Abstract
MPLS VPN is growing in front of the other network layer tunneling technologies of the OSI model. The trend related to this technology is justified mainly by the security, the quality of service that it can offer, and especially the routing speed. The main limitation of MPLS VPN is in the deployment complexity; this technology relies on several protocols to establish a tunnel, such as OSPF, BGP, MP-BGP, RSVP, and LDP. Software Defined Network avoids these complexities through the controller entity that supports the establishment of an MPLS VPN tunnel automatically, provided that the equipment to orchestrate is new generation supporting the SDN protocols. However, for budgetary and functional constraints, companies can not completely and immediately change their transport networks by equipment supporting SDN. Hybrid SDN networks address these constraints, providing the ability to orchestrate even equipment that does not support SDN, called a legacy. We propose in this paper a new hybrid intelligent SDN approach for MPLS VPN management in the digital environment. This approach is tested on a network consisting of routers of different manufacturers (Cisco, HP, and Juniper). The proposed approach is accompanied by a WEB graphic tool offering the administrator the possibility to choose the MPLS VPN architecture to deploy (Central Service, Hub-Spoke, and Intranet/Extranet) or customize its own architecture according to the customer’s request. In order to evaluate our model, we subjected it to a scalability test and an evaluation of the quality of experience to measure the satisfaction of the users who tried it.
Similar content being viewed by others
References
Joseph, J. P. (2013). PSTN services migration to IMS. Are SPs finally reaching the tipping point for large scale migrations? Telecommunication Systems,52, 1057. https://doi.org/10.1007/s11235-011-9612-3.
Bahnasse, A., Talea, M., Louhab, F. E., Laafar, S., Harbi, A., & Khiat, A. (2017). SAS-IMS for smart mobile security in IP multimedia subsystem. In F. El Bouanani, A. Habbani, D. Benhaddou, & A. Al-Fuqahaa (Eds.), Proceedings of the 2017 international conference on smart digital environment (ICSDE ‘17) (pp. 35–41). ACM, New York, NY, USA. https://doi.org/10.1145/3128128.3128134.
Menne, U., Wessäly, R., Martens, M., et al. (2013). Integrated optimization of aggregation and core for varying NGN architectures. Telecommunication Systems,52, 1067. https://doi.org/10.1007/s11235-011-9613-2.
Bogineni, K., Flynn, G. J., Stone, Jr. W. H., Salas, E. A., & inventors; Cellco Partnership, assignee. Multimedia next generation network architecture for IP services delivery based on network and user policy. United States patent US 7,984,130. 2011 Jul 19.
Hock, D., Hartmann, M., Menth, M., et al. (2013). Comparison of IP-based and explicit paths for one-to-one fast reroute in MPLS networks. Telecommunication Systems,52, 947. https://doi.org/10.1007/s11235-011-9603-4.
Davie, B. S., & Rekhter, Y. (2000). MPLS: Technology and Applications (1st ed.). Morgan Kaufmann Publishers Inc.2000. San Francisco, CA, USA.
Bensalah, F., El Kamoun, N., & Bahnasse, A. (2017). Evaluation of tunnel layer impact on VOIP performances (IP-MPLS-MPLS VPN-MPLS VPN IPsec). International Journal of Computer Science and Network Security (IJCSNS).,17(3), 87.
Bensalah, F., El Kamoun, N., & Bahnasse, A. (2017). Scalability evaluation of VOIP over various MPLS tunneling under OPNET modeler. Indian Journal of Science and Technology,10(29), 1–8.
Halimi, A., & Statovci-Halimi, B. (2002). Overview on mpls virtual private networks. Photonic Network Communications,4, 115. https://doi.org/10.1023/A:1015302927502.
JPico, J. A., Fajardo, J. O., Munoz, A., & Ferro, A. (2008). MPLS-VRF integration: Forwarding capabilities of BGP/MPLS IP VPN in GNU/Linux, 2008 International conference on optical network design and modeling, Vilanovai la Geltru, 2008 (pp. 1–6). https://doi.org/10.1109/ONDM.2008.4578412.
