Algorithms for Provisioning Virtual Private Networks in the

Hose Model

Source: Sigcomm 2001, to appear in IEEE/ACM Transactions on Networki

ng

Author: Amit Kumar, Rajeev Rastogi, Avi Siberschatz and Bulent Yener

Outline

•Introduction

•Provisioning algorithms

•Determination of link bandwidth

•Problem Statement

•Symmetric bandwidth case

•Asymmetric bandwidth case

•Experimental study

Introduction

•A VPN establishes connectivity between a set of endpoints over a shared network infrastructure.

•Issues of offering customers with guaranteed bandwidth VPN service has received little attention.

•This paper addresses the problem of provisioning VPN services with bandwidth guarantees.

Introduction

•Two popular models for providing QoS in VPNs：

Pipe modelHose model

Introduction

•In the pipe model, customer specifies QoS requirements between every pair of endpoints.

•This requires the customer to know the complete traffic matrix.

•However, the number of endpoints per VPN is constantly increasing and the communication patterns between endpoints are becoming increasingly complex.

•Predicting traffic characteristics between pairs of endpoint is a difficult task for customers.

Introduction

•In the hose model, the customer specifies QoS requirements per endpoint and not every pair of endpoints.

•Each endpoint is associated with an ingress bandwidth and an egress bandwidth.

•Ingress bandwidth: the amount of incoming traffic from all the other endpoints into the endpoint.

•Egress bandwidth: the amount of traffic the endpoint can send to the other endpoints.

Introduction

•The customer only needs to specify QoS requirement on a per endpoint basis.

•As a result, the hose model place less burden on VPN customers.

Introduction

•The hose model provides customers with the the following advantages over the pipe model:

•Ease of Spec

•Flexibility

•Multiplexing Gain

•Characterization

•In order to to realize these benefits, efficient algorithms must be devised for provisioning hoses.

Provisioning algorithms

•Hose provisioning algorithms need to set up paths between every pair of VPN endpoints such that the aggregate bandwidth reserved is minimum.

•The provisioning algorithms also need to reserve sufficient bandwidth to accommodate the traffic that meets ingress and egress bandwidth constraints.

Provisioning algorithmsNetwork Graph

Provisioning algorithmsIndependent Shortest paths Link Sharing Among Paths

Reserved bandwidth=6Reserved bandwidth=8

Provisioning algorithms

•In order to take advantage of the multiplexing gain due to hoses, this paper connects endpoints using a tree structure.

•A VPN tree has several benefits:

•Sharing of bandwidth reservation

•Scalability

•Simplicity of Routing

•Ease of Restoration

Provisioning algorithms

•This paper develops algorithms for computing optimal VPN trees under four scenarios:

Network links

capacity

Endpoints

Bandwidth requirement

infinite limited

Symmetric ingress and egress bandwidths

O(mn) Both the problem and it’s approximation algorithms are NP-hard.

Asymmetric ingress and egress

bandwidths

NP-hard Both the problem and it’s approximation algorithms are NP-hard.

Determination of link bandwidth

Network graph

Determination of link bandwidth

A VPN tree

1000

1000 1000

10004

1 1 2 2 1 1

Problem Statement

•Optimal VPN tree without link capacity constraints: Given a set of VPN endpoints, and their ingress and egress bandwidths, compute a VPN tree whose leaves are endpoints and for which aggregated bandwidth reserved is minimum.

•[3] has suggested that Steiner tree can be used to connect the VPN endpoints, however, it may be suboptimal.

Problem Statement

Network graph

Problem Statement

1000 10001001 10011002

Reserved bandwidth=10008

Steiner tree

Problem StatementOptimal VPN tree

1000

1000 1000

10004

1 1 2 2 1 1

Reserved bandwidth=4012

Problem Statement

•Optimal VPN tree with link capacity constraints: The same with bandwidth infinite case, except that bandwidth reserved on VPN tree links must be no more than their residual bandwidth.

Pl Tl lvdBvTQ ),(2),(

Symmetric bandwidths with infinite link capacity

• Define

Symmetric bandwidths with infinite link capacity

1000

1000 1000

10004

1 1 2 2 1 1

Q(T,0)=2*(1000*3+1*5+1*3+1*3+1*5+1000*3)=12032

=CT.

Q(T,X)=2*(1000*2+1*6+1*4+1*4+1*6+1000*4)=12080

X

1000 10001 1 1 1

Symmetric bandwidths with infinite link capacity

Find a BFS tree Tv rooted at v

Asymmetric bandwidths with infinite link capacity

Asymmetric bandwidths with infinite link capacity

• Biased edge :

e.g. (6,7)

• Balanced edge :

e.g. (5,6)

• We refer to a node of T as a core node if a balanced edge is incident on it.

Lemma 4.3 : The sum of the bandwidths reserved on a balanced edge (I,j) of a VPN tree T in both directions is CT(i,j)+CT(j,i)

Asymmetric bandwidths with infinite link capacity

Asymmetric bandwidths with infinite link capacity

• minimize

• Subject to

}1,0{,

0:,_

,_

0:,

1:

***),(

,

)(

,

_ _

eiij

Ve Vi

ije

iji

Vi

ij

PjVi Ee

eijjG

zyx

xzPjVvVV

xyPjVi

xPj

zMxBjid

Asymmetric bandwidths with infinite link capacity

• Since we know that S must contain a node from V, we can compute the optimal tree by performing the following steps:– For each node v V, solve the integer program to com

pute Sv, the optimalset of nodes containing v.

– Return the tree T(Sv) whose cost is minimum.

Rounding Based Approximation Algorithm

• LP (Relaxation of IP)

• Use Lin & Vitter to obtain a solution

• By ellipsoid algorithm, solve the LP in polynomial time

• Let 0 < c < 1 be a constant

• Π

• α

Steps of the Rounding Algorithm

Experimental Study

Experimental Study

Experimental Study

Experimental Study

Experimental Study