SlideShare a Scribd company logo

Vp ns

S
sangusajjan
Technology
1 of 8
Download to read offline
VPNs, Tunneling, and Overlay Networks Virtual Private Networks (VPNs) A virtual private network (VPN) is a data network having connections that make use of public networking facilities. The (VPN) part of public network is set up "virtually" by a private-sector entity to provide public networking services to small entities. With the globalization of businesses, many companies have facilities across the world and use VPNs to maintain fast, secure, and reliable communications across their branches. Creating a VPN benefits an organization benefits by providing • Extended geographical communication • Reduced operational cost • Enhanced organizational management • Enhanced network management with simplified local area networks • Improved productivity and globalization
Remote-Access VPN Remote-access VPN is a user-to-LAN connection that an organization uses to connect its users to a private network from various remote locations. Large remote-access VPNs are normally outsourced to an Internet service provider to set up a network-access server. Other users, working off campus, can then reach the network-access server and use the VPN software to access the corporate network. Tunneling in a remote-access VPN uses mainly the Point-to-Point Protocol (PPP). PPP is the carrier for other Internet protocols when communicating over the network between a host computer and a remote point. Site-to-Site VPN Site-to-site VPNs can be classified as either intranets or extranets. • Intranet VPNs connect an organization's remote-site LANs into a single private network. • Extranet VPNs allow two organizations to work in a shared environment through a tunnel built to connect their LANs. In a site-to-site VPN, generic routing encapsulation (GRE) is normally the encapsulating protocol. GRE provides the framework for the encapsulation over an IP-based protocol. IPsec in tunnel mode is sometimes used as the encapsulating protocol
Tunneling and Point-to-Point Protocol (PPP) A tunnel is a connection that forms a virtual network on top of a physical network. In computer networking, a tunnel resembles a telephone line in a public switched telephone network. Besides Internet protocols, tunneling requires two other types of protocols: 1. Carrier protocols, through which information travels over the public network 2. Encapsulating protocols, through which data is wrapped, encapsulated, and secured One of the amazing implications of VPNs is that packets that use a protocol not supported on the Internet, such as NetBeui, can be placed inside an IP packet and sent safely over the Internet. Point-to-Point Protocol (PPP) The basic notion in tunneling is packet encapsulation from one protocol into the same or higher- layer protocol. Thus, a tunnel can also be defined as an encapsulating protocol for protocols at the lower layers. Tunneling protocols, such as the Point-to-Point Protocol (PPP) or the Point-to- Point Tunneling Protocol (PPTP) are encapsulating protocols that allow an organization to establish secure connections from one point to another while using public resources. A PPP connection is a serial connection between a user and an Internet service provider. Security in VPNs Without using dedicated hardware, a VPN uses virtual connections routed through the Internet from the company's private network to the remote site. Companies can create their own VPNs to accommodate the needs of remote employees and distant offices. This section looks at methods
for keeping VPN connections secure. A well-protected VPN uses firewalls, encryption systems, IPsec features, and an authentication server. A firewall provides an effective barrier between a private network and the Internet. Firewalls can be set up to restrict the number of open ports to monitor what types of packets are passed through and which protocols are allowed through. Multiprotocol Label Switching (MPLS) Multiprotocol label switching (MPLS) improves the overall performance and delay characteristics of the Internet. MPLS transmission is a special case of tunneling and is an efficient routing mechanism. Its connection-oriented forwarding mechanism, together with layer 2 label-based lookups, enables traffic engineering to implement peer-to-peer VPNs effectively. MPLS adds some traditional layer 2 capabilities and services, such as traffic engineering, to the IP layer. This technology adds new capabilities to IP-based networks: • Connection-oriented QoS support • Traffic engineering • VPN support • Multiprotocol support MPLS network architectures also support other applications, such as IP multicast routing and QoS extensions. The power of MPLS lies in the number of applications made possible with simple label switching, ranging from traffic engineering to peer-to-peer VPNs. MPLS Operation MPLS is based on the assignment of labels to packets. Assigning labels to each packet makes a label-swapping scheme perform its routing process much more efficiently. An MPLS network consists of nodes called label switch routers (LSR). An LSR switches labeled packets according to particular switching tables. An LSR has two distinct functional components: a control component and a forwarding component. The control component uses routing protocols, such as OSPF and the border gateway protocol (BGP). The control component also facilitates the exchange of information with other LSRs to build and maintain the forwarding table. MPSL Packet Format MPLS uses label stacking to become capable of multilevel hierarchical routing. A label enables the network to perform faster by using smaller forwarding tables, a property that ensures a convenient scalability of the network. MPLS header encapsulation for an IP packet. An MPLS label is a 32-bit field consisting of several fields as follows. • Label value is a 20-bit field label and is significant only locally. • Exp is a 3-bit field reserved for future experimental use. • S is set to 1 for the oldest entry in the stack and to 0 for all other entries.
