ABSTRACT
Enterprise customers are increasingly adopting MPLS (Multiprotocol Label Switching) VPN (Virtual Private Network) service that offers direct any-to-any reachability among the customer sites via a provider network. Unfortunately this direct reachability model makes the service provider's routing tables grow very large as the number of VPNs and the number of routes per customer increase. As a result, router memory in the provider's network has become a key bottleneck in provisioning new customers. This paper proposes Relaying, a scalable VPN routing architecture that the provider can implement simply by modifying the configuration of routers in the provider network, without requiring changes to the router hardware and software. Relaying substantially reduces the memory footprint of VPNs by choosing a small number of hub routers in each VPN that maintain full reachability information, and by allowing non-hub routers to reach other routers through a hub. Deploying Relaying in practice, however, poses a challenging optimization problem that involves minimizing router memory usage by having as few hubs as possible, while limiting the additional latency due to indirect delivery via a hub. We first investigate the fundamental tension between the two objectives and then develop algorithms to solve the optimization problem by leveraging some unique properties of VPNs, such as sparsity of traffic matrices and spatial locality of customer sites. Extensive evaluations using real traffic matrices, routing configurations, and VPN topologies demonstrate that Relaying is very promising and can reduce routing-table usage by up to 90%, while increasing the additional distances traversed by traffic by only a few hundred miles, and the backbone bandwidth usage by less than 10%.
- T. Bates, R. Chandra, D. Katz, and Y. Rekhter. Multiprotocol Extensions for BGP-4. RFC 2283, 1998. Google ScholarDigital Library
- M. Caesar, T. Condie, J. Kannan, K. Lakshminarayanan, and I. Stoica. ROFL: Routing on Flat Labels. In Proc. ACM SIGCOMM, September 2006. Google ScholarDigital Library
- Cisco. Cisco line cards, engine 0,1,2,3,4. http://www.cisco.com/en/US/products/hw/routers/ps167/products_tech_note09186a00801e1dbe.shtml.Google Scholar
- B. Claise. Cisco Systems NetFlow Services Export Version 9. Request for Comments 3954, October 2004.Google Scholar
- W. Enck, P. McDaniel, S. Sen, et al. Configuration Management at a Massive Scale: System Design and Experience. In Proc. USENIX Annual Technical Conference, 2007. Google ScholarDigital Library
- D. Farinacci, V. Fuller, D. Oran, and D. Meyer. Locator/ID Separation Protocol (LISP). Internet-Draft (work in progress), November 2007.Google Scholar
- B. Ford. Unmanaged Internet Protocol: taming the edge network management crisis. In ACM Computer Communication Review, volume 34, pages 93--98, 2004. Google ScholarDigital Library
- IDC. U.S. IP VPN services 2006-2010 forecast. http://www.idc.com/getdoc.jsp?containerId=201682.Google Scholar
- R. Karp. Reducibility among combinatorial problems. In Complexity of Computer Computations, pages 85--103, 1972.Google ScholarCross Ref
- C. Kim, A. Gerber, C. Lund, D. Pei, and S. Sen. Scalable VPN Routing via Relaying. Technical Report, November 2007. AT&T TD-794M29.Google Scholar
- S. Raghunath, S. Kalyanaraman, and K. K. Ramakrishnan. Trade-offs in Resource Management for Virtual Private Networks. In Proc. IEEE INFOCOM, March 2005.Google ScholarCross Ref
- S. Raghunath, K. K. Ramakrishnan, S. Kalyanaraman, and C. Chase. Measurement Based Characterization and Provisioning of IP VPNs. In Proc. Internet Measurement Conference, October 2004. Google ScholarDigital Library
- Y. Rekhter, T. Li, and S. Hares. A Border Gateway Protocol (BGP-4). RFC 4271, January 2006.Google Scholar
- E. Rosen and Y. Rekhter. BGP/MPLS IP Virtual Private Networks. RFC 4364, February 2006.Google Scholar
- X. Zhang, P. Francis, J. Wang, and K. Yoshida. Scaling IP Routing with the Core Router-Integrated Overlay. In Proc. International Conference on Network Protocols, 2006. Google ScholarDigital Library
Index Terms
- Scalable VPN routing via relaying
Recommendations
Scalable VPN routing via relaying
SIGMETRICS '08Enterprise customers are increasingly adopting MPLS (Multiprotocol Label Switching) VPN (Virtual Private Network) service that offers direct any-to-any reachability among the customer sites via a provider network. Unfortunately this direct reachability ...
Multi-VPN optimization for scalable routing via relaying
Enterprise networks are increasingly adopting Layer-3 multiprotocol label switching (MPLS) virtual private network (VPN) technology to connect geographically disparate locations. The any-to-any direct connectivity model of this technology is causing ...
Multi-path routing versus tree routing for VPN bandwidth provisioning in the hose model
In this paper we study the bandwidth provisioning of VPN service in the hose model with multi-path routing and tree routing. We have investigated the bandwidth efficiency and blocking performance of these two routing schemes. Our study shows that ...
Comments