Recently, there has been rapid development and deployment of virtual private network (VPN) services. There are wide varieties of IP-based VPNs and optical VPNs (OVPNs) proposed in the literature and readers could easily get confused with so many different types of VPNs. The purpose of this paper is to present a comprehensive overview of the VPN and discuss the main issues associated with the design of IP VPN and OVPN. We first present a classification of the VPNs including CE-based, network based, customers provisioned, provider provisioned, connection oriented, connectionless oriented, port based, connection based, layer 1 VPN, layer 2 VPN, and layer 3 VPN, and describe different VPN protocols such as IPSec, GRE and MPLS. We then review the recent work on OVPN by different standard bodies, and outline the key requirements for OVPN service providers and customers. Finally, we describe several OVPN architectures appeared in the literature, highlight the future work in OVPN.
This is a preview of subscription content, access via your institution.
Buy single article
Instant access to the full article PDF.
Price excludes VAT (USA)
Tax calculation will be finalised during checkout.
ITU-T Recommendation Y.1311, Network based VPNs—generic architecture and service requirements.
ITU-T Recommendation Y.1311.1, Network based IP VPN over MPLS architecture.
R. Callon (ed.), A framework for layer 3 provider provisioned virtual private networks, IETF Draft draft-ietf-ppvpn-framework-06.txt, work in progress (October 2002).
V. Alwayn, Advanced MPLS design and implementation (Cisco Systems, 2001).
Y. Xue, L. Dunber, Viable virtual private optical network (VPON) service models for IP over optical, Proc. of the NFOEC (2001), pp. 212–220.
H. Ould-brahim, et al., Service requirements for optical virtual private networks, IETF Draft draft-ouldbrahim-ovpn-requiremets-01.txt, work in progress.
H. Ould-brahim, et al., BGP/GMPLS optical/TDM VPNs, IETF Draft draft-ouldbrahim-bgpgmpls-ovpn-02.txt, work in progress.
E. Ye, et al., Service requirements for optical virtual private networks, OIF2002–038.01, work in progress.
OIF User Network Interface 1.0 (UNI 1.0), OIF2001–125.7 (December 2001).
T. Kuwahara, Scalable connectionless tunneling architecture and protocols for VPNs and protocols for VPNs, IETF Draft draft-kuwahara-cl-tunneling-vpn-00.txt, work in progress.
E. C. Rosen, Use of PE-PE IPSec in RFC2547 VPNs, IETF Draft draft-ietf-ppvpn-ipsec-2547–01.txt, work in progress.
Y. Rekhter, E. C. Rosen, Use of PE-PE GRE or IP in RFC2547 VPN, IETF Draft draft-ietf-ppvpn-gre-ip-2547–01.txt, work in progress.
H. Ould-Brahim, GVPN: Generalized provider-provisioned port-based VPNs using BGP and GMPLS, IETF Draft draft-ouldbrahim-ppvpn-gvpn-bgpgmpls-00.txt, work in progress.
A. Nagarajan, Applicability statement for virtual router-based layer 3 PPVPN approaches, IETF Draft draft-nagarajan-ppvpn-vrbased-applicability-00.txt, work in progress.
P. Knight (ed.), Network based IP VPN architecture using virtual routers, IETF Draft draft-ietf-ppvpn-vpn-vr-02.txt, work in progress.
L. Andersson, PPVPN L2 framework, IETF Draft draft-andersson-ppvpn-12-framework-00.txt, work in progress.
B. Rajagopalan, et al., IP over optical networks: A framework, draft-ietf-ipo-framework-02.tx, 10 June (2002), work in progress.
Z. Zhang, X. Liu, Network models of IP over optical networks, SPIE/Kluwer Optical Network Magazine, vol. 1, no. 4, (October 2000).
Y. Qin, K. Sivalingam, B. Li, Architecture and analysis for providing virtual private networks (VPN) with QoS over optical WDM networks, SPIE/Kluwer Optical Networking Magazine, Special Issue on Protocols and Technologies for IP Internetworking, vol. 2, no. 2, (March/April 2001), pp. 57–65.
Y. Qin, B. Li, Z. Zhang, QoS provisioning for Virtual Private Networks (VPN). Submitted for publication, (June 2003).
D. Farinacci, et al., Generic routing encapsulation (GRE), IETF RFC 2784, (March 2000).
S. Kent, R. Atkinson, Security architecture for the Internet protocol, IETF RFC 2401, (November 1998).
M. Leech, SOCKS protocol version 5, IETF RFC 1928, (March 1996).
E. Rosen, et al., Multiprotocol label switching architecture, IETF RFC 3031, (January 2001).
E. Rosen, Y. Rekhter, BGP/MPLS VPNs, IETF RFC 2547, (March 1999).
W. Townsley, et al., Layer two tunneling protocol “L2TP”, IETF RFC 2661, (August 1999).
About this article
Cite this article
Zhang, Z., Zhang, YQ., Chu, X. et al. An Overview of Virtual Private Network (VPN): IP VPN and Optical VPN. Photonic Network Communications 7, 213–225 (2004). https://doi.org/10.1023/B:PNET.0000026887.35638.ce