[go: up one dir, main page]

WO2011113451A1 - A method for operating a network and a network - Google Patents

A method for operating a network and a network Download PDF

Info

Publication number
WO2011113451A1
WO2011113451A1 PCT/EP2010/001744 EP2010001744W WO2011113451A1 WO 2011113451 A1 WO2011113451 A1 WO 2011113451A1 EP 2010001744 W EP2010001744 W EP 2010001744W WO 2011113451 A1 WO2011113451 A1 WO 2011113451A1
Authority
WO
WIPO (PCT)
Prior art keywords
network
network element
controller
homed
networks
Prior art date
Application number
PCT/EP2010/001744
Other languages
French (fr)
Inventor
Rolf Winter
Juergen Quittek
Thomas Dietz
Original Assignee
Nec Europe Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nec Europe Ltd. filed Critical Nec Europe Ltd.
Priority to PCT/EP2010/001744 priority Critical patent/WO2011113451A1/en
Publication of WO2011113451A1 publication Critical patent/WO2011113451A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/54Store-and-forward switching systems 
    • H04L12/56Packet switching systems
    • H04L12/5691Access to open networks; Ingress point selection, e.g. ISP selection
    • H04L12/5692Selection among different networks

Definitions

  • the present invention relates to a method for operating a network, especially an IP (Internet Protocol) network, wherein a network is multi-homed by a connection to at least two further networks and wherein a network element is connected to the multi- homed network for achieving access to at least one of the further networks. Further, the present invention relates to a network, especially an IP (Internet Protocol) network, wherein a network is multi-homed by a connection to at least two further networks and wherein a network element is connected to the multi-homed network for achieving access to at least one of the further networks.
  • IP Internet Protocol
  • a growing number of networks today are multi-homed. This means that they are connected to two or more further networks or provider networks that offer connectivity to them.
  • Network elements in the form of hosts are usually single-homed, i.e. they are only connected to a single network.
  • an enterprise network might have two providers but all hosts within that network are only directly connected to that single enterprise network.
  • a DSL (Digital Subscriber Line) customer is only connected to one DSL provider.
  • ECMP equal cost multi-path
  • RFC 2992 "Analysis of an Equal-Cost Multi-Path Algorithm" http://tools.ietf.org/html/rfc2992
  • routing protocols that distribute traffic according to the destination address of IP packets.
  • multi-path capability e.g. multi-path transport protocols such as multi-path TCP (Transmission Control Protocol), and the like.
  • TCP Transmission Control Protocol
  • Further details of TCP are obtainable from "Architectural Guidelines for Multipath TCP Development", http://tools.ietf.org/html/draft-ford-mptcp-architecture. Again, today, a host has no direct control over these decisions.
  • the problem is that hosts in a site cannot choose the outgoing router interface or switch or more precisely the further network or provider through which their packets are sent in today's networks. This, however, would enable a number of useful applications and would allow a host to react to networking conditions in ways that routers or switches and other network infrastructure are unable to as only hosts truly have end-to-end visibility and can react to events in the network on much smaller time scales, usually in the order of one or a few round trip times. It might also be that the user or host has a certain preference for the further network or operator choice, which can be made explicitly this way. Whatever the reason is for choosing a further network or an operator, it is impossible today in a flexible manner on a per packet basis.
  • Host-based solutions e.g. include SHIM6 that make communicating end hosts aware of the multiple addresses that are available to them. Further details with regard to SHIM6 are obtainable from RFC5533, Shim6: Level 3 Multihoming Shim Protocol for IPv6, http://tools.ietf.org/html/rfc5533.
  • SHIM6 is bound to end-host multi-homing and the use of IPv6.
  • Other solutions would be e.g. source routing. For security reasons source routing is not supported these days. It also limits the applicability of the solution as only IP address information can be for multi-homing.
  • Network-based solutions typically do traffic engineering on rather static sets of data. E.g. ECMP spreads traffic according to the 5-tuple of IP headers or routing protocols that split parts of the routing table differently and others. Usually there is no control by the end host to control this directly. There is also a proxy-SHIM6 solution that does not need changes on the end host. Further details with regard to proxy-SHIM 6 are obtainable from "Proxy Shim6 (P-Shim6)", http://www.shim6.org/draft-bagnulo- pshim6-01 .txt. A kind of path splicing that involves both end hosts and routers is explained within "Path Splicing, http://www.cc.gatech.edu/ ⁇ feamster/papers/splicing- sigcomm2008.pdf.
  • the aforementioned object is accomplished by a method comprising the features of claim 1 and a network comprising the features of claim 15.
  • the method is characterized in that a controller which is able to communicate with the network element and the multi-homed network is managing the access of the network element to one or more specific further networks based on a selection by the network element.
  • the network is characterized by a controller which is able to communicate with the network element and the multi-homed network and which is managing the access of the network element to one or more specific further networks based on a selection by the network element.
  • a controller which is able to communicate with the network element and the multi-homed network is managing a respective access of the network element to one or more specific further networks.
  • the managing process is depending on a selection by the network element which can make a decision to connect to a specific further network depending on individual parameters or application situations.
  • Based on the end-to-end view of the network element a very fast change of a connection of the network element to a further network can be realized, if necessary.
  • the network element could be a host, a home or enterprise gateway, a router or a modem.
  • the controller can also communicate with devices other than a host, for example, a router, a home or enterprise gateway that provide Internet access for one or more network elements or hosts behind this device.
  • a host for example, a router, a home or enterprise gateway that provide Internet access for one or more network elements or hosts behind this device.
  • An example is a home or enterprise router that connects a DSL modem or a cable modem with several hosts in a home or enterprise network.
  • the network element may make use of the received multi-homing information by itself or pass it further to hosts or network elements behind it.
  • the controller could be in connection with the network element and one or more routers and/or switches of the multi-homed network.
