Abstractions for Routing. Abstractions for Network Routing

Similar documents
Pathlet Routing P. Brighten Godfrey Igor Ganichev, Scott Shenker, and Ion Stoica

Future Internet Architectures

Lecture 11: WAN Routing Alternatives"

Pathlet Routing. P. Brighten Godfrey, Igor Ganichev, Scott Shenker, and Ion Stoica SIGCOMM (maurizio patrignani)

A Routing Infrastructure for XIA

Networking Review & Grand Challenges

Bootstrapping evolvability for inter-domain routing with D-BGP. Raja Sambasivan David Tran-Lam, Aditya Akella, Peter Steenkiste

Networking Review & Grand Challenges

Pathlet Routing ABSTRACT 1 INTRODUCTION

Efficient Internet Routing with Independent Providers

Interdomain Routing Design for MobilityFirst

Software-Defined Internet Architecture: Decoupling Architecture from Infrastructure

Path-Vector Contract Routing

CS 640: Introduction to Computer Networks. Intra-domain routing. Inter-domain Routing: Hierarchy. Aditya Akella

Interdomain Multipath Routing

Towards an Evolvable Internet Architecture

XIA: Lessons Learned and Open Issues

CS4450. Computer Networks: Architecture and Protocols. Lecture 15 BGP. Spring 2018 Rachit Agarwal

SCION: Scalability, Control and Isolation On Next-Generation Networks

Computer Science 461 Final Exam May 22, :30-3:30pm

Path Splicing. Murtaza Motiwala, Megan Elmore, Nick Feamster and Santosh Vempala ABSTRACT

Tag Switching. Background. Tag-Switching Architecture. Forwarding Component CHAPTER

Content as a Network Primitive

Locator ID Separation Protocol (LISP) Overview

Interdomain Routing Reading: Sections K&R EE122: Intro to Communication Networks Fall 2007 (WF 4:00-5:30 in Cory 277)

APT: A Practical Transit-Mapping Service Overview and Comparisons

On Service Composition Algorithm for Open Marketplaces of Network Services

Interdomain routing CSCI 466: Networks Keith Vertanen Fall 2011

Module: Routing Security. Professor Patrick McDaniel Spring CMPSC443 - Introduction to Computer and Network Security

Dissemination of Paths in Path-Aware Networks

SDN-enabled Internet Exchange Point

Better Interdomain Path Diversity with BGP Path Splicing

Interdomain Routing and Connectivity

Introduction to Segment Routing

TBGP: A more scalable and functional BGP. Paul Francis Jan. 2004

Outline. Narrow Waist of the Internet Key to its Success. expressive Internet Architecture: Overview and Next Phase. Three Simple Ideas 9/13/2014

Data Plane Protection. The googles they do nothing.

Next Generation Network Architectures. Srinivasan Seshan!

Intelligent Design Enables Architectural Evolution

MPLS, THE BASICS CSE 6067, UIU. Multiprotocol Label Switching

A configuration-only approach to shrinking FIBs. Prof Paul Francis (Cornell)

Routing Security* CSE598K/CSE545 - Advanced Network Security Prof. McDaniel - Spring * Thanks to Steve Bellovin for slide source material.

Virtual Multi-homing: On the Feasibility of Combining Overlay Routing with BGP Routing

Lecture 13: Traffic Engineering

XIA: An Architecture for a Trustworthy and Evolvable Internet

Outline Computer Networking. Inter and Intra-Domain Routing. Internet s Area Hierarchy Routing hierarchy. Internet structure

Lecture 17: Network Layer Addressing, Control Plane, and Routing

Forwarding Architecture

NSF Future Internet Architecture. Outline. Predicting the Future is Hard! The expressive Internet Architecture: from Architecture to Network

Bringing SDN to the Internet, one exchange point at the time

Bootstrapping Evolvability for Inter-Domain Routing

Making the Internet more scalable and manageable

Routing. Info 341 Networking and Distributed Applications. Addresses, fragmentation, reassembly. end-to-end communication UDP, TCP

SharkFest'17 US. Experience with the expressive Internet Architecture. Peter Steenkiste Carnegie Mellon University

Design Principles : Fundamentals of Computer Networks Bill Nace

Internet Indirection Infrastructure (i3) Ion Stoica, Daniel Adkins, Shelley Zhuang, Scott Shenker, Sonesh Surana. UC Berkeley SIGCOMM 2002

Stable Internet Route Selection

SCION: A Secure Internet Architecture Samuel Hitz CTO Anapaya Systems ETH Zurich

expressive Internet Architecture:

s i g c o m m Public Review for YAMR: Yet Another Multipath Routing Protocol Igor Ganichev, Bin Dai, P. Brighten Godfrey, and Scott Shenker

Internet Architecture and Experimentation

CS November 2018

Distributed Systems. 21. Content Delivery Networks (CDN) Paul Krzyzanowski. Rutgers University. Fall 2018

CSE 561 Lecture 6, Spring David Wetherall

Inter-networking. Problem. 3&4-Internetworking.key - September 20, LAN s are great but. We want to connect them together. ...

