ECCP A Formally-Verified Migration Protocol For Mobile, Multi-Homed Hosts Matvey Arye Joint work with: Erik Nordström, Robert Kiefer Jennifer Rexford, Michael.

Slides:



Advertisements
Similar presentations
Serval: An End-Host Stack for Service-Centric Networking
Advertisements

IPv6-The Next Generation Protocol RAMYA MEKALA UIN:
Mobility Jennifer Rexford COS 461: Computer Networks Lectures: MW 10-10:50am in Architecture N101
IPv6 Multihoming Support in the Mobile Internet Presented by Paul Swenson CMSC 681, Fall 2007 Article by M. Bagnulo et. al. and published in the October.
CISCO NETWORKING ACADEMY Chabot College ELEC Transport Layer (4)
1 Review of Important Networking Concepts Introductory material. This module uses the example from the previous module to review important networking concepts:
Department of Electronic Engineering City University of Hong Kong EE3900 Computer Networks Transport Protocols Slide 1 Transport Protocols.
COS 461: Computer Networks
WXES2106 Network Technology Semester /2005 Chapter 8 Intermediate TCP CCNA2: Module 10.
1 Version 3.0 Module 10 Routing Fundamentals and Subnetting.
What Is TCP/IP? The large collection of networking protocols and services called TCP/IP denotes far more than the combination of the two key protocols.
IP-UDP-RTP Computer Networking (In Chap 3, 4, 7) 건국대학교 인터넷미디어공학부 임 창 훈.
Gursharan Singh Tatla Transport Layer 16-May
1 Review of Important Networking Concepts Introductory material. This slide uses the example from the previous module to review important networking concepts:
Lecture 8 Modeling & Simulation of Communication Networks.
Host Identity Protocol
What Can IP Do? Deliver datagrams to hosts – The IP address in a datagram header identify a host IP treats a computer as an endpoint of communication Best.
Protocols and the TCP/IP Suite Chapter 4. Multilayer communication. A series of layers, each built upon the one below it. The purpose of each layer is.
Process-to-Process Delivery:
Module 10. Internet Protocol (IP) is the routed protocol of the Internet. IP addressing enables packets to be routed from source to destination using.
Serval: Software Defined Service-Centric Networking Jen Rexford Erik Nordstrom, David Shue, Prem Gopalan, Rob Kiefer, Mat Arye, Steven Ko, Mike Freedman.
1 Transport Layer Computer Networks. 2 Where are we?
Review: –What is AS? –What is the routing algorithm in BGP? –How does it work? –Where is “policy” reflected in BGP (policy based routing)? –Give examples.
Presentation on Osi & TCP/IP MODEL
What is a Protocol A set of definitions and rules defining the method by which data is transferred between two or more entities or systems. The key elements.
Copyright 2003 CCNA 1 Chapter 9 TCP/IP Transport and Application Layers By Your Name.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 7: Transport Layer Introduction to Networking.
1 Chapter 1 OSI Architecture The OSI 7-layer Model OSI – Open Systems Interconnection.
Introduction to Networks CS587x Lecture 1 Department of Computer Science Iowa State University.
Link Layer 5-1 Link layer, LAN s: outline 5.1 introduction, services 5.2 error detection, correction 5.3 multiple access protocols 5.4 LANs  addressing,
Seamless Access to Services for Mobile Users Jennifer Rexford Princeton University Joint work with Matvey Ayre, Mike.
Wireless TCP Prasun Dewan Department of Computer Science University of North Carolina
CS332, Ch. 26: TCP Victor Norman Calvin College 1.
SMUCSE 4344 transport layer. SMUCSE 4344 transport layer end-to-end protocols –transport code runs only on endpoint hosts encapsulates network communications.
TCP1 Transmission Control Protocol (TCP). TCP2 Outline Transmission Control Protocol.
ECE 526 – Network Processing Systems Design Networking: protocols and packet format Chapter 3: D. E. Comer Fall 2008.
Chapter 6-2 the TCP/IP Layers. The four layers of the TCP/IP model are listed in Table 6-2. The layers are The four layers of the TCP/IP model are listed.
Information Flow Across the Internet. What is the Internet? A large group of computers that link together to form the Worldwide Area Network (WAN)
5: Link Layer Part Link Layer r 5.1 Introduction and services r 5.2 Error detection and correction r 5.3Multiple access protocols r 5.4 Link-Layer.
TCP/IP Honolulu Community College Cisco Academy Training Center Semester 2 Version 2.1.
CISC856 University of Delaware
COP 5611 Operating Systems Spring 2010 Dan C. Marinescu Office: HEC 439 B Office hours: M-Wd 2:00-3:00 PM.
4/19/20021 TCPSplitter: A Reconfigurable Hardware Based TCP Flow Monitor David V. Schuehler.
Hot Interconnects TCP-Splitter: A Reconfigurable Hardware Based TCP/IP Flow Monitor David V. Schuehler
Computer Networks23-1 PART 5 Transport Layer. Computer Networks23-2 Position of Transport Layer Responsible for the delivery of a message from one process.
Advanced UNIX programming Fall 2002, lecture 16 Instructor: Ashok Srinivasan Acknowledgements: The syllabus and power point presentations are modified.
Review of key networking techniques: –Reliable communication over unreliable channels –Error detection and correction –Medium access control –routing –Congestion.
ISDS 4120 Project 1 DWAYNE CARRAL JR 3/27/15. There are seven layers which make up the OSI (Open Systems Interconnection Model) which is the model for.
1 Transport Layer: Basics Outline Intro to transport UDP Congestion control basics.
Michael G. Williams, Jeremey Barrett 1 Intro to Mobi-D Host based mobility.
IP1 The Underlying Technologies. What is inside the Internet? Or What are the key underlying technologies that make it work so successfully? –Packet Switching.
1 User Datagram Protocol. 2 Transport Protocols Provide logical communication between application processes running on different hosts Run on end hosts.
1 Computer Communication & Networks Lecture 23 & 24 Transport Layer: UDP and TCP Waleed Ejaz
McGraw-Hill Chapter 23 Process-to-Process Delivery: UDP, TCP Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
TCP/IP1 Address Resolution Protocol Internet uses IP address to recognize a computer. But IP address needs to be translated to physical address (NIC).
Serval: An End-Host Stack for Service-Centric Networking Erik Nordstrom, David Shue, Prem Gopalan, Robert Kiefer, Matvey Arye, Steven Y. Ko, Jennifer Rexford,
11 CS716 Advanced Computer Networks By Dr. Amir Qayyum.
2: Transport Layer 11 Transport Layer 1. 2: Transport Layer 12 Part 2: Transport Layer Chapter goals: r understand principles behind transport layer services:
Ch 3. Transport Layer Myungchul Kim
3. END-TO-END PROTOCOLS (PART 1) Rocky K. C. Chang Department of Computing The Hong Kong Polytechnic University 22 March
5. End-to-end protocols (part 1)
Network Architecture Introductory material
Multipath TCP Yifan Peng Oct 11, 2012
Review of Important Networking Concepts
Chapter 6 The Data Link layer
Process-to-Process Delivery:
Review of Important Networking Concepts
Process-to-Process Delivery: UDP, TCP
Computer Networks Protocols
Computer Networks Protocols
Presentation transcript:

ECCP A Formally-Verified Migration Protocol For Mobile, Multi-Homed Hosts Matvey Arye Joint work with: Erik Nordström, Robert Kiefer Jennifer Rexford, Michael J. Freedman 1

Original Internet Architecture 2 Hosts did not move and had a single connection to the Internet

Fast Forward Mobile devices have new capabilities – Devices move – Multiple points-of-attachment Servers have changed – VM migration – Multiple network attachments (NICs) – Data-center multihoming 3

Extending Network Capabilities Host mobility, VM Migration – Connection shouldn’t break when hosts move Switching seamlessly between WiFi and 4G – Ability to switch between network interfaces Load balancing between network paths across interfaces – Ability to move individual flows between interfaces Having backup routes on alternative interfaces – Maintaining a list of alt. interfaces for connections 4

Problems Arise From Current Abstractions 5 No network changes Independent of data delivery semantics Application Connection Control Network Data Delivery TCP in “ESTABLISHED” state Application Network Transport

The Flow Abstraction 6 Application Network Connection Control PID Connection PID FlowID1 Flow1 FlowID1 Data Delivery FlowID2 Flow2 FlowID2 IP1 Flow1 IP2 IP3 Flow2 IP4 Application Network Connection Control Data Delivery

Our Approach For Handling Device Mobility 7 Alice Bob:IP2 My Address has changed Bob:IP5 Network Connection Control FlowID1 Flow1 FlowID1 IP1 Flow1 IP2 Network Connection Control IP1 Flow1 IP5

Contribution 1: ECCP End-to-End Connection Control Protocol Host mobility through end-to-end signaling Transport-layer independence Multipath through new flow abstraction 8

Contribution 2: Formal Verification Connection control protocols hard to get right – We show that TCP-Migrate and HIP are incorrect Non-Determinism makes it hard to verify – Unreliable network, changing network identifiers – Non-determinism leads to state-space explosion We show new techniques to enable verification – Verified ECCP in SPIN 9

