Embed Size (px)
Citation preview
Master Thesis Electrical Engineering March 2011
School of Computing Blekinge Institute of Technology SE – 371 79 Karlskrona Sweden
OPNET Analysis of VoIP over MPLS VPN with IP QoS
Shahid Ali Bilal Zahid Rana
Internet : www.bth.se Phone : +46 455 38 50 00 Fax : +46 455 38 50 57
ii
This thesis is submitted to the School of Computing at Blekinge Institute of Technology in partial fulfillment of the requirements for the degree of Master of Science in Electrical Engineering. The thesis is equivalent to twenty weeks of full time studies.
School of Computing Blekinge Institute of Technology SE – 371 79 Karlskrona Sweden
Internet : www.bth.se Phone : +46 455 38 50 00 Fax : +46 455 38 50 57
Contact Information Author # 1: Shahid Ali M.Sc. Electrical Engineering (Telecommunication) E-mail: [email protected] Author # 2: Bilal Zahid Rana M.Sc. Electrical Engineering (Internet Systems) E-mail: [email protected] Supervised by: Magnus G. Nilsson Section/Unit: School of Computing SE – 371 79 Karlskrona Blekinge Institute of Technology E-mail: [email protected] Examined by: Patrik Arlos Section/Unit: School of Computing SE – 371 79 Karlskrona Blekinge Institute of Technology E-mail: [email protected]
iii
THIS PAGE IS LEFT BLANK INTENTIONALLY
iv
ABSTRACT There are many disadvantages (cost, lack of security, difficult to manage
large networks, support to non-sensitive applications, delay, etc.) associated with traditional networking, IP network, ATM and Frame relay networking. To solve this, an MPLS-based VPN networking is introduced that can work with existing deployed backbones and allow organizations to interconnect the dispersed sites and remote workers through secure links by using public internet.
In this thesis, we are trying to build a better understanding to MPLS VPN and we researched to analyze the behavior of OSPF and RIPv2 based MPLS-BGP VPN architectures by using intense VoIP traffic. Then it comes with an OPNET simulation process and scenarios for MPLS-BGP VPN. At last, the conclusion is made: OSPF based MPLS-BGP VPN architecture has lower VPN delay, background traffic Flow delay, LSP delay and point-to-point Queuing delay, and has better performance in VPN load and VPN throughput that can acquire customer satisfaction and confidence as compared to the RIPv2 based MPLS-BGP VPN architecture.
Keywords: IP, VoIP, MPLS, VPN, QoS, MPLS VPN
v
ACKNOWLEDGEMENTS Thanks first to my family and uncle for their love and support while I studied abroad.
And thanks to Shahid Ali, who manages to be both a thesis partner and a good friend, for supporting me throughout this thesis.
“Bilal Zahid Rana” I am very grateful to my Parents for their support and encouragement. Their cooperation has strengthened me to accomplish my studies. I would like to dedicate my work to my family and a person, who has waited for me for many years.
“Shahid Ali” If someone plans to write a master thesis, find a group of strong and opinionated
technical reviewers. As a technical reviewer Mr. Magnus G. Nilsson has played a huge role in transforming this work from a series of somewhat interesting parts into a more useful and interesting work. He caught a lot of mistakes, made many useful suggestions, and challenged countless instances of close thinking, for which we thank him. We are to blame for any remaining errors.
A special thanks to the Blekinge Institute of Technology (BTH); MS Electrical Engineering department members Mikeal Åsaman, Mr.Adrian Popescu, Mr. Markus Fiedler, Mr. Patrik Arlos, Mr. Anders Nelsson and the rest have been incredibly professional and a pleasure to work with during this thesis. We really appreciate your attention to detail and amazing patience with us.
We are lucky enough to have access to a large amount of BTH internal reference documents that touch the subject covered in this thesis. I have tried to list and credit all the documents and their authors and want to acknowledge their work and effort here.
Finally, if you have read this so far in search of your name, this paragraph is for you. We have to acknowledge that many individuals contributed through perceptive discussions. They unhappily or maybe happily remain anonymous. Thanks!
“Shahid Ali and Bilal Zahid Rana”
vi
CONTENTS Abstract………………………………………………………………..………………… iv
Acknowledgements…………………………..…………………………..……………… v
Chapter 1 Introduction…………………………..……………………….. 1 1.1 General Overview of the Area…………………………..………... 1
1.2 Motivation and Contribution……………………………………… 2 1.3 Aims and Objectives……………………………………………… 2 1.4 Problem Statement…………………………..……………………. 3 1.5 Research Methodology……………………………………………. 4 1.6 Chapter Organization…………………………..…………………. 4
Chapter 2 Background…………………………..……………………….. 5 2.1 Review of the State of the Art…………………………………..... 6
2.1.1 Voice over MPLS Research Area……………………………… 6 2.1.2 MPLS VPN with QoS Research Area…………………………. 6 2.2 Voice over Internet Protocol (VoIP………………………………. 7 2.2.1 Overview…………………………..…………………………… 7 2.2.1.1 The VoIP Revolution…………………………..……………. 7 2.2.1.2 The Evolution of VoIP…………………………..…………... 7 2.2.1.3 Why Should I Switch to VoIP……………………………….. 7 2.2.1.4 VoIP Features…………………………..……………………. 8 2.2.2 Layers of VoIP Network……………………………………….. 8 2.2.3 Call Equipment…………………………..……………………. 9 2.2.3.1 VoIP Servers…………………………..…………………….. 9 2.2.3.2 VoIP Endpoints……………………………………………… 9 2.2.4 Call Control…………………………..………………………… 9 2.2.5 VoIP Protocols…………………………..……………………... 10 2.2.5.1 Session or Signaling Protocols………………………………. 10 2.2.5.1.1 H.323…………………………..………………………….. 10 2.2.5.1.2 Session Initiation Protocol (SIP…………………………... 12 2.2.6 Compression…………………………..………………………... 13 2.2.6.1 Code Standards…………………………..…………………... 14 2.2.7 VoIP Functionality…………………………..…………………. 14 2.2.8 Mean Opinion Score (MOS……………………………………. 16 2.3 Multiprotocol Label Switching (MPLS)………………………….. 16 2.3.1 Overview…………………………..…………………………… 16 2.3.2 MPLS Benefits…………………………..……………………... 17 2.3.3 MPLS Architecture…………………………………………….. 18 2.3.3.1 MPLS Label Structure……………………………………….. 18 2.3.3.2 Label Switched Routers……………………………………... 19 2.3.3.3 Label Edge Routers………………………………………….. 19 2.3.3.4 Label Switched Paths………………………………………... 20 2.3.3.5 Forwarding Equivalence Class………………………………. 20 2.3.3.6 MPLS Modes……………………………………………....... 20 2.3.3.7 MPLS Protocol Stack………………………………………... 21 2.3.4 Basic Operations……………………………………………...... 21 2.3.5 MPLS Applications…………………………………………….. 23 2.4 Virtual Private Network (VPN)………..…………………………. 24 2.4.1 Overview……………………………………………................. 24
vii
2.4.2 VPN Safety Mechanisms………………………………………. 25 2.4.2.1 Encryption……………………………………………............ 25 2.4.2.2 Authentication……………………………………………...... 26 2.4.2.3 Authorization……………………………………………........ 26 2.4.3 VPN Devices ……………………………………………........... 26 2.4.3.1 Customer Network Devices ………………………………… 26 2.4.3.2 Service Provider Network Devices …………………………. 27 2.4.4 VPN Protocols ……………………………………………......... 27 2.4.4.1 Protocols for Site-to-Site VPNs …………………………….. 27 2.4.4.2 Protocols for Remote Access VPNs…………………………. 27 2.4.4.3 Comparison of main VPN Protocols………………………… 28 2.4.5 VPN Requirements……………………………………………... 28 2.4.6 VPN Objectives……………………………………………........ 28 2.4.7 VPN Types……………………………………………............... 28 2.4.8 VPN Models……………………………………………............. 29 2.4.8.1 Overlay Model……………………………………………..... 29 2.4.8.2 Peer-to-Peer Model………………………………………….. 29 2.4.9 VPN Building Blocks………………………………………….. 29 2.4.10 VPN Architecture……………………………………………..... 30 2.4.10.1 Implementation-based VPN Architecture…………………… 30 2.4.10.1.1 Dependent or Outsourced VPNs………………………….. 30 2.4.10.1.2 Independent or In-house VPNs…………………………… 30 2.4.10.1.3 Hybrid VPNs……………………………………………… 30 2.4.10.2 Security-based VPN Architecture…………………………… 31 2.4.10.2.1 Router-to-Router VPNs…………………………………… 31 2.4.10.2.2 Firewall-to-Firewall VPNS……………………………….. 31 2.4.10.2.3 Client Initiated VPNs……………………………………... 31 2.4.10.2.4 Directed VPNs……………………………………………. 31 2.4.10.3 Layer-based VPN Architecture……………………………… 31 2.4.10.3.1 Link-layer VPNs………………………………………….. 31 2.4.10.3.2 Network-layer VPNs……………………………………… 32 2.4.10.4 Class-based VPN Architecture………………………………. 32 2.4.11 Advantages and Disadvantages of VPN……………………….. 32 2.4.11.1 Advantages……………………………………………........... 32 2.4.11.2 Disadvantages……………………………………………...... 32 2.5 MPLS VPN…………………………..………………………….... 32 2.5.1 Overview……………………………………………………….. 32 2.5.2 Features of MPLS VPN………………………………………... 34 2.5.3 MPLS VPN Architecture………………………………………. 34 2.5.3.1 MPLS VPN Model…………………………………………... 35 2.5.3.1.1 MPLS VPN Components…………………………………. 35 2.5.3.2 MPLS VPN Topology……………………………………….. 36 2.5.3.3 Separation of Routing State of PE-router…………………… 36 2.5.3.4 Customer to Service Provider Routing Exchange………….. 37 2.5.3.5 Label Allocation Process at PE-router………………………. 37 2.5.3.6 VPNv4 Routes Advertisement Across MPLS Backbone…… 37 2.5.3.7 Import of Remote Routing Information into VRFs………… 37 2.5.3.8 Forwarding of Layer-3 MPLS VPN Packets………………... 38 2.5.4 MPLS VPN Security…………………………………………… 38 2.5.5 QoS of MPLS VPN…………………………………………….. 39 2.5.5.1 QoS Models………………………………………………….. 40 2.5.6 Benefits of MPLS VPN………………………………………… 41
viii
Chapter 3 Empirical Study (OPNET Analysis) …………………… 43 3.1 Simulation…………………………..…………………………….. 43
3.1.1 Simulation Tools……………………………………………….. 44 3.2 OPNET Simulation…………………………..…………………… 44 3.2.1 Tasks…………………………………………………………… 44 3.2.2 Assumptions…………………………………………………… 44 3.2.3 Network Design………………………………………………... 44 3.2.3.1 Network Scenarios………………………………………….. 44 3.2.3.2 Network Topology………………………………………….. 44 3.2.3.2.1 QoS enabled MPLS-BGP VPN with IGP (RIPv2 or OSPF. 45 3.2.3.2.2 Network Components……………………………………... 45 3.2.3.3 Network Configuration……………………………………… 45 3.2.3.3.1 Multiple cases of VoIP Traffic……………………………. 46 3.2.4 Results and Analysis…………………………………………… 48 3.2.4.1 Selection and Analysis of DES Time Slots………………….. 48 3.2.4.2 Scenario-based Comparison of MPLS-BGP VPN Results….. 48 3.2.4.2.1 VPN Delay (sec)………………………………………….. 48 3.2.4.2.2 VPN Load and Throughput (bits/sec)…………………….. 50 3.2.4.2.3 VPN Load and Throughput (packets/sec)………………… 52 3.2.4.3 Scenario-based Comparison of Background Traffic………… 54 3.2.4.2.1 IP Background Traffic Delay (sec)……………………….. 54 3.2.4.4 Scenario-based Comparison of Path Statistics……………… 55 3.2.4.4.1 Flow Delay (sec)………………………………………….. 55 3.2.4.4.2 Flow Traffic IN and OUT (bits/sec)………………………. 57 3.2.4.4.3 LSP Delay (sec)…………………………………………… 59 3.2.4.4.4 LSP Traffic IN and OUT (bits/sec)……………………….. 61 3.2.4.5 Scenario-based Comparison of Point-to-Point QD (sec)……. 63 3.2.4.5.1 Site1 to Site3 LSP-based QD (sec)……………………….. 63 3.2.4.5.2 Site1 to Site3 Through Site2 LSP-based QD (sec)……….. 65
Chapter 4 Verification of Results…………...…………………………. 69 4.1 OPNET NetDoctor Report of MPLS-BGP VPN Simulation…... 69 4.2 Multiple Runs of Simulation………………………………….... 69
Chapter 5 Conclusion and Future Work……………………………. 70 4.1 Conclusions…………………………..………………………….... 70 4.2 Future Work…………………………..…………………………... 71
5 References…………………………..…………………………. 72
1
Chapter 1: Introduction 1.1 General Overview of the Area
Voice over Internet Protocol (VoIP) is an umbrella term for a family of transmission technologies to provide voice communication over IP networks like the internet and Public Switched Telephone Network (PSTN). The basic step in the Internet phone call is the conversion of voice signals into digital format that outputs the translation of the signal into Internet Protocol (IP) packets for transmission over the Internet. The process is reversed at the receiving end [1].
In one of the Telecommunications Industry Association (TIA) report says that residential VoIP consumers are more than tripled in 2005 and predicted an annual growth of more than 40% during 2009. This would report more than 18 million VoIP connections. This shows that VoIP is not only growing rapidly, also it is here to stay. The adoption of VoIP in small to large businesses has also been great. Traditional communication systems are being replaced at a rapid pace by enterprise business communication tools that offer feature-rich and cheaper way of communicating with your contacts [2].
Recently VoIP technologies have advanced to provide tremendous opportunities for service providers, as one can use a single IP network for both data and voice communication in cost-effective and reliable manners. Service providers are now adopting VoIP technologies, to provide new services and applications to accommodate their customers needs. One major VoIP infrastructure deployment issue for service providers is to maintain high quality of communication services to the customers [3].
Multi-Protocol Label Switching (MPLS) is considered as a good packet switching technology that ensure the Quality of Service (QoS), useful for multimedia applications, next generation communication services reliability and efficient use of network resources [1].
Fast Virtual Private Networks (VPN) use public network infrastructure as the backbone WAN supplement instead of using expensive leased or dial-up connection in a private network. Is VPN a good solution for wide range of public networks, Internet Service Providers (ISPs), IP, Asynchronous Transfer Mode (ATM) and Frame Relay networks? According to the subscribers end, communication through a private or public network should be different in performance (QoS and Security) from the communication (post, fax or sensitive documents) via PSTN in an organization. In first case of communication through private or public network; the information is provided directly to the right destination, in safe and reliable manners [4].
MPLS-based VPN is the best solution for all scales of companies currently deployed VPNs to public or private site-to-site communication. MPLS offers sophisticated communications networks with IP QoS that enable multiple classes of public or private services for businesses. In these organizations vital applications are treated with higher priority than other applications. When MPLS VPN backbone is discussed in terms of security then comparisons are made by the fact of VPNs, Frame Relay or ATM implementation. Before MPLS VPN technology implementation, point-to-point VPNs are configured through ATM/Frame Relay at layer-2 [5][6]. Then
2
MPLS works at layer-3 that enhance the mechanism of VPN by Generic Routing Protocol (GRE) or IP Security (IPSec) tunnels and made it stronger with respect to security aspects [5][6]. MPLS VPN provides the most inherent security aspects like [1]:
• It separate between the address space and routing. • Core network is not visible and it also provides a spoofing against the
labeling. A need for the improved internet services has been identified especially for
consumers that use high-speed communicating applications. That forces the existing service providers to upgrade their bandwidth from time to time which results in increase the overall bandwidth expenses. Hence, the major concern for the service providers is to provide support for high bandwidth consuming applications with QoS to consumers. In QoS, the main hurdle is to develop a set of mechanisms that can support a large, scalable and wide range of VPN connections [6][7].
The purpose of this thesis is to analyze the operation of VoIP over Multiprotocol Label Switching based Virtual Private Network (MPLS VPN) backbone for guaranteed Quality of Service (QoS) that is influenced by a number of important factors including delay, load, throughput, packet loss, bits error ratio, bit errors per packet and voice-encoding scheme. This complex interaction of these parameters defines the overall call quality experienced by the consumer. VoIP over MPLS VPN research should define voice service types that are comparable to the existing PSTN services and could be provided at a lower cost [8].
1.2 Motivation and Contribution The motivation behind the use of VoIP over MPLS VPN is to take benefits of
these new network capabilities in parts of the network. These capabilities improve VoIP service by using LSPs as a carrier for VoIP; providing more efficient transport mechanism, layer 2 independence, the integration of access technologies (protocols and addressing) and guaranteed QoS, across MPLS backbone [8][7][33].
These are the motivation factors that urged us to using of these different technologies and analyzing the different scenarios of VoIP over MPLS VPN for a better, cost effective and reliable communication solution.
1.3 Aims and Objectives This thesis will focus on the implementation of Quality of Service (QoS) in MPLS
VPN backbone with VoIP, using the OPNET simulation tool. According to our knowledge and search, we couldn’t find any information regarding VoIP over MPLS VPN backbone with IP QoS. This motivated us to do scientific research to analyze the behavior of the MPLS VPN with QoS for VoIP traffic. The following steps will be involved to answer the questions and to get the results.
• Simulation design • MPLS VPN configuration with interior routing protocols (RIPv2, OSPF)
because it occurs within an autonomous system and exterior routing protocol (BGP) because it occurs between autonomous systems.
• VoIP traffic configuration • MPLS VPN QoS and performance measuring parameters:
1. Inputs
3
o Network size (Communication sites and a Service provider) o Background VoIP traffic will be configure. o All links are fixed links. o Interior routing protocols (RIPv2, OSPF) o Exterior routing protocols (BGP) o LSPs will be configuring between PEs in the network.
