channels versus normal routing, both using the Open Shortest Path First (OSPF) routing protocol. The speed of the Fast Reroute mechanism for MPLS when failures are occurring is investigated. Firstly, baseline experiments are performed consisting of MPLS versus normal routing. Results are evaluated and compared using both single and dual failure scenarios within the two architectures. Our results confirm recovery times within 50 ms
Revealing and Characterizing MPLS Networks
The Internet is a wide network of computers in constant evolution. Each year, more and more organizations are connected to this worldwide network. Each of them has its own structure and administration that are not publicly revealed for economical, political, and security reasons. Consequently, our perception of the Internet structure, and more specifically, its topology, is incomplete. In order to balance this lack of knowledge, the research community relies on network measurements. Most of the time, they are performed based on the well-known tool traceroute. However, in practice, an operator may privilege other technologies than IP to forward packets inside its network. MultiProtocol Label Switching (MPLS) is one them. Even if it is heavily deployed by operators, it has not been really investigated by researchers. Prior to this thesis, only two studies focused on the identification of MPLS tunnels in traceroute data. Moreover, while one of them does not take all possible scenarios into account, the other lack of precision in some of its models. In addition, MPLS tunnels may hide their content to traceroute. Topologies inferred from such data may thus contain false links or nodes with an artificially high degree, leading so to biases in standard graph metrics used to model the network. Even if some researchers already tried to tackle this issue, the revelation of hidden MPLS devices in traceroute data is still an open question.
This thesis aims at characterizing MPLS in two different ways. On the one hand, at an architectural level, we will analyze in detail its deployment and use in both IPv4 and IPv6 networks in order to improve its state-of-the-art view. We will show that, in practice, more than one IPv4 trace out of two crosses at least one MPLS tunnel. We will also see that, even if this protocol can simplify the internal architecture of transit networks, it also allows some operators to perform traffic engineering in their domain. On the other hand, MPLS will be studied from a measurement point of view. We will see that routers from different manufacturers may have distinct default behaviors regarding to MPLS, and that these specific behaviors can be exploited to identify MPLS tunnels during traceroute measurements. More precisely, we will focus on new methods able to infer the presence of tunnels that are invisible in traceroute outputs, as well as on mechanisms to reveal their content. We will also show that they can be used in order to improve the inference of Internet graph properties, such as path lengths and node degrees. Finally, these techniques will be integrated into Trace the Naughty Tunnels (TNT), a traceroute extension able to identify all types of MPLS tunnels along a path towards a destination. We will prove that this tool can be used in order to get a detailed quantification of MPLS tunnels in the worldwide network. TNT is publicly available, and can therefore be part of many future studies conducted by the research community.Internet est un immense reĢseau informatique en constante eĢvolution. Chaque anneĢe, de plus en plus dāorganisations sāy connectent. Chacune dāelles est geĢreĢe et administreĢe indeĢpendamment des autres. En pratique, lāarchitecture interne de leur reĢseau nāest pas rendue publique pour des raisons politiques, eĢconomiques, ou de seĢcuriteĢ. Par conseĢquent, notre perception de la structure dāInternet, et plus particulieĢrement de sa topologie, est incompleĢte. Afin de pallier ce manque de connaissance, la communauteĢ de la recherche sāappuie sur des mesures de reĢseau. La plupart du temps, elles sont reĢaliseĢes avec lāoutil traceroute. Cependant, des technologies autres que IP peuvent eĢtre privileĢgieĢes pour transfeĢrer les paquets dans un reĢseau. MultiProtocol Label Switching (MPLS) est lāune dāentre elles. MeĢme si cette technologie est largement deĢployeĢe dans Internet, elle nāest pas bien eĢtudieĢe par les chercheurs. Avant cette theĢse, seulement deux travaux se sont inteĢresseĢs aĢ lāidentification dāMPLS dans les donneĢes collecteĢes avec traceroute. Alors que le premier ne prend pas en compte tous les sceĢnarios possibles, le second propose des modeĢles qui manquent de preĢcision. De plus, les tunnels MPLS peuvent dissimuler leur contenu aĢ traceroute. Les topologies infeĢreĢes sur base de ces donneĢes peuvent donc contenir de faux liens, ou des noeuds avec un degreĢ anormalement eĢleveĢ. Les diffeĢrentes modeĢlisations dāInternet qui en reĢsultent peuvent alors eĢtre biaiseĢes. Aujourdāhui, la question de la reĢveĢlation des routeurs MPLS qui sont invisibles dans les donneĢes de mesure nāest toujours pas reĢsolue, meĢme si certains chercheurs ont deĢjaĢ proposeĢ quelques meĢthodes pour y parvenir.
