DOCSLIB.ORG

Inter-Operator IP Backbone Security Requirements for Service Providers and Inter-Operator IP Backbone Providers 2.1 03 Dec 2009

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Inter-Operator IP Backbone Security Requirements for Service Providers and Inter-Operator IP Backbone Providers 2.1 03 Dec 2009 GSM Association Official Document IR.77 Inter-Operator IP Backbone Security Requirements For Service Providers and Inter-operator IP backbone Providers 2.1 03 Dec 2009 This is a non-binding permanent reference document of the GSM Association. Security Classification – NON-CONFIDENTIAL GSMA Material Copyright Notice Copyright © 2010 GSM Association Antitrust Notice The information contain herein is in full compliance with the GSM Association’s antitrust compliance policy. Page 1 of 18 GSM Association Official Document IR.77 Table of Contents 1 INTRODUCTION ......................................................................................3 1.1 Overview .............................................................................................3 1.2 End-to-End security ............................................................................3 1.3 Scope ..................................................................................................3 1.4 Definition of Terms ..............................................................................4 1.5 Document Cross-References ..............................................................6 2 General terms and principles for security ............................................7 2.1 General Security Principles .................................................................7 2.1.1 Continuous Availability and Operability ...............................................7 2.1.2 Data Integrity .......................................................................................7 2.1.3 Confidentiality .....................................................................................7 2.1.4 Fraud Management .............................................................................8 3 Inter-operator IP Backbone Security Rules ..........................................8 3.1 Route and Packet Filtering ..................................................................8 3.2 Inter-Operator IP Backbone Virtual Private Network (VPN) Isolation ..9 3.3 Public Internet Isolation .......................................................................9 3.3.1 Local Tail over Internet .......................................................................9 3.4 Tunnels .............................................................................................10 3.5 Device access control .......................................................................10 3.5.1 Protocol Restrictions .........................................................................11 4 Peering security rules ..........................................................................11 4.1 Peering types ....................................................................................11 4.2 Peering environment security ............................................................12 4.3 Route advertisement over peering ....................................................12 5 Security rules for Service Provider connecting to Inter-Operator Backbone ........................................................................................................12 5.1 Network Access ................................................................................12 5.2 Tunnels .............................................................................................12 5.2.1 Explicit Traffic Filtering ......................................................................13 5.2.2 Protection of Customer’s Network .....................................................13 5.3 IP addressing and routing .................................................................13 6 Encryption and IPsec ...........................................................................13 7 Conclusion and recommendation .......................................................14 Annex A ..........................................................................................................15 Security Code of Conduct .............................................................................15 Intra-Inter-Operator IP Backbone Security Measures ...................................15 Inter-Inter-Operator IP Backbone Security Measures ...................................16 Configuration: ..............................................................................................16 Transit Traffic ...............................................................................................17 DOCUMENT MANAGEMENT .........................................................................18 Page 2 of 18 GSM Association Official Document IR.77 1 INTRODUCTION 1.1 Overview The need to define an adequate level of security is critical and this document sets out how this can be achieved. This document together with the Permanent Reference Document (PRD) IR.34 [1] describes a set of common guidelines of an Inter Service Provider IP Backbone to achieve an adequate security level. PRD IR.34 gives an overall description of the Inter-Operator IP backbone environment. This document concentrates providing the detailed security requirements for Inter-Operator backbone Providers and Service Providers connecting to the Inter-Operator IP Backbone. These requirements are necessary for both security and to provide a quality service together with interworking, under all conditions. 1.2 End-to-End security An overriding need for ”end to end security” of operator services is acknowledged, but the security chain includes a number of distinct security elements that can be summarised as follows. The security of: • Subscriber profile data and user terminals • Radio infrastructure elements and communication • Service Provider networks, including gateways to external Public Data Networks (PDNs) or other IP networks such as the Internet. • Inter-Operator IP Backbone network • Various different Inter-Operator IP Backbones • Service Provider backbone networks • Service Provider and Inter-Operator IP Backbone connection 1.3 Scope The document gives guidelines to Service Providers to enable enhancement of their own network security. This document concentrates on IP layer security in Inter-Service Provider IP Backbone networks and associated peering points. Security issues at the Service Provider level are covered if those are provided via a direct link to achieve the aims of a secure and quality orientated, interworking network between Service Providers. This paper therefore focuses on the following key topics: • Internal security of Inter-Operator IP Backbone network • Security between the various Inter-Operator IP Backbones • Security in Service Provider backbone networks when it is related to Inter-Operator IP backbone. • Security between an Service Provider and the Inter-Operator IP Backbone • Proposed tasks for Service Providers and Inter-Operator IP Backbone providers to ensure continuous security in an Inter-Operator IP backbone environment. Page 3 of 18 GSM Association Official Document IR.77 • Security of data encryption (Internet Protocol Security (IPsec)) if it is needed for network level security. • Tunnels, when those are needed to hide network from end-users Out of scope is User Terminal security and radio link network security are not in scope of the present document. 1.4 Definition of Terms AS In the Internet model, an Autonomous System (AS) is a network segment that consists of a collection of sub-networks (with hosts interconnected by a set of routes. [3] BG Border Gateway, router with optional firewall functions (Network Address Translation (NAT), Topology Hiding) between intra- Service Provider and Inter-Service Provider IP Backbone networks. BGP Border Gateway Protocol (BGP) is an inter-Autonomous System routing protocol [3]. The current version of BGP is BGP- 4 DNS Domain Name System. For additional information, refer to IR.67 DoS Denial of Service attack DDoS Distributed Denial of Service Attack EPS Evolved Packet System (Core) GRX GPRS Roaming eXchange. Provides for routing, interconnecting and some additional services, such as DNS. Generally used for GPRS/UMTS roaming, MMS interworking and WLAN roaming GRX Provider A Provider that offers GRX service only GTP GPRS Tunneling Protocol [2] HTTP Hypertext transfer protocol HTTPS Secure Hypertext transfer protocol IMS IP Multimedia Subsystem (specified by 3GPP) Inter-Service Provider IP Backbone. The collection of interconnected GRX and IPX Providers’ networks IP Backbone Provider A business entity that provides Inter-Service Provider IP Backbone Service. Either a GRX or an IPX/GRX Provider. IPX IP Packet eXchange. The entity providing the IPX functions. At the interconnection level, IPX is used to mean an interconnection at a service level. Also refers to the collection of all interconnected IPX Provider’s networks IPX Provider A Provider that offers IPX services and may also offer GRX services LTE Long Term Evolution (Radio) Page 4 of 18 GSM Association Official Document IR.77 PGW PDN (Packet Data Network) Gateway PDN Packet Data Network, typical Packet Data Networks are Internet, GRX/IPX, corporate networks PMIP Proxy Mobile IP Service Provider Mobile, fixed operator or other type of Operator connecting to Inter-Service Provider IP Backbone for roaming and/or interworking purposes SGW Serving Gateway SIP Session Initiation Protocol (defined by IETF) SNMP Simple network management Protocol SSH Secure Shell TACACS Terminal Access Controller Access Control System UMTS Universal Mobile Telecommunications System, i.e. “3G” VPN Virtual Private Network; Can be done either at OSI layer 2 or 3. MPLS path, tunnel,
Load more

Recommended publications
  • UMTS Core Network
    UMTS Core Network V. Mancuso, I. Tinnirello GSM/GPRS Network Architecture Radio access network GSM/GPRS core network BSS PSTN, ISDN PSTN, MSC GMSC BTS VLR MS BSC HLR PCU AuC SGSN EIR BTS IP Backbone GGSN database Internet V. Mancuso, I. Tinnirello 3GPP Rel.’99 Network Architecture Radio access network Core network (GSM/GPRS-based) UTRAN PSTN Iub RNC MSC GMSC Iu CS BS VLR UE HLR Uu Iur AuC Iub RNC SGSN Iu PS EIR BS Gn IP Backbone GGSN database Internet V. Mancuso, I. Tinnirello 3GPP RelRel.’99.’99 Network Architecture Radio access network 2G => 3G MS => UE UTRAN (User Equipment), often also called (user) terminal Iub RNC New air (radio) interface BS based on WCDMA access UE technology Uu Iur New RAN architecture Iub RNC (Iur interface is available for BS soft handover, BSC => RNC) V. Mancuso, I. Tinnirello 3GPP Rel.’99 Network Architecture Changes in the core Core network (GSM/GPRS-based) network: PSTN MSC is upgraded to 3G MSC GMSC Iu CS MSC VLR SGSN is upgraded to 3G HLR SGSN AuC SGSN GMSC and GGSN remain Iu PS EIR the same Gn GGSN AuC is upgraded (more IP Backbone security features in 3G) Internet V. Mancuso, I. Tinnirello 3GPP Rel.4 Network Architecture UTRAN Circuit Switched (CS) core network (UMTS Terrestrial Radio Access Network) MSC GMSC Server Server SGW SGW PSTN MGW MGW New option in Rel.4: GERAN (GSM and EDGE Radio Access Network) PS core as in Rel.’99 V. Mancuso, I. Tinnirello 3GPP Rel.4 Network Architecture MSC Server takes care Circuit Switched (CS) core of call control signalling network The user connections MSC GMSC are set up via MGW Server Server (Media GateWay) SGW SGW PSTN “Lower layer” protocol conversion in SGW MGW MGW (Signalling GateWay) RANAP / ISUP PS core as in Rel.’99 SS7 MTP IP Sigtran V.
    [Show full text]
  • An Overview of DWDM Networks
    Telecommunication / Telecommunication An Overview of DWDM Networks 1.0 Introduction by Shaowen Song n traditional optical fiber networks, information is transmit- ted through optical fiber by a single lightbeam. In a Wilfrid Laurier University, Waterloo, ON I wavelength division multiplexing (WDM) network, the vast optical bandwidth of a fiber (approximately 30 THz corre- Abstract sponding to the low-loss region in a single-mode optical fiber) is carved up into wavelength channels, each of which carries a data stream indi- This article provides an overview of the applications of Dense Wavelength Division Multiplexing (DWDM) technology. It exam- vidually. The multiple channels of information (each having a different ines the network architecture and the recent development of two carrier wavelength) are transmitted simultaneously over a single fiber. The reason why this can be done is that optical beams with different major DWDM-based networks, namely the backbone network and the residential access network. The DWDM applications in Local wavelengths propagate without interfering with one another. When the Area Networks (LANs) are not included in the article. The article number of wavelength channels is above 20 in a WDM system, it is generally referred to as Dense WDM or DWDM. We use DWDM as a also looks into the future of broadband integrated service networks based on the DWDM technology. general term in this article. DWDM technology can be applied to different areas in the telecommu- nication networks, which includes the backbone networks, the residential access networks, and also the Local Area Networks (LANs). Sommaire Among these three areas, developments in the DWDM-based backbone network are leading the way, followed by the DWDM-based LANs.
    [Show full text]
  • Analysis of Wifi and Wimax and Wireless Network Coexistence
    International Journal of Computer Networks & Communications (IJCNC) Vol.6, No.6, November 2014 ANALYSIS OF WIFI AND WIMAX AND WIRELESS NETWORK COEXISTENCE Shuang Song and Biju Issac School of Computing, Teesside University, Middlesbrough, UK ABSTRACT Wireless networks are very popular nowadays. Wireless Local Area Network (WLAN) that uses the IEEE 802.11 standard and WiMAX (Worldwide Interoperability for Microwave Access) that uses the IEEE 802.16 standard are networks that we want to explore. WiMAX has been developed over 10 years, but it is still unknown to most people. However compared to WLAN, it has many advantages in transmission speed and coverage area. This paper will introduce these two technologies and make comparisons between WiMAX and WiFi. In addition, wireless network coexistence of WLAN and WiMAX will be explored through simulation. Lastly we want to discuss the future of WiMAX in relation to WiFi. KEY WORDS WiMAX, WiFi, wireless network, wireless coexistence, network simulation 1. INTRODUCTION With the development of multimedia communication, people need wireless broadband access with higher speed, larger coverage and mobility. The emergence of WiMAX (Worldwide Interoperability for Microwave Access) technology met the people's demand for wireless Internet to some extent. If wireless LAN technology (WLAN) solves the access problem of the "last one hundred meters", then WiMAX technology is the best access solution of the "last mile". Though WiMAX is an emerging and extremely competitive wireless broadband access technology, the development prospects of its market is still unknown. Hybrid networks as a supplement to cell based or IP packet based services, can fully reflect the characteristics of wide network coverage.
    [Show full text]
  • Guidelines for IPX Provider Networks (Previously Inter- Service Provider IP Backbone Guidelines) Version 14.0 01 August 2018
    GSM Association Non-confidential Official Document IR.34 - Guidelines for IPX Provider networks (Previously Inter-Service Provider IP Backbone Guidelines) Guidelines for IPX Provider networks (Previously Inter- Service Provider IP Backbone Guidelines) Version 14.0 01 August 2018 This is a Non-binding Permanent Reference Document of the GSMA Security Classification: Non-confidential Access to and distribution of this document is restricted to the persons permitted by the security classification. This document is confidential to the Association and is subject to copyright protection. This document is to be used only for the purposes for which it has been supplied and information contained in it must not be disclosed or in any other way made available, in whole or in part, to persons other than those permitted under the security classification without the prior written approval of the Association. Copyright Notice Copyright © 2018 GSM Association Disclaimer The GSM Association (“Association”) makes no representation, warranty or undertaking (express or implied) with respect to and does not accept any responsibility for, and hereby disclaims liability for the accuracy or completeness or timeliness of the information contained in this document. The information contained in this document may be subject to change without prior notice. Antitrust Notice The information contain herein is in full compliance with the GSM Association’s antitrust compliance policy. V14.0 Page 1 of 53 GSM Association Non-confidential Official Document IR.34 - Guidelines
    [Show full text]
  • Lecture 5: Data Communications Server = End Systems Mobile and Internet Technology ‰ Running Network Apps Local ISP ‰ Communication Links Dr
    What’s the Internet: “nuts and bolts” view millions of connected router computing devices: hosts workstation Lecture 5: Data Communications server = end systems mobile and Internet Technology running network apps local ISP communication links Dr. Hui Xiong fiber, copper, radio, Rutgers University satellite regional ISP transmission rate = bandwidth routers: forward packets (chunks of data) company network Introduction 1-1 Introduction 1-2 What’s the Internet: “nuts and bolts” view What’s the Internet: a service view router communication protocols control sending, workstation receiving of msgs infrastructure enables server distributed applications: e.g., TCP, IP, HTTP, FTP, PPP mobile local ISP Web, email, games, e- Internet: “network of commerce, file sharing networks” communication services llloosely hhlhierarchical provided to apps: public Internet versus regional ISP Connectionless unreliable private intranet connection-oriented Internet standards reliable RFC: Request for comments IETF: Internet Engineering Task Force company network Introduction 1-3 Introduction 1-4 What’s a protocol? What’s a protocol? human protocols: network protocols: a human protocol and a computer network protocol: “what’s the time?” machines rather than “I have a question” humans Hi introductions all communication TCP connection activity in Internet req Hi … specific msgs sent governed by protocols TCP connection Got the response … specific actions taken protocols define format, time? Get http://www.awl.com/kurose-ross when msgs received, order of msgs sent and 2:00 or other events received among network <file> entities, and actions time taken on msg transmission, receipt Q: Other human protocols? Introduction 1-5 Introduction 1-6 1 A closer look at network structure: The network edge: end systems (hosts): network edge: run application programs applications and e.g.
    [Show full text]
  • Local Area Networking at Colorado State University an Analysis IAC Communications Infrastructure Committee
    Local Area Networking at Colorado State University An Analysis IAC Communications Infrastructure Committee Background A special sub-committee of the ITEC Advisory Counsel (IAC) was constituted in July and tasked with analyzing the campus communications infrastructure and making technical recommendations on designs and support models suitable to take the campus into the next 5-10 years. This committee has been referred to as the communications infrastructure committee (the CIC), and its preliminary recommendations for a campus local area network design are presented here. Since the first campus networks were deployed in the mid-late 1980s, an extensive fiber optic cable plant has been developed to support the main, south and foothills campuses. The campus backbone network is currently at 1 Gigabit per second (Gbps), or 100 times the bandwidth of the original campus LAN connections. CSU’s external connectivity is also currently at 1 Gbps, though there are plans to upgrade both the backbone network and the wide area connection to 10 Gbps in FY10. In FY02, a chargeback model was implemented to fund the rising costs of networking on the campus (see http://www.acns.colostate.edu/?page=network_charge_back for information regarding this activity). The chargeback algorithm is based on the speed of the connection to the campus backbone network; for each 10x increase in network capacity there is a corresponding 2.8x increase in the annual charge. As explained below, this chargeback model has had the unintended consequence of sub-optimal network connectivity to many campus buildings. Current Topology As a result of the above chargeback system, colleges and departments have “value engineered” their network connectivity in order to reduce costs.
    [Show full text]
  • Core-Backbone Networks.Pdf
    ΠΑΝΕΠΙΣΤΗΜΙΟ ΜΑΚΕΔΟΝΙΑΣ ΟΙΚΟΝΟΜΙΚΩΝ ΚΑΙ ΚΟΙΝΩΝΙΚΩΝ ΕΠΙΣΤΗΜΩΝ ΔΙΑΤΜΗΜΑΤΙΚΟ ΠΡΟΓΡΑΜΜΑ ΜΕΤΑΠΤΥΧΙΑΚΩΝ ΣΠΟΥΔΩΝ ΣΤΑ ΠΛΗΡΟΦΟΡΙΑΚΑ ΣΥΣΤΗΜΑΤΑ Τεχνολογίες Τηλεπικοινωνιών και Δικτύων κ. Οικονομίδης κ. Πομπόρτσης Core / Backbone Networks Παπανικολάου Γιάννης - Α.Μ. 05/34 Φεβρουάριος 2006 1 2 INDEX 1. NETWORKS: STATE OF THE ART (Abstraction).....................5 1.1. B-ISDN, OSI, TCP/IP models .......................................... .5 1.2. Data, control and management....................................... ..6 1.3. Network organization, foundation and development....... ......7 1.4. Core and access networks ........................................ .......8 1.4.1. Access networks...............................................................9 1.4.2. Core networks ............................................................……9 1.5. Networks topologies........................................................11 1.6. Transmission media and devices.......................................12 1.6.1 Media........................................ ...................................12 1.6.2 Devices ........................................................................14 1.7. Backbone Architectures........................................ ..........15 1.7.1 Backbone Architecture Layers...........................................15 1.7.2 Backbone Network Types...................................... ..........15 1.8. Communication transmission means........................... …….22 1.8.1. T1 and T3 .....................................................................22
    [Show full text]
  • Optical Networks Were Based on Direct Detection Re- Ceivers and Regeneration at Periodic Intervals Along the Core
    Optical Networks: Backbones for Universal Connectivity Robert C. Bray Communications traffic in the world’s fiber-optic backbone network is Douglas M. Baney growing more than 10% per year and the growth rate is accelerating. The ever-increasing bandwidth demands are being met by an array of technological innovations including higher time-division multiplex (TDM) transmission rates combined with wavelength-division multiplex (WDM) overlays. We are living in a revolutionary age. Communications traffic is growing explosively. In this article we attempt to characterize and quantify this growth, and then comment on technologies to upgrade the usable bandwidth of the fiber-optic backbones of the world’s communication networks. Voice, data, fax, video—these are the forms of electronic communication that are growing at unprecedented rates. A large and increasing proportion of the messages are digital. This is because digital signals can be made practically error-free, and the computers that process them are cheap and getting cheaper and more powerful. How can we quantify all this? Since all these signals are digital, the universal measure is the bit rate: how many bits per second leave the signal source. The aggregate bit rate of all the sources is the total communications traffic. Robert C. Bray Douglas M. Baney A department scientist Doug Baney is a project with HP’s Lightwave manager in the optical Division, Bob Bray man- communications and ages technology and metrology groups. He measurements department of HP Laborato- received his PhD degree in electrical engi- ries. With HP since 1981, he has developed neering from Stanford University in 1981 and numerous millimeter-wave and lightwave joined HP the same year.
    [Show full text]
  • ASF 2.0.3 Installation and User's Guide
    Installation and User’s Guide Alteon Switched FirewallTM Release 2.0.3 Part Number: 212535-C, October 2002 4655 Great America Parkway Santa Clara, CA 95054 Phone 1-800-4Nortel www.nortelnetworks.com Alteon Switched Firewall Installation and User’s Guide Copyright © 2002 Nortel Networks, Inc., 4655 Great America Parkway, Santa Clara, California, 95054, USA. All rights reserved. Part Number: 212535-C. This document is protected by copyright and distributed under licenses restricting its use, copying, distribution, and decompilation. No part of this document may be reproduced in any form by any means without prior written authorization of Nortel Networks, Inc. Documentation is provided “as is” without warranty of any kind, either express or implied, including any kind of implied or express warranty of non- infringement or the implied warranties of merchantability or fitness for a particular purpose. U.S. Government End Users: This document is provided with a “commercial item” as defined by FAR 2.101 (Oct. 1995) and contains “commercial technical data” and “commercial software documentation” as those terms are used in FAR 12.211-12.212 (Oct. 1995). Government End Users are authorized to use this documentation only in accordance with those rights and restrictions set forth herein, consistent with FAR 12.211- 12.212 (Oct. 1995), DFARS 227.7202 (JUN 1995) and DFARS 252.227-7015 (Nov. 1995). Nortel Networks, Inc. reserves the right to change any products described herein at any time, and without notice. Nortel Networks, Inc. assumes no responsibility or liability arising from the use of products described herein, except as expressly agreed to in writing by Nortel Networks, Inc.
    [Show full text]
  • The Cisco IP/MPLS Backbone Solution
    The Cisco IP/MPLS Backbone Solution A Converged Mobile Network for Greater Efficiency and Faster Time to Market Mobile networks are evolving daily. A surge in customer demand for different types of broadband data, and multimedia services is putting pressure on mobile network operators to deploy and manage new products and services. Mobile operators worldwide are migrating to third-generation (3G) networks to support the vast array of new revenue- generating service opportunities. One common factor in the various 3G standards is the increased role of IP and the clear evolution towards an all IP network. Mobility Cisco IP/MPLS Solution Delivers the “The evolution to a core IP network is essential to the Following Capabilities: future architecture of the Vodafone systems. Cisco’s Converge Multiple Independent Networks Transition from multiple, single-purpose networks to one converged experience in IP is critical to Vodafone transforming single network for packet-based voice, video, signaling, and data its business into really being a next generation services. You gain economies of scale and faster time-to-market service provider. It really opens up the opportunity for 3G services and IP applications such as voice over IP (VoIP) and VPNs. MPLS VPN technologies allow one physical network to be for Vodafone to create the next generation of a mobile partitioned into many independent VPNs, each with its own distinct business and mobile services...” characteristics, traffic types, and Quality of Service (QoS) features predefined by the operator. For instance, your SS7 signaling traffic – Alan Harper, Group Strategy Director, Vodafone and internal MIS traffic can be securely transported on the same network.
