Presentation is loading. Please wait.

Presentation is loading. Please wait.

Session-Based Mobility An End-to-End Approach Alex C. Snoeren MIT Laboratory for Computer Science (with Hari Balakrishnan, Frans Kaashoek, and Jon Salz)

Similar presentations


Presentation on theme: "Session-Based Mobility An End-to-End Approach Alex C. Snoeren MIT Laboratory for Computer Science (with Hari Balakrishnan, Frans Kaashoek, and Jon Salz)"— Presentation transcript:

1 Session-Based Mobility An End-to-End Approach Alex C. Snoeren MIT Laboratory for Computer Science (with Hari Balakrishnan, Frans Kaashoek, and Jon Salz)

2 An Example: SSH Session Remote log in / port forwarding  Provides secure remote communication  Data compressed and encrypted as a stream SSHd shell elm X app server client ssh

3 Today’s Network Abstraction System provides a connection service  Binds [, ] tuple Any change invalidates the connection No support for periods of disconnectivity SSH Client TCPIP SSH Server TCPIP Each application must perform ad-hoc recovery and disconnection management, or fail

4 Mobile Networking Challenges 1.Changing end points  Change in node attachment point  Multi-homing (multiple network interfaces)  Readdressing: DHCP renewal, NAT crash, etc. 2.Internet “Suspend/Resume”  Wireless device goes out of range  Save device power or connectivity costs  Transient Internet connectivity outage Complete solution needs to address both

5 Current Approaches Only solve half the problem  Mobile IP, VIP, Physical Media Independence, …  MSOCKS, SLM, Application check-pointing, … Don’t support intelligent adaptation  Rocks, Mobile sockets, Mobile file systems, … Use application-specific point solutions  RTSP, SCTP, SIP multimedia calls, …  Web shopping carts, J2EE servlets, …  HTTP range requests, FTP restart points, …

6 Reconsider System Abstraction Many applications create “sessions”  Long-lived: collections of connections  Entity of processing and resource allocation Can we provide a useful system abstraction?  Flexible enough for different users, applications  Efficient to implement, leverage shared resources  Easy to use, but backwards compatible Session is the salient mobility entity

7 1, 2, 3… Mobility 1.System Session Abstraction [SBK’01]  Collaborative management of end point changes  Support for unmodified legacy apps [SaSB’02] 2.Preserving Reliable Connections  TCP connection migration [SB’00] 3.Session Continuations [SSaBK’02]  Application-guided disconnection handling  System support for long-lived sessions [SAB’01]

8 Goals: Minimally Invasive Overhead only on mobility events As secure as non-mobile situations Require no infrastructure support  Demonstrate pure end-to-end solution  Deployable via proxies if desired Enable intelligent session adaptation Transparency is always an option

9 Managing Changing End Points Applications handle discovery  Lots of ways to resolve to pair User specifies local network policy  Different users, different choices System manages tracking  Clear semantics, scalable, and efficient

10 End-to-End Session Tracking Discovery Service (e.g., Dynamic DNS) Mobile Node foo.bar.edu Discovery Query (e.g., DNS Lookup) Session Initiation xxx.xxx.xxx.xxx Correspondent Node Discovery Update (e.g., DNS Update) Session Update yyy.yyy.yyy.yyy

11 System Session Abstraction Set of network connections to remote end point  All involved in single collaborative activity Application identifies end points, initiates connections System manages tracking  Maintains semantics of reliable protocols  Exposes changes to apps that register interest /* Find remote end point */ dhost = gethostbyname(dst); /* Validate remote end point */ daddr = valid_address(dhost); /* Create a new session */ sid = session_create(flags, …); /* Specify end points discovery */ set_lookupfunc(sid, gethostbyname, dst, hostname); /* Create two connections */ connect(a, daddr, …); add_connection(sid, a); connect(b, daddr, …); add_connection(sid, b); /* Register interest in changes */ register_handler(sid, mobhandler);

12 session_create()add_connection() Robust Session Management EstablishedLostConnectingMigrating Frozen Mobility Daemon Session Layer App Not Supported Diffie-Hellman Key Exchange Challenge/Response Protocol C, P Policy Engine Mobility Daemon Session Layer App Policy Engine