2. Outputs o MPLS VPN:
§ Delay/s § Throughput (bits/s and packets/s) § Load (bits/s and packets/s)
o IP Background Traffic Delay o Path Statistics:
§ Flow Delay (sec) § LSP Delay (sec)
o Point-to-Point Queuing Delay § Queuing Delay of Site1-to-Site3 LSP § Queuing Delay of Site1-to-Site3 LSP involving Site2
We’ll define the following scenarios to analyze the best suitable scenario which
will provide the best MPLS VPN with QoS for VoIP traffic to achieve the customer satisfaction and confidence.
• First Scenario: QoS enabled MPLS-BGP VPN with RIPv2 o Case 1: for 500 VoIP calls o Case 2: for 2500 VoIP calls
• Second Scenario: QoS enabled MPLS-BGP VPN with OSPF o Case 1: for 500 VoIP calls o Case 2: for 2500 VoIP calls
This thesis presents the benefits of MPLS VPN with IP QoS backbone network
with VoIP traffic when simulating the network using OPNET. Analysis of simulation results provide, which scenario will be a better voice communication solution for the customer with respect to MPLS VPN QoS and service reliability. The simulation configurations and results will be presented as images, tables and graphs.
1.4 Problem Statement VoIP has many issues like traditional PSTN and a set of additional ones. Some of
these issues are inherent to VoIP and we can’t do a lot to minimize the effects of these issues on VoIP networks. We can possibly control and avoid many of these issues like delay, load, throughput, packet loss, bits error ratio, bit errors per packet by careful planning and solid network design. Our main questions that we tried to answer are as follows:
Q1. Interior and exterior routing protocols works at different network environments; how do they work together in MPLS VPN w.r.t VoIP network?
Q2. What are the challenges in MPLS VPN network w.r.t IP QoS? Q3. Will MPLS VPN with IP QoS influence delay in the VoIP network?
4
Q4. Will MPLS VPN based on interior routing protocol (RIPv2 or OSPF) and exterior routing protocol (BGP) with IP QoS be the best solution for VoIP traffic w.r.t VPN delay, load and throughput, and Site-to-Site Flow delay and LSP delay, and End-to-End Queuing delay?
Q5. Which of the proposed scenarios will be the best solution with respect to MPLS VPN with QoS parameters and service reliability to get the customer satisfaction and confidence?
Tentative hypothesis: VoIP over MPLS VPN with interior routing protocol (OSPF) and exterior routing protocol (BGP) will be a better scenario to provide a guaranteed QoS that can fulfill the consumer’s need of Next Generation (NG) communication services.
1.5 Research Methodology The main goal of research is discovery, interpretation and development of
advanced methods and systems of human knowledge on a wide range of scientific questions of our lives and the world [45]. Research is used to answer questions or test hypotheses and results are based on actual evidence, as opposed to theory or assumptions.
Theoretical research leads to a better understanding of science with the results of the experiment; this is certainly true in QoS research in communication networks. Several major improvements in the experimental results are due to the attainment of QoS understanding in a network and theoretical knowledge based on the use of computer simulators. With computers, new ideas can be tested, developed faster and less expensive. We have used the scientific methodology that will be the combination of theoretical research and empirical research (non real time experimental work e.g. Simulation) to answer the questions [45]. Regarding simulation, we will use network design and component based configuration. The steps included in this methodology are the following:
• Literature study • Simulation design • Implementation of simulation • MPLS VPN with interior routing configuration • MPLS VPN with exterior routing configuration • MPLS VPN QoS parameter selection • VoIP traffic configuration • Simulating the scenarios • Verifying simulation results
Analyzing the simulation results to get the answers of the questions
1.6 Chapter Organization Chapter 1, Introduction: a general introduction to what the thesis is all about,
problem statement, why our questions are worthwhile, and what will be the cover of results.
Chapter 2, Background: a brief section that gives necessary background information about our research area; especially what have been done before, VoIP, MPLS, MPLS-based VPNs and QoS.
5
Chapter 3, Method: gives the answers for what are our goals, what we are going to do to achieve those goals and why?
Chapter 4, Analysis: This section provides the detailed experimental work, network design, implementing network design in OPNET simulator, analysis and evaluation of simulation results.
Chapter 5, Conclusion: provides what we have learned, did we meet our goals, what are the suggestions about the research area, what we have untouched in the research area?
6
Chapter2: Background 2.1 Review of the State of the Art
Several abstracts of research papers, articles, journals and student thesis were studied to get a rough sketch of the section “review of the state of art”. This sketch leads to better understanding of thesis contents. This section is divided according to the research areas.
2.1.1 Voice over MPLS Research Area In [9], analytical models had been used by the authors to measure the efficiency of
VoIP applications on an MPLS network. These analytical models were presented to support QoS requirements in MPLS network. The mathematical expressions were used to evaluate these analytical models for both IP/MPLS networks.
A comparative analysis of MPLS over Non-MPLS had been done by authors and concluded that MPLS have a greater performance over Non-MPLS infrastructures. In this paper, analysis is based on MPLS signaling protocols such as CR-LDP, RSVP and RSVP-TE. The QualNet v4.0 was used for this analysis, based on packet loss, throughput and end-to-end delay performance parameters on the network traffic [10].
Authors presented an OPNET based real world network model to calculate the minimum number of established VoIP calls in an organization. The proposed model was designed by considering the factors used to implement VoIP applications in IP network. The minimum number of calls that can be maintained by this model was simulated in OPNET [11].
Efficient delivery of voice services over MPLS backbone was investigated by using Optical Networks Research Lab (ONRL) testbed in this research. In this investigation MPLS is used to route compressed voice packets over LSPs, and this compression/decompression is done only at ingress and egress routers. The investigation results had shown the enhancement in bandwidth utilization and packet processing scalability. By using MPLS VPN has provided a secure and efficient end-to-end voice communication [12].
2.1.2 MPLS VPN with QoS Research Area MPLS VPNs are the ideal site-to-site solution for medium to large organizations
that provide VPN services. In MPLS VPN network, MPLS capabilities are coupled with IP QoS to enable priority based multiple classes of service for critical applications. Authors proposed efficient QoS schemes for MPLS VPN to fulfill the user demand [5].
In paper [4], authors had tried to clarify MPLS implementation for VPN services. For this objective, authors researched an architectural model and proposed their own model that comes with a design and implementation procedure for VPN service in MPLS. Then authors described MPLS VPN schemes with full range of QoS to accommodate with existing network backbones.
In paper [13], authors proposed a scheme for supporting QoS over VPNs by combining BGP/MPLS VPN and MPLS/DiffServ. OPNET was used to simulate
7
multimedia traffic in terms of performance parameters such as delay, jitter, throughput and packet loss under varying load conditions.
2.2 Voice over Internet Protocol (VoIP) 2.2.1 General Overview
Voice over Internet Protocol, also known as (VoIP/IP Telephony/Internet telephony/ Digital Phone) is the routing of voice over the IP network and the voice data travels through packet-switched network [14].
Our home phone is based on an analogue system, while VoIP has digital one. In VoIP enabled phone, voice is converted into packets; compressed for efficiency and then transferred to the connection. The process is reversed on the other side of the connection. Protocols carry voice signals over the IP networks are referred to as VoIP protocols. VoIP traffic can be deployed on any IP network instead of private building wide Local Area Network (LAN) that lacks an internet connection [14][2].
2.2.1.1 The VoIP Revolution Since the evolution of the internet, researchers with an eye to the future have tried
to merge the voice services with internet services. With the adoption of VoIP on very large scale, that revolutionary day has come in the telephone industry. Simply, VoIP service allows us to use our high speed internet connection to place calls that rocks to the core of telecom industry [15].
2.2.1.2 The Evolution of VoIP VoIP has been developing over the last ten years. In the time of beginning
computer users talked to each other using a voice enabled computer, internet connection, and a software program that made this all to communicate [15].
The advantage of this communication was free of charge in the world and we could bypass the traditional telephonic system, if the setup parameters are the same on both sides. The main disadvantage of this type of communication is that we could only communicate by using our computers. Today's VoIP have solved these problems by fulfilling the two main requirements to make feasible and scalable VoIP [15].
• Broadband internet service has been widely adopted to make it possible to have stable internet connections.
• Industry has developed a simple, inexpensive integration of IP network with the traditional telephonic system.
Today's VoIP allows us to call through an ordinary telephone connection to anyone in the world with a high speed internet connection.
2.2.1.3 Why should I switch to VoIP? We all have a phone at home or at work then why should we change to VoIP? Let
have a look at the some advantages and disadvantages of VoIP [16]. Advantages:
• Cost effective • Flexibility • Scalability • Mobility
8
• Features rich Disadvantages:
• Dependent (Broadband connection, Electricity) • Complex procedure • Voice quality is less than analogue phone
2.2.1.4 VoIP Features With VoIP we can make calls with IP phones from anywhere we have access to
our high speed internet connection to anyone. Some users use a specially developed softphone on their computers to access their VoIP services. Most companies that provide traditional phone services charge extra for additional features but with VoIP these features come as standard. Such as [17]:
• Caller ID • Call waiting • Call transfer • Repeat dialing • Return Call • Conference calls • Call filtering • Voice mail • Fake call • Messaging
There are many cost saving benefits. Network administrators have to maintain only one network for VoIP and Data instead of two networks. The portability of the phone system is also greatly simplified. VoIP systems are extremely portable because its configuration can be done via using a web interface. All these features lead to lower ongoing cost for an organization [17].
2.2.2 Layers of VoIP Network VoIP networking can be described in better way by using the Open Systems
Interconnect (OSI) reference model that describes the data communications process. This reference model consists of seven layers: physical, data link, network, transport, session, presentation, and application. The main purpose this model is to integration of different types of networks and to provide standardized platform for engineers [18][2].
Figure 1: VoIP network layers
9
This model works similar with VoIP as it works with other type of networks.
2.2.3 Call Equipments VoIP calls being made through softphone are common but in modern technologies
IP Phones are being used for the communication. In a VoIP network, VoIP servers communicate with the IP phones, Soft phones or traditional phones in order to facilitate the users [18]. The manufacturers are introducing new technologies for communication like Wi-Fi, Bluetooth etc that can provide reliable and efficient services [19]. Common devices used in this type of systems are:
• VoIP Servers • VoIP Endpoints
2.2.3.1 VoIP Servers These software-based devices participate in VoIP network for communication,
using Ethernet to facilitate calling and other applications. An Analog Telephone Adapter (ATA) is a special VoIP server with voice mail system. VoIP users belonging to carrier class can connect to VoIP servers with different type of data link but Ethernet is a commonly used data link type by the most implementers. VoIP servers have many roles to fulfill [18]:
• Call switching • Management of connections • Call recording • Auto-attendant functions • Call conferencing • Translation of codec
In an IP network, voice endpoints and servers are connected via different data link types, this makes the call switching and transmission system that replaces the PBX system of communication. VoIP servers differentiate from endpoints in the way that they don’t provide a voice application interface for users. For example switches and PSTN gateway devices [18][20].
2.2.3.2 VoIP Endpoints Endpoints are connected directly to a type of data link (such as Ethernet that
carries TCP/IP) are known as IP phones. These endpoints resemble in features with traditional phones but they have an RJ45 connection that is an auto-negotiating interface, like PC Ethernet adapter. The applications running on these endpoints facilitate the users similar to a traditional telephone but functionality differs in both w.r.t call signaling and transmission [18][20][21]. Traditional telephones can be connected to Ethernet via an ATA that converts the single-pair analog connection into a four-pair Ethernet connection [18]. ATA devices are expensive, provide less features than IP phones. These devices and IP telephones are working as hosts in IP network so that they must have an IP address to accommodate with the IP network design [18].
2.2.4 Call Control Voice over IP is not only a way of transporting voice. It also control call sessions
that initiates, maintain and disconnect the data flows in different applications. This is
10
not compulsion for messages to pass directly between two endpoints on the same path as other media packets [23].
In VoIP systems, two main signaling approaches may be adopted and are known with different terms. Here these signaling approaches are termed as:
• Direct-routed signaling (Simplest peer-to-peer model) • Server-routed signaling (Complex server routed model)
2.2.5 Protocols VOIP uses the Internet Protocol (IP) to transmit voice packets for communication
via internet, intranet or LAN. VoIP uses combination of different methods to categorize areas [22][24]:
1. Voice session control and data transmission protocols used to set up, tear down calls and transformation of information.
2. CODECs used for conversion and compression of voice.
2.2.5.1 Session or Signaling Protocols The main aim of protocols in VoIP is to initiate and maintain communication links
between endpoints. By performing this task these protocols are known as VoIP session protocols or VoIP signaling protocols [22]. The main differentiating reason between these signaling protocols is how these protocols were designed to handle the different types of call paths [18]. Besides which manufacture support which standard, the basic differences are described in the table-1 below. We will discuss two main signaling protocols in this section.
Table 1: VoIP signaling protocols [18]
Protocol Families Intended Signaling Scenarios
Maintainer Built-in Device Support
H.323 Telephony, Video ITU-T Via gateways SIP Telephony, Instant
messaging, Video IETF None
recommended IAX Telephony Digium Inc. None
recommended SCCP Telephony Cisco Systems None
recommended MEGACO/H.248 Telephony IETF and ITU-T Yes
2.2.5.1.1 H.323: ITU-T VoIP Protocol The H.323 was first developed in 1996 and the latest version v5 was introduced
and standardized in 2003 by ITU-T [24]. This protocol suite was developed for multimedia services on LANs, and later extended for VoIP to provide both point-to-point and multipoint multimedia communication. H.323 signaling process is fast and has compact message packet structure that enables maximum availability of network resources for call signaling [18].
There are four main components of H.323 protocol suite [2][25]: 1. Terminals 2. Gateways
11
3. Gatekeepers 4. Multipoint Control Units (MCUs)
Terminals, gateways and MCUs are known as endpoints [24]. The various H.323 hardware components are shown in figure-2 below.
Figure 2: H.323 components
The H.323 protocol suite is split in following areas of control [2]:
• Pre-call control is provided by Registration, Admissions, and Status (RAS) Signaling in H.323 gatekeeper based networks.
• Call Control Signaling is used to connect, maintain, and disconnect of a call. • Media Control and Transport provides a reliable way of that uses H.245
channel to transfer media control messages. H.323 architecture supports information exchange of audio, video, data,
communication control, and controlling connections and sessions [24]. The following figure-3 illustrates the structure of the key protocol in the H.323 architecture.
Figure 3: H.323 protocol stack structure
12
The signaling messages for H.323 call setup. The gatekeeper interaction is limited
to RAS messages for call permission and status messages. In H.323, call signaling channel routing can be accomplished in two ways [2]:
• Direct Endpoint Call Signaling (DECS) • Gatekeeper Routed Call Signaling (GKRCS)
2.2.5.1.2 Session Initiation Protocol (SIP): IETF VoIP Protocol
The IETF standardized this protocol for VoIP connections [24]. SIP is adopted by many service providers for call session management and provides functions similar to a traditional telephony like dial tone, ring tone, busy signal, call waiting, messaging and caller ID [22].
SIP is an application layer control protocol for initiating, modifying and terminating sessions between endpoints for internet calls [24]. The SIP architecture is similar to Hyper Text Transport Protocol (HTTP) and Simple Mail Transfer Protocol (SMTP), client generates requests to the server, and then server processes the requests and sends a response back to the client [2]. SIP provides support for multicast conferences by inviting participants to existing sessions. For user mobility, SIP supports name mapping and redirection services [24].
SIP works with both versions of IP and provides many security services, such as integrity prevention, authentication, encryption and privacy services [24].
SIP Functionalities: provides the following capabilities for a session: • User location: this SIP capability discovers an end user location for
establishing a session for communication [2][24]. • User capabilities: this SIP capability determines the type of media and media
parameters to be used that are involved in communication session [2][24]. • User availability: this SIP capability determines the status of the end user for
communication [2][24]. • Session setup: this capability establishes the session parameters for both
parties involved in the session [2][24]. • Session management: provides transfer, session parameter modification and
termination of an ongoing session [2][24]. SIP Network Elements [2][26]:
• User agent (UA) • User agent client (UAC) • User agent server (UAS) • SIP servers
o Proxy servers (forwarding for UAC) o Redirect server (inform the UA of next server) o Registrar server (register the location of client) o Location servers (performs address resolution for SIP proxy)
• Back-to-back user agent (B2BUA) • SIP messages
o Request (client to server) o Response (server to client)
SIP Operations: Both parties are determined by SIP addresses. For a call setup, caller locates a server and sends a request to the server. Invitation is the most common
13
SIP operation. Instead of direct connection to end user, a SIP request may be redirected or new SIP requests may be triggered by proxies. Users register their locations with SIP servers [2][25].
Figure 4: Basic SIP call setup
Protocol Structure SIP messages can be transmitted over TCP or UDP and lines
must be terminated with CRLF. These messages are categorize in request messages and response messages [24].
Request message format: Method – Request URI – SIP version
• Method: There are following methods are performed on the resources. o Invite o Ack o Options o Bye o Cancel o Register
• Request Uniform Resource Identifier (URI): this is the user to which this request is addressed.
• SIP version: The SIP version used for communication. Response message format:
SIP version – Status code – Reason phrase • SIP version: The SIP version used for communication. • Status code: This is the request status, shown as a three digit integer code. • Reason phrase: Status code description in text format.
2.2.6 Compression There are two commonly used variations of 64 Kbps Pulse Code Modulation
(PCM): 1. µ-law 2. a-law
To achieve 12-13 bits of linear PCM quality both methods use logarithmic compression, but both differs w.r.t the minor compression details (µ-law has an advantage in low-level and signal-to-noise ratio performance than a-law)[2].
14
Adaptive differential pulse code modulation (ADPCM) is another technique of voice compression. ITU-T G.726 is a widely used instance of ADPCM that gives 32 kbps transmission rate by encoding 4-bit of samples. The 4-bits do not encode speech amplitude but do encode amplitude differences and amplitude change ratio by rudimentary linear prediction. PCM and ADPCM are waveform codec compression methods that make use of outmoded characteristics of the waveform. Some new compression methods developed to make use of speech generation characteristics. These methods can be combined as source codec by including different variations like Code Excited Linear Prediction (CELP) compression, Linear Predictive Coding (LPC) and Multi-pulse, Multi-level Quantization (MP-MLQ) [2][28][29].
2.2.6.1 Coding Standards VoIP equipments used these compression/decompression methods for conversion
of analogue audio signals to digital bit stream. These techniques reduce the required bandwidth with assured voice quality [28].