• Time to live is an 8-bit field used to encode a hop-count value to prevent packets from looping forever in the network Routing in MPLS Domains An ingress LSR is an edge device that performs the initial packet processing and classification and applies the first label. An ingress LSR creates a new label. A core LSR swaps the incoming label with a corresponding next-hop label found from a forwarding table. At the other end of the network, another edge router, the egress LSR, is an outbound edge router and pops the label from the packet. It should be noted that multiple labels may be attached to a packet, forming a stack of labels. Label stacking enables multilevel hierarchical routing. For example, BGP labels are used for higher-level hierarchical packet forwarding from one BGP speaker to the other, whereas Interior Gateway Protocol (IGP) labels are used for packet forwarding within an autonomous system. Only the label at the top of the stack determines the forwarding decision.
Tunneling and Use of FEC In an MPLS operation, any traffic is grouped into FECs. FEC implies that a group of IP packets are forwarded in the same manner for example, over the same path or with the same forwarding treatment. A packet can be mapped to a particular FEC, based on the following criteria: • Source and/or destination IP address or IP network addresses • TCP/UDP port numbers • Class of service • Applications As mentioned earlier, labels have only local significance. This fact removes a considerable amount of the network-management burden. An MPLS packet may carry as many labels as required by a network sender. The process of labeled packets can always be performed based on the top label. The feature of label stack allows the aggregation of LSPs into a single LSP for a portion of the route, creating an MPLS tunnel. Label Distribution Protocol (LDP) The Label Distribution Protocol (LDP) is a set of rules by which an LSR informs another LSR of an FEC. LDP enables two LSRs to understand each other's MPLS capabilities. Traffic Engineering High-quality connections can be expensive in an Internet service provider domain. Traffic engineering enables an ISP to route high-quality traffic to offer the best service to users in terms of throughput and delay. This way, traffic engineering reduces the cost of a network connection. Traffic engineering substitutes the need to manually configure network devices to set up explicit routes. In MPLS, traffic engineering is an automated scheme for control signaling and link bandwidth assignment and has a dynamic adaptation mechanism. MPLS-Based VPNs Routine operations of virtual private networks require the use of both wide-area intradomain routing and interdomain routing schemes. A VPN's request to form a tunnel can be processed at
the edge routers. For example, multiprotocol-based Border Gateway Protocol (BGP) makes MPLS-based VPN easier to manage VPN sites and VPN membership, mainly owing to the traffic engineering feature of MPLS. In an MPLS network, VPNs can be deployed by delivering the service using MPLS-aware subscriber equipment on the same infrastructure used for deploying Internet services. Overlay Networks An overlay network is an application-specific computer network built on top of another network. In other words, an overlay network creates a virtual topology on top of the physical topology. This type of network is created to protect the existing network structure from new protocols whose testing phases require Internet use. Such networks protect packets under test while isolating them from the main networking infrastructure in a test bed. Overlay networks are self-organized. When a node fails, the overlay network algorithm should provide solutions that let the network recover and recreate an appropriate network structure. Another fundamental difference between an overlay network and an unstructured network is that overlays' look- up routing information is on the basis of identifiers derived from the content of moving frames. Peer-to-Peer (P2P) Connection As an overlay network resembles a system consisting of various applications running on a single operating system, it could also resemble a set of tunnels that interconnect resources and users. The interconnects are carried out by peer-to-peer (P2P) protocols.
Let δ be the time required to establish a connection and tf be the time to finish the service as soon as the connection establishes. Assuming that the requests arrive at random to a peer node, the service time s is