Schaller, S., & Hood, D. (2017). Software defined networking architecture standardization. In Computer standards & interfaces (Vol. 54, Part 4, pp. 197–202). ISSN 0920-5489. https://doi.org/10.1016/j.csi.2017.01.005.
McKeown, N., Anderson, T., Balakrishnan, H., Parulkar, G., Peterson, L., Rexford, J., et al. (2008). OpenFlow: Enabling innovation in campus networks. ACM SIGCOMM Computer Communication Review.,38(2), 69–74. https://doi.org/10.1145/1355734.1355746.
Enns, R., Bjorklund, M., & Schoenwaelder, J. (2011). Network configuration protocol (NETCONF). RFC 6241. https://doi.org/10.17487/rfc6241.
MacFaden, M., Partain, D., Saperia, J., & Tackabury, W. F. (2003). Configuring networks and devices with Simple Network Management Protocol (SNMP). RFC 3512. https://doi.org/10.17487/RFC3512.
Jamieson, D., Jamoussi, B., Wright, G., & Beaubien, P. (1998). Mpls vpn architecture”. Technical Report draft-jamieson-mpls-vpn00.txt, IETF, August 1998. Work in progress.
Medhi, D., & Ramasamy, K. (2018). Chapter 22—MultiProtocol Label Switching (MPLS). In The Morgan Kaufmann Series in Networking, Morgan Kaufmann, Boston (pp. 734–764). Network Routing (Second edition), ISBN 9780128007372. https://doi.org/10.1016/b978-0-12-800737-2.00026-0.
Joseph, V., & Mulugu, S. (2014). 2—Understanding advanced MPLS Layer 3 VPN services. In Network Convergence (pp. 73–323). Morgan Kaufmann, Boston, ISBN 9780123978776. https://doi.org/10.1016/B978-0-12-397877-6.00002-3.
Pultz, R., & Richard, N. (2004). Analysis of MPLS-based IP VPN security: Comparison to traditional L2VPNs such as ATM and frame relay, and deployment guidelines. Cisco Systems, inc. 2004, white paper.
Behringer, M. H., & Morrow, M. (2005). Mpls VPN security. Cisco Press.
Bates, T., Chandra, R., Katz, D., & Rekhter, Y. (2007). Multiprotocol extensions for BGP-4. RFC 4760, Internet Engineering Task Force, Jan. 2007. http://www.ietf.org/rfc/rfc4760.txt. https://doi.org/10.17487/RFC4760.
Mahajan, R., Wetherall, D., & Anderson, T. (2002). Understanding BGP misconfiguration. In ACM SIGCOMM Computer Communication Review 2002 Aug 19 (Vol. 32, No. 4, pp. 3–16). ACM. ISBN:1-58113-570-X. https://doi.org/10.1145/633025.633027.
Behringer, M. H. (2006). Analysis of the security of BGP/MPLS IP virtual private networks (VPNs). RFC 4381, February 2006. https://www.rfc-editor.org/info/rfc4381. https://doi.org/10.17487/RFC4381.
Llorens, C., & Serhrouchni, A. (2007). Security verification of a virtual private network over MPLS. In D. Gaïti (Eds), Network control and engineering for QoS, security and mobility, IV. IFIP—The international federation for information processing (Vol. 229). Springer, Boston, MA. ISBN:978-0-387-49690-0. https://doi.org/10.1007/978-0-387-49690-0_27.
Lin, C., & Guowei, W. (2010). Security research of VPN technology based on MPLS. In Proceedings of the third international symposium on computer science and computational technology (ISCSCT 10) (pp. 168–170), ISBN-978-952-5726-10-7.
