JOURNAL OF COMPUTING, VOLUME 3, ISSUE 7, JULY 2011, ISSN 2151-9617 HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/ WWW.JOURNALOFCOMPUTING.

ORG

141

Techno-Evaluation and Empirical Study of Virtual Private Networks Using Simulation

Rahul Malhotra and Rajneesh Narula
AbstractA virtual-private network is a computer network is a computer network that uses public telecommunication infrastructure such as internet to provide secure internet access to remote offices or individual users. The aim of using virtual private networks is to avoid an expensive system of owned or leased lines. It encapsulates encrypted data transfer between two or more networked devices which are on same private network using ISDN/PSTN. Routing is the main technical issue performed by tunneling protocols. Virtual Private Networks are configured at routers and permit safe communication through an unsafe environment. Virtual Private Network creates a tunnel, a logical group of routers to provide a safe path to data to reach the destination. A tunnel provides private traffic to be sent through public path. IT Guru Network Planner OPNET accelerates Virtual Private Network deployments and ensures optimal performance of Virtual Private Network based applications. Index Terms virtual private networks, simulation, traffic forwarded, traffic received, network delay.

1 INTRODUCTION
computer network is a collection of computers and devices interconnected by communications a channel that softens the advancement of communications among users and allow users to share resources. Networks may be classified according to a wide variety of characteristics. A computer network allows sharing of resources and information among unified devices. Computer networks can be used for a variety of purposes like Providing Communications- Using a network, people can communicate efficiently and easily via email, instant messaging, chat rooms, telephone, video telephone calls, and video conferencing. Allocation Hardware- In a networked environment, each computer on a network may access and use hardware resources on the network, such as printing a document on a shared network printer. Allocating files, data, and information. In a network environment, authorized user may access data and information stored on other computers on the network. The capability of providing access to data and information on shared storage devices is an important feature of many networks. Sharing software. Users connected to a network may run application program on remote computers. cations expenses. In addition to the increased number of office locations, employees expect to access corporate resources from a more diverse set of locations, including customer sites, home offices, and travel destinations. As more emphasis is placed on electronic communication, business partners also expect to access corporate- partner data as well. All of these trends drive the need to establish a corporate private-network infrastructure. With regard to communications expenses, however, corporations are finding that traditional architecture does not provide the flexibility and solutions required. Using dedicated leased-line circuits to interconnect main offices and branch offices often requires significant planning time, and once in place the circuits cannot support remote or customer sites. The increase in telecommuting and remote computing is, in turn, increasing resources spent on remote-access modems, servers, and long-distance telephone charges. Private networks that utilize the Internet backbone can significantly reduce the costs of establishing and maintaining a WAN for private-networking purposes. Private networks that utilize the Internet backbone can significantly reduce the costs of establishing and maintaining a WAN for private-networking purposes. Internet service provider (ISP)based private networks offer a global 2 VIRTUAL PRIVATE NETWORKS footprint with ubiquitous local network access. Using an Today's corporations are challenged by the need to ISPbased private network, corporations can connect their support a wide variety of communications across a highly offices to the ISP's local points of presence (PoPs) rather distributed number of sites and offices. At the same time than purchase costly leased-line circuits to interconnect that the number of sites and offices increases, corporations their office locations. The corporation takes advantage of are pressured to reduce the cost of their overall communi- the ISP's established backbone, which is usually more geographically diverse than its WAN architecture. The ISP can also offer local dial-up access at a diverse Rahul Malhotra is with the Department of Electronics and Communication number of locations, which helps reduce long-distance Engineering, Bhai Maha Singh College of Engineering, Muktsar, Punjab, remote-access costs. India.
Rajneesh Narula is with the Department of Computer Science and Engineering, Bhai Maha Singh College of Engineering, Muktsar, Punjab, India.