Recommended

International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
VPN Using MPLS Technique
VPN Using MPLS TechniqueVPN Using MPLS Technique
VPN Using MPLS TechniqueAhmad Atta
 
Design And Analysis Of MPLS based VPN
Design And Analysis Of MPLS based VPNDesign And Analysis Of MPLS based VPN
Design And Analysis Of MPLS based VPNgandhimb
 
my project publication
my project publicationmy project publication
my project publicationEmmanuel Onyeakusi
 
Doc6 mpls vpn-ppt
Doc6 mpls vpn-pptDoc6 mpls vpn-ppt
Doc6 mpls vpn-pptSwarup Kumar Mall
 
Introduction for internet connectivity (IoT)
Introduction for internet connectivity (IoT) Introduction for internet connectivity (IoT)
Introduction for internet connectivity (IoT)FabMinds
 
L2 tp
L2 tpL2 tp
L2 tpRamya Chowdary
 
QOS of MPLS
QOS of MPLSQOS of MPLS
QOS of MPLSIOSR Journals
 

Recommended

International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
VPN Using MPLS Technique
VPN Using MPLS TechniqueVPN Using MPLS Technique
VPN Using MPLS TechniqueAhmad Atta
 
Design And Analysis Of MPLS based VPN
Design And Analysis Of MPLS based VPNDesign And Analysis Of MPLS based VPN
Design And Analysis Of MPLS based VPNgandhimb
 
my project publication
my project publicationmy project publication
my project publicationEmmanuel Onyeakusi
 
Doc6 mpls vpn-ppt
Doc6 mpls vpn-pptDoc6 mpls vpn-ppt
Doc6 mpls vpn-pptSwarup Kumar Mall
 
Introduction for internet connectivity (IoT)
Introduction for internet connectivity (IoT) Introduction for internet connectivity (IoT)
Introduction for internet connectivity (IoT)FabMinds
 
L2 tp
L2 tpL2 tp
L2 tpRamya Chowdary
 
QOS of MPLS
QOS of MPLSQOS of MPLS
QOS of MPLSIOSR Journals
 
MPLS
MPLSMPLS
MPLSElyes Naouar
 
MPLS
MPLSMPLS
MPLSSaif Ullah Khan
 
Mpls basics introduction
Mpls basics introductionMpls basics introduction
Mpls basics introductionPhilip Agu Bah
 
MPLS ppt
MPLS pptMPLS ppt
MPLS pptJagtar Dhaliwal
 
MPLS - Multiprotocol Label Switching
MPLS - Multiprotocol Label SwitchingMPLS - Multiprotocol Label Switching
MPLS - Multiprotocol Label SwitchingPeter R. Egli
 
MPLS L2VPN (VLL) Technology
MPLS L2VPN (VLL) TechnologyMPLS L2VPN (VLL) Technology
MPLS L2VPN (VLL) TechnologyAndy Juan Sarango Veliz
 
Performance of MPLS-based Virtual Private Networks and Classic Virtual Privat...
Performance of MPLS-based Virtual Private Networks and Classic Virtual Privat...Performance of MPLS-based Virtual Private Networks and Classic Virtual Privat...
Performance of MPLS-based Virtual Private Networks and Classic Virtual Privat...TELKOMNIKA JOURNAL
 
Comparison between traditional vpn and mpls vpn
Comparison between traditional vpn and mpls vpnComparison between traditional vpn and mpls vpn
Comparison between traditional vpn and mpls vpnmmubashirkhan
 
How Secure are IPsec and SSL VPN encryptions
How Secure are IPsec and SSL VPN encryptionsHow Secure are IPsec and SSL VPN encryptions
How Secure are IPsec and SSL VPN encryptionsUday Bhatia
 
Mobility managment and io t standards
Mobility managment and io t standardsMobility managment and io t standards
Mobility managment and io t standardswaelayoub
 
What is cisco bgp control plane for vxlan
What is cisco bgp control plane for vxlanWhat is cisco bgp control plane for vxlan
What is cisco bgp control plane for vxlanIT Tech
 
Unit 3 Network Layer PPT
Unit 3 Network Layer PPTUnit 3 Network Layer PPT
Unit 3 Network Layer PPTKalpanaC14
 
A New Data Link Layer Protocol for Satellite IP Networks
A New Data Link Layer Protocol for Satellite IP NetworksA New Data Link Layer Protocol for Satellite IP Networks
A New Data Link Layer Protocol for Satellite IP NetworksNiraj Solanki
 
International Journal of Engineering Research and Development
International Journal of Engineering Research and DevelopmentInternational Journal of Engineering Research and Development
International Journal of Engineering Research and DevelopmentIJERD Editor
 
Mobile computing unit-5
Mobile computing unit-5Mobile computing unit-5
Mobile computing unit-5Ramesh Babu
 
Unit 3
Unit 3Unit 3
Unit 3Assistant Professor
 
Mpls
MplsMpls
MplsFasih Rehman
 
Connection( less & oriented)
Connection( less & oriented)Connection( less & oriented)
Connection( less & oriented)ymghorpade
 
i pv6
i pv6i pv6
i pv6BishalWosti1
 
MC0087 Internal Assignment (SMU)
MC0087 Internal Assignment (SMU)MC0087 Internal Assignment (SMU)
MC0087 Internal Assignment (SMU)Krishan Pareek
 
Implementation of intelligent wide area network(wan)- report
Implementation of intelligent wide area network(wan)- reportImplementation of intelligent wide area network(wan)- report
Implementation of intelligent wide area network(wan)- reportJatin Singh
 
G010314853
G010314853G010314853
G010314853IOSR Journals
 

More Related Content

What's hot

Mpls basics introduction
Mpls basics introductionMpls basics introduction
Mpls basics introductionPhilip Agu Bah
 
