{"title":"一种新的大规模网络VPN路由方法","authors":"Zied Ben-Houidi, M. Meulle","doi":"10.1109/ICNP.2010.5762761","DOIUrl":null,"url":null,"abstract":"One of the most common provider provisioned VPN technologies uses MPLS as a data plane for customer flow isolation and BGP as a control plane for routing between VPN sites. From a data plane perspective, such networks can provision hundreds of thousands of VPN sites. However, the BGP control plane is prone to scalability concerns. Some BGP routers in VPN backbones must handle routes for all the VPN sites that the provider connects. The number of sites can generate two million BGP routes in large VPN backbones, almost ten times the number of routes in a core Internet router. Prior work proposed solutions to evolve such networks. Yet, we argue that they fail to address the root cause of VPN routing performance issues. In this paper, we show that VPN routing scheme's poor scalability stems from the application to VPNs of a protocol originally designed for full routing, specifically the Internet. Rather than evolving the current standard based on BGP, we take a principled approach to rethink routing in large VPNs. We propose Two-Step VPN Routing, a new approach for scalable VPN routing. We validate our design choices and compare our approach to existing ones, using both BGP updates and router configurations collected from a large VPN provider.","PeriodicalId":344208,"journal":{"name":"The 18th IEEE International Conference on Network Protocols","volume":"60 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2010-10-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"16","resultStr":"{\"title\":\"A new VPN routing approach for large scale networks\",\"authors\":\"Zied Ben-Houidi, M. Meulle\",\"doi\":\"10.1109/ICNP.2010.5762761\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"One of the most common provider provisioned VPN technologies uses MPLS as a data plane for customer flow isolation and BGP as a control plane for routing between VPN sites. From a data plane perspective, such networks can provision hundreds of thousands of VPN sites. However, the BGP control plane is prone to scalability concerns. Some BGP routers in VPN backbones must handle routes for all the VPN sites that the provider connects. The number of sites can generate two million BGP routes in large VPN backbones, almost ten times the number of routes in a core Internet router. Prior work proposed solutions to evolve such networks. Yet, we argue that they fail to address the root cause of VPN routing performance issues. In this paper, we show that VPN routing scheme's poor scalability stems from the application to VPNs of a protocol originally designed for full routing, specifically the Internet. Rather than evolving the current standard based on BGP, we take a principled approach to rethink routing in large VPNs. We propose Two-Step VPN Routing, a new approach for scalable VPN routing. We validate our design choices and compare our approach to existing ones, using both BGP updates and router configurations collected from a large VPN provider.\",\"PeriodicalId\":344208,\"journal\":{\"name\":\"The 18th IEEE International Conference on Network Protocols\",\"volume\":\"60 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2010-10-05\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"16\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"The 18th IEEE International Conference on Network Protocols\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICNP.2010.5762761\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"The 18th IEEE International Conference on Network Protocols","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICNP.2010.5762761","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A new VPN routing approach for large scale networks
One of the most common provider provisioned VPN technologies uses MPLS as a data plane for customer flow isolation and BGP as a control plane for routing between VPN sites. From a data plane perspective, such networks can provision hundreds of thousands of VPN sites. However, the BGP control plane is prone to scalability concerns. Some BGP routers in VPN backbones must handle routes for all the VPN sites that the provider connects. The number of sites can generate two million BGP routes in large VPN backbones, almost ten times the number of routes in a core Internet router. Prior work proposed solutions to evolve such networks. Yet, we argue that they fail to address the root cause of VPN routing performance issues. In this paper, we show that VPN routing scheme's poor scalability stems from the application to VPNs of a protocol originally designed for full routing, specifically the Internet. Rather than evolving the current standard based on BGP, we take a principled approach to rethink routing in large VPNs. We propose Two-Step VPN Routing, a new approach for scalable VPN routing. We validate our design choices and compare our approach to existing ones, using both BGP updates and router configurations collected from a large VPN provider.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