Cette theĢse a pour but de caracteĢriser MPLS de deux manieĢres diffeĢrentes. Dans un premier temps, au niveau architectural, nous analyserons en deĢtail son deĢploiement et son utilisation dans les reĢseaux IPv4 et IPv6 afin dāameĢliorer lāeĢtat de lāart. Nous montrerons quāen pratique, plus dāune trace IPv4 sur deux traverse au moins un tunnel MPLS. Nous deĢcouvrirons eĢgalement que bien que ce protocole peut eĢtre utiliseĢ pour simplifier lāarchitecture interne des reĢseaux de transit, il peut aussi eĢtre deĢployeĢ pour la mise en place de solutions dāingeĢnierie de trafic. Dans un second temps, MPLS sera eĢtudieĢ dāun point de vue mesure. Nous verrons que les comportements par deĢfaut lieĢs au protocole varient dāun fabricant de routeur aĢ lāautre, et quāils peuvent eĢtre exploiteĢs afin dāidentifier les tunnels MPLS dans les donneĢes traceroute. Plus preĢciseĢment, nous deĢcouvrirons de nouvelles meĢthodes capables dāinfeĢrer la preĢsence de tunnels invisibles avec traceroute, ainsi que de nouvelles techniques pour reĢveĢler leur contenu. Nous montrerons eĢgalement quāelles peuvent eĢtre utiliseĢes afin dāameĢliorer la modeĢlisation dāInternet. Pour terminer, ces techniques seront inteĢgreĢes aĢ Trace the Naughty Tunnels (TNT), une extension de traceroute qui permet dāidentifier tous les types de tunnels MPLS le long du chemin vers une destination. Nous prouverons que cet outil peut eĢtre utiliseĢ pour obtenir des statistiques deĢtailleĢes sur le deĢploiement dāMPLS sur Internet. TNT est disponible publiquement, et peut donc eĢtre librement exploiteĢ par la communauteĢ de la recherche pour de multiples futures eĢtudes
Teleprotection signalling over an IP/MPLS network
Protection of electricity networks have developed to incorporate communications, referred to as protection signalling. Due to the evolution of the electricity supply system, there are many developments pending within the scope of protection signalling and protection engineering in general. This project investigates the use of current and emerging communications technologies (i.e. packetised networks) being applied and incorporated into current protection signalling schemes and technologies.
The purpose of the project is to provide a more cost-effective solution to protection schemes running obsolescent hardware. While the medium-term goal of the industry is to move entirely to IEC 61850 communications, legacy teleprotection relays using non-IP communications will still exist for many years to come. For companies to be ready for an IEC 61850 rollout a fully deployed IP/MPLS network will be necessary and it can be seen that various companies worldwide are readying themselves in this way. However, in the short-term for these companies, this means maintaining their existing TDM network (which runs current teleprotection schemes) and IP/MPLS network. This is a costly business outcome that can be minimised with the migration of services from and decommissioning of TDM networks.
Network channel testing was the primary testing focus of the project. The testing proved that teleprotection traffic with correct QoS markings assured the system met latency and stability requirements. Furthermore, MPLS resiliency features (secondary LSPs & Fast-reroute) were tested and proved automatic path failover was possible under fault conditions at sub-30ms speeds
Path signalling in a wireless back-haul network integrating unidirectional broadcast technologies
The black-haul infrastructures of today's wireless operators must support the triple-play services demanded by the market or regulatory bodies. To cope with increasing capacity demand, in our previous work, we have developed a cost-effective heterogeneous layer 2.5 wireless back-haul (WiBACK) architecture, which leverages the native multicast capabilities of broadcast technologies such as DVB to off-load high-bandwidth broadcast content delivery. Furthermore, our architecture provides support for unidirectional technologies on the data and the control plane. This adopts a centralized coordinator approach, in which coordinator nodes install so-called management and data pipes. No routing state is kept at plain WiBACK nodes, which merely store QoS-aware pipe forwarding state. Consequently, the architecture requires a reliable protocol to push resource allocation and pipe forwarding state into the network, considering possibly unidirectional connectivity. Such a protocol, whose task is related to MPLS label distribution, is essential during the initial forming of WiBACK topologies and during regular network operations to reliably manage the data pipes. In this paper, we present a novel approach to extend our IEEE 802.21-inspired WiBACK TransportService and, based upon this, the design of an RSVP-TE-style pipe signalling protocol using nested hop-by-hop request/response MIH transactions that supports signalling over unidirectional technologies. A thorough evaluation and successful testbed deployments show that this protocol reliably signals pipe state even under high loss conditions
ConcepĆ§Ć£o e implementaĆ§Ć£o de experiĆŖncias laboratoriais sobre MPLS
Mestrado em Engenharia ElectrĆ³nica e TelecomunicaƧƵesO Multiprotocol Label Switching (MPLS) Ć© um mecanismo de
transporte de dados, sob a forma de um protocolo agnĆ³stico, com
grande potencial de crescimento e adequaĆ§Ć£o. Opera na āCamada 2.5ā
do modelo OSI e constitui um mecanismo de alto desempenho utilizado
nas redes de nĆŗcleo para transportar dados de um nĆ³ da rede para outro.
