Presentation is loading. Please wait.

Presentation is loading. Please wait.

Towards a New Naming Architectures

Published byMichael Tucker Modified over 9 years ago

Similar presentations

Presentation on theme: "Towards a New Naming Architectures"— Presentation transcript:

1 Towards a New Naming Architectures
Ion Stoica, Scott Shenker, and many others…

2 Goals Support Make middle-boxes part of architecture Security …
Mobility: machine, data, session Multi-homing, multiple-interfaces Make middle-boxes part of architecture Security Better support against DDoS Anonymity

3 Designs Host Identity Protocol (HIP)
Internet Indirection Infrastructure (i3) Semantic-Free Referencing (SFR) Layered Naming Architecture (LNA)

4 Designs Host Identity Protocol (HIP)
Internet Indirection Infrastructure (i3) Semantic-Free Referencing (SFR) Layered Naming Architecture (LNA)

5 Host Identity Protocol (HIP)
Provides: Fast mobility Multi-homing Support for different addressing schemes Transparent IPv4 to IPv6 migration Security Anonymity Secure and authenticate datagrams

6 HIT replaces IP address as a name
HIP A public key used to identify an end-host A 128-bit host identity tag (HIT) used for system calls HIT is a hash on public key Global scope A 32-bit local scope identifier (LSI) for IPv4 compatibility HIT replaces IP address as a name of a system

7 Protocol Stack Process Process Transport <IPaddr, port>
<HIT, port> IP Layer HIP Layer <IPaddr> <HIT> IP Layer <IPaddr>

8 How It Works? Client app Client app DNS library DNS Transport
HIT DNS request Client app Client app DNS library DNS DNS reply = pubkey (P) send(HIT) HIT=hash(P) IPaddr Transport Transport HIP daemon 4-way authentication HIP daemon HIT HIP Layer IPaddr, P HIP layer send(IPaddr) IPsec IPsec

9 Designs Host Identity Protocol (HIP)
Internet Indirection Infrastructure (i3) Semantic-Free Referencing (SFR) Layered Naming Architecture (LNA)

10 Internet Indirection Infrastructure (i3)
Supports: Mobility Multi-homing Anycast Multicast Accommodate middle-boxes Security Anonymity DoS

11 Internet Indirection Infrastructure (i3)
Each packet is associated an identifier id To receive a packet with identifier id, receiver R maintains a trigger (id, R) into the overlay network id data id data Sender id R trigger Receiver (R) R data

12 Integrate Middle-Boxes
Use a stack of IDs to encode sequence of operations to be performed on data path Transcoder (T) idT,id data idT,id data id data Receiver (R) R data Sender T,id data id R idT T

13 ID can identify any entity that
i3 Identifiers 256-bit IDs ID ultimately mapped to an (IPaddr:port) Mapping under application control ID can represent A host, flow, service, etc ID can identify any entity that can receive packets

14 ID/<IPlocal, port>
Protocol Stack Process Process local scope Transport ID/<IPlocal, port> Transport <IPaddr, port> i3 layer (IPlocal->ID) <ID> IP Layer <IPaddr> IP Layer <IPi3> Sender specific

15 How It Works? (Native i3 Applications)
Receiver R DNS request DNS Client app Client app DNS reply = id send(id) Transport Transport i3 daemon send(id) i3 layer i3 layer send(IPi3) send(id) id R IPi3 IP IP

16 How It Works? (Legacy Applications)
IP address: r DNS request Client app Client app DNS library DNS DNS reply = id IPlocal Transport id Transport i3 daemon i3 daemon send(IPlocal, port) send(r,p) i3 layer i3 layer id,IPlocal send(IPi3) send(id) id (r:p) IPi3 IP IP

17 Designs Host Identity Protocol (HIP)
Internet Indirection Infrastructure (i3) Semantic-Free Referencing (SFR) Layered Naming Architecture (LNA)

18 Goal: Address DNS Limitations
DNS names identify machines and organizations not data Data cannot be easily moved Data cannot be easily replicated DNS names are brand names Political fighting

19 SFR Solution Use IDs instead of DNS name
ID space is flat and IDs have no semantics A generalization of DNS Returns metadata instead of an IP address How to implement it? Use distributed hash-tables (DHTs)!

20 DHT Primer Interface Highly scalable Highly robust Highly dynamic
put(id, data) data = get(id) Highly scalable O(log N) hops to execute an operation Highly robust Can tolerate ~50% of nodes going down Highly dynamic Entries can be changed very fast

21 Designs Host Identity Protocol (HIP)
Internet Indirection Infrastructure (i3) Semantic-Free Referencing (SFR) Layered Naming Architecture (LNA)

22 Layered Naming Architecture (LNA)
Supports: Mobility Multi-homing Integrate middle-boxes Security (through middle-boxes) Anonymity DoS

23 A Old Naming Taxonomy Four kinds of network entities (Saltzer):
Services (and data) Hosts (endpoints) Network attachment points Paths Should name each individually: Ignore paths (router involvement) IP addresses name attachment points Endpoint identifiers (EIDs) name hosts Service identifiers (SIDs) name services/data

24 Protocol Stack Process Process SID↔EID <SID> Transport
<IPaddr, port> Transport <EID, port> IP Layer EID↔IP <IPaddr> <EID> IP Layer <IPaddr>

25 How It Works? “DNS” Client app Client app SID↔EID SID↔EID LNA daemon
DNS request “DNS” Client app Client app DNS reply = sid send(sid) SID↔EID eid = get(sid) SID↔EID put(sid, eid) put(eid, IP) LNA daemon DHT send(eid) Transport IP = get(eid) Transport send(eid) EID↔IP EID↔IP Intermediary (IPi) send(IPi) IP IP

26 Principles Don’t bind to lower-level IDs prematurely
Host mobility and renumbering (HIP) Service and data migration Resolution of name need not point to object itself, but can point to its delegate Resolution can point to intermediaries who process packets on behalf of the named target

27 Naming Architecture Requirements
There should be a layer in the protocol stack that uses IDs not IP addresses Mobility, multi-homing, replications, … IDs should be able to name arbitrary objects IDs should encode as little semantics as possible End-points should be able to use indirection at the ID level Integrate middle boxes

28 How Many ID Layers? HIP: one layer; IDs identify machines
SFR: one layer; IDs identify data i3: one layer; IDs identify arbitrary objects LNA: two layers EIDs identify machines SIDs identify everything else

29 When is the Resolution IDIP Done?
SFR: above transport HIP: below transport, at HIP layer i3: in the infrastructure LNA: below transport But IP address can be an intermediate point

30 Security Support? HIP: i3 LNA Authentication, data integrity
Anonymity at transport layer Transport layer resistance to DoS attacks i3 Anonymity at IP layer Some DoS defense at IP layer Everything else can be done though middle-boxes LNA Everything can be done through middle-boxes

31 Resources HIP: http://homebase.htt-consult.com/~hip/
SFR: i3:

Download ppt "Towards a New Naming Architectures"

Similar presentations

Mobile IP.. 45-7028-115-6. How Mobile IP Works? Agenda What problems does Mobile IP solve? Mobile IP: protocol overview Scope Requirements Design goals.

Mobile IP How Mobile IP Works? Agenda What problems does Mobile IP solve? Mobile IP: protocol overview Scope Requirements Design goals.
© Antônio M. Alberti 2011 Host Identification and Location Decoupling: A Comparison of Approaches Bruno Magalhães Martins Antônio Marcos Alberti.

© Antônio M. Alberti 2011 Host Identification and Location Decoupling: A Comparison of Approaches Bruno Magalhães Martins Antônio Marcos Alberti.
Internet Indirection Infrastructure (i3 ) Ion Stoica, Daniel Adkins, Shelley Zhuang, Scott Shenker, Sonesh Surana UC Berkeley SIGCOMM 2002 Presented by:

Internet Indirection Infrastructure (i3 ) Ion Stoica, Daniel Adkins, Shelley Zhuang, Scott Shenker, Sonesh Surana UC Berkeley SIGCOMM 2002 Presented by:
1 Data-Oriented Network Architecture (DONA) Scott Shenker (M. Chowla, T. Koponen, K. Lakshminarayanan, A. Ramachandran, A. Tavakoli, I. Stoica)

1 Data-Oriented Network Architecture (DONA) Scott Shenker (M. Chowla, T. Koponen, K. Lakshminarayanan, A. Ramachandran, A. Tavakoli, I. Stoica)
Michael Walfish, Jeremy Stribling, Maxwell Krohn, Hari Balakrishnan, Robert Morris, and Scott Shenker * 7 December 2004 MIT Computer Science and AI Lab.

