| The conspicuous characteristics of optical network, such as high bandwidth and high security, are attracting the eyeballs of service providers. L1VPN is becoming more and more alluring as an excellent value-added business of optical network. As the requirement for dynamic high bandwidth and high security channel is increasing extremely, large multinational enterprises, scientific research and education institutions and so on are no longer satisfied with the service supplied by traditional VPN business. A novel dynamic and customer-controlled VPN becomes necessary to support the new customer requirments. In this paper, a comprehensively research of the situation for customer-controlled VPN is summarized, and an elaborate description for L1VPN is presented. And the contribution of this paper includes two parts:1)a new method for establishment of a customer-controlled VPN is proposed for overlay network, namely customer-controlled network based on dynamic Port Information Table (PIT) configuration, which is based on the basic model suggested by the Internet engineering task force (IETF); 2)a demo platform is set up in order to demonstrate and validate this new method.The work of this method is significant. Firstly, combining with current L1VPN signaling for establishing physical channel and the technology of user network interface, this method entitles the customer to accomplish a series of operations on-demand from configuring PIT to establishing physical link directly through the CE-PE signaling. Secondly, the network service provider can discard much traditional authentication procedure by using this method. The network service provider need not participate in any accessing control for a new L1VPN customer. The accessing control system is handled by L1VPN existing members, and it is deployed in user network according to the security requirements of this L1VPN. This method not only reduces the complexity and risk for network service providers to authenticate all users traditionally, but also gives the VPN customer great flexibility and autonomy, and makes L1VPN value-added business more attractive. In order to demonstrate and validate this method in principle, a L1VPN demo platform is built in this paper. This platform is physically established by an Ethernet, optical fibers and self-developed OXCs. And, from the view of network structure, it consists of a customer network and a service provider network; from the view of function layer, it is formed by a control plane, a transport plane and a management plane; from the view of programming realization, it is composed of four software modules developed under Linux and Windows operating system respectively. These software modules contain a simplized RSVP-TE protocol machine software for control plane, a resources monitoring interface software for network service provider, a client graphical interfaces software for L1VPN customers and a video software for the transport plane entitling the L1VPN members to communicate with each other visually. |
PDF Full Text Request