Grayson, D., Guernsey, D., Butts, J., Spainhower, M., & Shenoi, S. (2009). Analysis of security threats to MPLS virtual private networks. International Journal of Critical Infrastructure Protection,2(4), 146–153. https://doi.org/10.1016/j.ijcip.2009.08.002.
Jerkins, J. A. (2015). Detecting MPLS L3 VPN misconfiguration with the MINA algorithm. In 2015 International Conference and Workshop on Computing and Communication (IEMCON) (pp. 1–5), Vancouver, BC, 2015. https://doi.org/10.1109/iemcon.2015.7344523.
Goransson, P., & Black, C. (2014). Chapter 8—SDN in other environments. In Software Defined Networks. Morgan Kaufmann, Boston, 2014 (pp. 169-194). ISBN 9780124166752. https://doi.org/10.1016/B978-0-12-416675-2.00008-5.
Göransson, P., Black, C., & Culver, T. (2017). Chapter 9—SDN in other environments. In Software defined networks, 2nd Edn. Morgan Kaufmann, Boston, 2017 (pp. 217–239). ISBN 9780128045558. https://doi.org/10.1016/B978-0-12-804555-8.00009-0.
Sharafat, A. R., Das, S., Parulkar, G., & McKeown, N. (2011). Mpls-te and mpls vpns with openflow. ACM SIGCOMM computer communication review,41(4), 452–453. https://doi.org/10.1145/2043164.2018516.
Team, M. (2012). Mininet: An instant virtual network on your laptop (or other PC). http://mininet.org.
Van der Pol, R., Gijsen, B., Zuraniewski, P., Romão, D. F., & Kaat, M. (2016). Assessment of SDN technology for an easy-to-use VPN service. Future Generation Computer Systems.,56, 295–302. https://doi.org/10.1016/j.future.2015.09.010.
Santiago, V., Amaro, J. R., Viotti, E., Giachino, M., & Grampin, E. (2016). RAUflow: Building virtual private networks with MPLS and OpenFlow. In Proceedings of the 2016 workshop on Fostering Latin-American Research in Data Communication Networks (LANCOMM ‘16) (pp. 25–27). ACM, New York, NY, USA. https://doi.org/10.1145/2940116.2940133.
Vissicchio, Stefano, Vanbever, Laurent, & Bonaventure, Olivier. (2014). Opportunities and research challenges of hybrid software defined networks. ACM SIGCOMM Computer Communication Review.,44(2), 70–75. https://doi.org/10.1145/2602204.2602216.
Sandhya, Y. S., & Haribabu, K. (2017). A survey: Hybrid SDN. Journal of Network and Computer Applications,100, 35–55. https://doi.org/10.1016/j.jnca.2017.10.003.
Insecure.org. (2017). Insecure.Org—Nmap Free Security Scanner, Tools amd Hacking resources. http://insecure.org/. Accessed Dec 24, 2017.
Mrugalski, T., Wozniak, J., & Nowicki, K. (2013). Dynamic host configuration protocol for IPv6 improvements for mobile nodes. Telecommunication Systems,52, 1021. https://doi.org/10.1007/s11235-011-9609-y.
Karol, M., Krishnan, P., & Li, J. J. (2005). VoIP protection and performance improvement. Telecommunication Systems,28, 351. https://doi.org/10.1007/s11235-004-5577-9.
Deng, P., Zhang, J., Rong, X., et al. (2013). A model of large-scale Device Collaboration system based on PI-Calculus for green communication. Telecommunication Systems,52, 1313. https://doi.org/10.1007/s11235-011-9643-9.
Acknowledgements
The authors would like to express their sincere gratitude for the reviewers and editors for the valuable comments, which is helpful in improving the paper quality.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
On behalf of all authors, the corresponding author states that there is no conflict of interest.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Bahnasse, A., Talea, M., Badri, A. et al. Smart hybrid SDN approach for MPLS VPN management on digital environment. Telecommun Syst 73, 155–169 (2020). https://doi.org/10.1007/s11235-019-00603-6
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11235-019-00603-6