  • Such routers and/or switches could be part of the multi-homed network for providing respective router interfaces or switch ports to further networks.
  • the term connection means in a first aspect a logical connection between the controller and the network element and the controller and one or more routers and/or switches.
  • such a connection could also be a physical connection by wires or a wireless connection.
  • the network element can select a preferred specific further network on the basis of individual parameters.
  • the controller could offer a preselected set of different further networks to the network element for selection by the network element.
  • the controller could be allowed to offer only one or more of generally available further networks.
  • Such a preselection could be performed by an operator of the multi-homed network for offering only specific further networks to specific network elements, for example.
  • the controller could provide the network element with information how to select a specific further network.
  • the controller could provide the network element with a prioritization with regard to further networks.
  • a very sophisticated selection and network allocation process could be realized.
  • the operator or controller may want to communicate to the network element a prioritization of the further networks to be used.
  • the cost of traffic can be different for different further networks.
  • a prioritization of further networks can be included in the information sent from the controller to the network element. Prioritization may be different for different network elements and different for different services or usage patterns. For example, one further network could be prioritized for voice traffic and another one for data traffic. Or a further network may preferably be used by privileged network elements only.
  • conveying or providing this information or the offer or the prioritization to the network element could be done via a DHCP (Dynamic Host Configuration Protocol) option or PPP (Point-to-Point Protocol) or during contract or policy negotiations.
  • DHCP Dynamic Host Configuration Protocol
  • PPP Point-to-Point Protocol
  • the preferred conveying or providing process could be depending on the individual application or use case.
  • the selection by the network element could be made on a per packet basis.
  • a very individual choice of selection of a further network by the network element is possible. This will result in a very high degree of network reliability for a network element.
  • the way of mapping a packet to a specific further network could be technology specific. Within a preferred embodiment the mapping of a packet to a specific further network could be based on VLAN (Virtual Local Area Network) tags or DiffServ Code points.
  • the concrete way of performing a packet marking could be negotiated between the network element and the controller.
  • a control element could be provided that grants access to multi-homing capability and allows a network element or an end-host to choose between multiple options of packet marking to make use of the multi-homing.
  • the network element could be required to authenticate upon contacting the controller. After authentication, the controller could reveal the multi-homing degree or functionality.
  • the controller could configure the one or more routers and/or switches for providing a functionality for the access of the network element to the one or more specific further networks based on the selection by the network element.
  • the controller basically can provide the basis for the inventive functionality within the multi-homed network or within the routers and/or switches.
  • the further networks could be provider networks which are responsible for the provision of the access of a network element to a specific application.
  • the further networks are not limited to provider networks.
  • OpenFlow technology could be used by the controller and the one or more routers and/or switches for providing the functionality necessary for the selection process by the network element. Further details with regard to OpenFlow technology are obtainable from OpenFlow, http://www.openflowswitch.org/.
  • a controller could make sure that only entries in the one or more routers and/or switches are set/unset that the network element is allowed to set/unset.
  • the controller also could expose the further networks or providers that are attached to the router and/or switch and how to access which further network or provider. This information could be retrieved from existing components in the multi- homed network, e.g. based on user or network element records.
  • the network element and/or the controller could set a switch table entry to specify on which information the router/switch should make a forwarding decision. This procedure will contribute to achieve a high degree of network reliability for the network element.
  • the present invention exposes a multi-homing degree of the multi-homed network to network elements or end hosts that are typically not multi-homed themselves. A mechanism is presented that allows single-homed network elements or end-hosts to make use of the multi-homing capability of the network they are attached to - this could be designated as proxy multi-homing.
  • the inventive solution could include security features by design and could allow to use various types of information to expose multi-homing.
  • the claimed invention is providing a solution that involves both network elements or end-hosts and operators of multi-homed networks, for example.
  • the present invention does not need a global, standardized set of fields in packets to be agreed upon, in other words the migration path is simpler and could be based only on bilateral agreements.
  • Multi-homing is exposed by the operator or site administrator not by all routers and/or switches in the network, that means that the amount of change needed - in comparison with conventional networks - is minimal and it only involves parties with a direct contractual agreement.
  • the method could use a policy and control interface that can be used to implement security, policy and access control, which is important in a real operational environment.
  • a multi-homed network can act as a proxy for network elements or end hosts by in effect making them multi-homed without the need to be directly multi-homed. This could be designated as proxy multi-homing.
  • a controller could manage the proxying process, so that network elements or end hosts could therefore receive benefits including but not limited to increased network reliability of the ability to use multi-path transport protocols.
  • the method presented here does not replicate effort in e.g. IP source routing but is versatile enough to make per packet decisions on different - configurable - sets of information, e.g. layer 2 (VLAN) or layer 3 (DiffServ code points).
  • the method is cooperative between user and network operator. This means that an operator can choose to offer this and a user can not use it without this explicit activation of the feature or functionality.
  • the security functions and policy could be built-in by design.
  • Fig. 1 is illustrating a first embodiment of a method and network according to the invention.
  • Fig. 2 is illustrating a second embodiment of a method and network according to the invention.
  • Fig. 1 is illustrating a first embodiment of a method and a network according to the invention.
  • a network element in the form of a host that is single-homed which is attached to a network that is multi-homed.
  • This could be e.g. an enterprise network, the network of a fixed line broadband provider or a mobile access network.
  • a network element - router/switch - that connects its own network or the multi-homed network to multiple other networks - provider A and provider B.
  • the dotted lines in the figure represent logical connections, the solid lines physical connections.
  • the controller needs to make the host aware of the degree of multi- homing and how to choose a certain provider on a per-packet basis. Conveying this information could be done e.g. via a new DHCP option or fixed during the contract negotiations or the controller can be found via a well-known FQDN (Fully Qualified Domain Name) and the controller might reveal this information. The details of this are outside the scope of this invention.
  • the way a packet is mapped to a certain provider is technology specific. E.g. it could be based on VLAN tags, DiffServ Code points or other information and it could be set by the end host and understood by the network element that is providing the functionality in the network.
  • the host in case the host wants control over the decision at the switch for any of the earlier mentioned reasons, i.e. make use of the multi-homing capability of the network, it connects to a controller which is the interface between the switch and hosts.
  • the host will contact the controller based on an FQDN which could be standardized or provided by the operator.
  • a host that contacts the controller might be required to authenticate - depending on the scenario this is highly likely -, e.g. using the operator-assigned username and password or others.
  • the controller After authentication, the controller will reveal the multi-homing degree. There could be more providers than the controller reveals but maybe the operator is not willing to expose those. This might be important for policy reasons or maybe to differentiate customers, i.e. certain providers are only exposed to certain customers, or different sets of providers are exposed to different customers for traffic engineering proposes by the operator.
  • the network element that acts as a multi-homing proxy is a switch.
  • the controller will reveal e.g. which port is used to forward frames to which provider.
  • the default case is that the switch makes a decision independent of the host. I.e. hosts that do not want to make active use of the multi-homing will leave the control to the operator.
  • the controller - owned by the operator - allows to set switching entries.
  • the switch can handle VLANs and the host can set VLAN tags, then the host could add an entry to the switch that frames with VLAN tag A from that host should go to provider A and with VLAN tag B to provider B. If the host prefers DiffServ code points - -
  • the controller can e.g. restrict the way a certain customer can do his multi-homing, e.g. to a limited set of switch entries, only using VLAN tag etc. After the host has done this, it can start to make use of the multi-homing by using the switch as a proxy and setting VLAN tags, respectively. In another case, the controller might simply reveal which VLAN tags are used, but this model has much weaker security implications and is far less flexible. These entries can also be revoked by this user. Here the security mechanisms mentioned before are important as otherwise arbitrary hosts can change arbitrary entries. The controller prevents this.
  • Fig. 2 is illustrating a second embodiment of a method and network according to the invention.
  • the operator has a different network topology where different network elements - routers/switches - connect to the two providers A and B, wherein within the first embodiment in Fig. 1 there was a single network element - router/switch - connected to the two providers A and B.
  • the method applied here is the same.
  • the host contacts the controller which allows the host to set switching table entries - preferably by means of the controller - in the switch.
  • the switch forwards the frames to the two routers accordingly which could make in turn independent decisions, e.g. there could be two providers B and C connected to the left router/switch instead of one.
  • the router could make decisions on its own on which one to choose.
  • this router/switch could also be connected to the controller in order to have even finer-grained control of access of the host to provider B or C.
  • OpenFlow technology can be used for implementation of the inventive method.
  • OpenFlow is an emerging technology that could be used to build a mechanism as described above as it comes with a switching and a controller component.
  • a host would access the controller which would require access control mechanisms.
  • the controller After authentication, the controller would make sure that only entries in the switch are set/unset that the user/host is allowed to set/unset.
  • the controller in this case also needs to expose the preferably preselected providers that are attached to the switch and how to access which provider. This could be retrieved from existing components in the operator network e.g. based on user records.
  • the user on the other hand can then set - preferably by means of the controller - a switch table entry to specify on which information the switch should make the forwarding decision. This can also be restricted by the operator based on policy.
  • the present invention can make a single-homed host being multi-homed via a proxy in a secure, controlled way.
  • the host can be allowed to choose a provider dynamically on a per packet basis using different technologies.
  • Policy constraints are allowed by the network operator to align the use of the providers or further networks with its own business strategy, e.g. to differentiate costumers or hosts or utilize providers or further networks to a certain degree.
  • the operator and user can cooperate.
  • the operator is allowed to restrict the user based on policy and within that framework the user optimizes the connectivity received by the provider.
  • the user receives a better service and the operator can even charge for it without much extra effort.
  • the whole Internet does not need to migrate. Only the user and the local operator can work together to receive benefit.
  • security can be built in as all interactions go over a controller component. With this component, the multi-homing will not be exposed to end hosts that cannot authenticate themselves at the controller.
  • the invention is also fairly technology independent. E.g. it does not rely on IPv6 such as SHIM6.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

