ePrints@IIScePrints@IISc Home | About | Browse | Latest Additions | Advanced Search | Contact | Help

A Heuristic Approach to Detect MPLS L3 VPN Misconfiguration in Multi-Homed Multi-VRF Site-Redundant CE Environments

Ojha, PD and Hansdah, RC (2021) A Heuristic Approach to Detect MPLS L3 VPN Misconfiguration in Multi-Homed Multi-VRF Site-Redundant CE Environments. In: IEEE Transactions on Network and Service Management, 18 (2). pp. 2294-2307.

[img] PDF
IEEE_tra_net_ser_18-2_2294-2307_2021.pdf - Published Version
Restricted to Registered users only
Download (1MB) | Request a copy
Official URL: https://doi.org/10.1109/TNSM.2020.3009301

Abstract

MPLS L3 VPNs are often configured manually and are prone to errors. Misconfigured VPNs violate customer's privacy and security. With the advent of the Multi-VRF (VRF-Lite) feature on the CE, it is now possible to support two or more routing domains on a single CE. Customers can also add more CE devices in redundant configurations having multi-homed connections to service providers' PE routers for enhanced reliability and high availability of MPLS L3 VPNs. This scenario adds more complexity increasing the reasonable probability of misconfiguration. MINA algorithm can detect errors in the MPLS infrastructure without the cooperation of the service providers. However, the MINA algorithm works for single-homed CE configured for a single VRF per CE. In this paper, we extend the MINA algorithm using a heuristic-based approach to detect misconfiguration in the MPLS infrastructure connected to Multi-VRF, Multi-homed, site-redundant CE environments. We effectively utilize both control-plane and data-plane information to demonstrate the detection of one-way and discovery of two-way RT (Route Targets) misconfiguration. The heuristic method can further detect the probable location/site and pinpoint the shared CE-customer affected by this misconfiguration.

Item Type: Journal Article
Publication: IEEE Transactions on Network and Service Management
Publisher: Institute of Electrical and Electronics Engineers Inc.
Additional Information: The copyright for this article belongs to the Institute of Electrical and Electronics Engineers Inc.
Keywords: MPLS L3 VPN operation & management; mPLS L3 VPN privacy; multi-VRF CE security & privacy
Department/Centre: Division of Electrical Sciences > Computer Science & Automation
Date Deposited: 29 Nov 2023 10:40
Last Modified: 29 Nov 2023 10:40
URI: https://eprints.iisc.ac.in/id/eprint/82972

Actions (login required)

View Item View Item
Powered by EPrints A service from The J.R.D. Tata Memorial Library Indian Institute of Science, Bengaluru-560012, India