2011 Journal of Computing Press, NY, USA, ISSN 2151-9617 http://sites.google.com/site/journalofcomputing/

JOURNAL OF COMPUTING, VOLUME 3, ISSUE 7, JULY 2011, ISSN 2151-9617 HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/ WWW.JOURNALOFCOMPUTING.ORG

142

3 BENEFITS OF ISPBASED PRIVATE NETWORKS

ISPbased private networks can offer direct cost savings over traditional WAN architectures as well as other indirect cost savings. The increased flexibility and scalability of ISPbased private networks can often reduce equipment costs while minimizing network management and technical-training resources. The most significant benefit of an ISPbased private network is its direct cost savings over traditional WANs. A traditional WAN is composed of distance- sensitive leased-line circuits, which can be subject to interstate and international tariffs and taxes. In comparison, an ISPbased private network only requires shorter leased-line circuits from each office to the ISP's closest PoP. ISPs can also offer flexibility in line speeds; corporations can usually purchase access in fractional tier-1 (T1) increments rather than in an entire T1 circuit from a telecom or local exchange carrier (LEC). Outsourcing network management to an ISP can also indirectly reduce operating costs and resources. In-house technical resources are no longer needed to install, technology also enables the creation of logically isolated circuits or PVCs that provide a private network in which data does not need to be encrypted because it travels only along these logically private circuits. Types of VPN Deployments: There are basically three types of VPNs deployments 1. Intranet VPNs deployed between internal corporate departments and branch offices. 2. Remote Access VPNs are between a corporate network and remote and/or mobile employees 3. Extranet VPNs are between a corporation and its strategic partners, customers and suppliers.

but may sacrifice the accuracy. Usually hybrid operators are used which combines both the simulation technologies and provides reasonable performance in terms of speed and accuracy. Some common network simulating tools are optimized network engineering tool (OPNET), network simulator (NS2) and global mobile information system simulator (GLOMOSIM).

4 SIMULATIONS
Simulation is a process of designing a model of real system, with this model user can understand the behavior and reactions of real working situations, during particular events. It is the application of computational models, to study and predict physical events or the behavior of engineered systems. Computer simulation is an indispensable tool for resolving large amount of scientific and technological problems. In context with wired networks, simulators are used for the development and validation of new algorithms and for testing networks capacity and efficiency under specific scenarios. Network simulators impede this task by providing a scaffold in which the desired network configurations can be assembled virtually and virtual traffic loads can be introduced over the network. Traffic flows across the network and measurements can be taken without distressing the system. Network simulators are classified into two categories viz. protocol simulator and technology or processing simulator. Both these technologies houses the two methods of simulation namely discrete event and analytical simulation method. The discrete event simulation produces predictions in the network at low level which is packet by packet making them accurate but slow to generate results. Another approach is analytical method which produces mathematical models to produce their results at a much faster speed

4.1 OPNET Modeler Optimized network engineering tool (OPNET) modeler is the commercial network simulator tool that works on pseudo random number generator (PRNG) algorithm for carrying out simulations. The tool provides a graphical user interface (GUI) and works on Windows and UNIX environment. It supports three levels of modeling example that includes process level for analyzing different networking objects, node level that helps to connect objects to form a communicating device, network level to build network of communicating devices and project level that beholds different scenarios of same network and helps comparing them for most efficient and robust network designing. The parameters or attributes for comparison of different scenarios are selected after the creation of network model. Both physical and logical attributes can be varied either for the whole of network or for individual nodes. The networks can be tested for worst conditions by isolating some network part or by deactivating crucial network links. The simulation time can be adjusted for better understanding of parameters behavior and for desired performance of the network. The non uniformity of simulation results and poor description of errors generated during simulation process likely are some drawbacks of the simulator. However, IT Guru academic edition is an open source limited feature version of OPNET modeler than commercial OPNET modeler that is costly and comes along number of features and improved performance. But in any case, OPNET proves to be most efficient networking tool providing an interactive and easy approach towards network designing both for educational and research purposes

5 PROBLEM STATEMENT
As we entered 2000, corporate expanded the use of virtual private networks to keep mobile users better informed and continuously connected, changing the face of corporate office to network centres of commerce and information exchange. Virtual private network enables remote offices, strategic partners, and mobile employees to connect securely to the corporate network by using public intranet backbone as a medium for data communication. A secure path through the internet can be created by using encryption and encapsulation to exchange various form of information. Using this means of information exchange continues to spread as corporate work creates begin to change due to the increased number of mobile employees and the enormous amount of customers connecting to the internet everyday.

JOURNAL OF COMPUTING, VOLUME 3, ISSUE 7, JULY 2011, ISSN 2151-9617 HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/ WWW.JOURNALOFCOMPUTING.ORG

143

5.1 Virtual Private Networks The stated purpose of this paper is to model and evaluate the performance comparison of office A and Office B aparted and simulated at a distance of 10 kilometers to 50 kilometers, varying with a ratio of 5. The reasons behind this evaluation are not only to use the method to evaluate real world network, but also to evaluate the method and its software implementation and hopes to transmit secure and efficient data. The first simulation scenario consists of 10 networked stations (PCs) in both offices A and B aparted at a distance of 10 kilometers to 50 kilometers, connected with a network cable 10 baseT, 100BaseT and 1000Base X.

Fig. 3. Two offices are connected using cable.

Fig. 1. Office A.

each node switches between On state in which the traffic is generated, and OFF state in which there is no traffic. The duration of ON and OFF states is selected as Start time of 50 seconds, On state time of 60 sec, Off state time of 40 sec, Packet generation with Interarrival time of 10 sec, Packet size of 1000 bytes and no segmentation is selected. The end-to-end delay of all packets received by all the stations, Traffic Received (in packets/sec) by the traffic sinks across all nodes, Traffic Sent (in packets/sec) by the traffic sources across all nodes is measured using simulations. Simulation of the network is done for 2.5 hours. Now, for the second scenario, the simulated network for office A and office B is connected with another cable 100 base T and 1000 basex using the above procedure and techno evaluation of the traffic sent (packets/sec), traffic received (packets/sec) and delay (packets/sec) is done. The results for the simulation are as shown in figures 4 to 15.

6 SIMULATION RESULTS
The results obtained from the study of self comparison of parameters delay, traffic forwarded and traffic received under physical and logical constraints of type of link in the simulated virtual private networks is as follows.

Fig.2. Office B.

The traffic generation at each node is as follows. The traffic model follows a well-known ON-OFF model, in which

Fig. 4. Ethernet delay, load and traffic received (packets/sec) for PC 1 of VPN network office A using the cable 10 BaseT.

JOURNAL OF COMPUTING, VOLUME 3, ISSUE 7, JULY 2011, ISSN 2151-9617 HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/ WWW.JOURNALOFCOMPUTING.ORG

144

Fig. 5. Ethernet delay, load and traffic received (packets/sec) for PC 1 Fig. 8. Ethernet delay, load and traffic received (packets/sec) for PC 1 of VPN network office A using the cable 100 BaseT. of VPN network office B using the cable 100 BaseT.

Fig. 6. Ethernet delay, load and traffic received (packets/sec) for PC 1 of VPN network office A using the cable 1000 BaseX.

Fig. 9. Ethernet delay, load and traffic received (packets/sec) for PC 1 of VPN network office B using the cable 1000 BaseX.

Fig. 7. Ethernet delay, load and traffic received (packets/sec) for PC 1 of VPN network office B using the cable 10 BaseT.

Fig. 10. Traffic forwarded by switches for offices A and B using the cable 10 Base T.

JOURNAL OF COMPUTING, VOLUME 3, ISSUE 7, JULY 2011, ISSN 2151-9617 HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/ WWW.JOURNALOFCOMPUTING.ORG

145

Fig. 11. Traffic received by switches for offices A and B using the cable 10 Base T.

Fig. 14. Traffic forwarded by switches for offices A and B using the cable 1000 Base X.

Fig. 12. Traffic forwarded by switches for offices A and B using the cable 100 Base T.

Fig. 15. Traffic received by switches for offices A and B using the cable 1000 Base X. From the above results, it is concluded that, there is no effect of cable type in the small network structure but there is a difference between delay of two different offices aparted at different distance with same parameters, as given for office A and Office B aparted at a distance of 10 kilometers and 50 kilometers.

CONCLUSION

Fig. 13. Traffic received by switches for offices A and B using the cable 100 Base T.

The simulations were performed for the two offices connected in star configuration for a private network with Ethernet cables specifically, 10 BaseT, 100 BaseT and 1000 BaseX. The simulations were performed at start time 50 seconds, ON state and OFF state time at 60 seconds and 40 seconds respectively with an interarrival time 10 seconds. In each case of simulation

JOURNAL OF COMPUTING, VOLUME 3, ISSUE 7, JULY 2011, ISSN 2151-9617 HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/ WWW.JOURNALOFCOMPUTING.ORG

146

packet size was kept to 1000 bytes. Performances of proposed Virtual Private Network configuration have been investigated. The simulation results show the change in delay, variation in average traffic received and load in packets per second with an increase in node size for a public network.

REFERENCES
[1] [2] Baronial, Cohen, Marc A.[1986] Communication Network and Design Protocol IEEE Journal ,vol 4. C. S. Raghavendra, J. A. Sylvester Multi-connected-loop topologies for local computer networks computer networks and ISDN System Vol-11 pages 29-44. Andrew Rachel (2001) Protecting Critical Information Infrastructures computers and Security vol 20(1) pages 43-52. Kopek Kill (2002) Thorough Analysis of 802.11e Star Topology Scenarios in the Presence of Hidden Nodes vol 5592, page-632648. Jakllari, G,Wenjie Luo, Krishnamurthy,S.V. (2005), An integrated neighbor discovery and MAC protocol for ad hoc networks using directional antennas Sixth IEEE International symposium 2005, pp 11-21. Yang and Rahbar (2006), Prioritized retransmission in slotted all-optical packet-switched networks, Journal of Optical networking, Vol5, pp1056-1070. Xio Liu et.al (2006), A comparison between time-slot scheduling approaches for all-photonic networks (2005),International conference on Inf, (ICICS) Sumit Roy, Arindam.K.Dass et.al (2007), Analysis of the contention access period of IEEE 802.15.4 MAC, ACM Transactions on Sensor Networks (TOSN) ,Vol3 (2007) Gaoxi Xio et.al (2008),Traffic allocations on optical packet switching, IEEE Journal on selected areas in communication Vol. 25(2007) G.Bhatti, A. Mehta et.al (2008),Modified Beacon IEEE 802.15.4MAC for lower latency, IEEE Global Telecommunications conference (2008). Xianhui Che, Hunter, D.K et.al (2008), Switched optical startopology network with edge electronic buffering and centralized control, Third International Conference on Communications and networking,pp 243-2464685012.abs Guangjie Huang; Wei Guo; Kai Wen;Time based broadcasting for power based routing in wireless ad Hoc networks,ICCCAS International conference (2008), pp 378-382. Wells. I, Xianhui et.al (2009), A selective-abstraction modeling approach for simplifying computer network studies, ultra Modern Telecommunications workshop 2009,pp1-45345432. D.B.Johnson and D.A Maltz, Dynamic source routing in ad hoc wireless networks, in Mobile computing, pp 13691379,(2003). Michael D.colagrasso, Classification Approach to Broadcasting in a Mobile Adhoc Network, IEEE International Conference(2003), pp546-551. Hongzhi, Qin Wang (2006), Simulation and Evaluation for SS Network on Chip architecture using OPNET, ICSICT 06 8th International conference 23-26 oct 2006. Martinez.R, Wenzi Wu, Hardware and software-in-the-loop techniques using the OPNET modeling tool for JTRS develop-

mental testing, MILCOM (2003), vol 1. [18] Daugherty,B, Multiprotocol label switching and IP. Part I. MPLS VPNs over IP tunnels,Internet computing,IEEE(2005), vol 9. [19] R.K.Jha, Y.P.Kosta , Design analysis and implementation of a novel multiple resource scheduler,IEEE transactions on computer(2007). [20] Haesun Byun, Meejeong Lee ,Network Architecture and Protocols for BGP/MPLS Based Mobile VPN, vol 5200, (2008). [21] Wen Hu, Peter corke,Sanjay jha Toward trusted wireless sensor networks, ACM Transactions on Sensor Networks (TOSN), vol 7. Rahul Malhotra has received his Bachelor of Engineering Degree in Electronics & Communication Engineering from Baba Saheb Naik College of Engineering, Pusad under Amravati University, Amravati - India in 2001 and M.Tech degree in Electronics & Communication Engineering from Giani Zail Singh College of Engineering & Technology, Bathinda, India in 2008 and P h.D in Electronics and C ommunication Engineering from Punjab Technical University, Jalandhar in 2011. He joined as a Lecturer in 2001 at Guru Gobind Singh College of Engineering & Technology, Talwandi S abo, India. He joined as Assistant Professor in Adesh Institute of Engineering & Technology, Faridkot, India in 2008. Presently, He is working as Associate Professor at BMS College of Engineering, Muktsar. His area of interest includes Wireless Communication, Adhoc Networks, and Fuzzy Logic & Genetic Algorithms. He is a member of Indian Society for Technical Education, The Institution of Electronics & Telecommunication Engineers (India), Institution of Engineers (India). Rajneesh Narula is with the Department of Computer Science and Engineering, Bhai Maha Singh College of Engineering, Muktsar, Punjab, India. His areas of interest include Wireless networks, Micro-controller systems, Adhoc Networks and Micro-electronics etc.

[3] [4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

[14]

[15]

[16]

[17]