O sucesso do MPLS resulta do facto de permitir que a rede transporte
todos os tipos de dados, desde trƔfego IP a trƔfego da camada de
ligaĆ§Ć£o de dados, devido ao encapsulamento dos pacotes dos diversos
protocolos, permitindo a criaĆ§Ć£o de ālinks virtuaisā entre nĆ³s distantes.
O MPLS pertence Ć famĆlia das āredes de comutaĆ§Ć£o de pacotesā,
sendo os pacotes de dados associados a āetiquetasā que determinam o
seu encaminhamento, sem necessidade de examinar o conteĆŗdo dos
prĆ³prios pacotes. Isto permite a criaĆ§Ć£o de circuitos āextremo-aextremoā
atravƩs de qualquer tipo de rede de transporte e
independentemente do protocolo de encaminhamento que Ć© utilizado.
O projecto do MPLS considera mĆŗltiplas tecnologias no sentido de
prestar um serviƧo Ćŗnico de transporte de dados, tentando
simultaneamente proporcionar capacidades de engenharia de trƔfego e
controlo āout-of-bandā, uma caracterĆstica muito atraente para uma
implementaĆ§Ć£o em grande escala. No fundo, o MPLS Ć© uma forma de
consolidar muitas redes IP dentro de uma Ćŗnica rede.
Dada a importĆ¢ncia desta tecnologia, Ć© urgente desenvolver ferramentas
que permitam entender melhor a sua complexidade. O MPLS corre
normalmente nas redes de nĆŗcleo dos ISPs. No sentido de tornar o seu
estudo viĆ”vel, recorreu-se nesta dissertaĆ§Ć£o Ć emulaĆ§Ć£o para
implementar cenƔrios de complexidade adequada. Existem actualmente
boas ferramentas disponĆveis que permitem a recriaĆ§Ć£o em laboratĆ³rio
de cenƔrios bastante complicados.
Contudo, a exigĆŖncia computacional da emulaĆ§Ć£o Ć© proporcional Ć
complexidade do projecto em questĆ£o, tornando-se rapidamente
impossĆvel de realizar numa Ćŗnica mĆ”quina. A computaĆ§Ć£o distribuĆda
ou a āCloud Computingā sĆ£o actualmente as abordagens mais
adequadas e inovadoras apara a resoluĆ§Ć£o deste problema.
Esta dissertaĆ§Ć£o tem como objectivo criar algumas experiĆŖncias em
laboratĆ³rio que evidenciam aspectos relevantes da tecnologia MPLS,
usando para esse efeito um emulador computacional, o Dynamips,
impulsionado por generosas fontes computacionais disponibilizadas
pela Amazon ec2. A utilizaĆ§Ć£o destas ferramentas de emulaĆ§Ć£o permite
testar cenƔrios de rede e serviƧos reais em ambiente controlado,
efectuando o debugging das suas configuraƧƵes e optimizando o seu
desempenho, antes de os colocar em funcionamento nas redes em
operaĆ§Ć£o.The Multiprotocol Label Switching (MPLS) is a highly scalable and
agnostic protocol to carry network data.
Operating at "Layer 2.5" of the OSI model, MPLS is an highperformance
mechanism that is used at the network backbone for
conveying data from one network node to the next.
