Presentation is loading. Please wait.

Presentation is loading. Please wait.

LNA and DOA Aditya Akella 3/11/2010. A Layered Naming Architecture for the Internet Hari Balakrishnan, Karthik Lakshminarayanan, Sylvia Ratnasamy, Scott.

Published byDonald McDonald Modified over 8 years ago

Similar presentations

Presentation on theme: "LNA and DOA Aditya Akella 3/11/2010. A Layered Naming Architecture for the Internet Hari Balakrishnan, Karthik Lakshminarayanan, Sylvia Ratnasamy, Scott."— Presentation transcript:

1 LNA and DOA Aditya Akella 3/11/2010

2 A Layered Naming Architecture for the Internet Hari Balakrishnan, Karthik Lakshminarayanan, Sylvia Ratnasamy, Scott Shenker, Ion Stoica, Michael Walfish From Sigcomm 2004

3 Architectural “Brittleness” Hosts are tied to IP addresses – Mobility and multi-homing pose problems Services are tied to hosts – A service is more than just one host: replication, migration, composition Packets might require processing at intermediaries before reaching destination – “Middleboxes” (NATs, firewalls, …)

4 Naming Can Help Proper naming can cure some ills – Layered naming provides layers of indirection and shielding Many proposals advocate large-scale, overarching architectural change – Routers, end-hosts, services LNA proposal: – Changes “only” hosts and name resolution – Synthesis of much previous work

5 Internet Naming is Host-Centric Two global namespaces: DNS and IP addresses These namespaces are host-centric – IP addresses: network location of host – DNS names: domain of host – Both closely tied to an underlying structure – Motivated by host-centric applications

6 The Trouble with Host-Centric Names Host-centric names are fragile – If a name is based on mutable properties of its referent, it is fragile – Example: If Joe’s Web page www.berkeley.edu/~hippie moves to www.wallstreetstiffs.com/~yuppie, Web links to his page break Fragile names constrain movement – IP addresses are not stable host names – DNS URLs are not stable data names

7 Key Architectural Questions 1.Which entities should be named? 2.What should names look like? 3.What should names resolve to?

8 Name Services and Hosts Separately Service identifiers (SIDs) are host- independent data names End-point identifiers (EIDs) are location- independent host names Protocols bind to names, and resolve them – Apps should use SIDs as data handles – Transport connections should bind to EIDs Binding principle: Names should bind protocols only to relevant aspects of underlying structure

9 The Naming Layers User-level descriptors (e.g., search) App session App-specific search/lookup returns SID Transport Resolves SID to EID Opens transport conns IP Resolves EID to IP Bind to EID Use SID as handle IP hdrEIDTCPSID… IP Transport App session Application

10 Key Architectural Questions 1.Which entities should be named? 2.What should names look like? 3.What should names resolve to?

11 SIDs and EIDs should be Flat 0xf436f0ab527bac9e8b100afeff394300 Flat names impose no structure on entities – Structured names stable only if name structure matches natural structure of entities – Can be resolved scalably using, e.g., DHTs Flat names can be used to name anything – Once you have a large flat namespace, you never need other global “handles” Stable-name principle: A stable name should not impose restrictions on the entity it names

12 Resolution Service Flat Names Enable Flexible Migration <A HREF= http://f012012/pub.pdf >here is a paper <A HREF= http://f012012/pub.pdf >here is a paper HTTP GET: /docs/pub.pdf 10.1.2.3 /docs/ 20.2.4.6 HTTP GET: /~user/pubs/pub.pdf (10.1.2.3,80, /docs/) (20.2.4.6,80, /~user/pubs/) /~user/pubs/ SID abstracts all object reachability information Objects: any granularity (files, directories) Benefit: Links (referrers) don’t break Domain H Domain Y

13 Flat Names are a Two-Edged Sword Global resolution infrastructure needed – Perhaps as “managed DHT” infrastructure Lack of local name control Lack of locality Not user-friendly – User-level descriptors are human-friendly

14 Key Architectural Questions 1.Which entities should be named? 2.What should names look like? 3.What should names resolve to? DOA

15 Delegation Names usually resolve to “location” of entity Packets might require processing at intermediaries before reaching destination Such processing today violates layering – Only element identified by packet’s IP destination should inspect higher layers Delegation principle: A network entity should be able to direct resolutions of its name not only to its own location, but also to chosen delegates

