https://scholars.lib.ntu.edu.tw/handle/123456789/105182
Title: | 下一代虛擬私有網路核心技術之研究(1/2)─子計畫一:下一代虛擬私有網路彈性資源管理與傳輸服務品質保證方法之研究 | Other Titles: | Flexible Resource Management and QoS Assurance for Next Generation Virtual Private Networks(VPNs) | Authors: | 孫雅麗 | Keywords: | 虛擬私有網路;傳輸服務品質保證;資源管理;封包排程;容量規劃與管理;整合服務;差別性服務;寬頻網際網路;Virtual Private Network;VPN;Quality of Service;resource management;packet scheduling;capacity planning and management;Integrated Services;Differentiated Services;Broadband Internet | Issue Date: | 2002 | Publisher: | 臺北市:國立臺灣大學資訊管理學系暨研究所 | Abstract: | 基於網路經濟及防範駭客入侵的需求,架設於 Internet 的虛擬私有網路(IP-VPN, Virtual Private Network)服務提供正快速成長中。第一代IP 虛擬私有 網路則是在公眾網際網路中建立加密的資料通道,技 術發展集中在第二層(Layer 2)的通道建立機制(例如 PPTP, L2TP)以及遠端存取的安全性(如RADIUS 與以 IPsec 為基礎的加密)。目前這個階段的技術已相當完 備,我們預期每個虛擬私有網路的端點(endpoint)將會 迅速成長。 在現今多變的企業連網環境裡,端點之間可靠而 動態的通訊需求將日益增加,然而通訊型態卻愈來愈 難以預測。在許多狀況下,使用者無法描述虛擬私有 網路端點間的流量負載,更遑論點對點(point-to-point) 的服務品質(QoS)需求。此外,傳統私有網路的使用者 即使在專線沒有被使用時也必須對全部頻寬支付全額 費用。架設以IP 為基礎的虛擬私有網路上的新議題 是:a) 網路管理者需要更積極地依據流量負載與服務 協定(service level agreement)介入虛擬私有網路的頻 寬分配與管理, 在這個新模式下,使用者不必再為沒 有使用到的頻寬付費,網路提供者也可以更妥善地規 劃網路資源及利用頻寬; b)可擴充性(scalability) -在 有著成千上萬各有不同服務品質需求的資料流(flow) 的高速骨幹網路上; c) QoS support 。傳統上固定速率 (constant bit rate)的頻寬管道(即虛擬租用專線)已經不 能符合動態、多變的通訊型態及應付使用者多元化的 內容,以及在端點間建立安全且有服務品質保證連線 的要求。本計畫研究在下一代以IP 為基礎的虛擬私有 網路,彈性的容量管理及資源分配確保每個VPN 通道 的服務品質。 Driven by fear of hackers and the economics of the Internet, the subject of Virtual Private Network (VPN) over the Internet (i.e. IP-based VPN) has received considerable attention from the industry and recently ever-growing interest from the research community. The service support and provisioning of VPN are going into an age of dramatic growth. In the meantime, the transfer requirements of VPN will as well have drastic changes. The first generation VPN was built mainly using private leased line service. The second generation VPN is to create encrypted data tunnels through the Internet. The technology focuses Layer 2 tunneling techniques such as PPTP, L2P and L2TP, and remote access security such as RADIUS and IPsec-based encryption. While the current VPN technology reaches a state of readiness, we expect the number of endpoints per VPN will grow rapidly. In today’s dynamic business environments, demand for dependable, dynamic communication between endpoints increases and the communication patterns become difficult to forecast. In many cases, users are unable to clearly specify loads between endpoints of VPN sets. Let alone the QoS requirements on a point-to-point basis. Moreover, in traditional private networks users have to pay for the full bandwidth at all times even the line is not being used. The new issue in IP-based VPN implementation is that the network managers need to play a more active role in allocating and managing bandwidth allocated to individual VPNs in accordance with the traffic load and the service level agreement. In this new model, users will no longer need to pay for the bandwidth they do not use. Network providers can better plan network resources and utilize bandwidth. This project focuses on the design and implementation of VPN resource management mechanisms to support effective and flexible VPN configuration and billing at the boundary router. Specifically, we address the problems of a) how to manage and allocate bandwidth in order to support effective and flexible VPN configuration and billing at the boundary router; b) how to assure service quality and performance between individual VPN tunnels; and c) how to guarantee performance to different classes of applications within a tunnel for all time scales. |
URI: | http://ntur.lib.ntu.edu.tw//handle/246246/18828 | Other Identifiers: | 902213E002079 | Rights: | 國立臺灣大學資訊管理學系暨研究所 |
Appears in Collections: | 資訊管理學系 |
File | Description | Size | Format | |
---|---|---|---|---|
902213E002079.pdf | 292.71 kB | Adobe PDF | View/Open |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.