MPLS - Multiprotocol Label Switching
MPLS - Multiprotocol Label SwitchingMPLS - Multiprotocol Label Switching
MPLS - Multiprotocol Label SwitchingPeter R. Egli
 
Performance of MPLS-based Virtual Private Networks and Classic Virtual Privat...
Performance of MPLS-based Virtual Private Networks and Classic Virtual Privat...Performance of MPLS-based Virtual Private Networks and Classic Virtual Privat...
Performance of MPLS-based Virtual Private Networks and Classic Virtual Privat...TELKOMNIKA JOURNAL
 
Comparison between traditional vpn and mpls vpn
Comparison between traditional vpn and mpls vpnComparison between traditional vpn and mpls vpn
Comparison between traditional vpn and mpls vpnmmubashirkhan
 
How Secure are IPsec and SSL VPN encryptions
How Secure are IPsec and SSL VPN encryptionsHow Secure are IPsec and SSL VPN encryptions
How Secure are IPsec and SSL VPN encryptionsUday Bhatia
 
Mobility managment and io t standards
Mobility managment and io t standardsMobility managment and io t standards
Mobility managment and io t standardswaelayoub
 
What is cisco bgp control plane for vxlan
What is cisco bgp control plane for vxlanWhat is cisco bgp control plane for vxlan
What is cisco bgp control plane for vxlanIT Tech
 
Unit 3 Network Layer PPT
Unit 3 Network Layer PPTUnit 3 Network Layer PPT
Unit 3 Network Layer PPTKalpanaC14
 
A New Data Link Layer Protocol for Satellite IP Networks
A New Data Link Layer Protocol for Satellite IP NetworksA New Data Link Layer Protocol for Satellite IP Networks
A New Data Link Layer Protocol for Satellite IP NetworksNiraj Solanki
 
International Journal of Engineering Research and Development
International Journal of Engineering Research and DevelopmentInternational Journal of Engineering Research and Development
International Journal of Engineering Research and DevelopmentIJERD Editor
 
Mobile computing unit-5
Mobile computing unit-5Mobile computing unit-5
Mobile computing unit-5Ramesh Babu
 
Connection( less & oriented)
Connection( less & oriented)Connection( less & oriented)
Connection( less & oriented)ymghorpade
 
MC0087 Internal Assignment (SMU)
MC0087 Internal Assignment (SMU)MC0087 Internal Assignment (SMU)
MC0087 Internal Assignment (SMU)Krishan Pareek
 

What's hot (20)

MPLS
MPLSMPLS
MPLS
 
MPLS
MPLSMPLS
MPLS
 
Mpls basics introduction
Mpls basics introductionMpls basics introduction
Mpls basics introduction
 
MPLS ppt
MPLS pptMPLS ppt
MPLS ppt
 
MPLS - Multiprotocol Label Switching
MPLS - Multiprotocol Label SwitchingMPLS - Multiprotocol Label Switching
MPLS - Multiprotocol Label Switching
 
MPLS L2VPN (VLL) Technology
MPLS L2VPN (VLL) TechnologyMPLS L2VPN (VLL) Technology
MPLS L2VPN (VLL) Technology
 
Performance of MPLS-based Virtual Private Networks and Classic Virtual Privat...
Performance of MPLS-based Virtual Private Networks and Classic Virtual Privat...Performance of MPLS-based Virtual Private Networks and Classic Virtual Privat...
Performance of MPLS-based Virtual Private Networks and Classic Virtual Privat...
 
Comparison between traditional vpn and mpls vpn
Comparison between traditional vpn and mpls vpnComparison between traditional vpn and mpls vpn
Comparison between traditional vpn and mpls vpn
 
How Secure are IPsec and SSL VPN encryptions
How Secure are IPsec and SSL VPN encryptionsHow Secure are IPsec and SSL VPN encryptions
How Secure are IPsec and SSL VPN encryptions
 
Mobility managment and io t standards
Mobility managment and io t standardsMobility managment and io t standards
Mobility managment and io t standards
 
What is cisco bgp control plane for vxlan
What is cisco bgp control plane for vxlanWhat is cisco bgp control plane for vxlan
What is cisco bgp control plane for vxlan
 
Unit 3 Network Layer PPT
Unit 3 Network Layer PPTUnit 3 Network Layer PPT
Unit 3 Network Layer PPT
 
A New Data Link Layer Protocol for Satellite IP Networks
A New Data Link Layer Protocol for Satellite IP NetworksA New Data Link Layer Protocol for Satellite IP Networks
A New Data Link Layer Protocol for Satellite IP Networks
 
