Implementation and Validation of Network Policy Services

Abstract

The widespread use of Internet Protocol to deliver voice, video and data to end users has made the deployment of some forms of Quality of Service (QoS) mechanisms an essential requirement in today's campus, enterprise, and service-provider networks. Network administrators need to protect and guarantee QoS elements such as bandwidth, delay and jitter to mission critical applications. At the networking level, QoS can be provided using Differentiated services, integrated services or some other mechanisms.

Policy based networking provides the network administrator with the ability to define and deploy network polices that control QoS mechanisms. Some of the challenges in this area are the difficulty in specifying, managing and deploying complex, interrelated and inherited policies, detection of policy conflicts, and the deployment of dynamic policies.

The objective of this thesis was to develop and experimentally study a traffic-aware, standards-based policy server and policy management toolset that allows network administrators to define and deploy policies at different levels of granularity, and with the highest level of flexibility. The server uses the IETF's Policy Core Information Model (PCIM) and it stores network policies in a Lightweight Directory Access Protocol (LDAP) directory, it obtains real-time network traffic information from Resource Usage Monitor (a distributed traffic monitoring tool developed at NCSU), and then it uses a Configuration Server to interact with the networking devices to disseminate and implement any changes required in (measurement–based) polices. The servers and the toolset were deployed in an emulated campus environment, and were then evaluated by enforcing network policies that control bandwidth usage and provision QoS to (simulated) voice and video traffic. As part of the evaluation measurement-driven dynamic policy changes were deployed pro-actively to assess the ability of the system to protect QoS of mission critical applications. Experiments show that adaptive policy based management of end-to-end QoS is feasible, and may be very useful in the context of complex service level agreements.