14 research outputs found
Optimization of BGP Convergence and Prefix Security in IP/MPLS Networks
Multi-Protocol Label Switching-based networks are the backbone of the operation of the Internet, that communicates through the use of the Border Gateway Protocol which connects distinct networks, referred to as Autonomous Systems, together. As the technology matures, so does the challenges caused by the extreme growth rate of the Internet. The amount of BGP prefixes required to facilitate such an increase in connectivity introduces multiple new critical issues, such as with the scalability and the security of the aforementioned Border Gateway Protocol.
Illustration of an implementation of an IP/MPLS core transmission network is formed through the introduction of the four main pillars of an Autonomous System: Multi-Protocol Label Switching, Border Gateway Protocol, Open Shortest Path First and the Resource Reservation Protocol. The symbiosis of these technologies is used to introduce the practicalities of operating an IP/MPLS-based ISP network with traffic engineering and fault-resilience at heart.
The first research objective of this thesis is to determine whether the deployment of a new BGP feature, which is referred to as BGP Prefix Independent Convergence (PIC), within AS16086 would be a worthwhile endeavour. This BGP extension aims to reduce the convergence delay of BGP Prefixes inside of an IP/MPLS Core Transmission Network, thus improving the networks resilience against faults.
Simultaneously, the second research objective was to research the available mechanisms considering the protection of BGP Prefixes, such as with the implementation of the Resource Public Key Infrastructure and the Artemis BGP Monitor for proactive and reactive security of BGP prefixes within AS16086.
The future prospective deployment of BGPsec is discussed to form an outlook to the future of IP/MPLS network design. As the trust-based nature of BGP as a protocol has become a distinct vulnerability, thus necessitating the use of various technologies to secure the communications between the Autonomous Systems that form the network to end all networks, the Internet
MPLS & QoS in Virtual Environments
The rise of high performance computing has seen a shift of services from locally managed Data Centers, to centralized globally redundant Data Centers (Cloud Computing). The scale of operation and churn required for cloud computing has in turn led to the rise of faster and programmable network pathing, via SDN & NFV. Cloud compute resources are accessible to individual researchers, as well as larger organizations. Cloud computing relies heavily on virtualization and abstraction of resources. The interconnect between these resources is more complex than ever, due to the need to seamlessly move from virtual to physical to hybrid networks and resources. MPLS as a technology is robust and has been used as transport for decades with a good track record. QoS has been available within most protocols to ensure service levels are maintained. The integration of MPLS, QoS and virtual environments is a space of increasing interest. It would allow for the seamless movement of traffic from end to end without the need for specialized hardware or vendor lock-in.
In this thesis, the performance gains of IP/MPLS networks utilizing QoS on commercially available virtual environments has been investigated and studied. Latency was captured via round trip time metrics and tabulated for voice, video and data, with QoS and congestion as the primary differentiators. The study discusses the approach taken, the common thinking, and finally analyzes the results of a simulation, in order to show that MPLS & QoS benefits are viable in virtualized environments
Virtual Private Networks Using IPv6 Protocol
Cílem diplomové práce je návrh, realizace a testování technologie VPN v síti založené na protokolu IPv6 v laboratorním prostředí a s využitím směrovačů Huawei a Cisco.V této diplomové práci jsou zastoupeny technologie GRE VPN, IPsec VPN a MPLS L3 VPN. Práce se dále zabývá návrhem, realizací a ověřením funkčnosti těchto technologií v sítích používajících protokol IPv6, ale také zjištěním, jak se liší tato řešení VPN v internetových protokolech různých verzí, konkrétně IPv4 a IPv6The aim of this thesis is to design, implement and test VPN technology in an IPv6-based network in a laboratory environment using Huawei and Cisco routers. GRE VPN, IPsec VPN and MPLS L3 VPN technologies are represented in this thesis. The thesis also looks at the design, implementation and verification of the functionality of these technologies in networks using IPv6, but also to see how these VPN solutions differ in the different internet protocols, namely IPv4 and IPv6.440 - Katedra telekomunikační technikydobř
IPv6 Deployment in a Service Provider's Data Center Network
Tämä diplomityö on tehty toimeksiantona Capgemini Finland Oy:lle (myöh. Capgemini). Sen tavoitteena on ottaa IPv6-protokolla käyttöön Capgeminin konesaliverkossa niin, että se on saavutettavissa Internetistä IPv4-protokollan lisäksi myös IPv6-protokollalla.
Työn ensimmäisessä luvussa kerrotaan lyhyesti siitä, mitkä tämän työn taustat ja tavoitteet ovat sekä minkä ongelman ja osaongelmat se ratkaisee. Toisessa luvussa kerrotaan, mitkä IPv4-protokollan ongelmat ovat ja miksi IPv6-protokolla lopulta korvaa sen. Kolmannessa luvussa esitellään IPv6-protokollaa ja sen tukiprotokollia IETF:n (Internet Engineering Task Force) RFC-dokumenttien (Request For Comments) ja kirjallisuuden pohjalta. Neljännessä luvussa perehdytään lyhyesti IPv6-protokollan tietoturvaan IPv6-käyttöönottoon liittyen ja kerrotaan, millaisia IPv6-transitiomekanismeja on olemassa. Viidennessä luvussa näytetään ensin tyypillinen palvelinkeskuksen konesaliverkon verkkotopologia ja esitellään sen jälkeen Capgeminin konesaliverkon rakenne. Kuudennessa luvussa yhdistetään Capgeminin konesaliverkko Internetiin IPv6-protokollalla ja rakennetaan Capeminin laboratorioon IPv6-testiverkko. Luvussa kehitetään myös konsepti, jolla voidaan provisioida IPv6-protokollalla toimiva www-palvelu Capgeminin konesaliverkossa mahdollisimman helposti ja kustannustehokkaasti. Lopuksi seitsemännessä luvussa käydään läpi IPv6-käyttöönoton tulokset, seuraukset ja siinä esiintyneet haasteet sekä tehdään suunnitelma siitä, mitkä ovat seuraavat askeleet IPv6-protokollan laajemmalle käyttöönotolle Capgeminin konesaliverkossa.This Master's thesis was done for Capgemini Finland Oy (later referred to as Capgemini). The objective of the thesis is to deploy the IPv6 protocol in Capgemini's data center network so that it is reachable from the Internet also via IPv6 in addition to IPv4.
