Performance Analysis of Rejection Ratio in Cost Optimized Virtual Private Networks Provisioning Algorithm (COVPA) Using Waxman and Barabasi Model in Cyber Space

: Problem statement: Virtual private networks have provided customers with a secure and low-cost communication environment. Approach: The COVPA, the provisioning algorithm for a Virtual Private Network service, which built and managed VPNs on demand. Results: The COVPA allowed each VPN to have guaranteed resources and customized control and supported a highly dynamic VPN service where creation and modification operations took place on fast timescales at reduced cost. Also, it allowed the sharing of bandwidth on the links to reduce the cost. A design process is described, that attempts to satisfy the goals of both the customer and the VPN Service Provider (VSP). Conclusion/Recommendations: The performance of the proposed algorithm is analyzed in terms of cost, the number of nodes, the number of VPN nodes, asymmetric ratio and rejection ratio with the breadth first search, steiner tree and primal dual algorithms. With the enhancement on the design process, the COVPA performs better than the breadth first search, steiner tree and primal dual algorithms


INTRODUCTION
The allocation of the bandwidth for VPNs to meet the requirements specified by customers is one of the major challenges in traffic engineering (Duffield et al., 2002;Verdi and Madeira, 2003;Zhang and Ionescu, 2006). The basic requirements for VPN are User authentication, address management, Data compression, data encryption and key management (Ramaraj and Karthikeyan, 2006). The process of provisioning network resources for flows with QoS guarantees is a combination of three different components-admission control, resource allocation and runtime enforcement (Sabrina and Rogers, 2007). Admission control determines whether or not sufficient network resources, such as link bandwidth and buffer space, exist to support the QoS requirements of new flow requests (Zhang and Ionescu, 2005). Resource allocation addresses the question of how much of the network resources to actually allocate for newly admitted flows so as to satisfy network-wide optimization objectives (Chu and Lea, 2009). Runtime enforcement ensures that the promised QoS guarantees are indeed delivered in a consistent manner throughout the lifetime of the flow and that the flow does not violate its traffic specifications (Rosenbaum et al., 2004;Baroncelli et al., 2007;Cavdar et al., 2008). Provisioning a virtual private network over a set of nodes gives rise to the general network design problem (Benhaddou and Alanqar, 2007;Zhang and Ionescu, 2010).

MATERIALS AND METHOD
Proposed Cost Optimized Virtual Private Networks Provisioning Algorithm (COVPA): Input: The topology graph, VPN nodes, ingress/egress bandwidth of VPN nodes and bandwidth of edges. Output: Cost optimized virtual private networks provisioning tree: Step 1: Get the number of nodes and generate Waxman and Barabasi-Albert model random topology using our program.
Step 2: Fix 10-50% of the boundary region nodes as VPN nodes.
Step 3: Assign the reservation bandwidth on each link randomly within the specified minimum and maximum bounds and also assign the ingress/egress bandwidth for VPN nodes randomly, so that the VPN node bandwidth is higher than any randomly assigned bandwidth of any link.
Step 4: Select the source and destination from the boundary VPN nodes.
Step 5: Find all the possible shortest paths from the source to the destination.
Step 6: Apply the BFS algorithm for each of the router nodes and create BFS trees for each router node.
Step 7: Compute the bandwidth requirement needed on each link of the BFS tree of each router node using the following steps.
Step 7.1: Divide the tree into two subtrees (x and y) by removing a link from the tree.
Step 7.2: For each link in the tree initialize the bandwidth value to zero. Step 7.3: If an element belongs to subtree x and add the reserved bandwidth to the bandwidth of subtree y.
Step 7.4: Otherwise add the reserved bandwidth to the bandwidth of subtree x.
Step 7.5: Find the minimum bandwidth between subtree x and subtree y.
Step 7.6: Reinsert the deleted link.
Step 7.7: Assign the chosen minimum bandwidth to the corresponding deleted link.
Step 7.8: Repeat the steps from 7.1 to 7.7 for each link of the tree.
Step 8: Check the computed bandwidth and the reserved bandwidth of the tree.
Step 9: If the requested bandwidth is less than or equal to the reserved bandwidth, then accept the request for VPN setup.
Step 10: Compute the difference between the reserved bandwidth and the bandwidth allocation needed for each link.
Step 11: Assign the difference to the reserved bandwidth of each link.
Step 12: Otherwise reject the VPN request.
Step 13: Repeat step 6 to step 12 for every node in the entire BFS tree.
Step 14: Select the BFS tree which gives the minimum cost. This minimum cost tree is called as the cost optimized virtual private networks provisioning tree (COVPA).