Important Lessons From Last Lecture Computer Networking. Outline. Routing Review. Routing hierarchy. Internet structure. External BGP (E-BGP)

IN recent years, the amount of traffic has rapidly increased

MPLS L3VPN. The MPLS L3VPN model consists of three kinds of devices: PE CE Site 2. Figure 1 Network diagram for MPLS L3VPN model

SDX: A Software Defined Internet Exchange

Routing, Routing Algorithms & Protocols

A Segment Routing (SR) Tutorial. R. Bonica NANOG70 June 6, 2017

CS November 2017

MPLS Multi-protocol label switching Mario Baldi Politecnico di Torino (Technical University of Torino)

An ISP and End-User Cooperative Intradomain Routing Algorithm

ENTERPRISE MPLS. Kireeti Kompella

Securizarea Calculatoarelor și a Rețelelor 32. Tehnologia MPLS VPN

CS 5114 Network Programming Languages Control Plane. Nate Foster Cornell University Spring 2013

Your projected and optimistically projected grades should be in the grade center soon o Projected: Your current weighted score /30 * 100

BGP Peering Engineering Automation challenges and enablers Cloud & Virtualization Group

XIA: An Architecture for a Trustworthy and Evolvable Internet

Alcatel-Lucent 4A Alcatel-Lucent Scalable IP Networks. Download Full Version :

Hybrid Information-Centric Networking

Missing Pieces of the Puzzle

MPLS/Tag Switching. Background. Chapter Goals CHAPTER

Lecture 4: Intradomain Routing. CS 598: Advanced Internetworking Matthew Caesar February 1, 2011

Cloud Security Gaps. Cloud-Native Security.

Lecture 16: Border Gateway Protocol

BGP. Autonomous system (AS) BGP version 4

Towards a Logic for Wide-Area Internet Routing

Integrated Services. Integrated Services. RSVP Resource reservation Protocol. Expedited Forwarding. Assured Forwarding.

Routing Basics ISP/IXP Workshops

SCION: A Secure Multipath Interdomain Routing Architecture. Adrian Perrig Network Security Group, ETH Zürich

Review for Chapter 4 R1,R2,R3,R7,R10,R11,R16,R17,R19,R22,R24, R26,R30 P1,P2,P4,P7,P10,P11,P12,P14,P15,P16,P17,P22,P24,P29,P30

Named Data Networking (NDN) CLASS WEB SITE: NDN. Introduction to NDN. Updated with Lecture Notes. Data-centric addressing

Introduction to IP Routing. Geoff Huston

The Platform as a Service Model for Networking

Announcements Computer Networking. What is the Objective of the Internet? Today s Lecture

Software Defined Networking: A New Networking Approach

A Bandwidth-Broker Based Inter-Domain SLA Negotiation

E : Internet Routing

Transcription:

Abstractions for Routing Abstractions for Network Routing Brighten Godfrey DIMACS 23 May 2012

Abstractions for Network Routing Impressions of Network Routing Neo-Dadaisms for Network Routing Absurdisms for Network Routing See also: Postmodern Routing [Bhattacharjee, Calvert, Griffioen, Spring, & Sterbenz]

What routing abstractions facilitate flexibility and evolvability? How can we quantitatively compare architectures and abstractions? rather than just performance of an implementation

Setting the Stage

Routing Defined Selection of path in network along which to send message

Routing Defined Selection of services in network along which to send message

Components of Routing Data plane Control plane routing service forwarding service service advertisement service selection forwarding action

Components of Routing Follows from forwarding Just a distributed systems problem... service advertisement Who, where, how? routing service forwarding service Most fundamental abstraction service selection forwarding action

Components of Routing Today: all components coupled at each router service advertisement routing service service selection forwarding service forwarding action

Summary so far Key questions: What s the right abstraction of forwarding service? Who should choose the services and how? Traditional (next-hop-style) networking: coupled Each router locally selects service, installs forwarding service, advertises directly to all recipients (neighbors) Software Defined Network: decoupled [forwarding] [service advertisement] [service selection] Interdomain:???

What problem are we solving? What s the right abstraction of forwarding service? Who should choose the services and how? What do these this mean??

Flexibility

Today s inflexible routing: BGP Routing fixed within the network, leading to: Unreliability (long convergence) Inefficient resource allocation (prefix-level load balancing) Insecurity - Even with Secure BGP, traffic attraction attacks - Each domain s security is dependent on the actions of many other domains between it and the destination You get one path to each IP prefix, and this path may be broken, inefficient, or insecure.

Source routing for flexibility Separate route computation from the network Route (i.e., selected services) is parameter given to the network

Source routing for flexibility Reliability source can switch quickly or use many Path quality source knows what it wants Security Each domain can independently protect itself Lowest latency path Highest bandwidth path Path the network would have picked for you

Source routing challenges Security Can attackers exploit route control? (Can defenders?) Scalability How do sources quickly pick good paths without huge amounts of dynamic state distribution? Eh. Route control tussle How can an architecture enable source control yet still provide sufficient network owner control of routing?

