在MPLS環境下之雙層式虛擬私有網路服務供裝系統

以作者查詢圖書館館藏

、以作者查詢臺灣博碩士

、以作者查詢全國書目

、勘誤回報

、線上人數：13

、訪客IP：3.16.70.101

姓名

洪茂元(Mao-Yuan Hong) 查詢紙本館藏

畢業系所

資訊工程學系

論文名稱

在MPLS環境下之雙層式虛擬私有網路服務供裝系統
(Two-Level VPN Service Provisioning Systems over MPLS Networks)

相關論文

★ 無線行動隨意網路上穩定品質服務路由機制之研究	★ 應用多重移動式代理人之網路管理系統
★ 應用移動式代理人之網路協同防衛系統	★ 鏈路狀態資訊不確定下QoS路由之研究
★ 以訊務觀察法改善光突發交換技術之路徑建立效能	★ 感測網路與競局理論應用於舒適性空調之研究
★ 以搜尋樹為基礎之無線感測網路繞徑演算法	★ 基於無線感測網路之行動裝置輕型定位系統
★ 多媒體導覽玩具車	★ 以Smart Floor為基礎之導覽玩具車
★ 行動社群網路服務管理系統－應用於發展遲緩兒家庭	★ 具位置感知之穿戴式行動廣告系統
★ 調適性車載廣播	★ 車載網路上具預警能力之車輛碰撞避免機制
★ 應用於無線車載網路上之合作式交通資訊傳播機制以改善車輛擁塞	★ 智慧都市中應用車載網路以改善壅塞之調適性虛擬交通號誌

檔案

[Endnote RIS 格式]

[Bibtex 格式]

[相關文章]

[文章引用]

[完整記錄]

[館藏目錄]

至系統瀏覽論文 ( 永不開放)

摘要(中)

虛擬私有網路 (Virtual Private Network, 簡稱VPN) 服務的需求隨著網路的蓬勃發展而與日俱增，由於企業的幅員擴張，使得企業內部或是企業之間的資訊傳佈不再只是侷限於某些被管轄且具高安全性的網路，而是會透過共享的網路架構來傳送資訊。在此情況下，為了要將極為機密的資料安全地傳送至目的地，VPN服務在此時扮演重要的腳色。目前使用VPN服務的網路人口可分為三個主要的層級，擁有核心網路的網路服務提供者管理員 (Service Provider Administrator) ；直接與核心網路界接的區域網路管理者 (Local Device Manager) 以及使用網路服務的終端使用者 (End user)，其中網路服務提供者提供各個區域網路的互通性，而區域網路管理者則是提供終端使用者正常的網路連線。
本論文提出雙層式虛擬私有網路服務供裝系統，包含兩種型態的供裝系統，分別是佈建於核心網路中的提供者端設備管理員 (Provider Edge Manager, 簡稱PER) 以及佈建於區域網路中的客戶端設備管理員 (Customer Edge Manager, 簡稱CAR)。其中，PER負責佈建多重通訊協定標籤交換 (MultiProtocol Label Switching, 簡稱MPLS) 型態的VPN服務給區域網路管理者，而CAR負責建置客戶端設備 (Customer Premises Edge-based, 簡稱CPE-based) 型態的VPN服務給終端使用者，並透過PER與CAR之間訊息和VPN狀態的傳遞與溝通，使得區域網路管理者可佈建CPE-based VPN於網路服務提供者建置的MPLS VPN上，達到提供VPN服務給終端使用者之目的。

摘要(英)

With the rise of internet, the demands of Virtual Private Network (VPN) services are increased day by day. Due to the expansion of enterprises, information transferring inside the enterprise or between enterprises is not limited in the managed and high security network but through the shared infrastructure. VPN services play the important role under this situation, in order to securely transfer confidential data to the destination. Nowadays, the network populations using VPN services can be divided into three levels: service provider administrator with service provider backbone; local device manager directly connected with service provider and end user using network services. Among network populations described above, service provider administrators provide the interconnectivity among separated local devices, while local device manager provide network connectivity for end users.
This thesis proposes two-level VPN service provisioning systems which contain two types of VPN provisioning systems. They are Provider Edge Manager (PER) deployed in service provider backbone and Customer Edge Manager (CAR) deployed in local device. PER deals with provisioning MultiProtocol Label Switching (MPLS) VPN service to local device manager and CAR takes charge of deploying Customer Premises Edge-based (CPE-based) for end users. Local device managers can deploy CPE-based VPN services on MPLS VPN services provided by service provider administrators through information and VPN status exchange among PER and CAR, and reach the goals of providing VPN services for end users.

關鍵字(中)

★ 多重通訊協定標籤交換
★ 供裝系統
★ 虛擬私有網路服務

關鍵字(英)

★ MultiProtocol Label Switching
★ Virtual Private Network
★ Provisioning System

論文目次

Chapter 1 Introduction 1
1.1 Background 1
1.2 Motivations 4
1.3 Goals 5
1.4 Organization 7
Chapter 2 Related Work 8
2.1 Multi-Protocol Label Switch (MPLS) 8
2.2 Virtual Private Network (VPN) 13
2.3 RFC 2547bis: BGP/MPLS VPN 27
Chapter 3 System Design 31
3.1 System Architecture 31
3.2 Modules of PE Manager 34
3.2.1 Graphic User Interface of PER 36
3.2.2 Authentication Identity of PER 37
3.2.3 Request Handling Module of PER 39
3.2.4 MPLS VPN Deployment Module of PER 41
3.2.5 Monitor Module of PER 42
3.2.6 Log Module of PER 44
3.2.7 Device and VPN Status Module of PER 46
3.3 Modules of CE Manager 48
3.3.1 Graphic User Interface of CAR 50
3.3.2 Authentication Identity of CAR 52
3.3.3 Request Handling Module of CAR 52
3.3.4 CPE-based VPN Deployment Module of CAR 54
3.3.5 Monitor Module of CAR 56
3.3.6 Log Module of CAR 57
3.3.7 MPLS VPN and CPE-based VPN Status Module of CAR 59
3.4 Notations Defined in PE Manager and CE Manager 61
3.4.1 Notations Defined and Message Flows in PE Manager 61
3.4.2 Notations Defined and Message Flows in CE Manager 65
3.4.3 Message Flows among PE manager and CE Managers 68
Chapter 4 System Implementation 71
4.1 System Equipments and Environment 71
4.2 Detail Configurations of proposed systems 75
4.3 Achievements of proposed systems 79
4.3.1 PE Manager 80
4.3.2 CE Manager 87
Chapter 5 Experiments and Discussions 92
5.1 Scenarios 1: Functionality verification of PER 92
5.2 Scenarios 2: Functionality verification of CAR 98
5.3 Scenarios 3: Intercommunication verification between PER and CAR 102
5.4 Scenarios 4: Bandwidth verification for end users through FTP 108
5.5 Scenarios 5: Measure the time required for notification and deployment 112
Chapter 6 Conclusions and Future Work 117
6.1 Conclusions 117
6.2 Future Work 118
Reference 120