International Journal of Engineering Research and Development
International Journal of Engineering Research and DevelopmentInternational Journal of Engineering Research and Development
International Journal of Engineering Research and Development
 
Mobile computing unit-5
Mobile computing unit-5Mobile computing unit-5
Mobile computing unit-5
 
Unit 3
Unit 3Unit 3
Unit 3
 
Mpls
MplsMpls
Mpls
 
Connection( less & oriented)
Connection( less & oriented)Connection( less & oriented)
Connection( less & oriented)
 
i pv6
i pv6i pv6
i pv6
 
MC0087 Internal Assignment (SMU)
MC0087 Internal Assignment (SMU)MC0087 Internal Assignment (SMU)
MC0087 Internal Assignment (SMU)
 

Similar to Vp ns

Implementation of intelligent wide area network(wan)- report
Implementation of intelligent wide area network(wan)- reportImplementation of intelligent wide area network(wan)- report
Implementation of intelligent wide area network(wan)- reportJatin Singh
 
MPLS Virtual Private Networks.pdf
MPLS Virtual Private Networks.pdfMPLS Virtual Private Networks.pdf
MPLS Virtual Private Networks.pdfHuynh MVT
 
Segment Routing: Prepare Your Network For New Business Models
Segment Routing: Prepare Your Network For New Business ModelsSegment Routing: Prepare Your Network For New Business Models
Segment Routing: Prepare Your Network For New Business ModelsCisco Service Provider
 
IRJET- Performance Analysis of MPLS-VPN and Traditional IP Network
IRJET- Performance Analysis of MPLS-VPN and Traditional IP NetworkIRJET- Performance Analysis of MPLS-VPN and Traditional IP Network
IRJET- Performance Analysis of MPLS-VPN and Traditional IP NetworkIRJET Journal
 
Approach to an Intelligent Based IP over MPLS VPLS Network for Packet Scheduling
Approach to an Intelligent Based IP over MPLS VPLS Network for Packet SchedulingApproach to an Intelligent Based IP over MPLS VPLS Network for Packet Scheduling
Approach to an Intelligent Based IP over MPLS VPLS Network for Packet SchedulingIRJET Journal
 
Cube2012 high capacity service provider design using gpmls for ip next genera...
Cube2012 high capacity service provider design using gpmls for ip next genera...Cube2012 high capacity service provider design using gpmls for ip next genera...
Cube2012 high capacity service provider design using gpmls for ip next genera...Ashish Tanwer
 
2002023
20020232002023
2002023pglehn
 
Auto-Bandwidth Allocation in Multicast Aware VPLS Netowrks
Auto-Bandwidth Allocation in Multicast Aware VPLS NetowrksAuto-Bandwidth Allocation in Multicast Aware VPLS Netowrks
Auto-Bandwidth Allocation in Multicast Aware VPLS NetowrksAllan Kweli
 
Research paper ( MPLS as a Software-Defined Network )
Research paper ( MPLS as a Software-Defined Network )Research paper ( MPLS as a Software-Defined Network )
Research paper ( MPLS as a Software-Defined Network )Chinmay Upasani
 
Application Engineered Routing Enables Applications and Network Infrastructur...
Application Engineered Routing Enables Applications and Network Infrastructur...Application Engineered Routing Enables Applications and Network Infrastructur...
Application Engineered Routing Enables Applications and Network Infrastructur...Cisco Service Provider
 
IJSRED-V1I1P4
IJSRED-V1I1P4IJSRED-V1I1P4
IJSRED-V1I1P4IJSRED
 
Implementation of intelligent wide area network(wan)
Implementation of intelligent wide area network(wan)Implementation of intelligent wide area network(wan)
Implementation of intelligent wide area network(wan)Jatin Singh
 

Similar to Vp ns (20)

Implementation of intelligent wide area network(wan)- report
Implementation of intelligent wide area network(wan)- reportImplementation of intelligent wide area network(wan)- report
Implementation of intelligent wide area network(wan)- report
 
G010314853
G010314853G010314853
G010314853
 
MPLS Virtual Private Networks.pdf
MPLS Virtual Private Networks.pdfMPLS Virtual Private Networks.pdf
MPLS Virtual Private Networks.pdf
 
Voice over MPLS
Voice over MPLSVoice over MPLS
Voice over MPLS
 
Segment Routing: Prepare Your Network For New Business Models
Segment Routing: Prepare Your Network For New Business ModelsSegment Routing: Prepare Your Network For New Business Models
Segment Routing: Prepare Your Network For New Business Models
 
IRJET- Performance Analysis of MPLS-VPN and Traditional IP Network
IRJET- Performance Analysis of MPLS-VPN and Traditional IP NetworkIRJET- Performance Analysis of MPLS-VPN and Traditional IP Network
IRJET- Performance Analysis of MPLS-VPN and Traditional IP Network
 