RESULTS
The rejection ratio as one of the performance metrics to compare the different hose model VPN provisioning algorithms. The Rejection Ratio is defined as the number of requests rejected, divided by the total number of requests received in the network. The main aim of the provisioning algorithm is to minimize the rejection ratio; this will automatically maximize the number of requests successfully established on the network.
In symmetric Virtual Private Networks, the ingress and egress bandwidths are equal and assigned randomly. We conducted 5 runs in which each run randomly generated 100 requests in Waxman random topology. The simulation results are shown in Fig. 1. The X-axis represents the run number and the Y-axis represents the rejection ratio achieved by each provisioning algorithm in each run. We show that the rejection ratio achieved by COVPA is much less than that achieved by the Breadth First Search and Steiner. The rejection ratio achieved by COVPA is 4-7%. However, the rejection ratio achieved by the Steiner tree ranges from 40-42% and the rejection ratio achieved by the Breadth First Search algorithm ranges from 33-36%. According to the simulation results, our COVPA can reduce the rejection ratio more effectively than the Breadth First Search and Steiner tree algorithms in the random Waxman topology model.

Rejection ratio for asymmetric virtual private networks using Waxman model: In Asymmetric
Virtual Private Networks the different ingress and egress bandwidth are assigned randomly. Also, we conducted 15 runs in which each run randomly generated 100 requests in the Waxman random topology. The simulation results are shown in Fig. 1. The X-axis represents the run number and the Y-axis represents the rejection ratio achieved by each provisioning algorithm in each run. We show that the rejection ratio achieved by the COVPA is lesser than that of the Primal Dual algorithm. The rejection ratio achieved by the COVPA is 3% to 4%. However, the rejection ratio achieved by the primal dual algorithm ranges from 22% to 24%. According to the simulation results, our COVPA can reduce the rejection ratio more effectively than primal dual algorithms in the random Waxman Asymmetric topology.

Rejection ratio for symmetric virtual private networks using the Barabasi-Albert model:
In symmetric Virtual Private Networks the ingress and egress are equal and assigned randomly. We conducted 5 runs in which each run randomly generated 100 requests in the Barabasi-Albert topology. The simulation results are shown in Fig. 2. The X-axis represents the run number and the Yaxis represents the rejection ratio achieved by each provisioning algorithm in each run. We show that the rejection ratio achieved by the COVPA is lesser than that achieved by Breadth First Search and Steiner. The rejection ratio achieved by the COVPA is 2-3%. However, the rejection ratio achieved by the Steiner tree ranges from 14-16% and the rejection ratio achieved by the Breadth First Search algorithm ranges from 8-10%. According to the simulation results, our COVPA can reduce the rejection ratio more effectively than the Breadth First Search and Steiner tree algorithms in the Barabasi-Albert topology.
Rejection ratio for asymmetric virtual private networks using the Barabasi-Albert model: In Asymmetric Virtual Private Networks the different ingress and egress bandwidth are assigned randomly. Also, we conducted 5 runs in which each run randomly generated 100 requests in the Barabasi-Albert topology. The simulation results are shown in Fig. 3.
The X-axis represents the run number and the Yaxis represents the rejection ratio achieved by each provisioning algorithm in each run. We show that the rejection ratio achieved by the COVPA is lesser than that of the Primal Dual algorithm. The rejection ratio achieved by the COVPA is 0-2%. However, the rejection ratio achieved by the Primal Dual Algorithm ranges from 7-8% .The simulation results are shown in Fig.4. According to the simulation results, our COVPA can reduce the rejection ratio more effectively than the Primal Dual algorithms in the Barabasi-Albert Asymmetric topology.

DISCUSSION
In the above simulation study we have used both the Waxman and Barabasi-Albert Model for topology generation. The number of nodes is varied from 0-1000 and the number of VPN nodes is varied from 0-500. Both symmetric and Asymmetric bandwidths were studied. The Asymmetric Ratio is also varied from 0-250.
Designed and implemented the Cost Optimized Virtual Private Networks Provisioning Algorithm (COVPA) for provisioning in VPNs with better performance than the Breadth First Search and Steiner Tree algorithms in terms of cost and rejection ratio in the symmetric case hose model.

CONCLUSION
Designed and implemented the Cost Optimized Virtual Private Networks Provisioning Algorithm (COVPA) for provisioning in VPNs with better performance than Primal Dual algorithms in terms of rejection ratio in the Symmetric and Asymmetric hose model.