Tunnel minimization and relay for managing virtual private networks

I. Wei Chen*, Ying-Dar Lin, Yi Neng Lin

*Corresponding author for this work

Research output: Contribution to conferencePaperpeer-review


A virtual private network (VPN) is a private data network that carries traffic between remote sites. One of the most popular VPN applications is the "Intranet/Extranet VPN", which establishes network layer connections between remote intranet sites, using various tunneling protocols, to create an IP overlay network IPSec, which is very prevalent in industry, is one of these tunneling protocols that not only provide encapsulation/decapsulation but encryption/decryption and hashing. However, an IPSec tunnel often fails to be established due to the management complexity. This work proposes the new concept of authority to alleviate the management overhead by reducing the number of tunnels. The problem of tunnel minimization is first formalized under three conditions - no constraint, a Tunnel Path Length constraint and a Tunnel Relay Degree constraint, and then solved using graphical models and the Zero-One Integer Programming algorithm. The effect of tunnel minimization is also investigated, and at most 90% of the tunnels are found to be reducible in a general enterprise VPN.

Original languageEnglish
Number of pages6
StatePublished - Nov 2004
EventGLOBECOM'04 - IEEE Global Telecommunications Conference - Dallas, TX, United States
Duration: 29 Nov 20043 Dec 2004


ConferenceGLOBECOM'04 - IEEE Global Telecommunications Conference
Country/TerritoryUnited States
CityDallas, TX


  • IPsec
  • Management
  • Optimization
  • Tunnel reduction
  • VPN


Dive into the research topics of 'Tunnel minimization and relay for managing virtual private networks'. Together they form a unique fingerprint.

Cite this