13 Dynamic Library Interposition Legacy Application libmigrate Kernel connect(…) fd Migrate Daemon sid = session_create(); add_connection(sid, …); Session Handle libc connect(…) syscall(connect,…) fd Session Establishment Intercept POSIX API  Wrap each connection in its own session

14 PART 1 Problem: Track changing end points Solution: System session abstraction PART 2 Problem: Preserve reliable connections Solution: TCP Migrate Options PART 3 Problem: Internet “Suspend/Resume” Solution: Session continuations

15 Connection Preservation Provide stable view of dynamic kernel socket But what about reliable connections?  User level: Double buffer, session layer re-sync  Full access: Extend transport protocol KernelAppKernelApp Session Layer Session Layer

16 SYN 0 ACK 1 Transmission Control Protocol The reliable protocol  91% of all bytes, 83% of all packets [CAIDA ’00]  SSH, FTP, HTTPS, telnet, IMAP, SMTP, etc. SYN/ACK handshake  Negotiates options, sequence space Reliable transport  In-order delivery  Retransmits lost data ACK 2 DATA 1 ACK 3 DATA 2 SYN 0 / ACK 1

17 TCP Connection Migration Resume previous connection with new one  Provide special Migrate TCP option  Sent on SYN packets of new connection Preserve buffers and sequence space  Retransmission engine just works  Compatible with SACK, FACK, Snoop… Entirely backwards compatible

18 TCP Connection Migration 1.Initial SYN 2.SYN/ACK 3.ACK (with data) 4.Normal data transfer 5.Migrate SYN 6.Migrate SYN/ACK 7.ACK (with data) SYN 0 ACK 1 SYN 0 / ACK 1 fixedmobile (MigrateOK, …) 1. 3. SYN 22 (Migrate T, …) 5. ACK 48 7. 2. SYN 46 / ACK 23 6. DATA 47 ACK 23 4. DATA 22 ACK 47

19 TCP State Machine Changes MIGRATE_WAIT 2MSL timeout recv: SYN (migrate T, R) send: SYN, ACK 2 new transitions between existing states - and - 1 new state handles pathological race condition recv: SYN (migrate T, R) send: SYN, ACK recv: RST appl: migrate send: SYN (migrate T, R)

20 Migration Trace SYN/ACK Buffered Packets (old address) Migrate SYN

21 A Lossy Trace with SACK SYN/ACK Migrate SYN Buffered Packets (old address) ACK w/SACK

22 PART 1 Problem: Track changing end points Solution: System session abstraction PART 2 Problem: Preserve reliable connections Solution: TCP Migrate Options PART 3 Problem: Internet “Suspend/Resume” Solution: Session continuations

23 Internet Suspend/Resume Intelligent disconnection handling  Buffer otherwise lost communications  Emulate remote services locally  Release resources while disconnected Graceful resumption handling  Reallocate resources and restore state  Adapt to new network conditions  Indicate how to resume processing

24 Motivating Continuations Observation: complete context inappropriate  Some previous state irrelevant, or, even worse,  Invalidated due to change in conditions  (C.f. TCP Connection state) Similar problem in programming languages  Block when state and context is complex  Pass continuation if state and context is small Continuations can request blocking behavior

25 Using Continuations User level App Kernel SL Expand session notion  Align with application  Annotate state, resources,  associated computation  Include system state Provide synchronization and preservation assistance  Shared attribute/value store  Persist local system IPC, file descriptors System invokes continuation at session resumption  Generated in response to disconnection notification

26 Conserving Session Resources SSHd emacs Socket Buffers Network Ports Open Files Kernel Resources dedicated to active session >> Resources dedicated to suspended session Release system resources as well Continuation generation is recursive!

