论文信息 - Scalable overlay network deployment for dynamic collaborative groups

Scalable overlay network deployment for dynamic collaborative groups

Scalable deployment and management of overlay networks for collaborative groups with dynamic membership are discussed. In deploying overlay networks for such dynamic groups, unlike in pre-defined static VPN deployment, a mechanism to keep security policies in member nodes updated for membership changes and a mechanism to adaptively reconfigure a topology must be supported. However, previous approaches have scalability problems in supporting these mechanisms. We propose a scalable overlay network deployment scheme to minimize the impact of membership changes. In the scheme, the IPsec policy required for delivering packets to a destination node is resolved on an on-demand basis to eliminate the advertisement-based updates of membership changes. Our approach also provides two modes of overlay topology operation to address dynamic changes in the number of nodes. While the mesh mode eliminates a tunnel initiation/teardown behavior for membership changes, the graph mode creates a graph-structured topology reconfigurable with a constant number of initiated/torn-down tunnels for node joins/leaves. We evaluate a management server load on dynamic membership changes and show the efficient performance of our scheme for increasing the number of nodes. We also show that our topology reconfiguration algorithm provides a smaller number of initiated/torn-down tunnels for changes in the number of nodes than previous approaches.

Norihito Fujita | Akira Tsukamoto | Yuichi Ishikawa | Toshio Koide

[1] Amin Vahdat,et al. Detour: a Case for Informed Internet Routing and Transport , 2007 .

[2] David R. Karger,et al. Koorde: A Simple Degree-Optimal Distributed Hash Table , 2003, IPTPS.

[3] David R. Karger,et al. Chord: A scalable peer-to-peer lookup service for internet applications , 2001, SIGCOMM '01.

[4] Amin Vahdat,et al. Detour: informed Internet routing and transport , 1999, IEEE Micro.

[5] Kenneth P. Birman,et al. Dynamic Virtual Private Networks , 1997 .

[6] Mark Handley,et al. A scalable content-addressable network , 2001, SIGCOMM '01.

[7] Randall J. Atkinson,et al. IP Encapsulating Security Payload (ESP) , 1995, RFC.

[8] David Kosiur. Building and Managing Virtual Private Networks , 1998 .

[9] Antonio F. Gómez-Skarmeta,et al. New security services based on PKI , 2003, Future Gener. Comput. Syst..

[10] Pierre Fraigniaud,et al. Brief announcement: an overview of the content-addressable network D2B , 2003, PODC '03.

[11] Hari Balakrishnan,et al. Resilient overlay networks , 2001, SOSP.

[12] Joseph D. Touch,et al. Dynamic Internet overlay deployment and management using the X-Bone , 2000, Proceedings 2000 International Conference on Network Protocols.

[13] Dmitri Loguinov,et al. Graph-theoretic analysis of structured peer-to-peer systems: routing distances and fault resilience , 2003, IEEE/ACM Transactions on Networking.