For allowing a high degree of network reliability for network elements connected to multi-homed networks by simple means a method for operating a network, especially an IP (Internet Protocol) network, is claimed, wherein a network is multi-homed by a connection to at least two further networks and wherein a network element is connected to the multi-homed network for achieving access to at least one of the further networks. The method is characterized in that a controller which is able to communicate with the network element and the multi-homed network is managing the access of the network element to one or more specific further networks based on a selection by the network element. Further, an according network is claimed, preferably for carrying out the above mentioned method.

Description

A METHOD FOR OPERATING A NETWORK AND A NETWORK
The present invention relates to a method for operating a network, especially an IP (Internet Protocol) network, wherein a network is multi-homed by a connection to at least two further networks and wherein a network element is connected to the multi- homed network for achieving access to at least one of the further networks. Further, the present invention relates to a network, especially an IP (Internet Protocol) network, wherein a network is multi-homed by a connection to at least two further networks and wherein a network element is connected to the multi-homed network for achieving access to at least one of the further networks.
A growing number of networks today are multi-homed. This means that they are connected to two or more further networks or provider networks that offer connectivity to them. Network elements in the form of hosts, however, are usually single-homed, i.e. they are only connected to a single network. E.g. an enterprise network might have two providers but all hosts within that network are only directly connected to that single enterprise network. Or a DSL (Digital Subscriber Line) customer is only connected to one DSL provider.
Spreading traffic over multiple providers is a typical traffic engineering problem and is even today not always trivial. Typical means to do this include equal cost multi-path (ECMP), see for example RFC 2992, "Analysis of an Equal-Cost Multi-Path Algorithm", http://tools.ietf.org/html/rfc2992, or routing protocols that distribute traffic according to the destination address of IP packets. These decisions are not always to the benefit of end hosts in these networks that have no control over these traffic engineering processes. Imagine a network where traffic is sent to one of these providers and a connectivity problem exists somewhere on the path that affects traffic, e.g. a router or link failed or heavy congestion in parts of the network. This might not be propagated to the multi-homed network, e.g. the router and/or switch in that network, or the routing protocol might take minutes until an alternative route is found that reestablishes connectivity. This might also not affect all traffic to that provider or further network, so complete avoidance of the provider or further network will also not be an optimal solution. Hosts connected to the multi-homed network however immediately recognize the problem as it has, in contrast to the routers and/or switches, an end-to-end view of the connection. In these cases it would be beneficial if the host could somehow make the router and/or switch use a different provider/interface or further network. There are other reasons why a host might want to select a different router interface and/or switch, e.g. performance, multi-path capability, e.g. multi-path transport protocols such as multi-path TCP (Transmission Control Protocol), and the like. Further details of TCP are obtainable from "Architectural Guidelines for Multipath TCP Development", http://tools.ietf.org/html/draft-ford-mptcp-architecture. Again, today, a host has no direct control over these decisions.
The problem is that hosts in a site cannot choose the outgoing router interface or switch or more precisely the further network or provider through which their packets are sent in today's networks. This, however, would enable a number of useful applications and would allow a host to react to networking conditions in ways that routers or switches and other network infrastructure are unable to as only hosts truly have end-to-end visibility and can react to events in the network on much smaller time scales, usually in the order of one or a few round trip times. It might also be that the user or host has a certain preference for the further network or operator choice, which can be made explicitly this way. Whatever the reason is for choosing a further network or an operator, it is impossible today in a flexible manner on a per packet basis.
Certain solutions exist to solve parts of the problem. Typically, these can be divided into network-based and host-based solutions depending on where the functionality is implemented. Host-based solutions e.g. include SHIM6 that make communicating end hosts aware of the multiple addresses that are available to them. Further details with regard to SHIM6 are obtainable from RFC5533, Shim6: Level 3 Multihoming Shim Protocol for IPv6, http://tools.ietf.org/html/rfc5533. SHIM6 is bound to end-host multi-homing and the use of IPv6. Other solutions would be e.g. source routing. For security reasons source routing is not supported these days. It also limits the applicability of the solution as only IP address information can be for multi-homing.
Network-based solutions typically do traffic engineering on rather static sets of data. E.g. ECMP spreads traffic according to the 5-tuple of IP headers or routing protocols that split parts of the routing table differently and others. Usually there is no control by the end host to control this directly. There is also a proxy-SHIM6 solution that does not need changes on the end host. Further details with regard to proxy-SHIM 6 are obtainable from "Proxy Shim6 (P-Shim6)", http://www.shim6.org/draft-bagnulo- pshim6-01 .txt. A kind of path splicing that involves both end hosts and routers is explained within "Path Splicing, http://www.cc.gatech.edu/~feamster/papers/splicing- sigcomm2008.pdf.
It is an object of the present invention to improve and further develop a method for operating a network and an according network for allowing a high degree of network reliability for network elements connected to multi-homed networks by simple means.
In accordance with the invention, the aforementioned object is accomplished by a method comprising the features of claim 1 and a network comprising the features of claim 15.
According to claim 1 the method is characterized in that a controller which is able to communicate with the network element and the multi-homed network is managing the access of the network element to one or more specific further networks based on a selection by the network element.
According to claim 17 the network is characterized by a controller which is able to communicate with the network element and the multi-homed network and which is managing the access of the network element to one or more specific further networks based on a selection by the network element.
According to the invention it has been recognized that it is possible to allow a choice of a specific further network by a network element in a very simple way. In concrete terms a controller which is able to communicate with the network element and the multi-homed network is managing a respective access of the network element to one or more specific further networks. The managing process is depending on a selection by the network element which can make a decision to connect to a specific further network depending on individual parameters or application situations. Based on the end-to-end view of the network element a very fast change of a connection of the network element to a further network can be realized, if necessary.
Thus, a high degree of network reliability for network elements connected to multi- homed networks is allowable by simply using a managing controller.
Preferably, the network element could be a host, a home or enterprise gateway, a router or a modem.
In general, the controller can also communicate with devices other than a host, for example, a router, a home or enterprise gateway that provide Internet access for one or more network elements or hosts behind this device. An example is a home or enterprise router that connects a DSL modem or a cable modem with several hosts in a home or enterprise network. The network element may make use of the received multi-homing information by itself or pass it further to hosts or network elements behind it.
