A virtual private network (VPN) can be broadly defined as a “restricted communication between a set of sites, making use of a backbone that is shared with other traffic not belonging to that communication” (Carugi & De Clercq, 2004, p.116). Since the late nineties, with pervasive deployment of the Internet protocol (IP) technology in corporate networks, IP-based VPNs, in several forms and based on different network technologies, have become a promising solution for a wide range of corporate network services.
Key Terms in this Chapter
QoS Routing: A routing mechanism that encompasses finding and selection of cost-effective paths for IP traffic flows that may assure the required QoS level relying on the information of network resource availability.
Differentiated Services (DiffServ): A scalable IP QoS architecture, which assumes marking and grouping of incoming packets with similar QoS requirements to the same traffic aggregate (class), which is then processed in the same manner at the network nodes.
Virtual private network (VPN): A service that enables restricted communication between a set of sites, making use of a backbone that is shared with other traffic not belonging to that communication.
VPN Forwarding Instance (VFI): A logical entity which resides in a PE router that includes the router information base and forwarding information base for a VPN instance.
VPN Broker: A logical per-domain software agent that is responsible for monitoring and management of the service specified in VPN SLA, admission control and network resource management
Multi-Protocol Label Switching (MPLS): A standards-approved technology that integrates a scheme for label swapping/tagging with layer 3 routing. The purpose of label swapping is to improve performance of layer 3 routing in the switched network environment. In addition to moving traffic faster overall, MPLS makes it easier to manage a network for QoS.
Provider Provisioned VPN (PPVPN): An IP VPN approach which assumes that service provider is responsible for management of VPN service. PPVPNs can be classified to CE (customer edge) based and PE (provider edge) based. PE-based PPVPNs are further distinguished as PE-based L2 VPNs, which offer layer 2 services, and PE-based L3 VPNs, which offer layer 3 services.
IP Security (IPsec): A set of opened IETF standards that provide cryptographic security mechanisms for IP packets.
Service Level Agreement (SLA): A contract between the service provider and the customer, which defines QoS guarantees, performance metrics, measurement methods, tariffs and billing principles, and penalties for the customer and the provider in the case of contract violation.
Traffic Engineering: An aspect of IP network engineering and exploitation, which deals with requirements for network performance analysis, evaluation and optimization.