參考文獻

[1] R. Venkateswaran, “Virtual Private Network,” IEEE, Potentials, vol. 20, p.p. 11-15, February/March 2001.
[2] Layer 3 Virtual Private Network (L3VPN) Working Group, http://www.ietf.org/html.charters/l3vpn-charter.html.
[3] Provider Provisioned Virtual Private Network (PPVPN) Working Group, http://www.ietf.org/html.charters/ppvpn-charter.html.
[4] Virtual Private Network Consortium (VPNC), http://www.vpnc.org/.
[5] “Cisco MPLS Controller Software Configuration Guide,” http://www.cisco.com, April 2000.
[6] E. Rosen, Y. Rekhter, “BGP/MPLS VPNs,” RFC 2547, Mar. 1999.
[7] J. H. You, S. M. Kang, W. J. Chun, “Design of the Packet Forwarding Architecture of the ATM Based MPLS Edge Node,” Proceedings of IEEE International Conference on Networks, pp.431-435, 2000.
[8] T. W. Um, J. K. Choi, “A Study on interworking Scenarios between ATM-based MPLS Network and IPOA/LANE Network,” Proceedings of IEEE Conference on High Performance Switching and Routing, pp.275-280, 2000.
[9] K. Muthukrishnan, A. Malis, “Core MPLS IP VPN Architecture,” RFC 2917, Sept. 2000.
[10] Torsten Braun, Manuel Guenter and Ibrahim Khalil, “Management of Quality of Service Enabled VPNs,” IEEE Communications Magazine, vol. 39, May 2001.
[11] Haeryong Lee, Joengyeon Hwang, Byungryong Kang and Kyoungpyo Jun, “End-to-End QoS Architecture for VPNs: MPLS VPN Deployment in a Backbone Network,” Proceedings of 2000 IEEE international Workshop on Parallel Processing, pp. 479-483, Aug. 2003.
[12] Gustav Rosenbaum, William Lau and Sanjay Jha, “An Analysis of Virtual Private Network Solutions,” Proceedings of the 28th Annual IEEE International Conference on Local Computer Networks (LCN’03), pp. 395-404, 20-24 Oct. 2003.
[13] Paul Knight and Chris Lewis, “Layer 2 and Layer 3 Virtual Private Networks: Taxonomy, Technology, and Standardization Efforts,” IEEE Communications Magazine, June 2004.
[14] B. Gleeson, A. Lin, J. Heinanen, G. Armitage and A. Malis, “A Framework for IP Based Virtual Private Networks,” RFC 2764, Feb. 2000.
[15] T. Dierks and C. Allen. “The TLS Protocol Version 1.0”, RFC 2246, Jan. 1999.
[16] ATM Forum, “LAN Emulation over ATM 1.0,” af-lane-0021.000, Jan. 1995.
[17] C. Perkins, “ IP Encapsulation within IP,” RFC 2003, Oct. 1996.
[18] S. Hanks, T. Li, D. Farinacci and P. Traina, “Generic Routing Encapsulation (GRE),“ RFC 1701, Oct. 1994.
[19] W. Simpson, “The Point-to-Point Protocol (PPP),” RFC 1661, July 1994.
[20] W. Townsley, A. Valencia, A. Rubens, G. Pall, G. Zorn and B. Palter, “Layer Two Tunneling Protocol (L2TP),” RFC 2661, Aug. 1999.
[21] S. Kent and R. Atkinson, “Security Architecture for the Internet Protocol,” RFC 2401, Nov. 1998.
[22] S. Kent and R. Atkinson, “IP Authentication Header,” RFC 2402, Nov. 1998.
[23] S. Kent and R. Atkinson, “IP Encapsulating Security Payload (ESP),” RFC 2406, Nov. 1998.
[24] E. Rosen, A. Viswanathan, and R. Callon, “Multiprotocol Label Switching Architecture,” RFC 3031, Jan. 2001.
[25] Francesco Palmieri, “VPN Scalability over High Performance Backbone Evaluating MPLS VPN against Traditional Approaches,” Proceedings of the 8th IEEE International Symposium on Computers and Communication (ISCC 2003), vol. 2, pp. 975-981, June 2003.
[26] E. Rosen and Y. Rekhter, “BGP/MPLS VPNs,” RFC 2547, March 1999.
[27] E. Rosen, Y. Rekhter, “BGP/MPLS IP VPNs,” draft-ietf-l3vpn-rfc2547bis-03, Oct. 2004.
[28] Cisco 2600 Serial Multiservice Paltforms, Introduction, Models and Product Literature, http://www.cisco.com/en/US/products/hw/routers/ps259/index.html.
[29] Cisco Systems, Inc. ”Configure a Basic MPLS VPN, Document ID: 13733,” http://www.cisco.com/en/US/tech/tk436/tk428/technologies_configuration_example09186a00800a6c11.shtml.
[30] Bruce A. Mach: pchar, http://www.kitchenlab.org/www/bmah/Software/pchar/ .
[31] Tacy Lee, “PPTP VPN HOWTO (MPPE support),” June 2003.
[32] Jamal Salim, “IP Bandwidth Management,” May 1999, http://www.linuxjournal. com/article/3369.
[33] Milan P. Stanic, “tc-traffic control Linux QoS control tool,” http://www.rns- nis.co.yu/ ~mps/linux-tc.html.

指導教授

周立德(Li-Der Chou)

審核日期

2005-7-22

推文