Preferably, the controller could be in connection with the network element and one or more routers and/or switches of the multi-homed network. Such routers and/or switches could be part of the multi-homed network for providing respective router interfaces or switch ports to further networks. The term connection means in a first aspect a logical connection between the controller and the network element and the controller and one or more routers and/or switches. However, in a second aspect such a connection could also be a physical connection by wires or a wireless connection.
Within the inventive method the network element can select a preferred specific further network on the basis of individual parameters. On the other side, the controller could offer a preselected set of different further networks to the network element for selection by the network element. In other words, the controller could be allowed to offer only one or more of generally available further networks. Such a preselection could be performed by an operator of the multi-homed network for offering only specific further networks to specific network elements, for example. With regard to a very effective selection process by the network element the controller could provide the network element with information how to select a specific further network. Alternatively or additionally the controller could provide the network element with a prioritization with regard to further networks. Thus, a very sophisticated selection and network allocation process could be realized.
The operator or controller may want to communicate to the network element a prioritization of the further networks to be used. For example, the cost of traffic can be different for different further networks. There may be other operational reasons for prioritization. A prioritization of further networks can be included in the information sent from the controller to the network element. Prioritization may be different for different network elements and different for different services or usage patterns. For example, one further network could be prioritized for voice traffic and another one for data traffic. Or a further network may preferably be used by privileged network elements only.
Preferably, conveying or providing this information or the offer or the prioritization to the network element could be done via a DHCP (Dynamic Host Configuration Protocol) option or PPP (Point-to-Point Protocol) or during contract or policy negotiations. The preferred conveying or providing process could be depending on the individual application or use case.
Generally, the selection by the network element could be made on a per packet basis. Thus, a very individual choice of selection of a further network by the network element is possible. This will result in a very high degree of network reliability for a network element.
The way of mapping a packet to a specific further network could be technology specific. Within a preferred embodiment the mapping of a packet to a specific further network could be based on VLAN (Virtual Local Area Network) tags or DiffServ Code points. The concrete way of performing a packet marking could be negotiated between the network element and the controller. In order to have access control and security implemented, a control element could be provided that grants access to multi-homing capability and allows a network element or an end-host to choose between multiple options of packet marking to make use of the multi-homing. With regard to a high level of security the network element could be required to authenticate upon contacting the controller. After authentication, the controller could reveal the multi-homing degree or functionality.
Within a preferred embodiment the controller could configure the one or more routers and/or switches for providing a functionality for the access of the network element to the one or more specific further networks based on the selection by the network element. By this feature the controller basically can provide the basis for the inventive functionality within the multi-homed network or within the routers and/or switches.
Generally, the further networks could be provider networks which are responsible for the provision of the access of a network element to a specific application. However, the further networks are not limited to provider networks.
Within a further preferred embodiment OpenFlow technology could be used by the controller and the one or more routers and/or switches for providing the functionality necessary for the selection process by the network element. Further details with regard to OpenFlow technology are obtainable from OpenFlow, http://www.openflowswitch.org/.
Preferably, a controller could make sure that only entries in the one or more routers and/or switches are set/unset that the network element is allowed to set/unset. In this case, the controller also could expose the further networks or providers that are attached to the router and/or switch and how to access which further network or provider. This information could be retrieved from existing components in the multi- homed network, e.g. based on user or network element records.
Within a further preferred embodiment the network element and/or the controller could set a switch table entry to specify on which information the router/switch should make a forwarding decision. This procedure will contribute to achieve a high degree of network reliability for the network element. The present invention exposes a multi-homing degree of the multi-homed network to network elements or end hosts that are typically not multi-homed themselves. A mechanism is presented that allows single-homed network elements or end-hosts to make use of the multi-homing capability of the network they are attached to - this could be designated as proxy multi-homing.
The inventive solution could include security features by design and could allow to use various types of information to expose multi-homing. The claimed invention is providing a solution that involves both network elements or end-hosts and operators of multi-homed networks, for example.
The present invention does not need a global, standardized set of fields in packets to be agreed upon, in other words the migration path is simpler and could be based only on bilateral agreements. Multi-homing is exposed by the operator or site administrator not by all routers and/or switches in the network, that means that the amount of change needed - in comparison with conventional networks - is minimal and it only involves parties with a direct contractual agreement. Further, the method could use a policy and control interface that can be used to implement security, policy and access control, which is important in a real operational environment.
Based on the present invention a multi-homed network can act as a proxy for network elements or end hosts by in effect making them multi-homed without the need to be directly multi-homed. This could be designated as proxy multi-homing.
A controller could manage the proxying process, so that network elements or end hosts could therefore receive benefits including but not limited to increased network reliability of the ability to use multi-path transport protocols.
The method presented here does not replicate effort in e.g. IP source routing but is versatile enough to make per packet decisions on different - configurable - sets of information, e.g. layer 2 (VLAN) or layer 3 (DiffServ code points). The method is cooperative between user and network operator. This means that an operator can choose to offer this and a user can not use it without this explicit activation of the feature or functionality. The security functions and policy could be built-in by design.
There are several ways how to design and further develop the teaching of the present invention in an advantageous way. To this end, it is to be referred to the patent claims subordinate to patent claim 1 on the one hand, and to the following explanation of preferred examples of embodiments of the invention, illustrated by the drawing on the other hand. In connection with the explanation of preferred embodiments of the invention by the aid of the drawing, generally preferred embodiments and further developments of the teaching will be explained. In the drawing
Fig. 1 is illustrating a first embodiment of a method and network according to the invention and
Fig. 2 is illustrating a second embodiment of a method and network according to the invention.
Fig. 1 is illustrating a first embodiment of a method and a network according to the invention. Consider a network element in the form of a host that is single-homed which is attached to a network that is multi-homed. This could be e.g. an enterprise network, the network of a fixed line broadband provider or a mobile access network. In Fig. 1 such an operator or multi-homed network has one network element - router/switch - that connects its own network or the multi-homed network to multiple other networks - provider A and provider B. The dotted lines in the figure represent logical connections, the solid lines physical connections.
As a first step, the controller needs to make the host aware of the degree of multi- homing and how to choose a certain provider on a per-packet basis. Conveying this information could be done e.g. via a new DHCP option or fixed during the contract negotiations or the controller can be found via a well-known FQDN (Fully Qualified Domain Name) and the controller might reveal this information. The details of this are outside the scope of this invention. The way a packet is mapped to a certain provider is technology specific. E.g. it could be based on VLAN tags, DiffServ Code points or other information and it could be set by the end host and understood by the network element that is providing the functionality in the network. In order to have access control and security implemented, a control element is needed that grants access to multi-homing capability and allows an end-host to choose between multiple options of packet marking to make use of the multi-homing. Without the loss of generality, we will describe the method now with DiffServ Code points and a well-known FQDN as a method to find the controller which conveys the necessary information to the end host. The controller is described on a functional level.
In the scenario depicted in Fig. 1 , in case the host wants control over the decision at the switch for any of the earlier mentioned reasons, i.e. make use of the multi-homing capability of the network, it connects to a controller which is the interface between the switch and hosts. The host will contact the controller based on an FQDN which could be standardized or provided by the operator. A host that contacts the controller might be required to authenticate - depending on the scenario this is highly likely -, e.g. using the operator-assigned username and password or others. After authentication, the controller will reveal the multi-homing degree. There could be more providers than the controller reveals but maybe the operator is not willing to expose those. This might be important for policy reasons or maybe to differentiate customers, i.e. certain providers are only exposed to certain customers, or different sets of providers are exposed to different customers for traffic engineering proposes by the operator.
It is assumed for now that the network element that acts as a multi-homing proxy is a switch. The controller will reveal e.g. which port is used to forward frames to which provider. The default case is that the switch makes a decision independent of the host. I.e. hosts that do not want to make active use of the multi-homing will leave the control to the operator.
The controller - owned by the operator - allows to set switching entries. E.g. in case the switch can handle VLANs and the host can set VLAN tags, then the host could add an entry to the switch that frames with VLAN tag A from that host should go to provider A and with VLAN tag B to provider B. If the host prefers DiffServ code points - -
and the switch understands these it could do the same with DiffServ code points. The specifics depend on the technology used and policy by the operator. The controller can e.g. restrict the way a certain customer can do his multi-homing, e.g. to a limited set of switch entries, only using VLAN tag etc. After the host has done this, it can start to make use of the multi-homing by using the switch as a proxy and setting VLAN tags, respectively. In another case, the controller might simply reveal which VLAN tags are used, but this model has much weaker security implications and is far less flexible. These entries can also be revoked by this user. Here the security mechanisms mentioned before are important as otherwise arbitrary hosts can change arbitrary entries. The controller prevents this.
Fig. 2 is illustrating a second embodiment of a method and network according to the invention. Here the operator has a different network topology where different network elements - routers/switches - connect to the two providers A and B, wherein within the first embodiment in Fig. 1 there was a single network element - router/switch - connected to the two providers A and B. The method applied here is the same. The host contacts the controller which allows the host to set switching table entries - preferably by means of the controller - in the switch. The switch forwards the frames to the two routers accordingly which could make in turn independent decisions, e.g. there could be two providers B and C connected to the left router/switch instead of one. The router could make decisions on its own on which one to choose. Alternatively, this router/switch could also be connected to the controller in order to have even finer-grained control of access of the host to provider B or C.
As an exemplary embodiment OpenFlow technology can be used for implementation of the inventive method. OpenFlow is an emerging technology that could be used to build a mechanism as described above as it comes with a switching and a controller component. A host would access the controller which would require access control mechanisms. After authentication, the controller would make sure that only entries in the switch are set/unset that the user/host is allowed to set/unset. The controller in this case also needs to expose the preferably preselected providers that are attached to the switch and how to access which provider. This could be retrieved from existing components in the operator network e.g. based on user records. The user on the other hand can then set - preferably by means of the controller - a switch table entry to specify on which information the switch should make the forwarding decision. This can also be restricted by the operator based on policy.
The present invention can make a single-homed host being multi-homed via a proxy in a secure, controlled way. The host can be allowed to choose a provider dynamically on a per packet basis using different technologies. Policy constraints are allowed by the network operator to align the use of the providers or further networks with its own business strategy, e.g. to differentiate costumers or hosts or utilize providers or further networks to a certain degree.
As an advantage both, the operator and user can cooperate. The operator is allowed to restrict the user based on policy and within that framework the user optimizes the connectivity received by the provider. The user receives a better service and the operator can even charge for it without much extra effort. Also the whole Internet does not need to migrate. Only the user and the local operator can work together to receive benefit. Additionally, security can be built in as all interactions go over a controller component. With this component, the multi-homing will not be exposed to end hosts that cannot authenticate themselves at the controller. A feature that is important in operational networks. The invention is also fairly technology independent. E.g. it does not rely on IPv6 such as SHIM6.
Many modifications and other embodiments of the invention set forth herein will come to mind the one skilled in the art to which the invention pertains having the benefit of the teachings presented in the foregoing description and the associated drawings. Therefore, it is to be understood that the invention is not to be limited to the specific embodiments disclosed and that modifications and other embodiments are intended to be included within the scope of the appended claims. Although specific terms are employed herein, they are used in a generic and descriptive sense only and not for purposes of limitation.