In G-series recommendations by ITU-T, the most popular voice coding standards for telephony include:
G.711: The most commonly used voice codec for VoIP, describes the 64 Kbps PCM coding method to transmit voice and data with quality [22]. There are two versions of this codec according to the regions: m-law for USA and Japan, and a-law for rest of the world [2].
G.726: is a ADPCM based low bandwidth codec that use 16, 24, 32 and 40 Kbps [22]. Service provider can interchange ADPCM voice between packet voice and public phone or packet voice and PBX networks [2]. The lower settings enable VoIP over dial-up links but the voice quality is still less than G.711 codec [2][22].
G.728: is a CELP based voice compression codec that describe a 16 Kbps delay variation [2].
G.729: this low-bandwidth codec is also commonly in use that consumes only 6 to 8 Kbps for voice data transmission [22]. There are two versions of this standard, G.729 and G.729 Annex A. Both versions differs from each other w.r.t computational complexity but voice quality is as same as 32 Kbps ADPCM method[2]. The voice quality of this codec is less than G.711 codec, but this is still a good option for low bandwidth connections [22].
G.723.1: this codec can compress the voice signals at a low bit rate [2] and very low-bandwidth codec as compare to others [22]. This uses only 5.3 Kbps (based on CELP) to 6.3 Kbps (based on MP-MLQ) of bandwidth. The voice quality is less than G.711 and not recommended for fax service [2][22].
iLBC (Internet Low Bit-rate Codec): A free voice codec that is known for robust VoIP. The evolution aim of this codec is to support low band speech. The basic voice quality is greater than G.729A and it is also being used in well known PC-to-Phone multimedia applications like Skype, Google Talk, Yahoo! Messenger and Windows Live Messenger [2].
2.2.7 VoIP Functionality As a starting point, consider a simple case of two users want to communicate using
VoIP by softphones. Each computer is connected to an IP network and to make a call to other user, one issue ‘how one user can find the other user for communication?’ should be addressed by some form of signaling, suitable naming and addressing
15
scheme. VoIP signaling messages should have a common format to enable terminals to communicate. For commercial and operational, it is required to have a common industry-accepted standard that enables the market growth. VoIP equipments combine their roles to form the complete communication service [18][22].
Figure 5: Typical Internet phone scenario
In this scenario your phone is not connected to any telephone company's system,
eliminates the requirement of to be at one specific place. There will be no difference in sound quality experienced by the caller and receiver, and user can receive calls same at home and while at vacations [22]. The following steps are involved in IP call:
Figure 6: Steps involved in VoIP call setup
1. Caller initiates a call by using a softphone, the VoIP provider received a
signal from VoIP session protocol and ATA produced a same dial tone as traditional dial tone then call begins to dial the number.
2. The required number is produced in the result that the tones are converted by the ATA or softphone and VoIP session protocol transmits it to the VoIP provider.
3. The VoIP provider uses telephone signaling to access the line.
16
4. As the phone company sends the ring-back signal to the provider, the destination phone starts ringing.
5. The VoIP session protocol transmits the ring-back signal to the caller. 6. The call is connected in the result of receiver party picked up the call and
voice codec data starts to flow between the caller and the provider. 7. The provider converts this data to analog signals, and received by the called
party through the telephone company.
2.2.8 Mean Opinion Score (MOS) In voice communication, QoS is measured on the basis of MOS [2] that provides
voice quality statistics. To determine MOS, voice quality is being tested and evaluated after passing through codec and specific no. of listeners rates the voice quality [2][26]. The value range of MOS is from 1 (not recommended) to 5 (very satisfied) and 4 is considered as an appropriate value [26] as shown in figure-7 below.
Figure 7: Comparison of user satisfaction with MOS
The CODEC G.711 has 4.1 MOS value based on bandwidth saving, G.729 has
3.92 MOS value and G.729a has 3.9 MOS with less processor demand. MOS is based on listener’s opinion [26].
2.3 Multiprotocol Label Switching (MPLS) 2.3.1 Overview
Multiprotocol Label Switching (MPLS) has been here in communication industry for many years [30]. As discussed in RFC-3031, MPLS combined the advantages of ATM and Layer-3 approach of IP [31] but it has an independent architecture for fast packet switching and routing [24]. MPLS is a way of tunneling IP data-grams, within and among independent systems. It also treats the encapsulated IP datagram as raw data and does not access it in the tunnel. [32].
Link-layer
header MPLS label
IP header Data
Figure 8: MPLS label encapsulation
17
In MPLS networking, simple and fixed length labels [24] are used to build a label to label mapping between network routers. These labels are attached to packets to forward them through the network by label switching instead of IP switching [30].
The label switching technique is not new, as it is used in Frame Relay and ATM. This high speed switching mechanism in MPLS is possible by inserting labels before the packets that enable the hardware to switch packets between links [24]. In essence, the MPLS combines the advantages of IP routing and the simplicity of label switching of Frame Relay or ATM. MPLS devices operate on both the IP layer as well as the label-switching layer. Because of this nature, MPLS devices are called Label Switch Routers (LSRs) [33].
The label-Switched Paths (LSPs) are virtual tunnels, used for data transmission in MPLS network. These LSPs are formed by a series of labels from source to destination [24]. The “two-label” approach is proposed by Martini, becomes the most popular way for encapsulating the Layer-2 protocols. This method uses the following labels [24]:
1. Tunnel Label: decides which LSP will be use for the packet transmission from the ingress to egress LSRs.
2. VC Label: provides Layer-2 forwarding information to egress LSR. MPLS makes use of existing IP routing protocols like Border Gateway Protocol
(BGP), Resource Reservation Protocol (RSVP), Open Shortest Path First (OSPF), and etc. MPLS has defined a new set of signaling and routing protocols such as Label distribution Protocol (LDP), Constraint-based LDP (CR-LDP) and Resource Reservation Protocol – Traffic Engineering (RSVP-TE). To fully extend the capability of MPLS, engineers are developing new standards such as Virtual Private LAN Services (VPLS), Hierarchical Virtual Private LAN Services (HVPLS) and Generalized Multiprotocol Label Switching (GMPLS) [24].
MPLS has traffic management and QoS mechanisms to manage traffic flows. Specifically, MPLS provides traffic management capabilities such as traffic policing, congestion management, traffic shaping and priority queuing [24].
In summary, MPLS addresses many problems concerning today’s networks such as speed, scalability, QoS management and traffic engineering. With its powerful new features, MPLS has become a next generation network (NGN) solution for services such as data, voice and video over the same network [24].
2.3.2 MPLS Benefits MPLS labels are used to forward the packets instead of the destination IP address:
have led to the popularity of MPLS. These are the following benefits of running MPLS in a network [30] [31]:
• Unified network infrastructure • Better integration of IP over ATM • Flexible classification of packets • Optimization of network resources • BGP-free core • Label distribution via BGP, LDP, RSVP and Protocol Independent
Multicast (PIM) • Coexistence of distribution protocols in LSR • Redundancy of numbering and label allocation • Provide modular value-added applications (TE, QoS, Multicast and VPN) • Optimal traffic flow
18
• Facilitate the evolution of services via Any Transport over MPLS (AToM) • Unification of optical and routing control planes in GMPLS
Provider-
Provisioned VPNs
Traffic Engineering
IP+ATM IP+Optical
GMPLS
Any Transport
over MPLS
MPLS
Network Infrastructure
Figure 9: MPLS as a foundation for value-added services
2.3.3 MPLS Architecture Mainly an MPLS network consists of LSR and MPLS nodes. An LSR runs the
MPLS protocol to provide label binding to Forward Equivalence Classes (FECs), IP packet forwarding, and carry the IP forwarding decision. An MPLS node is an LSR, except that it does not provide IP packet forwarding based on prefixes [34]. The key advantage of MPLS architecture is the division into two planes.
• Data plane: that contains the information required to transfer a packet. • Control/Signaling plane: that allocates the transfer information.
This division allows many applications to be developed and deployed in a flexible, scalable and reliable manner [31].
Figure 10: Basic architecture of MPLS IP routing
2.3.3.1 MPLS Label Structure A 32-bits MPLS label has a certain structure as shown in figure-17 [30][24].
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
Label Exp BoS TTL
Figure 11: MPLS label
IP routing protocols
IP routing table
MPLS IP routing control
Label Forwarding Table
Data plane in a node
Incoming labeled packets
Routing information exchange with other routers
Label banding exchange with other routers
Outgoing labeled packets
19
• Label: The first 20 bits of MPLS label are the Label Value and the first sixteen values of label are exempted for normal use because of special meaning. System learns the next hop and the operation to be performed, after receiving a labeled packet and the label value at the top of the stack looked up [30][24].
• EXP: These bits from 20 to 22 are reserved for experimental use, and used only for QoS [30][24].
• BoS: Bit 23 is known as Bottom of Stack bit, set to 1 for the last entry in the label stack. The stack is the collection of labels and can consist of one label or set of labels [30][24].
• TTL: These 8 (24 to 31) Bits has the same function as in the IP header. This field is used for encoding the TTL value. This time-to-live value is decreased by 1 at each hop that avoids the packet from being caught in the routing loop [30][24].
2.3.3.2 Label Switched Routers (LSR) An LSR is a router that has the capability to understand MPLS labels and
responsible for receiving and transmitting a labeled packet on a data link in MPLS network [30][36]. Three operations are associated with LSRs, pop, push and swap. In MPLS network, there are three types of LSRs [30]:
• Ingress LSRs: receive an unlabeled packet, add a label to that packet and send it via data link.
• Egress LSRs: receive labeled packets, remove the label or set of labels and send them via data link.
• Intermediate LSRs: perform an operation on incoming labeled packet and switch the packet on the correct data link.
Figure 12: Label Switched Routers (LSRs)
2.3.3.3 Label Edge Router (LER) The LERs work as QoS decision points in MPLS network. By using port numbers
in layer-4 of the packets, QoS policies can be established and managed [37]. The LERs are responsible for adding or removing labels from the packets [36].
20
Figure 13: Label Edge Routers (LERs)
2.3.3.4 Label Switched Paths (LSP) An LSP consists of a sequence of LSRs that switch a labeled packet through an
MPLS network. In MPLS network, the first LSR of an LSP is the ingress LSR for that LSP, and the last LSR of the LSP is the egress LSR. The intermediate LSRs are working in between the ingress and egress LSRs [30][36].
Figure 14: Label Switched Paths (LSPs)
2.3.3.5 Forward Equivalence Class (FEC) A group of packets that has the same transmission path and forwarding mechanism
is known as FEC. The packets belonging to the same FEC have the same label. But some packets do not belong to same FEC and forwarding mechanism due to a different EXP value. Ingress LSRs decides which packet belongs to which FEC and this is done only once in MPLS network [30][36].
2.3.3.6 MPLS Modes There are different modes, used for distributing labels between LSRs. These
distinct modes are as follows [30]: • Label distribution mode
There are two modes to distribute label bindings: o Downstream-on-Demand (DoD) label distribution mode o Unsolicited Downstream (UD) label distribution mode
21
• Label retention mode Two label retention modes are possible:
o Liberal Label Retention (LLR) mode o Conservative Label Retention (CLR) mode
• LSP control mode Local binding for FEC can be created by LSRs in two ways:
o Independent LSP Control mode o Ordered LSP Control mode
2.3.3.7 MPLS Protocol Stack The MPLS architecture protocol family includes [24]:
• MPLS related routing and signaling protocols o OSPF o RSVP o Intermediate System to Intermediate System Routing Protocol (IS-
IS) o BGP o ATM PNNI, etc.
• LDP • CR-LDP • RSVP-TE
MPLS Multi-Protocol Label Switching
Martini Frame Encapsulation
MPLS Signaling Protocols and Extensions
TDP Tag Distribution
Protocol
LDP Label
Distribution Protocol
CR-LDP Constraint Based LDP
RSVP-TE RSVP Traffic Engineering
GMPLS Protocols and Extensions
OSPF-TE OSPF Traffic Engineering
ISIS-TE ISIS Traffic Engineering
LMP Link
Management Protocol
CR-LDP-TE CR-LDP Traffic
Engineering
Figure 15: MPLS protocol stack
2.3.4 Basic Operation This section provides the typical operation of MPLS devices. The IP routing
protocol runs on the control plane of all devices to build IP routing tables. These routing tables are used to build IP forwarding tables, also known as forwarding information base (FIB) [33][35].
22
Figure 16: IP routing operation
Several labels can be added to a single packet by label stacking concept. The label
can be tagged in AM of the cell headers. In Ethernet, Point-to-Point Protocols (PPP) and many other technologies, a shim header is located between link header and network header to transport the labels [33][34].
Figure 17: MPLS shim header format
The transfer elements of LSR use fixed-length labels that are memorized in a table
with outgoing path for packets [31]. After the IP routing table process completion, MPLS labels are assigned to individual entries in the IP routing table and sent to neighboring MPLS devices via a LDP [33] [35].
Each device uses its own label space that makes MPLS robust and scalable. Every label assigned by an MPLS device is treated as an input label in label forwarding information base (LFIB), which is used for label switching [33][35].
Most label assignments by MPLS devices are entered into label information base (LIB) table. The output label is entered in the local LFIB to enable label forwarding. This label is entered into the FIB for IP to label forwarding in IP forwarding support devices. After this MPLS devices start forwarding IP packets [33][35].
Some ingress LSRs can receive IP datagram, perform a FIB lookup, insert a label stack to IP datagram based on FIB information, and labeled packet is forwarded to the next-hop LSR. The privilege edge (PE) router in the MPLS VPN network architecture is an example of such device. An egress LSR can receive labeled packets, perform an LFIB lookup, and remove the label from the ingress labeled datagram and forward the
Layer 2 header IP Packet
Label EXP S TTL
MPLS shim headers
4 Octets
PPP header Shim header Layer 3 header
Ethernet header Shim header Layer 3 header
FR header Shim header Layer 3 header
ATM header Shim header Layer 3 header
GFC
PPP header (packet over SONET/SDH)
Ethernet
ATM cell header
Frame Relay
ATM
VPI VCI PTI HEC Data
labels
23
IP datagram to the next-hop IP router. In MPLS network, all LSRs can work as ingress and egress LSRs. The paths that a labeled datagram can take via an LSR are shown in figure-18 [33][35].
Figure 18: Basic MPLS operation
2.3.5 Applications The label assignment and capability to carry labels attached to packet differentiates
MPLS from traditional WAN. This concept of a label stacking provides TE, VPNs, fast rerouting, node failures, and etc [35]. MPLS implementation can facilitate several applications, few are as follows [33][35]:
• MPLS Traffic Engineering (MPLS-TE): customized link-state routing protocols (IS-IS or OSPF) are used to discover resources and distribute attributes in the network. Control processes the FEC binding through RSVP, and FIB is modified based on MPLS-TE labels. MPLS-TE provides control of traffic routing and optimized network utilization.
• Multicast Routing via PIM: extensions of PIMv2 protocol are used for FEC label binding.
• MPLS VPNs: FIBs are created for one or more VPN clients. The customer routing information and MPLS labels are distributed by Multiprotocol BGP (MBGP) across the network.
• Layer 2 VPN: VPN that can be created via a Layer 2 circuit over MPLS, known as Any Transport over MPLS (AToM). By using Layer-2 transport Layer-2 VPN provides auto configuration, management and QoS are the Layer-2 VPN services.
• Layer 3 VPN: BGP is used for Layer-3 VPN in service provider’s (SP) network, and IP routing or static routing protocols are used between SPs and clients.
• MPLS QoS: provides a mechanism for differentiated service that enables the creation of LSPs with guaranteed bandwidth. In ATM networks, four labels are assigned to each IP prefix by customized LDP that enables different QoS classes for each label.
24
The sections that follow focus on the technology details for a base of these services, such as Layer 3 VPNs, traffic engineering, differentiated services, and Layer 2 VPNs. Multicast, IPv6, and GMPLS are discussed in later chapters.
Figure 19: Advanced services architecture
Many of the different MPLS applications stick to the common structure and might
have its own set of characteristics. The LSRs can integrate with new MPLS applications without having any effect on existing services by sharing common LFIB [33][35].
Figure 20: Multiple MPLS applications in a single LSR
2.4 Virtual Private Network (VPN) 2.4.1 Overview
There are many terms used to define, describe and categorize the VPN functionalities have led to confusion about VPNs [38]. The Internet Engineering Task Force (IETF) provides the standardized definition of a VPN.
Data Plane in a Node
Control Plane in a Node
MPLS IP routing control
MPLS Multicast IP routing control
MPLS VPN routing control
MPLS TE control
MPLS QoS control
Any Transport over MPLS
Label Forwarding Information Base
Virtual Private LAN Services
IPv6 6PE
Carrier Supporting Carrier
Multicast over VPN
ATOM VPNs
IP switching
IP CoS (DiffServ)
TE Fast Rerouting
DiffServ Aware TE
Multicast Routing (PIM v2)
BGP LDP
OSPF IS-IS PIM
Label Forwarding Information Base
Per-Label Forwarding, Queuing, Multicast, Resolution Mechanisms
L2 Protocols (PPP,POS, ATM, FR, Enet, GRE,…)
LDP RSVP
CEF
Label Forwarding Information Base LDP RSVP
25
“A network in which connectivity among multiple private Wide Area Networks (WANs) is deployed using shared IP infrastructure with the same policies as a private network.” A VPN is also described as: an extension of a private intranet through a public
network infrastructure to provide a secure, cost effective and reliable communication channel between two ends. The private tunnels provide help in this extension of the private intranet to enable the point-to-point communication for data exchange [39][35].
Figure 21: Typical VPN setup
Because of the recent revolutions in VPN area, you might think that the concept of
VPNs is new. However, this concept is more than 15-years old and well known in SP area [35]. VPN is a one of the growing areas of the Internet. Organizations are able to interconnect their private networks in more secure manners over economical and resourceful medium of the Internet by using standardized protocols [7]. The shared SP backbone network is referred as the VPN backbone: used as a traffic channel for multiple VPNs and non-VPN traffic [39].
