Auto-Configuration Method of Provisioning System for Internet VPNs

Kenji HORI  Kiyohito YOSHIHARA  Hiroki HORIUCHI  

Publication
IEICE TRANSACTIONS on Communications   Vol.E89-B    No.9    pp.2424-2433
Publication Date: 2006/09/01
Online ISSN: 1745-1345
DOI: 10.1093/ietcom/e89-b.9.2424
Print ISSN: 0916-8516
Type of Manuscript: Special Section PAPER (Special Section on Networking Technologies for Overlay Networks)
Category: 
Keyword: 
VPN,  DHCP,  configuration management,  

Full Text: PDF(1.1MB)>>
Buy this Article



Summary: 
Internet Virtual Private Networks (VPNs) across geographically distributed users' networks are ideal for ad-hoc group activities, such as online gaming, over the Internet. However, users find it difficult to determine and set the configurations of the VPN routers and hosts rapidly enough for ad-hoc usage, due to the need for consistency of such configurations over the users' networks. Moreover, the number of operators is insufficient to help all users. Hence, the automatic determination and setting of such configurations from the management server is desirable. Existing auto-configuration methods are insufficient for ad-hoc usage because they cannot rapidly determine and set the hosts' configurations to be consistent with the VPN and user's network they are joining. To enable ad-hoc creation of and joining to a VPN by the users themselves, we propose a new method that utilizes the Dynamic Host Configuration Protocol (DHCP), which can automatically set the configurations of many existing hosts. The DHCP server's and relay agents' configurations are automatically determined and set by the VPN management server, based on the user request, so that the hosts can be auto-configured to be consistent with the VPN and the user's network they are joining, from the DHCP server via the autoconfigured DHCP relay agents. To evaluate the time overhead of our proposed method, we implemented a test bed, including 10 VPN routers, a VPN management server, and a DHCP server. In this evaluation, the DHCP server is auto-configured for each new VPN in less than 1 second, and the DHCP relay agents on the VPN routers are auto-configured in less than 5 percent of the total time for configuring the VPN routers, regardless of the total number of the VPN routers in a VPN. These results show that the proposed method can auto-configure the VPN routers and hosts simultaneously with the DHCP, while ensuring sufficient rapidity of the entire auto-configuration operation for ad-hoc usage.