ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Algorithms for provisioning virtual private networks in the hose model
Full text PdfPdf (364 KB)
Source Applications, Technologies, Architectures, and Protocols for Computer Communication archive
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications table of contents
San Diego, California, United States
Pages: 135 - 146  
Year of Publication: 2001
ISBN:1-58113-411-8
Also published in ...
Authors
Amit Kumar  Cornell University, Ithaca, NY
Rajeev Rastogi  Bell Laboratories, 600 Mountain Avenue, Murray Hill, NJ
Avi Silberschatz  Bell Laboratories, 600 Mountain Avenue, Murray Hill, NJ
Bulent Yener  Bell Laboratories, 600 Mountain Avenue, Murray Hill, NJ
Sponsor
SIGCOMM: ACM Special Interest Group on Data Communication
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 13,   Downloads (12 Months): 66,   Citation Count: 17
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/383059.383070
What is a DOI?

ABSTRACT

Virtual Private Networks (VPNs) provide customers with predictable and secure network connections over a shared network. The recently proposed hose model for VPNs allows for greater flexibility since it permits traffic to and from a hose endpoint to be arbitrarily distributed to other endpoints. In this paper, we develop novel algorithms for provisioning VPNs in the hose model. We connect VPN endpoints using a tree structure and our algorithms attempt to optimize the total bandwidth reserved on edges of the VPN tree. We show that even for the simple scenario in which network links are assumed to have infinite capacity, the general problem of computing the optimal VPN tree is NP hard. Fortunately, for the special case when the ingress and egress bandwidths for each VPN endpoint are equal, we can devise an algorithm for computing the optimal tree whose time complexity is O (mn), where m and n are the number of links and nodes in the network, respectively. We present a novel integer programming formulation for the general VPN tree computation problem (that is, when ingress and egress bandwidths of VPN endpoints are arbitrary) and develop an algorithm that is based on the primal-dual method. Our experimental results with synthetic network graphs indicate that the VPN trees constructed by our proposed algorithms dramatically reduce bandwidth requirements (in many instances, by more than a factor of 2) compared to scenarios in which Steiner trees are employed to connect VPN endpoints.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
R. K. Ahuja, T. L. Magnanti, and J. B. Orlin. "Network Flows". Prentice Hall, 1993.
 
2
Bruce Davie , Yakov Rekhter, MPLS: technology and applications, Morgan Kaufmann Publishers Inc., San Francisco, CA, 2000
3
N. G. Duffield , Pawan Goyal , Albert Greenberg , Partho Mishra , K. K. Ramakrishnan , Jacobus E. van der Merive, A flexible model for resource management in virtual private networks, Proceedings of the conference on Applications, technologies, architectures, and protocols for computer communication, p.95-108, August 30-September 03, 1999, Cambridge, Massachusetts, United States
4
Michalis Faloutsos , Petros Faloutsos , Christos Faloutsos, On power-law relationships of the Internet topology, Proceedings of the conference on Applications, technologies, architectures, and protocols for computer communication, p.251-262, August 30-September 03, 1999, Cambridge, Massachusetts, United States
 
5
Michael R. Garey , David S. Johnson, Computers and Intractability: A Guide to the Theory of NP-Completeness, W. H. Freeman & Co., New York, NY, 1979
 
6
Dorit S. Hochbaum, Approximation algorithms for NP-hard problems, PWS Publishing Co., Boston, MA, 1996
 
7
S. Kent and R. Atkinson. Security architecture for the internet protocol. RFC 2401, Nov. 1998.
 
8
A. Kumar, R. Rastogi, B. Yener, and A. Silberschatz. Algorithms for provisioning virtual private networks in the hose model. Technical Report 0112380-001023-23, Bell Laboratories, Murray Hill, 2000.
9
Jyh-Han Lin , Jeffrey Scott Vitter, e-approximations with minimum packing constraint violation (extended abstract), Proceedings of the twenty-fourth annual ACM symposium on Theory of computing, p.771-782, May 04-06, 1992, Victoria, British Columbia, Canada  [doi>10.1145/129712.129787]
 
10
Maurice Queyranne, Structure of a simple scheduling polyhedron, Mathematical Programming: Series A and B, v.58 n.2, p.263-285, Feb. 2, 1993  [doi>10.1007/BF01581271]
11
David B. Shmoys , Éva Tardos , Karen Aardal, Approximation algorithms for facility location problems (extended abstract), Proceedings of the twenty-ninth annual ACM symposium on Theory of computing, p.265-274, May 04-06, 1997, El Paso, Texas, United States  [doi>10.1145/258533.258600]
 
12
B. M. Waxman. Routing of multipoint connections. IEEE Journal on Selected Areas in Communications, 6(9):1617-1622, Dec. 1988.