16 Take-Home Points from LNA Two flat naming layers fix brittleness – SIDs and EIDs Delegation is a powerful primitive – The follow-on DOA paper shows that With flat SID/EID + delegation: – Like hosts, data becomes first-class entity – Middleboxes gracefully accommodated IP will continue to be a rigid infrastructure – But naming is more malleable and can reduce architectural brittleness – Deployment requires Changes to hosts Global resolution infrastructure

17 Michael Walfish, Jeremy Stribling, Maxwell Krohn, Hari Balakrishnan, Robert Morris, and Scott Shenker From OSDI 2004 Middleboxes No Longer Considered Harmful

18 The Problem Middlebox: interposed entity doing more than IP forwarding (NAT, firewall, cache, …) Not in harmony with the Internet architecture No unique identifiers and on-path blocking:  Barrier to innovation  Workarounds add complexity 10.1.1.4 NAT B Host A New traffic class Firewall Host D C

19 Reactions to the Problem DOA goal: Architectural extension in which: Middleboxes first-class Internet citizens Harmful effects reduced, good effects kept New functions arise Purist: can’t live with middleboxes Pragmatist: can’t live without middleboxes Pluralist (crazy researchers): purist, pragmatist both right

20 DOA: Delegation-Oriented Architecture Architectural extension to Internet. Core properties (borrowed from LNA): 1. Use globally unique identifiers for hosts 2. Let receivers, senders invoke (and revoke) off- path boxes: delegation primitive NAT Host A Firewall Host D 10.1.1.4 0xf12312 B C

21 Globally Unique Identifiers for Hosts (EIDs) Location-independent, flat, big namespace Hash of a public key  self-certification, security EIDs Carried in packets DOA hdr IP hdr transport hdr body source EID destination EID

22 Delegation Primitive Let hosts invoke, revoke off-path boxes Receiver-invoked: sender resolves receiver’s EID to  An IP address or  An EID or sequence of EIDs DOA header has destination stack of EIDs Sender-invoked: push EID onto this stack IP hdr transport hdr body source EID destination EID stack

23 DOA in a Nutshell Delegate IP: j End-host EID: e h IP: i h j DHT LOOKUP( e h ) Process Source EID: e s IP: i s End-host replies to source by resolving e s Authenticity, performance: discussed in the paper DOA Packet IP i s j transport body DOA e s e h DOA transport DOA e s e h

24 A Bit More About DOA Incrementally deployable (same as LNA). Requires:  Changes to hosts and middleboxes  No changes to IP routers (design requirement)  Global resolution infrastructure for flat IDs

25 Off-path Firewall e h  (i h, Rules) Network Stack isis jeses [e FW e h ] ihih j eses eheh eheh e FW j DHT Source EID: e s IP: i s Firewall End-host ihih j EID: e FW EID: e h Sign (MAC) Verify

26 Off-path Firewall: Benefits Simplification for end-users who want it  Instead of a set of rules, one rule:  “Was this packet vetted by my FW provider?” Firewall can be anywhere, leading to:  Third-party service providers  Possible market for such services  Providers keeping abreast of new applications DOA enables this; doesn’t mandate it.

27 Reincarnated NAT End-to-end communication Port fields not overloaded  Especially useful when NATs are cascaded isis 5.1.9.9 eses eded eded NATed network DHT Source EID: e s IP: i s Destination EID: e d isis 10.1.1.3 eses eded 5.1.9.9 10.1.1.1 10.1.1.3 NAT e d  10.1.1.3

28 Summary and Conclusion DOA’s goals: architectural extension to: – Reduce middleboxes’ badness + keep goodness DOA’s properties: – Topology-independent, globally unique host ids – Let end-hosts invoke off-path boxes DOA lets users, admins outsource functions – Competitive market in managed services – Can reconcile the purist and the pragmatist Delegation: new property, not new philosophy

Download ppt "LNA and DOA Aditya Akella 3/11/2010. A Layered Naming Architecture for the Internet Hari Balakrishnan, Karthik Lakshminarayanan, Sylvia Ratnasamy, Scott."

Similar presentations

Holding the Internet Accountable David Andersen, Hari Balakrishnan, Nick Feamster, Teemu Koponen, Daekyeong Moon, Scott Shenker.

Holding the Internet Accountable David Andersen, Hari Balakrishnan, Nick Feamster, Teemu Koponen, Daekyeong Moon, Scott Shenker.
1 Data-Oriented Network Architecture (DONA) Scott Shenker (M. Chowla, T. Koponen, K. Lakshminarayanan, A. Ramachandran, A. Tavakoli, I. Stoica)

1 Data-Oriented Network Architecture (DONA) Scott Shenker (M. Chowla, T. Koponen, K. Lakshminarayanan, A. Ramachandran, A. Tavakoli, I. Stoica)
Michael Walfish, Jeremy Stribling, Maxwell Krohn, Hari Balakrishnan, Robert Morris, and Scott Shenker * 7 December 2004 MIT Computer Science and AI Lab.