L347176
L347176L347176
L347176
 
Mpls
MplsMpls
Mpls
 
Approach to an Intelligent Based IP over MPLS VPLS Network for Packet Scheduling
Approach to an Intelligent Based IP over MPLS VPLS Network for Packet SchedulingApproach to an Intelligent Based IP over MPLS VPLS Network for Packet Scheduling
Approach to an Intelligent Based IP over MPLS VPLS Network for Packet Scheduling
 
Cube2012 high capacity service provider design using gpmls for ip next genera...
Cube2012 high capacity service provider design using gpmls for ip next genera...Cube2012 high capacity service provider design using gpmls for ip next genera...
Cube2012 high capacity service provider design using gpmls for ip next genera...
 
Mpls
MplsMpls
Mpls
 
F0322038042
F0322038042F0322038042
F0322038042
 
Virtual private networks
Virtual private networks Virtual private networks
Virtual private networks
 
2002023
20020232002023
2002023
 
Auto-Bandwidth Allocation in Multicast Aware VPLS Netowrks
Auto-Bandwidth Allocation in Multicast Aware VPLS NetowrksAuto-Bandwidth Allocation in Multicast Aware VPLS Netowrks
Auto-Bandwidth Allocation in Multicast Aware VPLS Netowrks
 
Research paper ( MPLS as a Software-Defined Network )
Research paper ( MPLS as a Software-Defined Network )Research paper ( MPLS as a Software-Defined Network )
Research paper ( MPLS as a Software-Defined Network )
 
Application Engineered Routing Enables Applications and Network Infrastructur...
Application Engineered Routing Enables Applications and Network Infrastructur...Application Engineered Routing Enables Applications and Network Infrastructur...
Application Engineered Routing Enables Applications and Network Infrastructur...
 
IJSRED-V1I1P4
IJSRED-V1I1P4IJSRED-V1I1P4
IJSRED-V1I1P4
 
V P N
V P NV P N
V P N
 
Implementation of intelligent wide area network(wan)
Implementation of intelligent wide area network(wan)Implementation of intelligent wide area network(wan)
Implementation of intelligent wide area network(wan)
 

More from sangusajjan

Unit iv atm networks
Unit iv atm networksUnit iv atm networks
Unit iv atm networkssangusajjan
 
VoIP and multimedia networking
VoIP and multimedia networkingVoIP and multimedia networking
VoIP and multimedia networkingsangusajjan
 
Network management
Network managementNetwork management
Network managementsangusajjan
 
Compression of digital voice and video
Compression of digital voice and videoCompression of digital voice and video
Compression of digital voice and videosangusajjan
 
Computer network lesson plan
Computer network lesson planComputer network lesson plan
Computer network lesson plansangusajjan
 
Question bank cn2
Question bank cn2Question bank cn2
Question bank cn2sangusajjan
 
VII Compression Introduction
VII Compression IntroductionVII Compression Introduction
VII Compression Introductionsangusajjan
 
UNIT II tramission control
UNIT II tramission controlUNIT II tramission control
UNIT II tramission controlsangusajjan
 
Unit VI Overlays
Unit VI OverlaysUnit VI Overlays
Unit VI Overlayssangusajjan
 
Unit V network management and security
Unit V network management and securityUnit V network management and security
Unit V network management and securitysangusajjan
 
Unit III IPV6 UDP
Unit III IPV6 UDPUnit III IPV6 UDP
Unit III IPV6 UDPsangusajjan
 
Unit VIII wireless sensor networks
Unit VIII wireless sensor networksUnit VIII wireless sensor networks
Unit VIII wireless sensor networkssangusajjan
 
Unit i packet switching networks
Unit i packet switching networksUnit i packet switching networks
Unit i packet switching networkssangusajjan
 

More from sangusajjan (19)

Unit iv atm networks
Unit iv atm networksUnit iv atm networks
Unit iv atm networks
 
VoIP and multimedia networking
VoIP and multimedia networkingVoIP and multimedia networking
VoIP and multimedia networking
 
TCPIP
TCPIPTCPIP
TCPIP
 
Network management
Network managementNetwork management
Network management
 
Compression of digital voice and video
Compression of digital voice and videoCompression of digital voice and video
Compression of digital voice and video
 
ATM Network
ATM NetworkATM Network
ATM Network
 
Computer network lesson plan
Computer network lesson planComputer network lesson plan
Computer network lesson plan
 
Question bank cn2
Question bank cn2Question bank cn2
Question bank cn2
 
Profile
ProfileProfile
Profile
 
VII VoIP
VII VoIPVII VoIP
VII VoIP
 
VII Compression Introduction
VII Compression IntroductionVII Compression Introduction
VII Compression Introduction
 
