SwitchWare Active Network Architecture Group 5 ECE 4605 Neha Jain Shashwat Yadav

Introduction Present IP Networks (passive/traditional/legacy) ‘Smart’ hosts on the network edge connected by ‘Simple” routers. Routers store, examine and forward (table lookup) Limited options available in packet header Eg. Timestamps (10 bytes), SACK Limited user control over network behavior Active Networks Allow intermediate routers to perform computation Programs travel inside network packets (“Active Packets”) and executed at intermediate nodes. Provides a programmable network with user control. Related Work MIT: Capsules, ANTS Gatech and Uni of Kentucky: CANES project UPENN: SwitchWare

Advantages of Active Networks To accommodate the rapid evolution and deployment of network technologies To provide the increasingly sophisticated services demanded by user applications ( including QoS ) To do away with the need of standardization of protocols Allows experimentation

NACK Implosion in a Multicast tree F and G send a NACK. A receives multiple NACKS  NACK implosion Solved in an Active Network At C, it is checked if a previous NACK was received for the same packet. YES: add current sender to the list of retransmission. NO: forward NACK and leave a marker for the packet for which NACK was forwarded.

Switchware Architecture Layer III – Active Packets Layer II – Active Extensions (Node Resident) Layer I – Active Router Infrastructure Provide services which can be invoked by active packets Supports resource allocation And enforces the rules for downloading switchlets Lightweight mobile programs

Security Model Three Approaches: Public Facilities Available to anyone Low risk of abuse e.g. Ping Authenticated Facilities User must submit to an identity check, to determine authorization to use a service. e.g. Remote Login Verified Facilities A node formally verifies certain properties. E.g. Mobile code Type checking and program verification

Verification Type Checking PCC – Proof Carrying Code STATIC DYNAMIC Compile Time Greater Efficiency as errors detected earlier Conservative approach DYNAMIC Run time Greater flexibility Type errors are dealt with at runtime if they occur. PCC – Proof Carrying Code Integrates verification with authorization Easier to check an answer than to produce it. Programming language should be strongly typed. Verification can be done effectively Verification done by PCC produces formal proof. Proof checked by a node to provide authorization.

Active Packets : Layer III Instead of header + payload, we have code + data. Active packets carry programs consisting of both code and data. Code interacts with intermediate nodes – more customizable. Entire packet is forwarded to next hop. Code delivers data at the destination. Requirements for the Programming Language Lightweight Entire communication depends on how fast program is executed. Strongly typed – for security. Remote execution facilities. Bounded resource usage. No reverse traffic No excess capacity available TCP-LP slightly perturbs TCP flow

PLAN Programming Language for Active Networks Performance Security Supports simple data and control structures. Easy to compile and interpret Security PLAN program cannot alter state on a node. Strongly typed – can’t threaten integrity of a node. Statically type checkable for programmer convenience Resource Bound Like TTL (Time To Live) Bound on amount of resources (like bandwidth and CPU cycles) Guaranteed to terminate

Active Extensions – Layer II Active packets are limited in power Cannot implement arbitrary protocols or functionality. Achieved by Active Extensions combined with Active Packets. Resident and executed on a particular node Can be dynamically loaded onto routers and provide services to Active Packets Need not be light-weight Heavier weight security check Statically type checked at the router upon arrival Active extensions perform tasks like Creating or changing state at the router

Secure Active Routers - Layer I Solid base upon which active packets and active extensions are built Goals Provide support to language oriented model used at higher layers Incur minimal costs while system is in operational state Maximize system security under a minimal set of assumptions about trusted components. Embodied by SANE Secure Active Network Environment

SANE What is Integrity ? System in not altered from some known state Uses the approach of guaranteeing integrity of the lower layers Identifies minimal set of system elements upon which system integrity is dependent BIOS Public key infrastructure for authenticating of module sources Ensures that presumptions of system elements are true Dynamic checks – performed while system is operating Static Checks – performed before system enters operating mode

PLANet – Active Internetwork All transmitted packets are PLAN programs This helps in having a generic exchange protocol for all the nodes Distributed protocols are implemented as combination of PLAN programs Like routing tables and ARP Runs in user-space on Linux machines and uses Ethernet as well as UDP as underlying network layers Router achieves 50 Mbps over 100Mbps Ethernet

Active Bridge A prototype constructed to study active networking at active extension layers Bridge connects two LAN’s providing extended network Active extensions called switchlets are loaded in the bridge (coded in Caml) Switchlet 1 : Buffered repeater Switchlets 2 and 3 : Spanning tree algorithms (STA) IEEE 802.1D STA DEC STA Switchlet 4 : Sanity check One of them is flawed ‘Smart’ switch checks the result of the STA If erroneous the other STA is stored

Critique: High end routers require greater upkeep and maintenance. Handling more trust to the programmers. So more susceptible to security breaches. No comparison of time/bandwidth utilization between traditional and active networks.

Discussions Results of the Active Bridge implementation Coding language of the Active extensions? Per flow/ Per packet