Michael Walfish, Jeremy Stribling, Maxwell Krohn, Hari Balakrishnan, Robert Morris, and Scott Shenker * 7 December 2004 MIT Computer Science and AI Lab.
1 Rethinking the Internet Architecture Process, Architecture, and Troubleshooting Scott Shenker (joint work with many people, including Katerina Argyraki,

1 Rethinking the Internet Architecture Process, Architecture, and Troubleshooting Scott Shenker (joint work with many people, including Katerina Argyraki,
DHT-Oriented Architecture: A Prototype Maxwell Krohn, Jeremy Stribling, Michael Walfish MIT 6.824 Project Demonstration 29 April 2004.

DHT-Oriented Architecture: A Prototype Maxwell Krohn, Jeremy Stribling, Michael Walfish MIT Project Demonstration 29 April 2004.
Internet Indirection Infrastructure Ion Stoica and many others… UC Berkeley.

Internet Indirection Infrastructure Ion Stoica and many others… UC Berkeley.
10/31/2007cs6221 Internet Indirection Infrastructure ( i3 ) Paper By Ion Stoica, Daniel Adkins, Shelley Zhuang, Scott Shenker, Sonesh Sharma Sonesh Sharma.

10/31/2007cs6221 Internet Indirection Infrastructure ( i3 ) Paper By Ion Stoica, Daniel Adkins, Shelley Zhuang, Scott Shenker, Sonesh Sharma Sonesh Sharma.
Middle Boxes Lixia Zhang UCLA Computer Science Dept Sprint Research Symposium March 8-9, 2000.

Middle Boxes Lixia Zhang UCLA Computer Science Dept Sprint Research Symposium March 8-9, 2000.
Internet Indirection Infrastructure Ion Stoica UC Berkeley.

Internet Indirection Infrastructure Ion Stoica UC Berkeley.
Rethink the design of the Internet CSCI 780, Fall 2005.

Rethink the design of the Internet CSCI 780, Fall 2005.
Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences University of California, Berkeley Berkeley,

Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences University of California, Berkeley Berkeley,
ISOC-Chicago 2001John Kristoff - DePaul University1 Journey to the Center of the Internet John Kristoff +1 312 362-5878 DePaul University.

ISOC-Chicago 2001John Kristoff - DePaul University1 Journey to the Center of the Internet John Kristoff DePaul University.
Part I: Core networking concepts Naming & Addressing.

Part I: Core networking concepts Naming & Addressing.
1 Web Proxies Dr. Rocky K. C. Chang 6 November 2005.

1 Web Proxies Dr. Rocky K. C. Chang 6 November 2005.
CS 268: Computer Networking L-18 Naming. 2 Overview i3 Layered naming DOA SFR.

CS 268: Computer Networking L-18 Naming. 2 Overview i3 Layered naming DOA SFR.
CS 268: Project Suggestions Ion Stoica January 23, 2006.

CS 268: Project Suggestions Ion Stoica January 23, 2006.
1 A Data-Oriented Network Architecture ACM Sigcomm’07 (M. Chowla, T. Koponen, K. Lakshminarayanan, A. Ramachandran, A. Tavakoli, Scott Shenker, I. Stoica)

1 A Data-Oriented Network Architecture ACM Sigcomm’07 (M. Chowla, T. Koponen, K. Lakshminarayanan, A. Ramachandran, A. Tavakoli, Scott Shenker, I. Stoica)
1 Link Layer & Network Layer Some slides are from lectures by Nick Mckeown, Ion Stoica, Frans Kaashoek, Hari Balakrishnan, and Sam Madden Prof. Dina Katabi.

1 Link Layer & Network Layer Some slides are from lectures by Nick Mckeown, Ion Stoica, Frans Kaashoek, Hari Balakrishnan, and Sam Madden Prof. Dina Katabi.
Postmodern Internet Architecture Defense Zhaosheng Zhu Kevin Tan.

Postmodern Internet Architecture Defense Zhaosheng Zhu Kevin Tan.
1 Routing as a Service Karthik Lakshminarayanan (with Ion Stoica and Scott Shenker) Sahara/i3 retreat, January 2004.

1 Routing as a Service Karthik Lakshminarayanan (with Ion Stoica and Scott Shenker) Sahara/i3 retreat, January 2004.

Similar presentations

Ads by Google