UNIT II tramission control
UNIT II tramission controlUNIT II tramission control
UNIT II tramission control
 
Unit VI Overlays
Unit VI OverlaysUnit VI Overlays
Unit VI Overlays
 
Unit V network management and security
Unit V network management and securityUnit V network management and security
Unit V network management and security
 
Unit III IPV6 UDP
Unit III IPV6 UDPUnit III IPV6 UDP
Unit III IPV6 UDP
 
Vivpn pp tfinal
Vivpn pp tfinalVivpn pp tfinal
Vivpn pp tfinal
 
UnIT VIII manet
UnIT VIII manetUnIT VIII manet
UnIT VIII manet
 
Unit VIII wireless sensor networks
Unit VIII wireless sensor networksUnit VIII wireless sensor networks
Unit VIII wireless sensor networks
 
Unit i packet switching networks
Unit i packet switching networksUnit i packet switching networks
Unit i packet switching networks
 

Recently uploaded

Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 

Recently uploaded (20)

Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 

Vp ns

  • 1. VPNs, Tunneling, and Overlay Networks Virtual Private Networks (VPNs) A virtual private network (VPN) is a data network having connections that make use of public networking facilities. The (VPN) part of public network is set up "virtually" by a private-sector entity to provide public networking services to small entities. With the globalization of businesses, many companies have facilities across the world and use VPNs to maintain fast, secure, and reliable communications across their branches. Creating a VPN benefits an organization benefits by providing • Extended geographical communication • Reduced operational cost • Enhanced organizational management • Enhanced network management with simplified local area networks • Improved productivity and globalization
  • 2. Remote-Access VPN Remote-access VPN is a user-to-LAN connection that an organization uses to connect its users to a private network from various remote locations. Large remote-access VPNs are normally outsourced to an Internet service provider to set up a network-access server. Other users, working off campus, can then reach the network-access server and use the VPN software to access the corporate network. Tunneling in a remote-access VPN uses mainly the Point-to-Point Protocol (PPP). PPP is the carrier for other Internet protocols when communicating over the network between a host computer and a remote point. Site-to-Site VPN Site-to-site VPNs can be classified as either intranets or extranets. • Intranet VPNs connect an organization's remote-site LANs into a single private network. • Extranet VPNs allow two organizations to work in a shared environment through a tunnel built to connect their LANs. In a site-to-site VPN, generic routing encapsulation (GRE) is normally the encapsulating protocol. GRE provides the framework for the encapsulation over an IP-based protocol. IPsec in tunnel mode is sometimes used as the encapsulating protocol
  • 3. Tunneling and Point-to-Point Protocol (PPP) A tunnel is a connection that forms a virtual network on top of a physical network. In computer networking, a tunnel resembles a telephone line in a public switched telephone network. Besides Internet protocols, tunneling requires two other types of protocols: 1. Carrier protocols, through which information travels over the public network 2. Encapsulating protocols, through which data is wrapped, encapsulated, and secured One of the amazing implications of VPNs is that packets that use a protocol not supported on the Internet, such as NetBeui, can be placed inside an IP packet and sent safely over the Internet. Point-to-Point Protocol (PPP) The basic notion in tunneling is packet encapsulation from one protocol into the same or higher- layer protocol. Thus, a tunnel can also be defined as an encapsulating protocol for protocols at the lower layers. Tunneling protocols, such as the Point-to-Point Protocol (PPP) or the Point-to- Point Tunneling Protocol (PPTP) are encapsulating protocols that allow an organization to establish secure connections from one point to another while using public resources. A PPP connection is a serial connection between a user and an Internet service provider. Security in VPNs Without using dedicated hardware, a VPN uses virtual connections routed through the Internet from the company's private network to the remote site. Companies can create their own VPNs to accommodate the needs of remote employees and distant offices. This section looks at methods
  • 4. for keeping VPN connections secure. A well-protected VPN uses firewalls, encryption systems, IPsec features, and an authentication server. A firewall provides an effective barrier between a private network and the Internet. Firewalls can be set up to restrict the number of open ports to monitor what types of packets are passed through and which protocols are allowed through. Multiprotocol Label Switching (MPLS) Multiprotocol label switching (MPLS) improves the overall performance and delay characteristics of the Internet. MPLS transmission is a special case of tunneling and is an efficient routing mechanism. Its connection-oriented forwarding mechanism, together with layer 2 label-based lookups, enables traffic engineering to implement peer-to-peer VPNs effectively. MPLS adds some traditional layer 2 capabilities and services, such as traffic engineering, to the IP layer. This technology adds new capabilities to IP-based networks: • Connection-oriented QoS support • Traffic engineering • VPN support • Multiprotocol support MPLS network architectures also support other applications, such as IP multicast routing and QoS extensions. The power of MPLS lies in the number of applications made possible with simple label switching, ranging from traffic engineering to peer-to-peer