The success of MPLS results from the fact that it enables the network to
carry all kinds of traffic, ranging from IP to layer 2 traffic, since it
encapsulates the packets of the diverse network protocols, allowing the
creation of "virtual links" between distant nodes.
MPLS belongs to the family of packet switched networks, where labels
are assigned to data packets that are forwarded based on decisions that
rely only on the label contents, without the need to examine the packets
contents. This allows the creation of end-to-end circuits across any type
of transport medium, using any protocol.
The MPLS design takes multiform transport technologies into account to
provide a unified data-carrying service, attempting simultaneously to
preserve traffic engineering and out-of-band control, a very attractive
characteristic for large-scale deployment. MPLS is the way to
consolidate many IP networks into a single one. Due to this obvious
potential, it is urgent to develop means and tools to better understand its
functioning and complexity.
MPLS normally runs at the backbone of Service Providers networks,
being deployed across an extensive set of expensive equipment. In order
to turn the study of MPLS feasible, emulation was considered as the best
solution. Currently, there are very good available tools to recreate, in a
lab environment, quite complicated scenarios.
However, the computational demand of the emulation is proportional to
the complexity of the project, becoming quickly unfeasible in a single
machine.
Fortunately, distributed computing or Cloud computing are suitable and
novel approaches to solve this computation problem.
So, this work aims to create some lab experiments that can
illustrate/demonstrate relevant aspects of the MPLS technology, using the
Dynamips emulator driven by the computational resources that were
made available by the Amazon ec2 cloud computing facilities. The
utilization of these emulation tools allows testing real networks and
service scenarios in a controlled environment, being able to debug their
configurations and optimize their performance before deploying them in
real operating networks
Targeted Attack through Network Fingerprinting
peer reviewedNowadays, simple tools such as traceroute can be used by attackers to acquire topology knowledge remotely. Worse still, attackers can use a lightweight fingerprinting technique, based on traceroute and ping, to retrieve the routers brand, and use that knowledge to launch targeted attacks.
In this paper, we show that the hardware ecosystem of network operators can greatly vary from one to another, with all potential security implications it brings. Indeed, depending on the autonomous system (AS), not all brands play the same role in terms of network connectivity and network usage (MPLS vs. standard traffic). An attacker could find an interest in targeting a specific hardware vendor in a particular AS, if known defects are present in this hardware, and if the AS relies heavily on it for forwarding its traffic
System architecture and hardware implementations for a reconfigurable MPLS router
With extremely wide bandwidth and good channel properties, optical fibers have brought fast and reliable data transmission to todayās data communications. However, to handle heavy traffic flowing through optical physical links, much faster processing speed is required or else congestion can take place at network nodes. Also, to provide people with voice, data and all categories of multimedia services, distinguishing between different data flows is a requirement. To address these router performance, Quality of Service /Class of Service and traffic engineering issues, Multi-Protocol Label Switching (MPLS) was proposed for IP-based Internetworks. In addition, routers flexible in hardware architecture in order to support ever-evolving protocols and services without causing big infrastructure modification or replacement are also desirable. Therefore, reconfigurable hardware implementation of MPLS was proposed in this project to obtain the overall fast processing speed at network nodes.
The long-term goal of this project is to develop a reconfigurable MPLS router, which uniquely integrates the best features of operations being conducted in software and in run-time-reconfigurable hardware. The scope of this thesis includes system architecture and service algorithm considerations, Verilog coding and testing for an actual device. The hardware and software co-design technique was used to partition and schedule the protocol code for execution on both a general-purpose processor and stream-based hardware. A novel RPS scheme that is practically easy to build and can realize pipelined packet-by-packet data transfer at each output was proposed to take the place of the traditional crossbar switching. In RPS, packets with variable lengths can be switched intelligently without performing packet segmentation and reassembly. Primary theoretical analysis of queuing issues was discussed and an improved multiple queue service scheduling policy UD-WRR was proposed, which can reduce packet-waiting time without sacrificing the performance. In order to have the tests carried out appropriately, dedicated circuitry for the MPLS functional block to interface a specific MAC chip was implemented as well. The hardware designs for all functions were realized with a single Field Programmable Gate Array (FPGA) device in this project.
The main result presented in this thesis was the MPLS function implementation realizing a major part of layer three routing at the reconfigurable hardware level, which advanced a great step towards the goal of building a router that is both fast and flexible
- ā¦