CITED BY  17
Jiangzhuo Chen , Rajmohan Rajaraman , Ravi Sundaram, Meet and merge: approximation algorithms for confluent flows, Proceedings of the thirty-fifth annual ACM symposium on Theory of computing, June 09-11, 2003, San Diego, CA, USA
Robert Ricci , Chris Alfeld , Jay Lepreau, A solver for the network testbed mapping problem, ACM SIGCOMM Computer Communication Review, v.33 n.2, April 2003
Jiangzhuo Chen , Robert D. Kleinberg , László Lovász , Rajmohan Rajaraman , Ravi Sundaram , Adrian Vetta, (Almost) tight bounds and existence theorems for confluent flows, Proceedings of the thirty-sixth annual ACM symposium on Theory of computing, June 13-16, 2004, Chicago, IL, USA
N. G. Duffield , Pawan Goyal , Albert Greenberg , Partho Mishra , K. K. Ramakrishnan , Jacobus E. van der Merwe, Resource management with hoses: point-to-cloud services for virtual private networks, IEEE/ACM Transactions on Networking (TON), v.10 n.5, p.679-692, October 2002
Randeep Bhatia , Nicole Immorlica , Tracy Kimbrel , Vahab S. Mirrokni , Seffi Naor , Baruch Schieber, Traffic engineering of management flows by link augmentations on confluent trees, Proceedings of the seventeenth annual ACM symposium on Parallelism in algorithms and architectures, July 18-20, 2005, Las Vegas, Nevada, USA
Levente Tamási , Dániel Orincsay , Balázs Gábor Józsa, Cost-optimal design of VoIP networks using the VPN concept, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.50 n.5, p.599-614, 6 April 2006
Jiangzhuo Chen , Rajmohan Rajaraman , Ravi Sundaram, Meet and merge: approximation algorithms for confluent flows, Journal of Computer and System Sciences, v.72 n.3, p.468-489, May 2006
Satish Raghunath , K. K. Ramakrishnan , Shivkumar Kalyanaraman, Measurement-based characterization of IP VPNs, IEEE/ACM Transactions on Networking (TON), v.15 n.6, p.1428-1441, December 2007
Jiangzhuo Chen , Robert D. Kleinberg , László Lovász , Rajmohan Rajaraman , Ravi Sundaram , Adrian Vetta, (Almost) Tight bounds and existence theorems for single-commodity confluent flows, Journal of the ACM (JACM), v.54 n.4, p.16-es, July 2007
Hao Wang , Yang Richard Yang , Paul H. Liu , Jia Wang , Alexandre Gerber , Albert Greenberg, Reliability as an interdomain service, ACM SIGCOMM Computer Communication Review, v.37 n.4, October 2007
Jian Chu , Chin-Tau Lea, New architecture and algorithms for fast construction of hose-model VPNs, IEEE/ACM Transactions on Networking (TON), v.16 n.3, p.670-679, June 2008
Jian Chu , Chin-Tau Lea, A restorable MPLS-based hose-model VPN network, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.51 n.17, p.4836-4848, December, 2007
H. A. Ali, A new approach for building secure applications based on internet infrastructure, International Journal of Computer Applications in Technology, v.24 n.3, p.144-155, July 2005
Monia Ghobadi , Sudhakar Ganti , Gholamali C. Shoja, Resource optimization algorithms for virtual private networks using the hose model, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.52 n.16, p.3130-3147, November, 2008
Murali Kodialam , T. V. Lakshman , James B. Orlin , Sudipta Sengupta, Oblivious routing of highly variable traffic in service overlays and IP backbones, IEEE/ACM Transactions on Networking (TON), v.17 n.2, p.459-472, April 2009
Murali Kodialam , T. V. Lakshman , Sudipta Sengupta, Locally restorable routing of highly variable traffic, IEEE/ACM Transactions on Networking (TON), v.17 n.3, p.752-763, June 2009
Jian Chu , Chin-Tau Lea, Optimal link weights for IP-based networks supporting hose-model VPNs, IEEE/ACM Transactions on Networking (TON), v.17 n.3, p.778-788, June 2009

INDEX TERMS

Primary Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.1 Network Architecture and Design
          Subjects: Network communications

Additional Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.1 Network Architecture and Design
          Subjects: Distributed networks
          Nouns: Internet


General Terms:
Algorithms, Design, Experimentation, Performance

Collaborative Colleagues:
Amit Kumar: colleagues
Rajeev Rastogi: colleagues
Avi Silberschatz: colleagues
Bulent Yener: colleagues
This Article has also been published in:

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player