CS 268: Active Networks Ion Stoica May 6, 2002 (* Based on David Wheterall presentation from SOSP ’99)

Slides:



Advertisements
Similar presentations
Ion Stoica, Robert Morris, David Karger, M. Frans Kaashoek, Hari Balakrishnan MIT and Berkeley presented by Daniel Figueiredo Chord: A Scalable Peer-to-peer.
Advertisements

IPv4 to IPv6 Migration strategies. What is IPv4  Second revision in development of internet protocol  First version to be widely implied.  Connection.
Page 1 / 14 The Mesh Comparison PLANET’s Layer 3 MAP products v.s. 3 rd ’s Layer 2 Mesh.
Mobile Code Security Aviel D. Rubin, Daniel E. Geer, Jr. MOBILE CODE SECURITY, IEEE Internet Computing, 1998 Minkyu Lee
UNIT-IV Computer Network Network Layer. Network Layer Prepared by - ROHIT KOSHTA In the seven-layer OSI model of computer networking, the network layer.
1 Improving the Performance of Distributed Applications Using Active Networks Mohamed M. Hefeeda 4/28/1999.
An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.
Web Caching Schemes1 A Survey of Web Caching Schemes for the Internet Jia Wang.
15-441: Computer Networking Lecture 26: Networking Future.
CS 268: Lecture 5 (Project Suggestions) Ion Stoica February 6, 2002.
Internet Indirection Infrastructure Ion Stoica UC Berkeley.
15-744: Computer Networking L-6 Routing Issues. L -6; © Srinivasan Seshan, New Routing Ideas Border Gateway Protocol (BGP) cont. Overlay.
1 Hybrid Resource Control for Active Extensions Parveen Patel Jay Lepreau University of Utah.
CS 268: Future Internet Architectures Ion Stoica May 1, 2006.
Programmability with Proof-Carrying Code George C. Necula University of California Berkeley Peter Lee Carnegie Mellon University.
IPv6 and Overlays EE122 Introduction to Communication Networks Discussion Section.
Capsule-based Active Networks: What have we learned? David Wetherall University of Washington.
1 Future Internet Architectures: Toward an Architecture-Agnostic Architecture Jennifer Rexford Princeton University
CS 268: Active Networks & Overlay Networks
CS 268: Project Suggestions Ion Stoica February 6, 2003.
A General approach to MPLS Path Protection using Segments Ashish Gupta Ashish Gupta.
1 Network Management Active Networks. 2 Network Management.
Promoting the Use of End-to- End Congestion Control in the Internet Sally Floyd and Kevin Fall Presented by Scott McLaren.
CS 268: Lecture 12 (Router Design) Ion Stoica March 18, 2002.
1 Bees: A Secure, Resource-Controlled, Java-Based Execution Environment Tim Stack Eric Eide Jay Lepreau University of Utah April 5, 2003.
CS 268: Future Internet Architectures Ion Stoica May 6, 2003.
1 Routing as a Service Karthik Lakshminarayanan (with Ion Stoica and Scott Shenker) Sahara/i3 retreat, January 2004.
A General approach to MPLS Path Protection using Segments Ashish Gupta Ashish Gupta.
The Future of the Internet Jennifer Rexford ’91 Computer Science Department Princeton University
Active Networks Jennifer Rexford Advanced Computer Networks Tuesdays/Thursdays 1:30pm-2:50pm.
Virtual Private Network
Host Mobility for IP Networks CSCI 6704 Group Presentation presented by Ye Liang, ChongZhi Wang, XueHai Wang March 13, 2004.
What does it take to define an architecture? (Part 2) David D. Clark July, 2012.
Jennifer Rexford Fall 2010 (TTh 1:30-2:50 in COS 302) COS 561: Advanced Computer Networks Programmable.
MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.
CS Spring 2011 CS 414 – Multimedia Systems Design Lecture 23 - Multimedia Network Protocols (Layer 3) Klara Nahrstedt Spring 2011.
Presented by Xiaoyu Qin Virtualized Access Control & Firewall Virtualization.
Eric Keller, Evan Green Princeton University PRESTO /22/08 Virtualizing the Data Plane Through Source Code Merging.
1 Cabo: Concurrent Architectures are Better than One Jennifer Rexford Princeton University Joint work with Nick Feamster.
Defense by Amit Saha March 25 th, 2004, Rice University ANTS : A Toolkit for Building and Dynamically Deploying Network Protocols David Wetherall, John.
Programmable Networks: Active Networks + SDN. How to Introduce new services Overlays: user can introduce what-ever – Ignores physical network  perf overhead.
BitTorrent enabled Ad Hoc Group 1  Garvit Singh( )  Nitin Sharma( )  Aashna Goyal( )  Radhika Medury( )
Management for IP-based Applications Mike Fisher BTexaCT Research
4: Network Layer4-1 Schedule Today: r Finish Ch3 r Collect 1 st Project r See projects run r Start Ch4 Soon: r HW5 due Monday r Last chance for Qs r First.
Virtual Workspaces Kate Keahey Argonne National Laboratory.
COP 5611 Operating Systems Spring 2010 Dan C. Marinescu Office: HEC 439 B Office hours: M-Wd 2:00-3:00 PM.
Multimedia & Mobile Communications Lab.
APPLICATION LAYER MULTICASTING
1 Secure Peer-to-Peer File Sharing Frans Kaashoek, David Karger, Robert Morris, Ion Stoica, Hari Balakrishnan MIT Laboratory.
Achieving Convergence-Free Routing using Failure-Carrying Packets K. Lakshminarayanan et al. Presented by Ang Li 06/29/07.
July 12th 1999Kits Workshop 1 Active Networking at Washington University Dan Decasper.
EE 122: Lecture 15 (Quality of Service) Ion Stoica October 25, 2001.
Cooperation between stations in wireless networks Andrea G. Forte, Henning Schulzrinne Department of Computer Science, Columbia University Presented by:
Zurich Research Laboratory IBM Zurich Research Laboratory Adaptive End-to-End QoS Guarantees in IP Networks using an Active Network Approach Roman Pletka.
15-744: Computer Networking L-19 Active Networks.
EE 122: Integrated Services Ion Stoica November 13, 2002.
Internet Traffic Engineering Motivation: –The Fish problem, congested links. –Two properties of IP routing Destination based Local optimization TE: optimizing.
Active Networks Jennifer Rexford. Nice Quotation from the Tennenhouse Paper There is presently a disconnect between what users consider to be “inside”
I3 and Active Networks Supplemental slides Aditya Akella 03/23/2007.
SwitchWare Active Network Architecture
Zueyong Zhu† and J. William Atwood‡
ANTS Goals Today’s networks lack flexibility …
Overlay Networking Overview.
Software Defined Networking (SDN)
EE 122: Lecture 18 (Differentiated Services)
The Active Node Transfer System By Chris McAnally & Manu Mittal
Congestion Control, Quality of Service, & Internetworking
Designing for the Future
EE 122: Differentiated Services
EE 122: Lecture 22 (Overlay Networks)
Presentation transcript:

