[an error occurred while processing this directive]
The QuINE project made use of intelligent network elements providing more flexible network management mechanisms allowing the network provider to offer additional services. In particular, QoS support based on Differentiated Services and various multicast mechanisms should be provided.
A Java based central policy server approach was implemented using COPS (Common Open Policy Service) for the communication inside the network. The security of an earlier version of the software was improved in order to detect situations in which two different users submit the same authentication information.
Evaluations have shown that a central instance for policy control can represent a bottleneck in terms of performance. Thus, a new concept for flexible service establishment has been developed. In this concept, most of the configuration decisions are done inside the network by active components. Only the decisions that need a global network view are performed by a central entity. The concept addresses security as well, by controlling the authenticity of the information and the authorization of the user.
Another activity within the Quine project has been the further extension of the Virtual Router platform as well as the development and implementation of a Java based Active Router (JVAR) with a special focus on video processing and signaling. The systems allow to react on network events, either by signaling event occurrence to a central management station, or by automatically triggering certain actions to cope with the new situation. Standard services like adaptation of video coding, automatic configuration of encryption and compression mechanisms have been implemented. The system is able to establish tunnels dynamically and therefore allows to route traffic on specific paths through the network. Besides load balancing this mechanism also allows to create security services like splitting of a single data stream and transporting its parts along different paths. This prevents suspicious nodes to monitor the complete data flow and, combined with proper coding, increases security with low overhead. The implementation is very flexible and provides a set of standard services as well as a framework for service creation. The framework especially enforces the implementation of proof classes for each new service, which allows to test new elements before installing them into the network, and therefore increasing the stability of the whole system. The JVAR system has been implemented and can be used without significant modifications on top of Virtual Routers as well as on standard Linux routers. A simple interface between the active elements and the router allows the quick adaptation to different router platforms. Since the performance of Java is rather limited, only certain transcoding tasks may be accomplished within the JVAR itself, while for more complex tasks external, native libraries have to be used, which are supported by the JVAR platform. Especially on a Virtual Router infrastructure with multiple routers and JVARs on a single host, the performance is of course an issue, since the computer has not only to cope with the load of Virtual Routers and their communication, but also with resource consumption of the active elements. However, even a scenario with multiple active routers is sufficient for small experiments, low packet rates or if the scenario is mainly used for monitoring and management tasks, which cause less processing load.
Title: | QoS Support for the Internet based on Intelligent Network Elements(QuINE) |
Research Staff: | Florian Baumgartner, Roland Balmer, Marc Brogle, Dragan Milic |
Funding: | Swiss National Foundation Project No. 2000-06624.01/1 |