VPNs. MPLS Operation MPLS is based on the assignment of labels to packets. Assigning labels to each packet makes a label-swapping scheme perform its routing process much more efficiently. An MPLS network consists of nodes called label switch routers (LSR). An LSR switches labeled packets according to particular switching tables. An LSR has two distinct functional components: a control component and a forwarding component. The control component uses routing protocols, such as OSPF and the border gateway protocol (BGP). The control component also facilitates the exchange of information with other LSRs to build and maintain the forwarding table. MPSL Packet Format MPLS uses label stacking to become capable of multilevel hierarchical routing. A label enables the network to perform faster by using smaller forwarding tables, a property that ensures a convenient scalability of the network. MPLS header encapsulation for an IP packet. An MPLS label is a 32-bit field consisting of several fields as follows. • Label value is a 20-bit field label and is significant only locally. • Exp is a 3-bit field reserved for future experimental use. • S is set to 1 for the oldest entry in the stack and to 0 for all other entries.
  • 5. Time to live is an 8-bit field used to encode a hop-count value to prevent packets from looping forever in the network Routing in MPLS Domains An ingress LSR is an edge device that performs the initial packet processing and classification and applies the first label. An ingress LSR creates a new label. A core LSR swaps the incoming label with a corresponding next-hop label found from a forwarding table. At the other end of the network, another edge router, the egress LSR, is an outbound edge router and pops the label from the packet. It should be noted that multiple labels may be attached to a packet, forming a stack of labels. Label stacking enables multilevel hierarchical routing. For example, BGP labels are used for higher-level hierarchical packet forwarding from one BGP speaker to the other, whereas Interior Gateway Protocol (IGP) labels are used for packet forwarding within an autonomous system. Only the label at the top of the stack determines the forwarding decision.
  • 6. Tunneling and Use of FEC In an MPLS operation, any traffic is grouped into FECs. FEC implies that a group of IP packets are forwarded in the same manner for example, over the same path or with the same forwarding treatment. A packet can be mapped to a particular FEC, based on the following criteria: • Source and/or destination IP address or IP network addresses • TCP/UDP port numbers • Class of service • Applications As mentioned earlier, labels have only local significance. This fact removes a considerable amount of the network-management burden. An MPLS packet may carry as many labels as required by a network sender. The process of labeled packets can always be performed based on the top label. The feature of label stack allows the aggregation of LSPs into a single LSP for a portion of the route, creating an MPLS tunnel. Label Distribution Protocol (LDP) The Label Distribution Protocol (LDP) is a set of rules by which an LSR informs another LSR of an FEC. LDP enables two LSRs to understand each other's MPLS capabilities. Traffic Engineering High-quality connections can be expensive in an Internet service provider domain. Traffic engineering enables an ISP to route high-quality traffic to offer the best service to users in terms of throughput and delay. This way, traffic engineering reduces the cost of a network connection. Traffic engineering substitutes the need to manually configure network devices to set up explicit routes. In MPLS, traffic engineering is an automated scheme for control signaling and link bandwidth assignment and has a dynamic adaptation mechanism. MPLS-Based VPNs Routine operations of virtual private networks require the use of both wide-area intradomain routing and interdomain routing schemes. A VPN's request to form a tunnel can be processed at
  • 7. the edge routers. For example, multiprotocol-based Border Gateway Protocol (BGP) makes MPLS-based VPN easier to manage VPN sites and VPN membership, mainly owing to the traffic engineering feature of MPLS. In an MPLS network, VPNs can be deployed by delivering the service using MPLS-aware subscriber equipment on the same infrastructure used for deploying Internet services. Overlay Networks An overlay network is an application-specific computer network built on top of another network. In other words, an overlay network creates a virtual topology on top of the physical topology. This type of network is created to protect the existing network structure from new protocols whose testing phases require Internet use. Such networks protect packets under test while isolating them from the main networking infrastructure in a test bed. Overlay networks are self-organized. When a node fails, the overlay network algorithm should provide solutions that let the network recover and recreate an appropriate network structure. Another fundamental difference between an overlay network and an unstructured network is that overlays' look- up routing information is on the basis of identifiers derived from the content of moving frames. Peer-to-Peer (P2P) Connection As an overlay network resembles a system consisting of various applications running on a single operating system, it could also resemble a set of tunnels that interconnect resources and users. The interconnects are carried out by peer-to-peer (P2P) protocols.
  • 8. Let δ be the time required to establish a connection and tf be the time to finish the service as soon as the connection establishes. Assuming that the requests arrive at random to a peer node, the service time s is