Claims

C l a i m s
1 . A method for operating a network, especially an IP (Internet Protocol) network, wherein a network is multi-homed by a connection to at least two further networks and wherein a network element is connected to the multi-homed network for achieving access to at least one of the further networks,
c h a r a c t e r i z e d in that a controller which is able to communicate with the network element and the multi-homed network is managing the access of the network element to one or more specific further networks based on a selection by the network element.
2. A method according to claim 1 , wherein the network element is a host, a home or enterprise gateway, a router or a modem.
3. A method according to claim 1 or 2, wherein the controller is in connection with the network element and one or more routers and/or switches of the multi-homed network.
4. A method according to one of claims 1 to 3, wherein the controller is offering a peselected set of different further networks to the network element for selection by the network element.
5. A method according to one of claims 1 to 4, wherein the controller is providing the network element with information how to select a specific further network.
6. A method according to one of claims 1 to 5, wherein the controller is providing the network element with a prioritization with regard to further networks.
7. A method according to one of claims 4 to 6, wherein conveying or providing this information or the offer or the prioritization to the network element will be done via a DHCP (Dynamic Host Configuration Protocol) option or PPP (Point-to-Point Protocol) or during contract or policy negotiations.
8. A method according to one of claims 1 to 7, wherein the selection by the network element is made on a per packet basis.
9. A method according to claim 8, wherein the mapping of a packet to a specific further network will be based on VLAN (Virtual Local Area Network) tags or DiffServ Code points.
10. A method according to claim 8 or 9, wherein the way of performing a packet marking will be negotiated between the network element and the controller.
1 1 . A method according to one of claims 1 to 10, wherein the network element will be required to authenticate upon contacting the controller.
12. A method according to one of claims 3 to 1 1 , wherein the controller will configure the one or more routers and/or switches for providing a functionality for the access of the network element to the one or more specific further networks based on the selection by the network element. 3. A method according to one of claims 1 to 12, wherein the further networks are provider networks.
14. A method according to one of claims 3 to 13, wherein OpenFlow technology is used by the controller and the one or more routers and/or switches.
15. A method according to one of claims 3 to 14, wherein the controller makes sure that only entries in the one or more routers and/or switches are set/unset that the network element is allowed to set/unset.
16. A method according to one of claims 3 to 15, wherein the network element and/or the controller sets a switch table entry to specify on which information the router/switch should make a forwarding decision.
17. A network, especially an IP (Internet Protocol) network, preferably for carrying out the method according to any one of claims 1 to 16, wherein a network is multi- homed by a connection to at least two further networks and wherein a network element is connected to the multi-homed network for achieving access to at least one of the further networks,
c h a r a c t e r i z e d by a controller which is able to communicate with the network element and the multi-homed network and which is managing the access of the network element to one or more specific further networks based on a selection by the network element.
PCT/EP2010/001744 2010-03-19 2010-03-19 A method for operating a network and a network WO2011113451A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/EP2010/001744 WO2011113451A1 (en) 2010-03-19 2010-03-19 A method for operating a network and a network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/EP2010/001744 WO2011113451A1 (en) 2010-03-19 2010-03-19 A method for operating a network and a network