Figure 22: VPN consist of private networks connected through a public network
2.4.2 VPN Safety Mechanisms For the sake of safe transmission of private data, different kind of security
measures and methods are used in VPN tunnel. The following methods and measures are [39]:
2.4.2.1 Encryption A method, used to convert sensitive data into a form that can be available only to
the intended reader. The receiver of the data must have decryption key to read the sensitive data. In traditional encryption model, encryption and decryption key is the same for both the sender and the receiver.
26
Figure 23: Typical encryption model
The public-key encryption model uses two keys known as public and private keys.
In a communication, public key is used by the sender to encrypt the message and recipient uses its private key to decrypt the message. Pretty Good Privacy (PGP) is a main example of this model.
Figure 24: Pubic-key encryption model
2.4.2.2 Authentication A method, that ensures the source and integrity of message to the intended
receiver. Login information is a good example of authentication that requires a username and password to gain access. Authentication process can use either secret-key encryption or public-key encryption in its complex form [39][35].
2.4.2.3 Authorization Authorization is a method that allocates network resources to an authenticated user
according to the access policies.
2.4.3 VPN Devices VPN devices are categorized in two main areas [38][39][35].
1. Customer network devices 2. Service Provider (SP) network devices
2.4.3.1 Customer network devices Customer network devices fall into two categories: Customer (C) devices: these devices reside within the customer network and don’t
interact with SP network, such as router, switches and servers. Customer Edge (CE) devices: these devices reside on the edge of the customer
network, and have direct connection with the SP network’s Provider Edge devices. CE devices are categorized as:
• Customer Edge routers (CE-r)
27
• Customer Edge switches (CE-s)
2.4.3.2 Service Provider (SP) network devices SP network also fall into two categories: Service Provider (P) devices: these devices reside within the provider network and
do not have direct connection with the CE devices of customer network. These devices are unaware of customer VPNs.
Service Provider Edge (PE) devices: these devices reside on the edge of the SP network and have direct connection with the CE devices of customer network and are aware of PE-based VPNs, but are unaware of the CE-based VPNs.
PE devices are categorized as: • Provider Edge routers (PE-r) • Provider Edge switches (PE-s) • Provider Edge devices, capable of routing and switching (PE-rs)
Figure 25: Customer and Provider Network Devices
2.4.4 VPN Protocols Three major tunneling protocols are prominently used to enable site-to-site and
remote access VPNs to ensure the safety aspects of VPN-based transactions. These protocols are described as follow [38][39][37].
2.4.4.1 Protocols for Site-to-Site VPNs In site-to-site VPNs, data traffic is tunneled between CE devices or between PE
devices. Protocols used to enable site-to-site VPNs include the following: • IP Security (IPSec) • Point-to-Point Tunneling Protocol (PPTP) • Generic Routing Encapsulation (GRE) • Layer 2 Tunneling Protocol (L2TP) • Layer 2 Tunneling Protocol version 3 (L2TPv3) • IEEE 802.1Q tunneling (Q-in-Q) • MPLS Label Switched Paths (LSP)
2.4.4.2 Protocols for Remote Access VPNs Protocols used to enable remote access VPNs include the following:
• Layer Two Forwarding (L2F) • Point-to-Point Tunneling Protocol (PPTP) • IP Security (IPSec) • Layer 2 Tunneling Protocol versions 2 (L2TPv2)
28
• Layer 2 Tunneling Protocol versions 3 (L2TPv3) • Secure Sockets Layer (SSL)
2.4.4.3 Comparison of main VPN protocols
Table 2: Comparison of VPN protocols [37] Features GRE IP-IP IPSec L2TPv3 MPLS
Encryption N N In transport mode only
N N
Authentication N N Y N N Multiplexing Y N N Y Y QoS N N N Y Y
2.4.5 VPN Requirements Most of the traditional private network requirements and VPN requirements are
the same. However, the VPN has its own set of following requirements [38][39]: • Security • Availability • QoS • Reliability • Compatibility • Manageability
2.4.6 VPN Objectives The main VPN objective is to address three basic requirements that are as follows
[38][39]: • Anytime access to the network resources for remote and mobile users. • Interconnectivity between remote offices. • Controlled policy to access necessary network resources.
2.4.7 VPN Types The VPNs are categorized on the basis of VPN objectives into following types
[38][39]: • Remote Access VPNs
A type of VP can provide anytime access to the network resources for remote and mobile users. There are following components of Remote Access VPNs:
o Remote Access Servers (RAS) o Dial-up connection o Support person, responsible for configuration, maintaining and
managing RAS. • Intranet VPNs
Intranet VPNs are used to provide interconnectivity between remote office of an organization.
• Extranet VPNs This type of VPN allows controlled access to necessary network resources to external suppliers.
29
2.4.8 VPN Models A VPN can be categorized by implementation into two VPN models [38]:
2.4.8.1 Overlay model Figure-26 illustrates the scenario of the overlay model. The overlay model uses
tunnels to build point-to-point connections over an IP core. The overlay model architecture is simple. In this model CPEs are connected to each other using tunnels to transport IP packets over the SP network and routing information is not exchanged with SP. VPNs using Frame Relay, ATM virtual circuits, GRE and IPSec tunnels are the examples of overlay VPNs [38][35].
Figure 26: Overlay VPN model
2.4.8.2 Peer-to-peer model In peer-to-peer mode, devices are aware of customer network addressing, that is
used to route customer data according to the customer network addressing. In peer VPNs, routes are exchanged between CE and PE devices. A modern example of peer VPNs is BGP/MPLS VPNs [38][35]. Figure-27 illustrates the simple scenario of peer-to-peer model.
Figure 27: Peer-to-Peer VPN model
2.4.9 VPN Building Blocks VPN based solution has a framework of six fundamental elements. These elements
are listed below [39][35]. 1. VPN hardware
• VPN servers • VPN clients • VPN routers • VPN Gateways
2. VPN software • Server and client software • VPN management tools
30
3. Security infrastructure • RADIUS • TACACS • NAT • AAA-based solutions
4. Service provider's supporting infrastructure • Service provider's network access switching backbone • Service provider's network Internet backbone
5. Public networks • Internet • PSTNs • POTS
6. Tunnels • PPTP • L2TP • L2F
2.4.10 VPN Architectures According to the basic VPN requirements by the service provider or subscriber,
VPN architecture can be organized as follows [38][39]: • Implementer-base VPN Architecture • Security-base VPN Architecture • Layer-based VPN Architecture • Class-based VPN Architectures
VPN can be divided into four main categories according to the security requirements of the setup, and into two groups depending on the layer of the OSI model, and into five classes depending on the scale and the complexity of the VPN setup.
2.4.10.1 Implementer-based VPN Architectures VPN can be categorized into following, depending on which end of the
communication will be responsible for implementation and security requirements. • Dependent or Outsourced VPNs • Independent or In-house VPNs • Hybrid VPNs
2.4.10.1.1 Dependent or Outsourced VPNs In this type of implementer-based VPN architecture, the service provider is
responsible for providing the complete VPN solution.
2.4.10.1.2 Independent or In-house VPNs In this type of implementation-based VPN architecture, the subscriber is
responsible for establishing the VPN.
2.4.10.1.3 Hybrid VPNs The Hybrid VPN architecture offers a combination of the dependent VPNs and
independent VPNs. There are two types of hybrid VPN architectures:
31
• The hybrid VPN architecture, controlled by single service provider • The hybrid VPN architecture, controlled by multiple service providers
2.4.10.2 Security-based VPN Architectures The following VPN categories offer an enhanced security to organization's
intranet: • Firewall-to-firewall VPNs • Router-to-router VPNs • Directed VPNs • Client-initiated VPNs
2.4.10.2.1 Router-to-router VPNs In this type of VPN, site-to-site secure connectivity is established across the
Internet, and allows the following implementations: • VPN-on-demand multi-protocol tunnels • VPN-on-demand tunnels • VPN-on-demand encrypted sessions
2.4.10.2.2 Firewall-to-firewall VPNs In this type of VPN, Firewall-to-firewall connectivity is established, and can be
implemented in the following manners: • VPN-on-demand multi-protocol tunnels • VPN-on-demand tunnels
2.4.10.2.3 Client-initiated VPNs In client-initiated VPNs, the mechanism of tunnel management and encryption is
installed on the VPN client to establishment tunnel. These kind of VPNs can be further categorized as:
• Client-to-firewall/Router VPNs • Client-to-server VPNs
2.4.10.2.4 Directed VPNs In directed VPNs, a unidirectional tunnel is established between the two
communicating ends. Data encryption at session layer differentiates directed VPNs from other VPN architectures. SOCKSv5 protocol is used in this type of VPNs.
2.4.10.3 Layer-based VPN Architectures VPNs can be categorized according to the VPN functionality depending on the
OSI layer model. • Link-layer VPNs • Network-layer VPNs
2.4.10.3.1 Link-layer VPNs Link-layer VPNs use Link-layer connectivity and the transactions are limited to
the local network because of the use of MAC addresses by these VPNs. Therefore, the functionalities of these VPNs are similar to private networks.
There are four types of Link-layer VPNs:
32
• Frame Relay virtual connections • ATM virtual connections • Multi-Protocol Over ATM (MPOA) • MPLS
2.4.10.3.2 Network-layer VPNs These VPNs are also referred to as Layer-3 VPNs because of using the network
layer functionalities. Two types of network-layer VPNs are: • Peer-VPN model • Overlay VPN model
2.4.10.4 Class-based VPN Architectures Classification proposed by VPNet Technologies Inc. in a white paper, these VPNs
can be categorized into five classes depending upon the purpose, size, scope and complexity of the VPN setup:
• Class 0 • Class 1 • Class 2 • Class 3 • Class 4
2.4.11 Advantages and Disadvantages of VPNs
2.4.11.1 VPN Advantages VPN offers number of following advantages [38][39][35]:
• Lower cost of implementation • Reduced support cost • Better connectivity • Better Security • Better bandwidth utilization • Scalability
2.4.11.2 Disadvantages There are following disadvantages associated with VPNs [38][39][35]:
• Internet dependent • Lack of legacy protocols support
2.5 MPLS Virtual Private Network (MPLS VPN) 2.5.1 Overview
MPLS can be used to provide VPN solutions at either Layer-2 or Layer-3 of the OSI Reference Model. The Frame Relay and ATM technologies provide Layer-2 service. IP tunneling based on GRE or IPSec provides Layer-3 service over an IP network [30][7].
MPLS Virtual Private Networks (MPLS VPN) is a popular and widespread implementation of MPLS technology. The popularity of MPLS VPN is growing since it was invented [30]. MPLS capable network can provide support for MPLS tunnels,
33
used to establish layer-2 VPNs in Frame Relay, ATM, and etc. These tunnels provide a virtual wire that connects source and destination of the VPN. Alternatively, encapsulated MPLS packets can provide some other tunneling mechanism for transmission of these packets across the IP core network. This tunneling mechanism can be useful when MPLS is used within the VPN, and reduce the number of tunnels across the network [7]. As shown in figure-28.
Figure 28: Single MPLS tunnel used to connect multiple VPNs
A hybrid VPN solution is scalable and flexible that utilizes both BGP and MPLS,
described in RFC-2547 by IETF. The reach-ability information for addresses is advertised in each VPN at each edge node, and MPLS label is used to identify targeted VPN. MPLS labels are attached with packets that allow the receiver to distinguish a targeted VPN. These packets can be encapsulated in IP, GRE, IPSec or MPLS tunnels as the packets traverse the core. They may be encapsulated in IP, GRE, IPSec, or MPLS tunnels.
MPLS VPNs use a combination of connectionless VPNs and connection-oriented VPNs that minimizes the provisioning complexity and cost, and reduces the overhead on P devices. Customer routes are exchanged between CE and PE by using suitable IP routing protocols in a MPLS VPN network. Each PE router contains several Virtual Routing and Forwarding tables (VRFs). These tables contain customer routes information that guarantees the isolation between customers. The ingress PE routers perform the label imposition and egress PE routers perform the label removal. P routers perform simple label switching in the MPLS VPN network [33].
MPLS can be used to provide VPN solutions at either Layer-2 or Layer-3 of the OSI Reference Model. The Frame Relay and ATM technologies provide Layer-2 service. IP tunneling based on GRE or IPSec provides Layer-3 service over an IP network. However, over time, these technologies suffer many issues in different areas, especially in any-to-any connectivity (VoIP) [40].
Most of the service providers have already replaced Frame Relay and ATM service with MPLS VPN services. MPLS VPN can provide scalability and divide larger network infrastructure into separate small networks according to an organizational needs. Now service providers are looking at interconnecting their MPLS VPN to improve the scalability and ease of network operations. This evolutionary step is known as Inter-Autonomous MPLS VPN and Carrier’s Carrier (CsC) [30]. MPLS VPN features enable [33]:
• Better integration of access technologies • Support of additional PE-CE routing protocols
34
• Support of new transport options across MPLS backbones (IPv6)
2.5.2 Features of MPLS VPN MPLS-based VPN technology includes the following features [33]:
• Connectionless interface between the CE routers and the PE routers, and no additional configuration is required on the CE devices.
• The PE routers use an extended IP forwarding model. • The extended customer’s addresses with 64-bit route distinguishers are used
to make unique 32-bit IP addresses within SP provider’s backbone network. This resulting 96-bit address is called VPNv4 address.
• For all VPN customers, a single routing protocol (MP-BGP) is run between the PE routers. In PE routers, MPLS-based VC’s are used that provide transmission of customer’s data-grams between the PE routers. MPLS labels are attached with customer's IP data-grams to provide forwarding from ingress PE to CE router.
• In P-network, LSPs are established between all PE routers and are configured manually.
• Based on the BGP next hops, the mapping between the customer's destination addresses and LSPs toward the egress PE routers is performed automatically.
2.5.3 MPLS VPN Architecture By splitting the different technologies into overlay and network based VPNs can
help us to evaluate the current time real time problems such as the overlay arrangement doesn’t support scalability of client connections. The problem in this case is because of the requirement policy for every connection from site to many sites, and routing adjacencies over these site to site connections. But in network based solutions sites are connected to locally attached PE routes. So, the network based category is more adoptable than overlay category. In 21st century, we moved toward the deployment of network-based Layer-3 VPN (2547bis) solution that is the main base line for MPLS VPN architecture [40].
Figure 29: MPLS VPN architecture
35
2.5.3.1 MPLS VPN Model First we should understand the terminologies concerning with MPLS VPN.
Figure-30 provides the clear overview of the MPLS VPN model. In this, SP is providing a common communication infrastructure for clients.
Figure 30: MPLS VPN model
2.5.3.1.1 MPLS VPN Network Components
MPLS VPN network has following types of devices as shown in figure-31 [40][42]:
• Customer network (C-network): a network administered by the end user attached to the Layer 3 MPLS VPN service.
• Customer Edge (CE) router: a router that provides a gateway between the C-network and the P-network.
• Provider network (P-network): the core MPLS network administered by the service provider.
• Provider Edge (PE) router: edge router that provides VPN and service delivery.
• Provider (P) router: An MPLS router deployed within the P-network with no edge service attachments.
• Autonomous System Boundary Router (ASBR): provides attachment to an adjacent autonomous system.
Figure 31: Basic components of MPLS VPN
36
We can note the similarities between figure-30 and figure-31, such as P device is a
core LSR, and a PE device is an LER.
2.5.3.2 MPLS VPN Topology VPN was categorized based on the point-to-point topology in an overlay VPN
implementation as [43]: • Full-mesh Topology: provides a dedicated VCs between two CE routers. • Partial-mesh Topology: reduces the number of VCs that provides best
transmission mechanism between sites. • Hub-and-spoke Topology: is the ultimate reduction of partial-mesh. In this
type many sites are connected with the central site with no site-to-site connectivity.
Layered combination of these technologies is used to deploy large networks, such as [43]:
• Partial mesh in the backbone of the network • Redundant hub-and-spoke for larger organizations • Simple hub-and-spoke for non-critical remote locations
2.5.3.3 Separation of Routing State at PE Routers The separation of routing state between multiple clients should be supported by PE
routers. That is achieved by storing routing information into VRFs. A VRF has following structures [40]:
• IP packet forwarding and routing table • Interface set that use the forwarding table • Set of rules that control the import and export of routes • Set of routing protocol peers that inject routes into the VPN-specific routing
table This separation controls the customer to gain access to another customer’s private
network. The customers can use IP address space belonging to themselves from private space with no concern with other customer of the SP infrastructure. The PE router separates the customer’s routing information via VRFs, as shown in figure-32.
Figure 32: Separation of routing information via VRFs
37
2.5.3.4 Customer-to-Service Provider Routing Exchange By using static configuration, CE router can exchange routing information with
SP, after physical connectivity with PE router. In this case, static routes provide necessary IP forwarding information. Alternatively MPLS Layer-3 VPN architecture enables to exchange routing information by using dynamic routing protocols such as BGPv4, OSPF, EIGRP and RIPv2. Multiple dynamic routing protocols can be run on PE routers [40].
2.5.3.5 Label Allocation Process at PE Routers In forwarding of MPLS Layer-3 VPN Packets, a PE router relies on incoming
labeled packets from the backbone network or customer sites. The PE router may allocate a separate label for each route or label for set of routes from the same source attached to VRF. This allocation of labels is driven by how the customers attach to the Layer-3 MPLS VPN [40].
In a case of single connectivity of customers to PE router, different label allocation for each customer has little bit of edge and increase the required resources to store the forwarding state at the PE router end. This type of allocation represents the gateway that is appropriate in this case [40].
But in the case of Carrier’s Carrier architecture for the customer, label switching is extended across the PE to CE link by using a single label to maintain the LSPs between two communicating ends [40].
2.5.3.6 VPNv4 Routes Advertisement Across the MPLS Backbone The routing information is received from locally attached customer sites, either
through a dynamic routing protocol or static routing protocol by the SP. In the same VPN, a PE router advertised the routing state to other PE routers in the network [40].
Because of the same private space may use by the multiple customers to get rid of overlapping within their own service boundaries, the SP need to differentiate customer routes. This is achieved before the route advertisement in the core network by PE routers, using extended BGPv4 (MP-BGP) to create VPNv4 prefixes. Figure-33 illustrates the VPNv4 prefixes construction [40].