CS 268: Active Networks Ion Stoica May 6, 2002 (* Based on David Wheterall presentation from SOSP ’99)

Motivations  Changes in the network happen very slowly  Why? -Network services are end-to-end At the limit, a service has to be supported by all routers along the path Chicken-and-egg problem: if there aren’t enough routers supporting the service, end-hosts won’t benefit -Internet network is a shared infrastructure Need to achieve consensus (IETF)

Motivations  Proposed changes that haven’t happened yet: -Support for congestion control (RED ‘93) -IP security (IPSEC ‘93) -More addresses (IPv6 ‘91) -Multicast (IP multicast ‘90)

Goals  Make it easy to deploy new functionalities in the network  accelerate the pace of innovation  Allow users to customize their services

Solution  Active networks (D. Tannenhouse and D. Wetherall ’96): -Routers can download and execute remote code -At extreme, allow each user to control its packets User 2: Multicast User 1: RED

An Active Node Toolkit: ANTS  Add active nodes to infrastructure IP routersActive nodes

Active Nodes  Provide environment for running service code -Soft-storage, routing, packet manipulation  Ensure safety -Protect state at node; enforce packet invariants  Manage local resources -Bound code runtimes and other resource consumptions

Where Is the Code?  Packets carry the code -Maximum flexibility -High overhead  Packets carry reference to the code -Reference is based on the code fingerprint: MD5 (128 bits) -Advantages: Efficient: MD5 is quick to compute Prevents code spoofing: verify without trust packet code packet code reference

Code Distribution  End-systems pre-load code  Active nodes load code on demand and then cache it previous node loading node request time packet code responses packet

Lesson Learned  Applications  Performance  Security and resource management

Applications  Well-suited to implement protocol variations  But, not to enforce global policies and resource control (e.g., fire-walls and QoS) -Need a central authority to implement these functionalities  Application examples: auctions, reliable multicast, mobility,…

Performances  ANTS implemented in Java  In common case little overhead: -Extra steps over IP (classification, safe eval) run very fast  Enough cycles to run simple programs -e.g. 1GHz, 1Gbps, 1000b, 100%  1000 cycles; 10%  cycles

Security and Resource Mgmt.  Untrusted users  need to isolate their actions  Protection: make sure that one program does not corrupt other program -Node level protection -Network level protection

Node Level Protection  Relatively easy to solve -Allocate resources among users and control their usage Fair Queueing, per-flow buffer allocation -Use light weight mechanisms: sand-box, safe-type languages, Proof Carrying Code (PCC): PCC can also provide timeliness guarantees e.g., can demonstrate that an operation cannot take more time/space than predifined constants  Note: fundamental trade-off between protection and flexibility -Example: if a node uses FQ to provide bandwidth protection, it will constrain the delays experienced by a user

Network Level Protection  More difficult to achieve  Challenge: enforce global behavior of a program only with local checks and control  Main problem: programs very flexible. Active nodes can: -Affect routing behavior (e.g., mobile IP) -Generate new packets (e.g. multicast)

Examples  Loops as a result of changes in routing behavior  Resource wastage as a result of misbehaving multicast programs -Multicast height k, a node can generate up to m copies  total number of packets can be O(m k ) !  Local solutions not enough -TTL too weak; unaware about topology -Fair Queueing offers only local protection

Solution  Program certification by a central authority  Limitations: -Slows innovation, but still better than what we have today -Dealing with a misbehaving node still remains difficult

Restricting Active Networks  Allow only administrators, or privileged users to inject code -Router plugins, active bridge  Restrict affecting only the control plane  increase network manageability -SmartPackets -Netscript

Active Networks vs. Overlay Networks  Key difference: -Active nodes operate at the network layer; overlay nodes operate at the application layer  Active Networks advantages: -Efficiency: no need to tunnel packets; no need to process packets at layers other than the network layer  Overlay Network advantages: -Easier to deploy: no need to integrate overlay nodes in the network infrastructure Active nodes have to collaborated (be trusted) by the other routers in the same AS (they need to exchange routing info)

Conclusions  Active networks -A revolutionary paradigm -Explores a significant region of the networking architecture design space  But, is the network layer the right level to deploy it? -Maybe, but only if all (congested) routers are active… -Otherwise, overlays might be good enough…

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.