Publications (1)

Publication Number Publication Date
WO2011113451A1 true WO2011113451A1 (en) 2011-09-22

Family

ID=42989281

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2010/001744 WO2011113451A1 (en) 2010-03-19 2010-03-19 A method for operating a network and a network

Country Status (1)

Country Link
WO (1) WO2011113451A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103152264A (en) * 2013-02-25 2013-06-12 北京百度网讯科技有限公司 Openflow network and IP (Internet Protocol) network interconnection communication method and openflow subnet edge switch
CN103731929A (en) * 2012-10-11 2014-04-16 中兴通讯股份有限公司 Bearing managing method and device and system
CN105681191A (en) * 2016-02-25 2016-06-15 武汉烽火网络有限责任公司 SDN (Software Defined Network) platform based on router virtualization and implementation method

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2353434A (en) * 1999-05-27 2001-02-21 Samsung Electronics Co Ltd Method for selecting and controlling connection with internet service provider
US20030005148A1 (en) * 2001-06-29 2003-01-02 Misato Mochizuki Assistant server and path connection control method for service provider's network

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2353434A (en) * 1999-05-27 2001-02-21 Samsung Electronics Co Ltd Method for selecting and controlling connection with internet service provider
US20030005148A1 (en) * 2001-06-29 2003-01-02 Misato Mochizuki Assistant server and path connection control method for service provider's network

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
NAKAMURA M ET AL: "A pricing and accounting architecture for QoS guaranteed services on a multi-domain network", 19991205; 19991205 - 19991209, vol. 3, 5 December 1999 (1999-12-05), pages 1984 - 1988, XP010373761 *

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103731929A (en) * 2012-10-11 2014-04-16 中兴通讯股份有限公司 Bearing managing method and device and system
WO2014056450A1 (en) * 2012-10-11 2014-04-17 中兴通讯股份有限公司 Bearer management method, device and system
CN103731929B (en) * 2012-10-11 2019-03-15 中兴通讯股份有限公司 Load bearing management method, apparatus and system
CN103152264A (en) * 2013-02-25 2013-06-12 北京百度网讯科技有限公司 Openflow network and IP (Internet Protocol) network interconnection communication method and openflow subnet edge switch
CN105681191A (en) * 2016-02-25 2016-06-15 武汉烽火网络有限责任公司 SDN (Software Defined Network) platform based on router virtualization and implementation method
CN105681191B (en) * 2016-02-25 2019-04-30 烽火通信科技股份有限公司 SDN platform and implementation method based on router virtual

Similar Documents

Publication Publication Date Title
EP3529953B1 (en) Elastic vpn that bridges remote islands
US10999094B2 (en) Title-enabled networking
US9647937B1 (en) Policy control using software defined network (SDN) protocol
JP6073338B2 (en) Architecture for virtualized home IP service delivery
EP1790127B1 (en) Methods of and systems for remote outbound control
CN101006707B (en) Method for switching Ip packets between client networks and Ip provider networks by means of an access network
US11317272B2 (en) Method and system for enabling broadband roaming services
US20060056420A1 (en) Communication apparatus selecting a source address
Nagarajan Generic requirements for provider provisioned virtual private networks (PPVPN)
US8189481B2 (en) QoS-based routing for CE-based VPN
KR20070118535A (en) Method of transferring data between a sending station in a first network and a receiving station in a second network, and apparatus for controlling the communication between the sending station in the first network and the receiving station in the second network
Wu et al. YANG data model for L3VPN service delivery
Kind et al. Splitarchitecture: Applying the software defined networking concept to carrier networks
WO2011113451A1 (en) A method for operating a network and a network
JP2004048340A (en) System for controlling access / connection quality to wide area computer communication network
Cisco Glossary
Cisco Glossary
Cisco Glossary
Cisco Glossary
Cisco Glossary
Cisco Glossary
Cisco Glossary
Cisco Glossary
Cisco Glossary
Atkinson et al. Site-controlled secure multi-homing and traffic engineering for IP

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 10712895

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 10712895

Country of ref document: EP

Kind code of ref document: A1