64 Bits 32 Bits
Route Distinguisher IPv4 Address
Figure 33: Address format of VPNv4
2.5.3.7 Import of Remote Routing Information into VRFs A PE router determines into which VRF the updated routes should be replaced
with MP-BGP routing update. This import policy is defined and locally configured in the VRFs of receiving PE routers. The advertising PE router with one or more route targets will tag the each update as mentioned above. The route targets enable the receiving PE router to distinguish into which VRF the routes should be imported. The route target format is shown in figure-34 [40].
38
0x00 or
0x40 Sub-Type
Global Administrator
Local Administrator
Two-Octet AS Specific Extended Community
0x01 or 0x41
Sub-Type Global
Administrator Global Administrator
(cont.) Local
Administrator
IPv4 Address Specific Extended Community
0x02 or 0x42
Sub-Type Global
Administrator Global Administrator
(cont.) Local
Administrator
Four-Octet AS Specific Extended Community
Figure 34: Format of route target
2.5.3.8 Forwarding of Layer 3 MPLS VPN Packets After control plane setup between PE routers, different type of tunneling is
available, such as MPLS LSP or IP tunnel to forward sensitive data across MPLS backbone in reliable manners. Layer-3 MPLS VPN packet forwarding is implemented across an MPLS backbone through label switching with multi-level label stack attached on the IP data-gram by the ingress PE router [40].
In MPLS network, outer labels are assigned by using one of these protocols: Label Distribution Protocol (LDP), Tag Distribution Protocol (TDP), or RSVP-TE. Each directly connected SP router uses LDP or TDP for the allocation of local labels for all the routes in the routing table. RSVP-TE is used between PE routers and replaced the allocated label with outer label to represent the traffic engineered interface [40].
In two-level label stack, outer label corresponds to the label assigned to the remote PE router’s IP address. The inner label in the stack also known as VPN label: corresponds to the label assigned to the customer route [40].
In MPLS backbone, the outer label is removed by the second last hop router before the packet is delivered at the egress PE router. This process is known as penultimate hop popping and doesn’t support IP tunneling in the backbone. Penultimate hop popping behavior prevents a two-stage lookup at the egress PE router. Regardless of MPLS or IP tunneling, the egress PE router needs to forward incoming packets from the backbone network. This is achieved by performing a label lookup within the LFIB. Based on the information in the LFIB, the label is detached and packet is forwarded.
2.5.4 MPLS VPN Security Security is an important component for any VPN solution such as Frame
Relay/ATM and MPLS VPN [7]. Customers expect that the topology, addressing scheme for their network and the data carried on the VPN remain private. Such VPN implementations based on ATM or Frame Relay VCs have provided this security. However, the connectionless public IP network can’t provide this type of protection [8].
As security is concerned, the goal is to make sure that the sensitive data packets from one VPN wouldn’t be able to get into another VPN. This goal is achieved by
39
forwarding within a VPN is based on label switching instead of IP forwarding. The VPN routes associated with LSPs originate and terminate at PE routers. These LSPs are associated with specific forwarding tables, and these tables are associated with interfaces on the PE router, and these interfaces are associated with particular VPNs. Therefore, a packet sent by PE router to a CE router of a particular VPN, has to arrive at the PE router either from another directly connected PE or CE router. As a result, packet could be injected into a VPN only through an interface on a PE router that is associated with that VPN. So the packets cannot be injected maliciously or accidentally into some VPN by an unknown sender [7].
MPLS brings advantages to IP security similar to the Layer-2 VCs that provides the cost effective and easily manageable connection to VPNs without using IPSec or cryptographic software. MPLS VPN security is achieved as described in the following list [8]:
• At the ingress PE router, all data for a VPN is assigned a unique label stack. This ensures the data integrity.
• Any incoming packet entering the SP network is either routed without the use of MPLS or assigned label stack, so a malicious user cannot insert data into the VPN.
• SP routers can use different Cryptographic Algorithm such as Message Digest 5 (MD5) to protect against insertion of fake labels or LSRs.
Controlling access to network resources is a primary concern. Some routing protocols provide techniques for security strategy. By using these protocols, we can insert a filter on the route advertisement and authenticate routers that run the same protocol. Network stability can be increased by authentication mechanisms that are used to prevent unauthorized routers. The message authentication strength varies in all routing protocols. There are two types of authentication methods used in routing protocols [44]:
• Plaintext password • MD5
Table 3: Security comparison of main VPN enabled technologies [31]
Features MPLS Frame Relay/ATM VPN separation Yes Yes Robustness against attacks
Yes Yes
Hiding of the core Yes Yes Impossibility of VPN spoofing
Yes Yes
CE-CE visibility Not in MPLS IP VPNs Yes for MPLS Pseudowire emulation
Yes
2.5.5 QoS of MPLS VPN An MPLS VPN is defined by a set of administrative policies that control site-to-
site connectivity and QoS. This section describes the implementation mechanism used by the SP to provide QoS in MPLS VPN. The main challenge is to develop such a mechanism that enables QoS in MPLS VPN to support large number of clients and
40
VPN connections. For example in the area of QoS, the set of mechanisms should allow the decision regarding what traffic gets a specific Class of Service on a per VPN basis [7].
2.5.5.1 QoS Models The most common QoS models for MPLS networks are listed in table-4 and can
be referred to as N/M/P, where [40] • N is the number of queues on access • M is the number of queues in core • P is the number of TE/DS-TE class types, where
o 0 means that MPLS TE is not used o 1 means that MPLS TE is used o >=2 means that DS-TE is used with two or more class types.
Table 4: QoS design models in MPLS networks [40]
QoS Model Edge Core Data Path Core Control Plane
1/1/0 No DiffServ No DiffServ No TE N/1/0 DiffServ with N
classes No DiffServ No TE
N/1/1 DiffServ with N classes
No DiffServ TE
N/M/0 DiffServ with N classes
DiffServ with M classes
No TE
N/M/1 DiffServ with N classes
DiffServ with M classes
TE
N/M/P DiffServ with N classes
DiffServ with M classes
DS-TE
Before having a deep look on specific mechanisms used by MPLS VPN to support
QoS, let’s have a look at two deployment QoS models used by MPLS VPN service providers [7]:
1. Pipe model: In this model a VPN service provider supplies certain QoS for the traffic travelling from one CE router to another CE router. One example of this model is to provide guaranteed minimum bandwidth between two sites. We could further refine the pipe model by making a subset of all the traffic such as for specific applications. These ultimate decisions are made by the PE router and purely local to the PE router. This model is similar to the QoS VPN model in Frame Relay or ATM based solutions. In pipe model, connectivity is unidirectional as compared to the Frame Relay or ATM that has bidirectional connectivity. This unidirectional feature of pipe model allows asymmetric traffic patterns. This model is closer to the IP IntServ model and easily understandable by customers because of the similarity to the QoS model based on Frame Relay or ATM. However, the pipe model has several drawbacks as well. For example the customer must know the amount of site-to-site traffic ”c” but this information is not available, and if available, could be outdated.
41
2. Hose model: In this model, a VPN service provider supplies to clients with certain guarantees for the traffic across the CE routers of the same VPN. In this model both sending and receiving customers have to specify how traffic is distributed among the other CE routers that enable fewer burdens on a VPN customer. There are two parameters used by hose model:
a. Ingress Committed Rate (ICR): is the amount of traffic sent by a CE to other CEs.
b. Egress Committed Rate (ECR): is the amount of traffic received by a CE from other CEs.
This model closely resembles the IP DiffServ model. This model supports multiple Classes of Service with differing from each other in their relative performance characteristics. The pipe model is recommended for those services that require guaranteed bandwidth.
The prime QoS metrics are delay, delay variation, and loss. We can also observe
that these metrics all result purely from egress queuing. Mechanisms that accelerate network recovery after topology changes, and hence that reduces the loss and delay variation, are described in table-5.
Table 5: Control plane mechanisms for QoS [40]
IGP Tuning Traffic Engineering DiffServ-Aware MPLS-TE
Mode Connectionless Connection-oriented Connection-oriented Constraints Optimize on a
single metric Optimize on one of multiple metrics. Satisfies multiple arbitrary constraints, including an aggregate bandwidth constraint.
Optimize on one of multiple metrics. Satisfies multiple arbitrary constraints, including a per-class bandwidth constraint.
Admission Control
No On an aggregate basis. Can be used to limit aggregate utilization.
On a per-class basis. Can be used to independently limit the utilization for each class.
2.5.6 Benefits of MPLS VPN MPLS VPNs bring advantages to the SPs. MPLS VPNs provide data security,
network isolation from other networks and controlled connectivity with other networks. Traditionally, these features are implemented in VPNs by using Layer-2 networks that doesn’t make it scalable to provide shared services [7]. MPLS VPN architecture combines the benefits of peer-to-peer VPN with overlay VPN while avoiding the drawbacks of both [43]:
• In peer-to-peer VPNs: MPLS VPN provides automatic optimum routing between sites.
• In overlay VPNs: MPLS VPN allow overlapping customer address space uniquely through the use of route distinguishers.
42
• One of the important building block of the MPLS VPN architecture is Route Targets, allow us to build complex VPN topologies.
• MPLS-TE enables SP to utilize network resources, and tight service-level agreements (SLA) with fast reroute and guaranteed bandwidth.
43
Chapter 3: Empirical Study Empirical Research is based on experimentation or direct observation, i.e. evidence. This kind of research is often conducted to answer specific questions or to test hypothesis [46]. In this chapter we will be presenting the information in the result of empirical research and at the same time we will do the analysis part in respect to our research questions.
3.1 Simulation The term simulation is used by different people in different ways. As defined here,
simulation is the process of creating an abstract representation of an existing or proposed system in order to identify and understand the controlling factors of the system, and to predict the behavior of the system [47]. This facilitates to predict the weakness and strengths before real time implementation of the model.
3.1.1 Simulation Tools Some of the popular discrete-event simulators (DES) for networks are:
• QualNet: is a network evaluation software to predict the performance of wired, wireless, and mixed-platform networks, and networking devices. It is designed to take full advantage of the multi-threading capabilities of multi-core processors and supports thousands of network nodes. QualNet offers platform portability and interface flexibility, and runs on well known sequential and parallel operating systems [48]. There are also some restrictions with this simulator like limited vendor support etc.
• Network Simulator (ns-3): ns-3 is a discrete-event simulator (DES) for Internet systems, and targeted for research and educational use. In ns-3, models are implemented by using C++ that eliminates OS dependability. Better understanding of programming language is required to simulate network topologies in ns-3. Moreover ns-3 doesn’t support MPLS and RSVP-TE as standard modules and documentation is not available for all modules [49][50].
• OPNET Modeler: accelerates the research and development (R&D) process for designing and analyzing the behavior of devices, protocols, applications, and communication networks. OPNET Modeler includes a development environment for modeling of all network types and technologies including such as VoIP, TCP, OSPFv3, MPLS, IPv6, and Others [51]. OPNET Technologies has also offered free of cost version known as IT Guru for academic use. The easy to use GUI structure of this modeler enable users to design, simulate and view the results without having good programming knowledge. We have selected the OPNET modeler for its large vendor support, GUI, ease of use etc.
44
3.2 OPNET Simulation 3.2.1 Task
The main task of this empirical study based on OPNET simulation is to analyze the behavior of MPLS VPN with respect to different performance metrics, i.e., VPN delay, VPN load (bits/s and packets/s), and throughput (bits/s and packets/s) according to our network design. To accomplish this task VoIP traffic is used across the IP QoS enabled MPLS VPN backbone that consists of interior gateway protocols (IGP) RIPv2, OSPF, and exterior gateway protocol (EGP) BGP. The results obtained by the simulation are analyzed to determine the behavior of MPLS VPN backbone.
3.2.2 Assumptions It is very hard to predict the behavior of MPLS VPN backbone because of the
different design and implementation factors are involved in the network such as in modeling the VoIP traffic, voice codec, calls per hour, type of service (ToS), etc. We have simulated the different MPLS VPN models by considering the QoS, RIPv2 or OSPF as IGP, and BGP as EGP. 75% of link capacity is allowed for VoIP traffic to protect it from bursts.
3.2.3 Network Design In this section the overall network design is described with respect to the costs of
transmission and switching, and thereby determining the optimum connection matrix and location of network devices.
3.2.3.1 Network Scenarios Depending on how the MPLS VPN is implemented by using IGP (RIPv2 or
OSPF) and EGP (BGP), we have the following scenarios: 1. QoS enabled MPLS VPN backbone with IGP (RIPv2) and EGP (BGP). 2. QoS enabled MPLS VPN backbone with IGP (OSPF) and EGP (BGP).
3.2.3.2 Network Topology A physical communication scheme consisting of connected devices is known as
network topology. All the above scenarios are simulated by considering the same mesh type of network topology.
3.2.3.2.1 QoS enabled MPLS-BGP VPN Model with IGP (RIPv2 or OSPF) The considered network topology of MPLS-BGP VPN for both cases is shown in
figure-35.
Figure 35: MPLS-BGP VPN with IGP (RIPv2 or OSPF)
45
3.2.3.2.2 Network Components All the above simulation models have the following network elements.
• Autonomous Systems (AS) o AS-1
§ 4 Provider routers (P) § 3 Provider Edge routers (PE)
o AS-2 § Enterprise A
• Site-1 o 2 Customer routers (C) o 1 Customer Edge router (CE)
• Site-2 o 2 Customer routers (C) o 1 Customer Edge router (CE)
3.2.3.3 Network Configuration
3.2.3.3.1 MPLS VPN Configuration All the scenarios illustrate the use of VPNs for communication between two sites
of Enterprise network A that uses a VPN named "Yellow_VPN". All routers are interlinked by using PPP_SONET_OC3 (155Mbps) links.
Figure 36: VPN configuration parameters on all PEs
BGP is configured between all PEs, i.e. all PEs are BGP neighbors. Routes
between PE and CE are shared using BGP, i.e. PEs and CEs are BGP neighbors of each other.
46
Figure 37: BGP configuration on Site1_PE, Site2_PE and Site3_PE
LSPs have been configured between each PE in the network as shown in figure-38.
In this case of queuing delay, we have established tow LSPs, Site1-to-Site3 through Site4 LSP and Site1-to-Site3 through Rtr3, Site2 and Rtr1. The main reason of selecting these LSPs is the involvement of minimum and maximum devices (long route) for packet transmission to analyze the behavior of MPLS VPN w.r.t different IGPs for VoIP traffic.
Figure 38: MPLS LSPs from Site1_PE to Site2_PE and Site3_PE
IP QoS is implemented on every router in MPLS-BGP VPN backbone with
following parameters: • QoS scheme: Priority Queuing • QoS profile: Protocol Based
3.2.3.3.2 Multiple cases of VoIP Traffic In the analysis of MPLS VPN, we have used VoIP traffic. The main reason of
running VoIP traffic for analyzing MPLS VPN is that it is highly delay sensitive as compared to video and other data traffic. We have used following to cases of VoIP traffic considering different call rate per hour. The following figure-39 and figure-40 describe the total VoIP traffic in bits/sec and in GBs generated during DES. For 500
47
calls per hour the average traffic load in is app. 4,000,000 bits/sec, and for 2500 calls per hour the average traffic load is app. 20,000,000 bits/sec.
500 Ca
lls/hou
r
2500
Calls/hou
r
Figure 39: Comparison of total VoIP traffic in bits/sec
Figure 40: Total VoIP traffic size in GB w.r.t flows
3.2.3.3.2.1 Case 1 In this case, VoIP traffic has been configured between Enterprise A: Site 1:
A_S1_Rtr2 and Enterprise A: Site 2: A_S2_Rtr1 by using “Create Traffic Flow” option, with the following input parameters:
• Call rate: 500 calls per hour • Average call duration: 300s (5 min) • Voice flow duration: 90000s (25 hours) • Encoder scheme: Interactive voice with delay, throughput and reliability • Including overhead (bytes): RTP/UDP/IP
3.2.3.3.2.2 Case 2 In this case, VoIP traffic has been configured between Enterprise A: Site 1:
A_S1_Rtr2 and Enterprise A: Site 2: A_S2_Rtr1 by using “Create Traffic Flow” option, with the following input parameters:
• Call rate: 2500 calls per hour • Average call duration: 300s (5 min)
48
• Voice flow duration: 90000s (25 hours) • Encoder scheme: Interactive voice with delay, throughput and reliability • Including overhead (bytes): RTP/UDP/IP
3.2.3.3.3 DES Statistics For analysis of results, following discrete event simulation (DES) statistics are
chosen: • MPLS VPN
o VPN Delay (sec) o VPN Load (bits/sec) o VPN Load (pkts/sec) o VPN Throughput (bits/sec) o VPN Throughput (pkts/sec)
• IP background traffic Delay (sec) • Site1-to-Site3 Path Statistics
o Flow Delay (sec) o Flow Traffic In (bits/sec) o Flow Traffic Out (bits/sec) o LSP Delay (sec) o LSP Traffic In (bits/sec) o LSP Traffic Out (bits/sec)
• Point-to-Point Queuing Delay (sec)
3.2.4 Results and Analysis
3.2.4.1 Analysis and Selection of DES Time Slots During the discrete event simulation of MPLS-BGP VPN, we have analyzed
different sets of simulated results. We have noticed during ten hours of simulation time stamp that simulated results have shown the transient state for both IGPs (RIPv2 and OSPF). Moreover, we have changed the simulation time stamp to fifteen hours to avoid the transient state. In this case of analysis, simulated results have shown more accurate as compared to the first case of simulation time stamp, but results have still shown the transient state, however MPLS-BGP VPN with OSPF has shown less transient state values as compared to RIPv2. Moreover, we have changed the simulation time stamp to twenty hours. In this case, simulated results have shown more accurate results than before, however MPLS-BGP VPN with OSPF has shown acceptable results but RIPv2 has still shown the results with unpredictable behavior.
For more accurate, precise, and to avoid transient state, we have changed the simulation time stamp to twenty-five hours. In this case, simulated results have shown acceptable results for both IGPs.
Figure 41: DES time slots.
For further analysis of MPLS-BGP VPN, twenty-five hours of simulation time
stamp has been selected.
49
3.2.4.2 Scenario-based Comparison of MPLS-BGP VPN Results The following statistics report data only for MPLS-BGP VPN with respect to IGPs
(RIPv2 and OSPF).