Other End-to-End Protocols 10 ECCPTCP- Migrate MPTCPHIP Formally VerifiedIncorrect Transport Independent Rapid Migration Multipath Capable Per-Flow Migration

Protocols Establishing connections Moving flows to new addresses Adding flows to connection Handling NATs Simultaneous migrations 11

Connection Establishment Three-way handshakes to establish states Each peer communicates flowID to other peer – Unlike IP addr., doesn’t change during migration – Packets demultiplexed on local flowID Optionally sends alternative addresses to peer for fail-over and additional flows 12

The Protocol – Initial Flow 13 SYN (Service S) Flow ID-C SYN (Service S) Flow ID-C SYN-ACK Flow ID-C Flow ID-S SYN-ACK Flow ID-C Flow ID-S ACK Flow ID-C Flow ID-S ACK Flow ID-C Flow ID-S ClientServer Demux on: S Demux on: Flowd ID-C Demux on: Flowd ID-S

The Protocol – Changing Addresses 14 RSYN Version #-M Flow ID-M Flow ID-S SRC=IP5 RSYN Version #-M Flow ID-M Flow ID-S SRC=IP5 RSYN-ACK Version #-M Flow ID-M Flow ID-S RSYN-ACK Version #-M Flow ID-M Flow ID-S ACK Version #-M Flow ID-M Flow ID-S ACK Version #-M Flow ID-M Flow ID-S Mobile New Address IP5 Stationary Demux on: Flow ID-S Record addresses IP5 Demux on: Flow ID-M Demux on: Flow ID-S Change address to IP5

Version #s Need to use versioning on migration messages HIP, TCP-Migrate use TCP-like sequence #s – Ties connection control to data delivery – Creates problems -- need different semantics 15 “Sequence” Received 0 to N-1 Cannot skip ahead “Version” All previous #s < N Can skip ahead Semantics when getting packet N:

Sequence # Semantics are Dangerous 16 RSYN Sequence #n RSYN Sequence #n RSYN-ACK Sequence #n RSYN-ACK Sequence #n StationaryMobile New Address IP5 New Address IP6 RSYN Sequence #n+1 RSYN Sequence #n+1 Can’t process sequence #n+1 because didn’t finish #n

Formal Verification 17

Formal Verification - Overview Modeled in SPIN Checks for deadlocks – Neither party can send or receive messages Checks for livelocks – Neither party can do anything useful – Each host can ping the other host 18

Goals of Connection Control Robust connectivity across mobility events – Maintain up-to-date mapping between flows & IPs – Correct if each host can ping its peer What connection control is NOT – Reliable delivery – Bit-correctness of data (i.e. checksums) – Ordering of data 19

Model Checking 101: Explore All Interleavings 20 Process 1 Process 2

Model Checking 101: Explore All Interleavings 21 Process 1 Process 2

Model Checking 101: Build Global State-Space 22 State 1 State 2 State 3 State 4 State 2 State 4 State 5

Verification Challenges Most protocols verified in SPIN sit on top of a reliable data-delivery layer – But for ECCP, the network is unreliable: loss, duplication, and reordering of packets are possible but can cause state-space explosion State-space explosion due to random FlowIDs No notion of time in SPIN – timeouts are tricky – But are needed to recover from packet loss 23

Modeling an Unreliable Network 24 Process 1 Process 2 Network Sim Network simulator can drop, reorder or duplicate packets

Creates Unnecessary States 25 Process 1 Process Network Sim 1 1

Creates Unnecessary States 26 Process 1 Process Network Sim 1 1

Creates Unnecessary States 27 Process 1 Process Network Sim 1 1 Relative order does not matter For protocol execution

More Efficient Implementation 28 Process 1 Process 2 Network simulator runs as part of the sending process

Formal Verification - Completeness Each version # creates new state-space tree So, verification does not reach a fixed point – But, verifies up to 6 migrations for base protocol – 4 migrations for full protocol 29 #1 #2 #3

Implementation ECCP part of larger Serval project – Next-generation service-oriented network stack – Loadable kernel module – Runs on Linux, Android,… Adapts “ESTABLISHED” state of TCP 30

Evaluation – Client Interface Changes 31 One of the authors walks through campus, playing music through Google Play Music. No loss in playback quality. WIFI 4G Saves > 2GB cellular data per month

Conclusion New abstractions – Decoupling data delivery and connection control – Flows as path-dependent parts of connections Design of demultiplexing keys is important – Independent of network identifiers Ordering semantics are tricky to get right Formal verification is important and possible 32

Formal Models Implementation 33

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.