27 SSH Continuation Don’t suspend until it’s convenient  Process pending data, deliver to app or network Only a minimum of state to preserve  Auth, crypto, and compression state  Preserve IPC to child processes Notify child processes of disconnection  Tunneled apps share connectivity fate Added ~250 LOC in an afternoon

28 Continuation Efficiency Anecdotal evidence of size and speed SSHdFTPd 0 200 400 600 800 1000 1200 1400 1600 1800 2000 Memory Usage (KB) 0 50 100 150 200 250 300 Restart Latency (msec) SSHdFTPd System Resources Shared Pages Non-Shared Pages Startup Latency Session Overhead Session Continuation

29 Continuation Solution Spectrum Fast TCP handoff  One RTT Normal movement  Four RTTs + re-sync Suspend/Resume  Complete flexibility Control Channel SYN Response Challenge Data SYN Data SYN/ACK Control Channel SYN/ACK Request Continuation Info Resumed connection +

30 Conclusion & Future Directions Sessions are viable system abstractions  Useful, flexible, and easy to use  Admit robust, efficient implementation Continuations enable “suspend/resume” Useful for mobility across hosts?  Continuations eliminate dependencies  An area for future exploration…

31 PART 1 Problem: Changing end points Solution: System session abstraction PART 3 Problem: Internet “Suspend/Resume” Solution: Session continuations

32 System Session Tracking Directly notify remote end point  Subject to same delays as communication Discovery service update is off path  No impact on handoff performance Rediscover only if necessary  Simultaneous moves of both end points

33 Solution: Session Continuations Need explicit disconnection directive 1.What to do if disconnected 2.What to do upon resumption App needs to answer first question  Perform necessary disconnection duties  Prepare an answer for question #2 part of #1 Answer to #2 is a session continuation

34 Application Migrate Architecture Session Layer Session Creation Connectivity Monitor Connectivity Updates Policy Engine Policy Decisions Mobility Events Kernel

35 Session Continuations Goal: suspend/resume operation  Perform needed cleanup on disconnect  Specify what to do on resumption How: encapsulate “rest of the session”  Package together remaining computation and the state, context & resources necessary to execute it Generate default continuations for sessions that don’t provide their own

36 Deploying a New Abstraction Legacy Application libc Kernel connect(…) syscall(connect,…) fd Legacy Apps deal in connections, not sessions Managed through the standard POSIX API

37 An Example: SSH Session Remote log in / port forwarding  Provides secure remote communication  Data compressed and encrypted as a stream SSHd shell elm X app Mobility Daemon server client ssh Mobility Daemon

38 SYN 0 ACK 1 TCP Overview Connection-oriented  Binds two end points  Specified by IP Address SYN/ACK handshake  Negotiates options, sequence space Reliable transport  In-order delivery  Retransmits lost data ACK 2 DATA 1 ACK 3 DATA 2 SYN 0 / ACK 1

39 Transmission Control Protocol Internet standard for reliable transport  91% of all bytes, 83% of all packets [CAIDA ’00] Transport for many session protocols  SSH, FTP, HTTPS, telnet, imap, SMTP, etc. 4 3 2 1 ACK

40 Current Approaches Systems bundle discovery and tracking System does both (e.g. Mobile IP)  Limits granularity of tracking -or – Application does both  Makes tracking unnecessarily expensive Interface selection is pre-determined

41 Managing Changing End Points 1.Discover remote end points of interest  DNS, service location, resource discovery, … 2.Select appropriate local end point  Ethernet, 802.11, cellular, Bluetooth, … 3.Communications track both as they move  Enhanced Mobile IP, Persistent connections, …

42 Flexible: Separate Each Activity Applications handle discovery  Lots of ways to resolve to pair User specifies local network policy  Different users, different choices System manages tracking  Follows the application-specified end point  Clear semantics, scalable, and efficient

43 Eliminating Per-Packet Overhead Double buffering takes time, memory  Unify session/connection buffers, or  Preserve connection buffers Synchronization adds latency  Eliminate need to synchronize connections  Needs to be entirely backwards-compatible


Download ppt "Session-Based Mobility An End-to-End Approach Alex C. Snoeren MIT Laboratory for Computer Science (with Hari Balakrishnan, Frans Kaashoek, and Jon Salz)"

Similar presentations


Ads by Google