3.2.4.2.1 VPN Delay (sec) This statistic gives the End-to-End delay for traffic through an MPLS-BGP VPN.
This delay is measured as time elapsed between traffic entering the "Provider's Network" through Ingress PE and traffic leaving the "Provider's Network" through Egress PE. So, we should have it cleared in mind that VPN delay is not a physical link delay. The maximum end-to-end delay for MPLS VPN backbone is 400ms but preferred is <150ms by ITU-T [52].
3.2.4.2.1.1 VoIP Traffic Case 1
Figure 42: VPN delay (sec) for 500 VoIP calls
Figure-42 illustrates the VPN delay for 500 VoIP calls per hour. The sample mean
of VPN delay for RIPv2 is 8.39E-006 and the sample mean of the VPN delay for OSPF is 4.69E-006.
3.2.4.2.1.2 VoIP Traffic Case 2
Figure 43: VPN delay (sec) for 2500 VoIP calls
50
Figure-43 illustrates the VPN delay for 2500 VoIP calls per hour. The sample
mean of VPN delay for RIPv2 is 8.41E-006 and the sample mean of the VPN delay for OSPF is 4.93E-006.
3.2.4.2.1.3 Comparison of VPN Delay (sec) w.r.t Both Cases MPLS-BGP VPN delay values for both IGPs (RIPv2 and OSPF) are far less than
the recommended performance targets by ITU-T. But MPLS-BGP VPN with OSPF has performed with less delay as compared to MPLS-BGP VPN with RIPv2.
3.2.4.2.2 VPN Load and Throughput (bits/sec) The network throughput and load are main parameters that reflect the network
capability. Load is the amount of VPN-traffic entering the "Provider's Network" through Ingress PE. In contrast, throughput is the amount of VPN-traffic leaving the "Provider's Network" through Egress PE. Both statistics are measured in bits per second.
3.2.4.2.2.1 VoIP Traffic Case 1
Figure 44: VPN load (bits/sec)
for 500 VoIP calls Figure 45: VPN throughput (bits/sec)
for 500 VoIP calls
Table 6: VPN Load & Throughput (bits/sec) for 500 calls MPLS VPN
OSPF RIPv2
VPN Loa
d
Sample Mean 3,814,132.303 3,863,662.369 Variance 106,627,813,234.678 83,733,909,515.660 Standard Deviation 326,539.145 289,368.121
Confidence Interval
90% 3,760,146.004-‐3,868,118.602 3,815,821.508-‐3,911,503.231 95% 3,749,808.202-‐3,878,456.404 3,806,660.492-‐3,920,664.247 99% 3,729,624.874-‐3,898,639.731 3,788,774.699-‐3,938,550.040
VPN Throu
ghpu
t Sample Mean 3,822,233.946 3,873,168.332 Variance 111,293,364,320.453 83,493,180,614.371 Standard Deviation 333,606.601 288,951.866
Confidence Interval
90% 3,767,079.195-‐3,877,388.700 3,825,396.289-‐3,920,940.374 95% 3,756,517.647-‐3,887,950.249 3,816,248.452-‐3,930,088.212 99% 3,735,897.481-‐3,908,570.414 3,798,388.387-‐3,947,948.276
51
Above figure-44 and table-6 illustrates the MPLS-BGP VPN load in bits/s for 500
VoIP calls per hour. In this case RIPv2 has greater load than OSPF. It is observed that the sample mean of VPN load for RIPv2 is 3,863,662.369 bits/s and for OSPF is 3,814,132.303 bits/s.
Figure-45 and table-6 illustrates the MPLS-BGP VPN throughput in bits/s for 500 VoIP calls per hour. In this case RIPv2 has greater throughput than OSPF. It is observed that the sample mean of VPN throughput for RIPv2 is 3,873,168.332 bits/s and for OSPF is 3,822,233.948 bits/s.
3.2.4.2.2.2 VoIP Traffic Case 2
Figure 46: VPN load (bits/sec)
for 2500 VoIP calls Figure 47: VPN throughput (bits/sec)
for 2500 VoIP calls
Table 7: VPN Load & Throughput (bits/sec) for 2500 calls MPLS VPN
OSPF RIPv2
VPN Loa
d
Sample Mean 19,345,480.912 19,467,494.267 Variance 2,152,397,630,443.06 1,811,905,128,130.94 Standard Deviation 1,467,105.187 1,346,070.254
Confidence Interval
90% 19,102,926.288-‐19,588,035.536 19,244,950.194-‐19,690,038.340 95% 19,056,479.658-‐19,634,482.166 19,202,335.372-‐19,732,653.163 99% 18,965,798.143-‐19,725,163.681 19,119,135.004-‐19,815,853.530
VPN Throu
ghpu
t Sample Mean 19,289,572.179 19,440,765.259 Variance 2,151,275,618,705.81 1,797,264,623,183.69 Standard Deviation 1,466,722.748 1,340,620.984
Confidence Interval
90% 19,047,080.784-‐19,532,063.575 19,219,122.107-‐19,662,408.411 95% 19,000,646.262-‐19,578,498.097 19,176,679.801-‐19,704,850.717 99% 19,000,646.262-‐19,578,498.097 19,093,816.252-‐19,787,714.266
Above figure-46 and table-7 illustrates the MPLS-BGP VPN load in bits/s for
2500 VoIP calls per hour. In this case RIPv2 has greater load than OSPF. It is observed that the sample mean of VPN load for RIPv2 is 19,467,494.267 bits/s and for OSPF is 19,345,480.912 bits/s.
Figure-47 and table-7 illustrates the MPLS-BGP VPN throughput in bits/s for 2500 VoIP calls per hour. In this case RIPv2 has greater load than OSPF. It is
52
observed that the sample mean of VPN throughput for RIPv2 is 19,440,765.259 bits/s and for OSPF is 19,289,572.179 bits/s.
3.2.4.2.2.3 Comparison of VPN Load and Throughput (bits/s) w.r.t Both Cases In both cases, the RIPv2 has greater VPN throughput according to the VPN load.
This is because of the RIPv2 multicast of routing tables but higher load on network means that RIPv2 is consuming more resources as compared to OSPF. In this prospect OSPF has an advantage over RIPv2.
3.2.4.2.3 VPN Load and Throughput (pkts/sec) Load is the amount of VPN-traffic entering the "Provider's Network" through
Ingress PE. In contrast, throughput is the amount of VPN-traffic leaving the "Provider's Network" through Egress PE. The statistic is measured in packets per second.
3.2.4.2.3.1 VoIP Traffic Case 1
Figure 48: VPN load (pkts/sec)
for 500 VoIP calls Figure 49: VPN throughput (pkts/sec)
for 500 VoIP calls
Table 8: VPN Load & Throughput (pkts/sec) for 500 calls MPLS VPN
OSPF RIPv2
VPN Loa
d
Sample Mean 3,973.05448206 4,024.648 Variance 115,698.582 90,857.042 Standard Deviation 340.145 301.425
Confidence Interval
90% 3,916.819-‐4,029.290 3,974.814-‐4,074.483 95% 3,906.050-‐4,040.059 3,965.271-‐4,084.025 99% 3,885.026-‐4,061.083 3,946.640-‐4,102.656
VPN Throu
ghpu
t Sample Mean 3,981.494 4,034.551 Variance 120,761.029 90,595.835 Standard Deviation 347.507 300.991
Confidence Interval
90% 3,924.041-‐4,038.947 3,984.788-‐4,084.313 95% 3,913.039-‐4,049.948 3,975.259-‐4,093.842 99% 3,891.559-‐4,071.428 3,956.655-‐4,112.446
53
Above figure-48 and table-8 illustrates the MPLS-BGP VPN load in pkts/s for 500 VoIP calls per hour. In this case RIPv2 has greater load than OSPF. It is observed that the sample mean of VPN load for RIPv2 is 4,024.648 pkts/s and for OSPF is 3,973.055 pkts/s.
Figure-49 and above table-8 illustrates the MPLS-BGP VPN throughput in pkts/s for 500 VoIP calls per hour. In this case RIPv2 has greater load than OSPF. It is observed that the sample mean of VPN throughput for RIPv2 is 4,034.551 pkts/s and for OSPF is 3,981.494 pkts/s.
3.2.4.2.3.2 VoIP Traffic Case 2
Figure 50: VPN load (pkts/sec)
for 2500 VoIP calls Figure 51: VPN throughput (pkts/sec)
for 2500 VoIP calls
Table 9: VPN Load & Throughput (pkts/sec) for 2500 calls MPLS VPN
OSPF RIPv2
VPN Loa
d
Sample Mean 20,151.543 20,278.640 Variance 2,335,500.901 1,966,042.589 Standard Deviation 1,528.235 1,402.156
Confidence Interval
90% 19,898.882-‐20,404.204 20,046.823-‐20,510.457 95% 19,850.499-‐20,452.586 20,002.433-‐20,554.847 99% 19,756.040-‐20,547.046 19,915.766-‐20,641.514
VPN Throu
ghpu
t Sample Mean 20,093.304 20,250.797 Variance 2,334,283.440 1,950,156.625 Standard Deviation 1,527.836 1,396.480
Confidence Interval
90% 19,840.709-‐20,345.899 20,019.919-‐20,481.675 95% 19,792.339-‐20,394.269 19,975.708-‐20,525.886 99% 19,697.905-‐20,488.704 19,889.392-‐20,612.202
Above figure-50 and table-9 illustrates the MPLS-BGP VPN load in pkts/s for
2500 VoIP calls per hour. In this case RIPv2 has greater load than OSPF. It is observed that the sample mean of VPN load for RIPv2 is 20,278.640 pkts/s and for OSPF is 20,151.543 pkts/s.
Figure-51 and above table-9 illustrates the MPLS-BGP VPN throughput in pkts/s for 2500 VoIP calls per hour. In this case RIPv2 has greater load than OSPF. It is
54
observed that the sample mean of VPN throughput for RIPv2 is 20,250.797 pkts/s and for OSPF is 20,093.304 pkts/s.
3.2.4.2.3.3 Comparison of VPN Load and Throughput (pkts/s) w.r.t Both Cases In both cases, the RIPv2 has greater VPN throughput according to the VPN load.
This is because of the RIPv2 multicast of routing tables but higher load on network means that RIPv2 is consuming more resources as compared to OSPF. In this prospect OSPF has an advantage over RIPv2.
3.2.4.3 Scenario-based Comparison of Background Traffic Travel time of background traffic flow from the flow source to the flow
destination. This statistic is recorded only for those flows whose source is this node, on a per-flow basis. The performance targets for VoIP include the delay factor of value < 150ms [53].
3.2.4.3.1 IP Background Traffic Delay (sec)
3.2.4.3.1.1 VoIP Traffic Case 1
Figure 52: IP background traffic delay (sec) for 500 VoIP calls
Table 10: IP background traffic delay (sec) for 500 calls
MPLS VPN
OSPF RIPv2 Sample Mean 0.0001380 0.0001382 Variance 1.628E-‐013 1.319E-‐013 Standard Deviation 4.034E-‐007 3.632E-‐007
Confidence Interval 90% 0.0001378688-‐0.0001377860 0.0001381769-‐0.0001381924 95% 0.0001377672-‐0.0001377877 0.0001381754-‐0.0001381939 99% 0.0001377639-‐0.0001377909 0.0001381726-‐0.0001381968
From figure-52 and table-10, it is observed that the RIPv2 has greater delay for
VoIP background traffic in MPLS-BGP VPN backbone as compared to OSPF. The sample mean of traffic delay for RIPv2 is 0.0001382s and for OSPF is 0.0001380s.
3.2.4.3.1.2 VoIP Traffic Case 2
55
Figure 53: IP background traffic delay (sec) for 2500 VoIP calls
Table 11: IP background traffic delay (sec) for 2500 calls
MPLS VPN
OSPF RIPv2 Sample Mean 0.0001869 0.0001877 Variance 1.793E-‐012 2.636E-‐012 Standard Deviation 1.339E-‐006 1.624E-‐006
Confidence Interval 90% 0.0001869631, 0.0001870201 0.0001876488, 0.0001877179 95% 0.0001869576, 0.0001870256 0.0001876421, 0.0001877246 99% 0.0001869469, 0.0001870363 0.0001876292, 0.0001877375
From figure-53 and table-11, it is observed that the RIPv2 has greater delay for
VoIP background traffic in MPLS-BGP VPN backbone as compared to OSPF. The sample mean of traffic delay for RIPv2 is 0.0001877s and for OSPF is 0.0001869s.
3.2.4.3.1.3 Comparison of IP Background Traffic Delay (sec) w.r.t Both Cases It is observed in first case of 500 VoIP calls; traffic delay difference between both
IGPs is minor. But in second case for 2500 VoIP calls, traffic delay difference has increased. In both cases, OSPF background traffic delay is less than RIPv2.
3.2.4.4 Scenario-based Comparison of Path Statistics
3.2.4.4.1 Flow Delay (sec)
Delay experienced by packet belonging to a specific flow in the LSP. i.e. Time spent by a packet of a given flow inside the Label Switched Path. The statistics will be annotated with the source-destination IP addresses and LSP name at the end of the simulation run.
3.2.4.4.1.1 VoIP Traffic Case 1
56
Figure 54: Site1-to-Site3 flow delay (sec) for 500 VoIP calls
Table 12: Site1-to-Site3 flow delay (sec) for 500 calls
MPLS VPN
OSPF RIPv2 Sample Mean 4.376E-‐006 4.495E-‐006 Variance 6.055E-‐015 8.303E-‐015 Standard Deviation 7.781E-‐008 9.112E-‐008
Confidence Interval 90% 4.364E-‐006, 4.389E-‐006 4.480E-‐006, 4.510E-‐006 95% 4.361E-‐006, 4.392E-‐006 4.477E-‐006, 4.513E-‐006 99% 4.356E-‐006, 4.397E-‐006 4.472E-‐006, 4.519E-‐006
The packet flow delay in the LSP of MPLS-BGP VPN from Site1_PE to Site3_PE
with respect to RIPv2 and OSPF is shown in figure-54 and table-12 provides the detailed statistical information. The sample mean of packet flow delay for RIPv2 is 4.50E-006s, and the sample mean of packet low delay for OSPF is 4.38E-006s.
3.2.4.4.1.2 VoIP Traffic Case 2
Figure 55: Site1-to-Site3 flow delay (sec) for 2500 VoIP calls
Table 13: Site1-to-Site3 flow delay (sec) for 2500 calls
MPLS VPN
57
OSPF RIPv2 Sample Mean 1.062E-‐005 1.092E-‐005 Variance 2.156E-‐013 8.508E-‐014 Standard Deviation 4.643E-‐007 2.917E-‐007
Confidence Interval 90% 1.054E-‐005, 1.069E-‐005 1.087E-‐005, 1.097E-‐005 95% 1.052E-‐005, 1.071E-‐005 1.087E-‐005, 1.098E-‐005 99% 1.050E-‐005, 1.074E-‐005 1.085E-‐005, 1.100E-‐005
The packet flow delay in the LSP of MPLS VPN from Site1_PE to Site3_PE with
respect to RIPv2 and OSPF is shown in figure-55 and table-13 provides the detailed statistical information. The sample mean of packet flow delay for RIPv2 is 1.09E-005s, and the sample mean of packet flow delay for OSPF is 1.06E-005s.
3.2.4.4.1.3 Comparison of Flow Delay (sec) w.r.t Both Cases It is observed that the packet flow delay difference between RIPv2 and OSPF in
the Site1-to-Site3 LSP of MPLS-BGP VPN is less for 500 VoIP calls but for 2500 VoIP calls the packet flow delay difference is increased. The extensive VoIP traffic has showed greater effect on the performance of RIPv2 as compared to OSPF, w.r.t the packet flow delay.
3.2.4.4.2 Flow Traffic IN & OUT (bits/sec) Traffic, in bits/sec, sent into the LSP at the ingress end of the tunnel and received
from the LSP at the egress end of the tunnel. These statistics are reported for each flow that is carried through this LSP. These statistics will be annotated with the source-to-destination IP addresses and LSP name at the end of the simulation run.
3.2.4.4.2.1 VoIP Traffic Case 1
Figure 56: Flow traffic IN (bits/sec) for
500 calls Figure 57: Flow traffic OUT (bits/sec) for
500 calls
Table 14: Flow traffic IN & OUT (bits/sec) for 500 calls MPLS VPN
OSPF RIPv2
Flow
Traffic
IN
Sample Mean 3,834,040.419 3,878,498.608 Variance 105,418,559,431.5 80,610,469,907.031 Standard Deviation 324,682.244 283,919.830
58
Confidence Interval
90% 3,780,361.119, 3,887,719.719 3,831,558.506, 3,925,438.710 95% 3,770,082.104, 3,897,998.734 3,822,569.976, 3,934,427.241 99% 3,750,013.551, 3,918,067.287 3,805,020.940, 3,951,976.276
Flow
Traffic OUT Sample Mean 3,826,850.296 3,884,073.070
Variance 106,721,919,311.809 82,482,077,085.711 Standard Deviation 326,683.209 287,196.931
Confidence Interval
90% 3,772,840.179, 3,880,860.413 3,836,591.169, 3,931,554.971 95% 3,762,497.816, 3,891,202.776 3,827,498.890, 3,940,647.250 99% 3,742,305.584, 3,911,395.008 3,809,747.298, 3,958,398.842
The flow traffic sent into the LSP of MPLS VPN at the ingress Site1_PE with
respect to RIPv2 and OSPF is shown in figure-56 and table-14 provides the detailed statistical information. The sample mean of packet flow traffic IN for RIPv2 is 3,878,498.608 bits/sec, and the sample mean of flow traffic IN for OSPF is 3,834,040.419 bits/sec. The flow traffic received from the LSP of MPLS VPN at the egress Site3_PE with respect to RIPv2 and OSPF is shown in figure-57 and table-14 provides the detailed statistical information. The sample mean of packet flow traffic OUT for RIPv2 is 3,884,073.070 bits/sec, and the sample mean of flow traffic OUT for OSPF is 3,826,850.296 bits/sec.