    [Show full text]
  • Advancing the Development of Backbone Networks in Sub-Saharan Africa
    Chapter 4 Advancing the Development of Backbone Networks in Sub-Saharan Africa Mark D. J. Williams xpanding access to advanced information and In response to the dramatic success of policy reforms in communication technology (ICT) services will expanding access to mobile phone services in sub-Saharan Ebe a key factor in sub-Saharan Africa’s Africa, policy makers and investors are exploring more economic and social development. Cross-country data advanced ICT services (Balancing Act 2007; Global Insight show that ICT investment fosters higher long-term 2007; Telegeography 2008). Indeed, many policy makers in economic growth (Roller and Waverman 2001). Small the region consider access to broadband a key driver of businesses with access to mobile phones can generate economic and social development. Yet broadband connectiv- sustained increases in the incomes of poor people in ity remains lower than in other parts of the world, and prices developing countries (Jensen 2007). The impact of broad- are high. For example, a basic DSL (digital subscriber line) band is harder to quantify because less data are available,1 package costs an average of $366 a month in sub-Saharan but emerging evidence suggests that access to advanced Africa,2 compared with $6–$44 in India (ITU 2007; OECD ICT services—such as those that require broadband for 2006).3 The average price of entry-level broadband in the delivery—can also have positive economic and social OECD is $22 per month.4 effects (Goyal 2008). The limited availability of low-cost backbone network As understanding of the benefits of ICT has grown, capacity is one of the factors constraining sub-Saharan Africa’s African governments have begun to give priority to it and development of broadband connectivity.
    [Show full text]
  • Local Fast Segment Rerouting on Hypercubes
    Local Fast Segment Rerouting on Hypercubes Klaus-Tycho Foerster University of Vienna, Vienna, Austria [email protected] https://orcid.org/0000-0003-4635-4480 Mahmoud Parham1 University of Vienna, Vienna, Austria [email protected] https://orcid.org/0000-0002-6211-077X Stefan Schmid University of Vienna, Vienna, Austria [email protected] https://orcid.org/0000-0002-7798-1711 Tao Wen University of Electronic Science and Technology of China, Chengdu, China [email protected] https://orcid.org/0000-0002-0772-5296 Abstract Fast rerouting is an essential mechanism in any dependable communication network, allowing to quickly, i.e., locally, recover from network failures, without invoking the control plane. However, while locality ensures a fast reaction, the absence of global information also renders the design of highly resilient fast rerouting algorithms more challenging. In this paper, we study algorithms for fast rerouting in emerging Segment Routing (SR) networks, where intermediate destinations can be added to packets by nodes along the path. Our main contribution is a maximally resilient polynomial-time fast rerouting algorithm for SR networks based on a hypercube topology. Our algorithm is attractive as it preserves the original paths (and hence waypoints traversed along the way), and does not require packets to carry failure information. We complement our results with an integer linear program formulation for general graphs and exploratory simulation results. 2012 ACM Subject Classification Networks → Routing protocols, Network reliability; Theory of computation → Design and analysis of algorithms Keywords and phrases segment routing, local fast failover, link failures Digital Object Identifier 10.4230/LIPIcs.OPODIS.2018.0 1 Introduction 1.1 Motivation and Challenges The need for a more reliable network performance and quickly growing traffic volumes led, starting from the late 1990s [19], to the development of more advanced approaches to control the routes along which traffic is delivered.
    [Show full text]