Overlay Networks: An Akamai Perspective Ramesh K. Sitaraman, mangesh kasbekar, Woody Lichtenstein, and Manish Jain Akamai Technologies Inc Univerisy of Massachusetts, Amherst Presented by Huazhe Wang
Akamai Technologies, Inc. is a content delivery network and cloud services provider headquartered in Cambridge, Massachusetts, in the United States.
Outline Motivation Overview of Overlay Networks Caching Overlays Routing Overlays Security Overlays
Content Distribution using the Internet The Internet is increasingly being used for digital content and media delivery. Business, commerce, entertainment, news and social interactions Requirements: high reliability, performance, security, scalability and low operating costs. Major e-commerce sites require 99.99% of reliability TransportingTens of petabits per second of data to support High quality television
Deficiencies of the Internet A heterogeneous network of networks Access traverses multiple networks to obtain content “Best effort” Failures and performance degradation are common
Major shortcomings of the Internet Outrages Misconfigured routers, DDoS attacks, cable cuts, power disruptions… Congestion High traffic demand Economic reasons Lack of scalability One point failure Over/under provisioning server C0C0 client 1 client 2 client n
Major shortcomings of the Internet Slow adaptability Large investment Business relations Lack of security Growing Distributed denial of service (DDoS) attacks Cost additional servers and bandwidth
Challenges: How to bridge the gap between what modern Internet-based services need and what the Internet actually provides? Redesign of the Internet Hard to implement given the wide-adoption of the current technology Overlay Networks
Overview of Overlay Networks Fundamental idea: virtually great what you want with what you have. Fragmented storage to a single, contiguous virtual memory space Virtual machine Internet was built as a overlay on top of the telephone network
Overview of Overlay Networks An overlay network is built on top of the public Internet to provide the stringent requirements that rich Internet-based services need.
Peer to peer (P2P) Overlays P2P uses end users’ host to form overlays that can be used for downloading content. Unnecessary long distance Traversing multiple Ass
P2P Problem : Network Inefficiency P2P applications are largely network- oblivious and may not be network efficient Verizon (2008) average P2P bit traverses 1,000 miles on network average P2P bit traverses 5.5 metro-hops Karagiannis et al. on BitTorrent, a university network (2005) 50%-90% of existing local pieces in active users are downloaded externally
Peer to peer (P2P) Overlays Hybrid approaches that combine P2P principles with a dedicated overlay infrastructure are widely used. Overlays described in the paper use a dedicated server infrastructure owned and operated by the overlay provider, rather than the computers belonging to users.
Overlay Architecture Overlays used to deliver content, applications and services Origins One or a few, locates in core Edge servers Hundreds thousand Locates at the edges, close to users Transport system High reliability and performance
Outline Motivation Overview of Overlay Networks Caching Overlays Routing Overlays Security Overlays
Caching Overlays Caching HTTP/HTTPS proxy servers Usage Static objects can be cached for some period Embedded image on a web page, a movie, a music, a software download, or a software update Benefits Availability, performance and origin offload
Performance benefits 30 agents located in Asia, Europe, and North America The agents hourly download a popular web page Origin servers locate in Dallas
Origin offload benefits Origin offload Is equal to the ratio of the volume of traffic served by the origin without the overlay to the volume of traffic served by the origin with the overlay. A large decrease in server, bandwidth, expenses. Popular vs cold traffic Cache hierarchy Adding a layer of parent servers Increases the origin offload, easy to implement
Performance benefits Origin offload increases with deployment of cache hierarchy
Performance benefits
Outline Motivation Overview of Overlay Networks Caching Overlays Routing Overlays Security Overlays
Yale LANS Routing Overlays Usage Not all content on the Internet is cacheable for long time Gaming, live streams. Benefits Discovering better ‘overlay path’ to improve performance and availability
Yale LANS Routing Overlays Some issues to be considered An overlay construction algorithm to compute a set of candidate overlay paths Real-time latency, loss, available bandwidth Choosing which of these paths to use depends on real-time testing of the different path options.
Yale LANS Routing Overlays Formulating overlay construction as multi- commodity flow
Yale LANS Routing Overlays Link costs can be defined in different ways to construct different types of routing overlays. Latency vs bandwidth price e.g. finding the fastest overlay routes while avoiding links that are too expensive, or finding the cheapest overlay paths while avoiding paths that are too slow. Throughput Minimizing latency is important when delivering small-size responses. Maximizing throughput is important for large responses. TCP performance The overlay paths must remain “sticky" over longer periods of time.
Yale LANS Routing Overlays Selecting the reverse proxy Choosing a reverse proxy close to the origin Low latency, loss, Shared link Reducing penalty to set up a new TCP connection
Performance benefits The significantly greater performance is due to the ability of the routing overlay to find alternate paths that avoid the failed links between different parts of Asia to the Boston origin.
Performance benefits Without major Internet outrage
Outline Motivation Overview of Overlay Networks Caching Overlays Routing Overlays Security Overlays
Yale LANS Security Overlays Defending against DDoS attacks Not provided by Internet architecture In caching/routing overlay networks, performing security tasks at the edge server of overlay networks is effective. Security overlay Architecture
Yale LANS Security Overlays Security overlay Architecture Shared attack capacity Is flexible to increase bandwidth capacity at some locations on-demand as needed. Cost effective. Shared expertise and lower costs A team of security experts provides high level of defense with low costs. Advanced security features Security features to defend against all kind of attacks, like a networking stack, firewall.
Yale LANS Security Overlays Shielding the origin Shielding the origin from accesses coming from strange end hosts Control design Controls are provided for individual content providers
Performance benefits 50 to 9000 during a DDoS attack 90% of attacker’s requests are denied
Summary Overlays hold the keys to the rapid evolution of Internet services. Three key types of overlays.
Thank you and Questions