3.2.4.4.2.2 VoIP Traffic Case 2
Figure 58: Flow traffic IN (bits/sec) for
2500 calls Figure 59: Flow traffic OUT (bits/sec) for
2500 calls
Table 15: Flow traffic IN & OUT (bits/sec) for 2500 calls MPLS VPN
OSPF RIPv2
Flow
Traffic IN
Sample Mean 19,274,955.010 19,470,852.924 Variance 2,246,029,685,888.75 1,774,934,118,606.13 Standard Deviation 1,498,675.978 1,332,266.534
Confidence Interval
90% 19,027,180.828, 19,522,729.192 19,250,591.002, 19,691,114.845 95% 18,979,734.708, 19,570,175.311 19,208,413.187, 19,733,292.660 99% 18,887,101.807, 19,662,808.212 19,126,066.025, 19,815,639.822
Flow
Traffic
OUT
Sample Mean 19,275,673.647 19,509,635.746 Variance 2,233,865,943,262.88 1,781,023,021,467.25 Standard Deviation 1,494,612.305 1,334,549.745 Confidence 90% 19,028,571.307, 19,522,775.987 19,288,996.345, 19,730,275.148
59
Interval 95% 18,981,253.837, 19,570,093.457 19,246,746.246, 19,772,525.247 99% 18,888,872.111, 19,662,475.183 19,164,257.959, 19,855,013.534
The flow traffic sent into the LSP of MPLS VPN at the ingress Site1_PE with
respect to RIPv2 and OSPF is shown in figure-58 and table-15 provides the detailed statistical information. The sample mean of flow traffic IN for RIPv2 is 19,470,852.924 bits/sec, and the sample mean of flow traffic IN for OSPF is 19,274,955.010 bits/sec. The flow traffic received from the LSP of MPLS VPN at the egress Site3_PE with respect to RIPv2 and OSPF is shown in figure-59 and table-15 provides the detailed statistical information. The sample mean of flow traffic OUT for RIPv2 is 19,509,635.746 bits/sec, and the sample mean of flow traffic OUT for OSPF is 19,275,673.647 bits/sec.
3.2.4.4.2.3 Comparison of Flow Traffic IN & OUT (bits/sec) w.r.t Both Cases In both cases of VoIP traffic, it is observed from the results of flow traffic IN and
OUT w.r.t both OSPF and RIPv2 that the flow traffic sent into the Site1-to-Site3 LSP of MPLS-BGP VPN at ingress is almost the same to the traffic received from the Site1-to-Site3 LSP of MPLS-BGP VPN at egress. But in both cases RIPv2 has greater traffic IN and OUT as compared to the OSPF. This is due to the overhead processing of multicasting in RIPv2.
3.2.4.4.3 LSP Delay (sec)
Delay experienced by Packet in the LSP. i.e. Time spent by the packet within the Label Switched Path.
3.2.4.4.3.1 VoIP Traffic Case 1
Figure 60: Site1-to-Site3 LSP delay (sec) for 500 VoIP calls
Table 16: Site1-to-Site3 LSP delay (sec) for 500 calls
MPLS VPN
OSPF RIPv2 Sample Mean 4.507E-‐006 4.718E-‐006 Variance 1.278E-‐013 1.882E-‐013 Standard Deviation 3.575E-‐007 4.338E-‐007
Confidence Interval 90% 4.448E-‐006, 4.566E-‐006 4.646E-‐006, 4.789E-‐006 95% 4.437E-‐006, 4.578E-‐006 4.632E-‐006, 4.803E-‐006
60
99% 4.415E-‐006, 4.600E-‐006 4.606E-‐006, 4.830E-‐006
The LSP delay of MPLS-BGP VPN from Site1_PE to Site3_PE with respect to
RIPv2 and OSPF is shown in figure-60 and table-16 provides the detailed statistical information. The sample mean of LSP delay for RIPv2 is 4.72E-006s, and the sample mean of LSP delay for OSPF is 4.51E-006s.
3.2.4.4.3.2 VoIP Traffic Case 2
Figure 61: Site1-to-Site3 LSP delay (sec) for 2500 VoIP calls
Table 17: Site1-to-Site3 flow delay (sec) for 2500 calls
MPLS VPN
OSPF RIPv2 Sample Mean 1.067E-‐005 1.104E-‐005 Variance 1.290E-‐013 1.917E-‐013 Standard Deviation 3.592E-‐007 4.378E-‐007
Confidence Interval 90% 1.061E-‐005, 1.073E-‐005 1.097E-‐005, 1.112E-‐005 95% 1.060E-‐005, 1.074E-‐005 1.096E-‐005, 1.113E-‐005 99% 1.058E-‐005, 1.076E-‐005 1.093E-‐005, 1.116E-‐005
The LSP delay of MPLS-BGP VPN from Site1_PE to Site3_PE with respect to
RIPv2 and OSPF is shown in figure-61 and table-17 provides the detailed statistical information. The sample mean of LSP delay for RIPv2 is 1.104E-005s, and the sample mean of LSP delay for OSPF is 1.06E-005s.
3.2.4.4.3.3 Comparison of LSP Delay (sec) w.r.t Both Cases It is observed that the packet LSP delay has increased for second case of VoIP
traffic. In case-1, the LSP difference between RIPv2 and OSPF in the Site1-to-Site3 LSP of MPLS-BGP VPN is high for 500 VoIP calls as compared to the case-2 of 2500 VoIP calls. The intensive VoIP traffic has shown greater effect on the performance of bot IGPs (RIPv2 and OSPF).
3.2.4.4.4 LSP Traffic IN & OUT (bit/sec) Total Traffic, in bits/sec, sent into the LSP at the ingress end of the tunnel and
received from the LSP at the egress end of the tunnel.
61
3.2.4.4.4.1 VoIP Case 1
Figure 62: LSP traffic in (bits/sec) for 500
calls Figure 63: LSP traffic out (bits/sec) for
500 calls
Table 18: LSP traffic IN & OUT (bits/sec) for 500 calls MPLS VPN
OSPF RIPv2
LSP Traffic IN
Sample Mean 3,824,990.573 3,885,907.895 Variance 107,073,376,287.516 81,962,019,756.797 Standard Deviation 327,220.684 286,290.097
Confidence Interval
90% 3,770,891.596, 3,879,089.550 3,838,575.919, 3,933,239.870 95% 3,760,532.217, 3,889,448.928 3,829,512.349, 3,942,303.439 99% 3,740,306.763, 3,909,674.382 3,811,816.808, 3,959,998.981
LSP Traffic OUT
Sample Mean 3,832,347.054 3,870,833.297 Variance 108,080,595,100.168 77,855,962,620.625 Standard Deviation 328,756.133 279,026.813
Confidence Interval
90% 3,777,994.223, 3,886,699.885 3,824,702.151, 3,916,964.443 95% 3,767,586.234, 3,897,107.874 3,815,868.527, 3,925,798.067 99% 3,747,265.875, 3,917,428.233 3,798,621.928, 3,943,044.665
The LSP traffic sent into the LSP of MPLS VPN at the ingress end of the tunnel is
shown in figure-62 and table-18 provides the detailed statistical information. The sample mean of LSP traffic IN for RIPv2 is 3,885,907.895 bits/sec, and the sample mean of LSP traffic IN for OSPF is 3,824,990.573 bits/sec. The LSP traffic received from the LSP of MPLS VPN at the egress end of the tunnel is shown in figure-63 and table-18 provides the detailed statistical information. The sample mean of LSP traffic OUT for RIPv2 is 3,870,833.297 bits/sec, and the sample mean of LSP traffic OUT for OSPF is 3,832,347.054 bits/sec.
3.2.4.4.4.2 VoIP Case 2
62
Figure 64: LSP traffic IN (bits/sec) for
2500 calls Figure 65: LSP traffic OUT (bits/sec) for
2500 calls
Table 19: LSP traffic IN & OUT (bits/sec) for 2500 calls MPLS VPN
OSPF RIPv2
LSP Traffic IN
Sample Mean 19,232,605.331 19,415,284.636 Variance 2,140,503,534,470.81 2,043,660,391,340.81 Standard Deviation 1,463,045.978 1,429,566.505
Confidence Interval
90% 18,990,721.812, 19,474,488.851 19,178,936.234, 19,651,633.037 95% 18,944,403.691, 19,520,806.972 19,133,678.029, 19,696,891.241 99% 18,853,973.074, 19,611,237.589 19,045,316.773, 19,785,252.498
LSP Traffic OUT
Sample Mean 19,224,983.646 19,469,041.989 Variance 2,240,622,736,539.75 1,861,992,781,110.31 Standard Deviation 1,496,870.982 1,364,548.563
Confidence Interval
90% 18,977,507.881, 19,472,459.410 19,243,442.921, 19,694,641.057 95% 18,930,118.905, 19,519,848.386 19,200,243.099, 19,737,840.879 99% 18,837,597.571, 19,612,369.721 19,115,900.591, 19,822,183.388
The LSP traffic sent into the LSP of MPLS VPN at the ingress end of the tunnel is
shown in figure-64 and table-19 provides the detailed statistical information. The sample mean of LSP traffic IN for RIPv2 is 19,415,284.636 bits/sec, and the sample mean of LSP traffic IN for OSPF is 19,232,605.331 bits/sec. The LSP traffic received from the LSP of MPLS VPN at the egress end of the tunnel is shown in figure-65 and table-19 provides the detailed statistical information. The sample mean of LSP traffic OUT for RIPv2 is 19,469,041.989 bits/sec, and the sample mean of LSP traffic OUT for OSPF is 19,224,983.646 bits/sec.
3.2.4.4.4.3 LSP Traffic IN & OUT (bits/sec) Comparison of Both Cases In both cases of VoIP traffic, it is observed from the results of LSP traffic IN and
OUT w.r.t both OSPF and RIPv2 that the LSP traffic sent into the Site1-to-Site3 LSP of MPLS-BGP VPN at ingress end is almost the same to the traffic received from the Site1-to-Site3 LSP of MPLS-BGP VPN at egress end. But in both cases RIPv2 has greater traffic IN and OUT as compared to the OSPF. This is due to the overhead processing of multicasting in RIPv2.
63
3.2.4.5 Scenario-based Comparison of Point-to-Point Queuing Delay This statistic represents instantaneous measurements of packet waiting times in the
transmitter channel's queue. Measurements are taken from the time a packet enters the transmitter channel queue to the time the last bit of the packet is transmitted.
3.2.4.5.1 Site1 to Site3 LSP-based Queuing Delay Figure-66 illustrates the site1-to-site3 LSP-based topology.
Figure 66: Site1-to-Site3 LSP-based Point-to-Point queuing delay
3.2.4.5.1.1 VoIP Traffic Case 1
Figure 67: Site1-to-Site3 queuing delay (sec) for 500 VoIP calls
Figure-67 illustrates the queuing delay from Site1_PE to Site3_PE LSP with
respect to the RIPv2 and OSPF, and table-20 provides the detailed statistical information. For better understanding, the LSP is divided into two sections.
Table 20: Rtr4-to-Site3 queuing delay (sec) for 500 calls
MPLS VPN OSPF RIPv2
Site1-‐to-‐
Rtr4
Sample Mean 4.0267E-‐006 3.666E-‐006 Variance 3.659E-‐015 6.677E-‐015 Standard Deviation 6.049E-‐008 8.171E-‐008 Confidence 90% 4.017E-‐006, 4.037E-‐006 3.653E-‐006, 3.679E-‐006
64
Interval 95% 4.015E-‐006, 4.039E-‐006 3.650E-‐006, 3.682E-‐006 99% 4.011E-‐006, 4.043E-‐006 3.645E-‐006, 3.687E-‐006
Rtr4-‐to-‐Site3
Sample Mean 3.901E-‐006 4.078E-‐006 Variance 4.514E-‐015 4.096E-‐015 Standard Deviation 6.719E-‐008 6.400E-‐008
Confidence Interval
90% 3.890E-‐006, 3.913E-‐006 4.067E-‐006, 4.089E-‐006 95% 3.888E-‐006, 3.915E-‐006 4.065E-‐006, 4.091E-‐006 99% 3.884E-‐006, 3.919E-‐006 4.061E-‐006, 4.095E-‐006
First section covers the queuing delay from Site1_PE to Rtr4. In this section, the
sample mean of queuing delay for RIPv2 is 3.666E-006s. Moreover, the sample mean of queuing delay for OSPF is 4.027E-006s. Second section: covers the queuing delay from Rtr4 to Site3_PE. In this section, the sample mean of queuing delay for RIPv2 is 4.078E-006s. Moreover, the sample mean of queuing delay for OSPF is 3.901E-006s.
3.2.4.5.1.2 VoIP Traffic Case 2
Figure 68: Site1-to-Site3 queuing delay (sec) for 2500 VoIP calls
Figure-68 illustrates the queuing delay from Site1_PE to Site3_PE LSP with
respect to the RIPv2 and OSPF and table-21 provides the detailed statistical information. For better understanding, this LSP is divided into two sections.
Table 21: Site1-to-Site3 queuing delay (sec) for 2500 calls
MPLS VPN OSPF RIPv2
Site1-‐to-‐Rtr4
Sample Mean 4.0279E-‐006 3.666E-‐006 Variance 3.658E-‐015 6.667E-‐015 Standard Deviation 6.049E-‐008 8.165E-‐008
Confidence Interval
90% 4.017E-‐006, 4.037E-‐006 3.653E-‐006, 3.679E-‐006 95% 4.015E-‐006, 4.039E-‐006 3.650E-‐006, 3.682E-‐006 99% 4.011E-‐006, 4.043E-‐006 3.645E-‐006, 3.687E-‐006
Rtr4-‐to-‐
Site3
Sample Mean 3.901E-‐006 4.078E-‐006 Variance 4.478E-‐015 4.096E-‐015 Standard Deviation 6.692E-‐008 6.400E-‐008 Confidence 90% 3.890E-‐006, 3.912E-‐006 4.067E-‐006, 4.089E-‐006
65
Interval 95% 3.888E-‐006, 3.915E-‐006 4.065E-‐006, 4.091E-‐006 99% 3.884E-‐006, 3.919E-‐006 4.061E-‐006, 4.095E-‐006
First section covers the queuing delay from Site1_PE to Rtr4. In this section, the
sample mean of queuing delay for RIPv2 is 3.666E-006s. Moreover, the sample mean of queuing delay for OSPF is 4.027E-006s. Second section covers the queuing delay from Rtr4 to Site3_PE. In this section, the sample mean of queuing delay for RIPv2 is 4.078E-006s. Moreover, the sample mean of queuing delay for OSPF is 3.901E-006s.
3.2.4.5.1.3 Comparison of Site1-to-Site3 Queuing Delay (sec) w.r.t Both Cases In every section of both cases, end-to-end queuing delay difference is minor for
both IGPs. It is also observed that the Site1-to-Site3 queuing delay is almost the same for both cases of VoIP traffic.
3.2.4.5.2 Site1-to-Site3 through Site2 LSP-based Queuing Delay
Figure 69: Site1-to-Site3 through Site2 LSP-based Point-to-Point queuing delay
3.2.4.5.2.1 VoIP Traffic Case 1
Figure 70: Site1-to-Site2 queuing delay
(sec) for 500 VoIP calls Figure 71: Site2-to-Site3 queuing delay
(sec) for 500 VoIP calls Figure-70 illustrates the queuing delay of Site1_PE to Site2_PE LSP and figure-71
illustrates the queuing delay of Site2_PE to Site3_PE LSP with respect to the RIPv2 and OSPF for 500 calls. For better understanding, both LSPs are divided into two sections.
66
Table 22: Site1-Rtr3 to Rtr3-Site2 queuing delay (sec) for 500 calls MPLS VPN
OSPF RIPv2
Site1-‐to-‐Rtr3
Sample Mean 5.172E-‐006 4.796E-‐006 Variance 4.269E-‐018 1.343E-‐016 Standard Deviation 2.066E-‐009 1.159E-‐008
Confidence Interval
90% 5.172E-‐006, 5.173E-‐006 4.794E-‐006, 4.798E-‐006 95% 5.172E-‐006, 5.173E-‐006 4.794E-‐006, 4.798E-‐006 99% 5.172E-‐006, 5.173E-‐006 4.793E-‐006, 4.799E-‐006
Rtr3-‐to-‐Site2
Sample Mean 4.808E-‐006 4.808E-‐006 Variance 1.437E-‐015 1.259E-‐016 Standard Deviation 3.790E-‐008 1.122E-‐008
Confidence Interval
90% 4.801E-‐006, 4.814E-‐006 4.806E-‐006, 4.810E-‐006 95% 4.800E-‐006, 4.815E-‐006 4.806E-‐006, 4.810E-‐006 99% 4.798E-‐006, 4.817E-‐006 4.805E-‐006, 4.811E-‐006
First section covers the queuing delay from Site1_PE to Rtr3 and table-22 provides
the detailed statistical information. The sample mean of queuing delay for RIPv2 is 4.796E-006s. Moreover, the sample mean of queuing delay for OSPF is 5.172E-006s. Second section covers the queuing delay from Rtr3 to Site2_PE. The sample mean of queuing delay for RIPv2 is 4.808E-006s. Moreover, the sample mean of queuing delay for OSPF is 4.808E-006s.
Table 23: Site2-Rtr1 to Rtr1-Site3 queuing delay (sec) for 500 calls MPLS VPN
OSPF RIPv2
Site2-‐to-‐Rtr1
Sample Mean 5.221E-‐006 5.106E-‐006 Variance 1.648E-‐015 3.317E-‐016 Standard Deviation 4.059E-‐008 1.821E-‐008
Confidence Interval
90% 5.214E-‐006, 5.227E-‐006 5.103E-‐006, 5.109E-‐006 95% 5.213E-‐006, 5.229E-‐006 5.102E-‐006, 5.109E-‐006 99% 5.210E-‐006, 5.231E-‐006 5.101E-‐006, 5.110E-‐006
Rtr1-‐to-‐Site3
Sample Mean 4.799E-‐006 5.164E-‐006 Variance 4.064E-‐016 2.499E-‐016 Standard Deviation 2.016E-‐008 1.581E-‐008
Confidence Interval
90% 4.797E-‐006, 4.803E-‐006 5.162E-‐006, 5.167E-‐006 95% 4.796E-‐006, 4.804E-‐006 5.161E-‐006, 5.167E-‐006 99% 4.795E-‐006, 4.805E-‐006 5.160E-‐006, 5.168E-‐006
First section covers the queuing delay from Site2_PE to Rtr1 and table-23 provides
the detailed statistical information. The sample mean of queuing delay for RIPv2 is 5.106E-006s. Moreover, the sample mean of queuing delay for OSPF is 5.221E-006s. Second section covers the queuing delay from Rtr1 to Site3_PE. The sample mean of queuing delay for RIPv2 is 5.164E-006s. Moreover, the sample mean of queuing delay for OSPF is 4.799E-006s.