Michael Walfish, Jeremy Stribling, Maxwell Krohn, Hari Balakrishnan, Robert Morris, and Scott Shenker * 7 December 2004 MIT Computer Science and AI Lab.
Why do current IP semantics cause scaling issues? −Today, “addressing follows topology,” which limits route aggregation compactness −Overloaded IP address.

Why do current IP semantics cause scaling issues? −Today, “addressing follows topology,” which limits route aggregation compactness −Overloaded IP address.
1 Internet Protocol Version 6 (IPv6) What the caterpillar calls the end of the world, nature calls a butterfly. - Anonymous.

1 Internet Protocol Version 6 (IPv6) What the caterpillar calls the end of the world, nature calls a butterfly. - Anonymous.
IP Version 6 Next generation IP Prof. P Venkataram ECE Dept. IISc.

IP Version 6 Next generation IP Prof. P Venkataram ECE Dept. IISc.
Internet Indirection Infrastructure Presented in 294-4 by Jayanthkumar Kannan On 09/17/03.

Internet Indirection Infrastructure Presented in by Jayanthkumar Kannan On 09/17/03.
1/32 Internet Architecture Lukas Banach Tutors: Holger Karl Christian Dannewitz Monday 26.09.2005 C. Today I³SI³HIPHI³.

1/32 Internet Architecture Lukas Banach Tutors: Holger Karl Christian Dannewitz Monday C. Today I³SI³HIPHI³.
Host Mobility Using an Internet Indirection Infrastructure by Shelley Zhuang, Kevin Lai, Ion Stoica, Randy Katz, Scott Shenker presented by Essi Vehmersalo.

Host Mobility Using an Internet Indirection Infrastructure by Shelley Zhuang, Kevin Lai, Ion Stoica, Randy Katz, Scott Shenker presented by Essi Vehmersalo.
I3 Status Ion Stoica UC Berkeley Jan 13, 2003. The Problem Indirection: a key technique in implementing many network services,

I3 Status Ion Stoica UC Berkeley Jan 13, The Problem Indirection: a key technique in implementing many network services,
Internet Indirection Infrastructure Ion Stoica and many others… UC Berkeley.

Internet Indirection Infrastructure Ion Stoica and many others… UC Berkeley.
10/31/2007cs6221 Internet Indirection Infrastructure ( i3 ) Paper By Ion Stoica, Daniel Adkins, Shelley Zhuang, Scott Shenker, Sonesh Sharma Sonesh Sharma.

10/31/2007cs6221 Internet Indirection Infrastructure ( i3 ) Paper By Ion Stoica, Daniel Adkins, Shelley Zhuang, Scott Shenker, Sonesh Sharma Sonesh Sharma.
3-1 Distributed Hash Tables CS653, Fall 2010. 3-2 Implementing insert/retrieve: distributed hash table (DHT) r Hash table m data structure that maps “keys”

3-1 Distributed Hash Tables CS653, Fall Implementing insert/retrieve: distributed hash table (DHT) r Hash table m data structure that maps “keys”
CS 268: Lecture 5 (Project Suggestions) Ion Stoica February 6, 2002.

CS 268: Lecture 5 (Project Suggestions) Ion Stoica February 6, 2002.
Internet Indirection Infrastructure Ion Stoica UC Berkeley.

Internet Indirection Infrastructure Ion Stoica UC Berkeley.
I3 Update Ion Stoica and many others… UC Berkeley January 10, 2005.

I3 Update Ion Stoica and many others… UC Berkeley January 10, 2005.
Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences University of California, Berkeley Berkeley,

Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences University of California, Berkeley Berkeley,
Internet Indirection Infrastructure (i3) Status – Summer ‘03 Ion Stoica UC Berkeley June 5, 2003.

Internet Indirection Infrastructure (i3) Status – Summer ‘03 Ion Stoica UC Berkeley June 5, 2003.

Similar presentations

Ads by Google