Configuration of Protected Virtual Private Networks Markosz Maliosz, Tibor Cinkler {Maliosz, Cinkler}@ttt-atm.bme.hu Department of Telecommunications and Telematics Budapest University of Technology and Economics Pázmány Péter sétány 1/D, Budapest 1117, Hungary Abstract The route configuration of Virtual Private Networks (VPNs) over a given physical network is addressed considering the protection. We analyze protection at two different layers, first when the operator protects the virtual links of the VPN and second when the protection is done within the VPN. The problem is formulated as a general model without specializing to any particular network type, however the proposed methods can be used for various SDH, ATM, IP, MPLS and WR-DWDM Networks. The service demands of VPNs are characterized by the bandwidth requirements of node-pairs. Given the capacity matrix of the physical network and the traffic demand matrices of the VPNs, the protected VPN configuration is sought which minimizes the number of links used by the VPNs, and results in global optimum. Numerical results from calculations on sample networks show the properties of the protection at different layers. Introduction Virtual Private Networks have been increasingly wide-spread and used recently. More and more users require privacy and QoS guarantees over the public network infrastructure. Virtual Private Networks support the communication requirements of a closed group of users with special handling of privacy and security. The typical application of VPNs is remote access for joint project workers, or for a home user to access the company intranet. Privacy and security is handled by the upper communication layers, however the planning of the Virtual Private Networks over a physical network is a key question considering the operating costs. To ensure reliability the design must be prepared for failures. Therefore, the VPNs will have redundancy, a working and a protection path will be spanned between the node pairs. The route determination of the VPNs obeying link capacity constraints must be optimized considering the requirements for the protection. VPNs share the link bandwidth and the node resources among each other but the idea has several advantages. We do not have to build our own physical private network, only configure VPNs that reduces costs. When a VPN is inactive other VPNs can use its physical resources, and even in contrast to physical links, the VPNs can be simply reconfigured. The secure data transfer among the VPNs is provided by encryption of the communication. VPNs can be applied to different network architectures, e.g. to ATM or IP or to Multi-Service Networks. A VPN-Diffserv solution is proposed in [1]. Our model deals with static bandwidth demands and analyzes the protection methods. In [2] there are also static demands considered, the paper plans to embed a VPN into a larger network while we place multiple VPNs at the same time into the network. In [3] dynamic relations are in scope with capacity resizing and stochastic fair sharing, but without protection. The resource allocation in conjunction with the routing design has been analyzed in [4,5,6] over multi-service networks with QoS constraints. Various tools are used like asymptotic approximations to reduce the complexity of the numerical calculations, multiplexing inside a VPN and introducing priorities between the traffic classes. Network dimensioning is addressed in [7] and the methodology is presented for determining the sizes of VPNs. In our framework multiple VPNs exist over the same physical network. The data paths can be protected at link layer and at VPN layer. The link layer protection means that each traffic demand between node pairs belonging to a VPN will have two paths reserved, both of them within that VPN. These two paths should be either link disjoint, if we want to protect our services against link failures, or node disjoint, if we want protection against node failures as well. The protection at VPN layer means that the links that form the VPN (the virtual links) will be protected and not each traffic demand, i.e. there will be a working VPN skeleton and