In the first chapter of the thesis the background and objectives of the thesis in addition to the problem it solves are discussed. In the second chapter the inadequacy of the IPv4 protocol and the reasons why IPv6 will eventually replace it are explained. In the third chapter the IPv6 base protocol and its supporting protocols are presented based on RFC (Request For Comments) documents published by the IETF (Internet Engineering Task Force) and literature. In the fourth chapter IPv6 security with respect to the IPv6 deployment and IPv6 transition mechanisms are introduced. In the fifth chapter, a typical data center network topology is first shown after which the Capgemini data center network is showcased. In the sixth chapter the Capgemini data center network is connected to the Internet via IPv6 and an IPv6 test network is set up in the Capgemini laboratory. A proof of concept to provision an IPv6 web service in the Capgemini data center network with minimal capital and operational expenditure is also developed. Finally, in the seventh chapter the results, consequences and challenges of the IPv6 deployment are reviewed and a plan is made as to what the next steps for a more comprehensive IPv6 deployment in the Capgemini data center network are
Protocols Analysis of CISCO Networks
ABSTRAKT Bc.Karlík, Martin Ústav telekomunikací, Fakulta elektrotechniky a komunikačních technologií, Vysoké učení technické v Brně. Rozbor protokolov CISCO sietí Táto semestrálna práca je venovaná CISCO sieťam a protokolom ako MPLS, BGP, IPv4, IPv6, Multicast – sparse / dense mode. Úlohou bolo preštudovať tieto porotokoly a vo voľne dostupnom simulačnom prostredí GNS3 navrhnúť a realizovať laboratórnu úlohu zo zameraním sa na jeden z vyššie uvedených protokolov. Navrhnutá laboratórna úloha sa venuje protokolu MPLS. V práci je použitý CISCO smerovač 3745.ABSTRACT Bc.Karlík, Martin Department of Telecommunications, Faculty of Electrical Engineering and Communication, Brno University of Technology. Analysis of CISCO networking protocols This semestral thesis is focused on CISCO networks and protocols like MPLS, BGP, Ipv4, Ipv6, Multicast – sprase / dense mode. The task was study of those protocols and design and implement lab excercise with one of those protocols by using free network simulator GNS3. In this excercise is used CISCO router 3745.
Diseño y solución de red para la integración de Centros de Datos
El presente proyecto contempla el diseño de una solución de interconexión de dos centros
de procesado de datos (CPDs) con el objetivo de fusionar dos empresas a nivel de red, a las
que llamaremos empresa C y empresa G.
Se trata de dos entidades bancarias que por motivos políticos y económicos han acordado
unirse dando lugar a una sola entidad. Para que esto sea posible las dos empresas, mediante
mutuo acuerdo, han contratado a un grupo de ingenieros integradores de redes expertos en el
campo y capaces de ofrecer una solución totalmente transparente para el cliente.
El integrador ofrece en esta memoria una solución técnica cuyo objetivo es unir los núcleos
de la red de forma que los usuarios de una empresa tengan acceso a los recursos y/o servicios
de la otra empresa, y viceversa. De esta manera, se logra unir ambas empresas como si fuese
una sola.
Aprovechando esta solución de red, el integrador resolverá problemas presentes en las dos
empresas ofreciendo mejores alternativas para garantizar mayor seguridad, escalabilidad y
eficiencia en la red. Paralelamente se aprovecharán mejor los recursos existentes, como el
equipamiento y las tecnologías, para el mismo objetivo; ofrecer una solución altamente
potente y escalable tanto a corto como a largo plazo.
Tanto la definición como la solución de este proyecto han sido ideados por la autora del
mismo, no habiéndose basado para ello en ningún escenario real.This project involves the design of a solution for interconnection of two data centers
(CPDs) in order to merge the network of the two companies, called company C and company
G.
Both companies are two financial entities that for political and economic reasons have
agreed together resulting in a single entity. To make this merger possible, both companies
have hired a group of expert network integrators who are able to provide a fully transparent
solution for the customer.
The integrator provides in this project a technical solution which aims to unite the Core of
the network so that users have access to company resources and / or services of the other
company, and vice versa. Thus, it is possible to unite the two companies as if it were a single.
Taking advantage of this network solution, the integrator will solve actual problems in both
companies offering better alternatives to ensure greater security, scalability and network
efficiency. In parallel, existing resources will be taken on advantage, such as equipment and
technologies, and all of that for the same purpose; to offer a powerful and highly scalable
solution.
Both the definition and the solution of this project have been designed by the author
himself, without basing herself on any real scenario.Ingeniería Técnica en Sonido e Image
Creation of value with open source software in the telecommunications field
Tese de doutoramento. Engenharia Electrotécnica e de Computadores. Faculdade de Engenharia. Universidade do Porto. 200