3.2.4.5.2.2 VoIP Traffic Case 2
67
Figure 72: Site1-to-Site2 queuing delay
(sec) for 2500 VoIP calls Figure 73: Site2-to-Site3 queuing delay
(sec) for 2500 VoIP calls Figure-72 illustrates the queuing delay of Site1_PE to Site2_PE LSP and figure-73
illustrates the queuing delay of Site2_PE to Site3_PE LSP with respect to the RIPv2 and OSPF for 2500 calls. For better understanding, both LSPs are divided into two sections.
Table 24: Site1-Rtr3 to Rtr3-Site2 queuing delay (sec) for 2500 calls
MPLS VPN OSPF RIPv2
Site1-‐to-‐Rtr3
Sample Mean 5.172E-‐006 4.796E-‐006 Variance 2.744E-‐018 1.320E-‐016 Standard Deviation 1.656E-‐009 1.149E-‐008
Confidence Interval
90% 5.172E-‐006, 5.172E-‐006 4.794E-‐006, 4.798E-‐006 95% 5.171E-‐006, 5.172E-‐006 4.794E-‐006, 4.798E-‐006 99% 5.171E-‐006, 5.172E-‐006 4.793E-‐006, 4.799E-‐006
Rtr3-‐to-‐Site2
Sample Mean 4.808E-‐006 4.807E-‐006 Variance 1.431E-‐015 1.279E-‐016 Standard Deviation 3.783E-‐008 1.131E-‐008
Confidence Interval
90% 4.802E-‐006, 4.814E-‐006 4.806E-‐006, 4.809E-‐006 95% 4.801E-‐006, 4.816E-‐006 4.805E-‐006, 4.809E-‐006 99% 4.798E-‐006, 4.818E-‐006 4.804E-‐006, 4.810E-‐006
First section covers the queuing delay from Site1_PE to Rtr3 and table-24 provides
the detailed statistical information. The sample mean of queuing delay for RIPv2 is 4.796E-006s.
Moreover, the sample mean of queuing delay for OSPF is 5.172E-006s. Second section covers the queuing delay from Rtr3 to Site2_PE. The sample mean of queuing delay for RIPv2 is 4.807E-006s. Moreover, the sample mean of queuing delay for OSPF is 4.808E-006s.
Table 25: Site2-Rtr1 to Rtr1-Site3 queuing delay (sec) for 2500 calls
MPLS VPN OSPF RIPv2
68
Site2-‐to-‐Rtr1
Sample Mean 5.220E-‐006 5.105E-‐006 Variance 1.621E-‐015 3.302E-‐016 Standard Deviation 4.026E-‐008 1.817E-‐008
Confidence Interval
90% 5.213E-‐006, 5.227E-‐006 5.102E-‐006, 5.108E-‐006 95% 5.212E-‐006, 5.228E-‐006 5.102E-‐006, 5.109E-‐006 99% 5.210E-‐006, 5.231E-‐006 5.101E-‐006, 5.110E-‐006
Rtr1-‐to-‐Site3
Sample Mean 4.799E-‐006 5.164E-‐006 Variance 4.133E-‐016 2.538E-‐016 Standard Deviation 2.033E-‐008 1.593E-‐008
Confidence Interval
90% 4.797E-‐006, 4.803E-‐006 5.161E-‐006, 5.167E-‐006 95% 4.796E-‐006, 4.804E-‐006 5.161E-‐006, 5.167E-‐006 99% 4.795E-‐006, 4.805E-‐006 5.159E-‐006, 5.168E-‐006
First section covers the queuing delay from Site2_PE to Rtr1 and table-25 provides
the detailed statistical information. The sample mean of queuing delay for RIPv2 is 5.105E-006s. Moreover, the sample mean of queuing delay for OSPF is 5.220E-006s. Second section covers the queuing delay from Rtr1 to Site3_PE. The sample mean of queuing delay for RIPv2 is 5.164E-006s. Moreover, the sample mean of queuing delay for OSPF is 4.799E-006s.
3.2.4.5.2.3 Comparison of Site1-to-Site3 through Site2 Queuing Delay w.r.t Both Cases In every section of both cases, end-to-end queuing delay difference is minor for
both IGPs. For both cases of VoIP traffic the average of queuing delay for RIPv2 is 4.97E-06s and for OSPF is 5.00E-06s.It is also observed that the Site1-to-Site3 queuing delay is almost the same for both cases of VoIP traffic.
69
Chapter 4: Verification of Results
Simulated results have been verified by considering different approaches:
1. OPNET NetDoctor report of MPLS-BGP VPN simulation 2. Multiple runs of MPLS-BGP VPN simulation
4.1 OPNET NetDoctor Report of MPLS-BGP VPN Simulation NetDoctor is a rules-based engine that identifies incorrect configurations in the
network, including policy violations and inefficiencies. NetDoctor also exposes hidden problems that can be difficult to discover due to the large no. of configuration [51].
This NetDoctor report has shown the state of the network named "MPLS-BGP VPN". The data used to generate this report came from 13 tested devices and 27 rules. The score for this report is 98.2 (out of 100). The tests resulted in 1 rule reporting 2 issues as shown in figure-68. Issues were found on 2 of the devices. The reported issues are comprised of 2 minor warnings of VRF instances.
Figure 74: Pie chart comparison of NetDoctor rules
4.2 Multiple Runs of Simulation As OPNET is a discrete event simulator, the occurrences of events are not the
same during the multiple simulation runs. In our case, VoIP calls have different time of initiation during the simulation. So, we have simulated the scenarios three times for every time slot to verify the obtained results. It is observed from the simulated results obtained after every run that the results are almost the same with negligible difference.
70
Chapter 5: Conclusion and Future Work
5.1 Conclusion The main objective of the thesis “OPNET analysis of VoIP over MPLS VPN with
QoS” is to analyze the behavior of MPLS-BGP VPN with QoS. This behavioral analysis is followed by presenting an approach in OPNET modeler 14.5 to estimate the capabilities of OSPF and RIPv2 as IGPs. This analysis is made by focusing on the VPN statistics: delay, load and throughput, and Path statistics: flow delay and LSP delay, and point-to-point queuing delay.
In this report we used a combination of theoretical research and empirical research (scientific research) started by literature review made on the state of art on VoIP, MPLS, VPN, and MPLS VPN. This approach helped us to answer the research questions. During our analysis, we have identified:
• The challenges in MPLS VPN network w.r.t IP QoS • Behavior of Interior and exterior routing protocols in different network
environments w.r.t VoIP network • MPLS VPN with IP QoS influences delay in the VoIP network • MPLS VPN based on interior routing protocol (OSPF) and exterior routing
protocol (BGP) with IP QoS is a best scenario for VoIP traffic w.r.t VPN delay, load and throughput, and Site-to-Site Flow delay and LSP delay, and End-to-End Queuing delay
During our research, we have also examined the MPLS-BGP VPN architecture (hybrid VPN solution) and found out that this architecture is scalable and flexible enough to provide well-organized voice packet transmission, load balancing, consistency, data security, network isolation from other networks and end-to-end controlled connectivity with QoS guaranteed.
Finally, We have concluded on the basis of considered network topology, configurations and simulated results that our tentative hypothesis: VoIP over QoS enabled MPLS-BGP VPN with interior routing protocol (OSPF) is a better scenario that can fulfill the need of Next Generation (NG) communication (voice) service consumers as compared to the VoIP over QoS enabled MPLS-BGP VPN with interior gateway protocol (RIPv2).
5.2 Future Work MPLS has emerged as a technology that is gradually taking control and becoming
an efficient replacement to ATM/Frame Relay. MPLS can be used in combination with most routing protocols used in conventional IP networks allowing MPLS to work in close collaboration with, and actually enhance the IP performance. This is the main factor that forced the service providers to move their services from ATM/Frame Relay networks to MPLS networks.
71
MPLS Virtual Private Networks (MPLS VPN) is a popular and widespread implementation of MPLS technology and is growing since it was invented. MPLS capable network can provide support for MPLS tunnels. These tunnels provide a virtual wire that connects source and destination of the VPN. Alternatively, encapsulated MPLS packets can provide some other tunneling mechanism for transmission of these packets across the IP core network.
As this thesis covered the analysis of QoS enabled MPLS-BGP VPN with two main IGPs (OSPF and RIPv2) and to reach more accurate results it would be necessary to perform empirical studies involving different simulators (QualNet, OMNet++, and NS-3) to possibly validate or disprove the affirmations evaluated and discussed. One could realize different scenarios:
• QoS enabled VoIP or Video over MPLS-BGP VPN with IGRP • QoS enabled VoIP or Video over MPLS-BGP VPN with EIGRP • QoS enabled VoIP or Video over MPLS-BGP VPN with RIPv2 • QoS enabled VoIP or Video over MPLS-BGP VPN with RIPv3 • QoS enabled VoIP or Video over MPLS-BGP VPN with OSPF • QoS enabled VoIP or Video over MPLS-BGP VPN with OSPFv2 • QoS enabled VoIP or Video over MPLS-BGP VPN with OSPFv3 • QoS enabled VoIP or Video over MPLS-BGP VPN with IS-IS
One could study the overall (involving the provider’s and customer’s) economical aspects of implementing QoS enabled MPLS-BGP VPN. Furthermore, one could study the vender based MPLS-BGP VPN architecture.
72
References [1] E. B. Fjellskål and S. Solberg, “Evaluation of Voice over MPLS (VoMPLS)
compared to Voice over IP (VoIP),” Høgskolen I Agder, 2002. [2] J. Davidson, J. Peters, M. Bhatia, S. Kalidindi, and S. Mukherjee, Voice over IP
Fundamentals, 2nd ed. USA: Cisco Press, 2006. [3] B. Alawieh, R. Ahmed, and H. T. Mouftah, “Performance measurement for voice
services in heterogeneous wired networks,” Innsbruck, Austria, pp. 1-5, 2008. [4] Haeryong Lee, Jeongyeon Hwang, Byungryong Kang, and Kyoungpyo Jun, “End-to-
end QoS architecture for VPNs: MPLS VPN deployment in a backbone network,” presented at the Parallel Processing, 2000. Proceedings. 2000 International Workshops on, pp. 479-483, 2000.
[5] M. El Hachimi, M. Breton, and M. Bennani, “Efficient QoS Implementation for MPLS VPN,” in Advanced Information Networking and Applications - Workshops, 2008. AINAW 2008. 22nd International Conference on, pp. 259-263, 2008.
[6] M. Rahimi, H. Hashim, and R. Rahman, “Implementation of Quality of Service (QoS) in Multi Protocol Label Switching (MPLS) networks,” presented at the Signal Processing & Its Applications, 2009. CSPA 2009. 5th International Colloquium on, pp. 98-103, 2009.
[7] B. Davie and A. Farrel, MPLS: Next Steps. USA: Morgan Kaufmann, 2008. [8] D. Minoli, Voice Over MPLS: Planning and Designing Networks. USA: McGraw-Hill
Companies, 2002. [9] N. Mir and A. Chien, “Simulation of voice over MPLS communication networks,” in
Communication Systems, 2002. ICCS 2002. The 8th International Conference on, vol. 1, pp. 389-393 vol.1, 2002.
[10] M. Porwal, A. Yadav, and S. Charhate, “Traffic Analysis of MPLS and Non MPLS Network including MPLS Signaling Protocols and Traffic Distribution in OSPF and MPLS,” in Emerging Trends in Engineering and Technology, 2008. ICETET '08. First International Conference on, pp. 187-192, 2008.
[11] M. Rahman, A. Kabir, K. Lutfullah, M. Hassan, and M. Amin, “Performance analysis and the study of the behavior of MPLS protocols,” in Computer and Communication Engineering, 2008. ICCCE 2008. International Conference on, pp. 226-229, 2008.
[12] B. Alawieh and H. Mouftah, “Efficient Delivery of Voice Services over MPLS Internet Infrastructure,” presented at the Electrical and Computer Engineering, 2007. CCECE 2007. Canadian Conference on, pp. 483-486, 2007.
[13] “BGP_MPLS_VPN_I2TS_2003.pdf.” [14] “VoIP/IP Telephony,” FlazX, 13-Sep-2010. [Online]. Available:
http://www.flazx.com/category135.php. [Accessed: 13-Sep-2010]. [15] R. Hendershot, “The VoIP Telephone Services Revolution,” ArticleCity, 13-Oct-2005.
[Online]. Available: http://www.articlecity.com/articles/computers_and_internet/article_1758.shtml. [Accessed: 13-Sep-2010].
[16] M. Bromley, “Introduction to VoIP,” EzineArticles, 2005. [Online]. Available: http://ezinearticles.com/?Introduction-to-VoIP&id=65549. [Accessed: 13-Sep-2010].
[17] J. Morris, “What Is VoIP and How Does It Work,” EzineArticles, 2005. [Online]. Available: http://ezinearticles.com/?What-Is-VoIP-and-How-Does-It-Work&id=13801. [Accessed: 13-Sep-2010].
[18] T. Wallingford, Switching to VoIP, 1st ed. USA: O'Reilly Media, Inc., 2005. [19] R. Beuran, VoIP over Wireless LAN Survey. Japan: Japan Advanced Institute of
Science and Technology (JAIST), 2006, p. 40. [20] T. Latif and K. K. Malkajgiri, “Adoption of Voice over Internet Protocol,” Lulea
73
University of Technology, 2007. [21] Naveed Iqbal and Fahad Mumtaz Cheema, “QoS of VoIP in Wireless Networks,”
Blekinge Institute of Technology, 2009. [22] D. Field, Fire the Phone Company: A Handy Guide to Voice over IP. Peachpit Press,
2005. [23] R. Swale, Voice over IP: Systems and Solutions. UK: The Institution of Engineering
and Technology, 2001. [24] Javvin Technologies, Inc., Network Protocols Handbook, 4th ed. USA: Javvin Press,
2007. [25] D. Minoli, Voice Over IPv6: Architectures for
Next Generation VoIP Networks. UK: Elsevier Inc., 2006. [26] K. Wallace, Voice over IP First-Step. USA: Cisco Press, 2005. [27] S. A. Ahson and M. Ilyas, VoIP Handbook: Applications, Technologies, Reliability,
and Security. USA: CRC Press, 2009. [28] G. Mehdi, “Future of VoIP over Wireless in Economic Downturn,” Blekinge Institute
of Technology, 2009. [29] B. Goode, “Voice over Internet protocol (VoIP),” Proceedings of the IEEE, vol. 90, no.
9, pp. 1495-1517, 2002. [30] L. D. Ghein, MPLS Fundamentals. USA: Cisco Press, 2006. [31] M. Morrow and A. Sayeed, MPLS and Next-Generation Networks: Foundations for
NGN and Enterprise Virtualization. USA: Cisco Press, 2006. [32] J. C. Snader, VPNs Illustrated: Tunnels, VPNs, and IPsec. USA: Addison Wesley
Professional, 2005. [33] I. Pepelnjak, J. Guichard, and J. Apcar, MPLS and VPN Architectures, 2 vols. USA:
Cisco Press, 2003. [34] H. G. Perros, Connection-oriented networks: SONET/SDH, ATM, MPLS, and optical
networks. UK: John Wiley & Sons Ltd., 2005. [35] I. Pepelnjak and J. Guichard, MPLS and VPN Architectures, CCIE. USA: Cisco Press,
2002. [36] K. Jannu and R. Deekonda, “OPNET simulation of voice over MPLS with considering
Traffic Engineering,” Blekinge Institue of Technology, 2010. [37] R. Gallaher, MPLS Training Guide: Building Multi-Protocol Label Switching
Networks. Syngress Publishing, 2003. [38] M. Lewis, Comparing, Designing, and Deploying VPNs. USA: Cisco Press, 2006. [39] M. Gupta, Building a Virtual Private Network. Ohio: Premier Press, 2003. [40] J. Guichard, F. L. Faucheur, and J. Vasseur, Definitive MPLS Network Designs. USA:
Cisco Press, 2005. [41] K. Reddy, Building MPLS-Based Broadband Access VPNs. USA: Cisco Press, 2004. [42] R. Zhang and M. Bartell, BGP Design and Implementation. USA: Cisco Press, 2004. [43] Cisco Systems, Advanced MPLS VPN Solutions, Revision 1.0: Student Guide, vol. 1, 2
vols. USA: Cisco Press, 2000. [44] C. Lewis, S. Pickavance, M. Morrow, J. Monaghan, and C. Huegen, Selecting MPLS
VPN Services. Cisco Press, 2006. [45] S. S. Carey, A Beginner's Guide to Scientific Method, 3rd ed. USA: Wadsworth
Publishing, 2003. [46] Manor College, “Empirical Research,” What is Empirical Research, 2006. [Online].
Available: http://library.manor.edu/tutorial/empiricalresearch.htm. [Accessed: 09-Oct-2010].
[47] Gold Sim Technology Group, “Simulation,” What is Simulation. [Online]. Available: http://www.goldsim.com/Content.asp?PageID=91. [Accessed: 09-Oct-2010].
[48] Scalable Network Technologies, “QualNet: Network modeling & simulation software.” [Online]. Available: http://www.scalable-networks.com/products/qualnet/. [Accessed: 09-Oct-2010].
[49] “The ns-3 network simulator.” [Online]. Available: http://www.nsnam.org/. [Accessed: 09-Oct-2010].
74
[50] “tarvos_computer_networks_simulator.pdf.” [51] OPNET Technologies, Inc., “OPNET Modeler: Network Simulation,” 2010. [Online].
Available: http://www.opnet.com/solutions/network_rd/modeler.html. [Accessed: 09-Oct-2010].
[52] S. Alvarez, QoS for IP/MPLS Networks, 1st ed. USA: Cisco Press, 2006. [53] X. Che and L. J. Cobley, “VoIP Performance over Different Interior Gateway
Protocols,” International Journal of Communication Networks and Information Security, vol. 1, p. 8, Apr. 2009.