Solving the route control tussle Pick one reasonable tradeoff between source and network control? then get everyone to agree... then standardize it... Better solution: design for variation

Design for variation in outcome, so that the outcome can be different in different places, and the tussle takes place within the design, not by distorting or violating it. Clark, Wroclawski, Sollins & Braden, 2002 Tussle in Cyberspace

Pathlet routing [Godfrey, Ganichev, Shenker, Stoica, SIGCOMM 2009] vnode virtual node virtual graph: pathlet fragment of a path: a sequence of vnodes flexible way to define policy constraints Source routing over pathlets. provides many path choices for senders

vnodes vnode: virtual node within an AS Walla Walla New York Crumstown San Diego Roosterville

vnodes vnode: virtual node within an AS designated ingress vnode for each neighbor Internally: a forwarding table at one or more routers router router router

Pathlets Packet route field Forwarding table A 3 3...... 3 push 7,2; fwd to B B 7 7,2...... 7 fwd to C C 2 2...... 2 fwd to D D delivered!

So what? For network owners, flexibility to define how the network can be used. For users, flexibility to choose paths or services.

Choice for senders source destination

Example: allow all valley free routes e.g., all valley free routes ( customers can go anywhere; anyone can route to customer ) provider provider ingress from a provider egress to a provider ingress from a customer egress to a customer customer customer

Example: flexible granularity BGP Pathlet routing cut cut cut A BA X ACBA filtered! B CBA C AS BGP announcement message Router

Flexible policies 128.2.0.0/16

Flexible policies

Flexible policies 128.2.0.0/16

Quantifying policy flexibility We don t know how to figure out whether one of our ideas is better than another. David Clark

Quantifying policy flexibility Pathlet routing Feedback-based routing MIRO NIRA Loose source routing LISP Routing deflections, path splicing Strict source routing IP (BGP)

Quantifying policy flexibility Pathlet routing Feedback-based routing MIRO NIRA Loose source routing LISP Routing deflections, path splicing Strict source routing IP (BGP)

Evolvability

Evolvability Goal: Communication infrastructure for all of humanity Only hope: evolve across time Ratnasamy, Shenker, McCanne [SIGCOMM 05] FII [CCR 11] OPAE [Ghodsi, Koponen, Raghavan, Shenker, Singla, Wilcox, HotNets 11] XIA [Anand, Dogar, Han, Li, Lim, Machado, Wu, Akella, Andersen, Byers, Seshan, Steenkiste, HotNets 11 & NSDI 12] What is an evolvable architecture?

Our history: Not Good IP options? Usually dropped UDP? Sometimes dropped Not HTTP? Sometimes dropped...

Attacks on evolution Useful frame of mind: Some parties will act to hinder evolution Apathy Security Government control Therefore, should design architecture to defend against evolution attacks What abstraction yields defensive evolvability?

Quantifying evolvability (Toy Model) Node state Legacy Attacker Deployed New Protocol When can we run the New Protocol along a path? Source runs N.P. and no attacker on path Utility of a path to source 0 for old protocol ~ (#new hops) for new protocol

Attacks kill evolution: simulation Simplistic simulation on CAIDA AS-level Internet topology (2011) 36,878 nodes, 103,485 edges

Attacks kill evolution: dynamics 0% attack Simplistic simulation on 500-node degree-5 random graph 1% initial deployment

Attacks kill evolution: dynamics 90% 50% 10% 0% attack Simplistic simulation on 500-node degree-5 random graph 1% initial deployment

Case Study #1: Next-Hop Fwd ing Traditional IP routing & forwarding Each router selects one hop of path (= service) Result: all routers along path know, agree to, and select the end-to-end service

Case Study #2: XIA How should a legacy router in the middle of the network handle a new principal type that it does not recognize? Fallbacks: forwards the packet to HID 1. CID 1 AD 1 HID 1 Result: Each router is explicitly aware of novel services being deployed Analogous to IP options Potential result: drop anything weird (e.g., security risk) XIA is flexible, but is it really evolvable?

Defensive Evolvability Hammer: Modularity Hide functionality from those who need not see it AS/user should be able to unilaterally deploy a new type of connectivity service...without approval of parties used to reach that service...and without them even knowing! Rough solution: pathlets++ Each segment is a general function rather than just a link between two vnodes

Putting together the pieces

Observations 1. Flexibility and evolvability come from modularity the degree to which a system's components may be separated and recombined wikipedia 2. The principal function of networks is connectivity 3. Need clean abstraction to recombine connectivity 4. Hypothesis: The current architecture lacks such an abstraction Instead of one reusable abstraction, we keep inventing special-purpose tunnels: overlay networks, VPNs, ports,...

Vasily Kandinsky Small Worlds 1922

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback