MIGSOCK A Migratable TCP Socket in Linux

Similar documents
Transparent TCP Recovery

Migratory TCP (MTCP) Transport Layer Support for Highly Available Network Services

Distributed Systems Exam 1 Review Paul Krzyzanowski. Rutgers University. Fall 2016

ECE 650 Systems Programming & Engineering. Spring 2018

OSI Transport Layer. objectives

Distributed Systems 27. Process Migration & Allocation

CCNA R&S: Introduction to Networks. Chapter 7: The Transport Layer

Persistence Schemes. Chakchai So-In Department of Computer science Washington University

Generic RDMA Enablement in Linux

Sockets 15H2. Inshik Song

CIS 632 / EEC 687 Mobile Computing

High Availability/ Clustering with Zend Platform

UDP and TCP. Introduction. So far we have studied some data link layer protocols such as PPP which are responsible for getting data

Transport layer issues

Firewalls and NAT. Firewalls. firewall isolates organization s internal net from larger Internet, allowing some packets to pass, blocking others.

TCP over Wireless PROF. MICHAEL TSAI 2016/6/3

EEC-682/782 Computer Networks I

firewalls perimeter firewall systems firewalls security gateways secure Internet gateways

TRANSMISSION CONTROL PROTOCOL. ETI 2506 TELECOMMUNICATION SYSTEMS Monday, 7 November 2016

Computer Security and Privacy

For use by students enrolled in #71251 CSE430 Fall 2012 at Arizona State University. Do not use if not enrolled.

Transport Layer. The transport layer is responsible for the delivery of a message from one process to another. RSManiaol

CSCI-GA Operating Systems. Networking. Hubertus Franke

CHAPTER 3 - PROCESS CONCEPT


3.1 Introduction. Computers perform operations concurrently

NT1210 Introduction to Networking. Unit 10

Process. Program Vs. process. During execution, the process may be in one of the following states

OSI Layer OSI Name Units Implementation Description 7 Application Data PCs Network services such as file, print,

Mobile Transport Layer

Outline 9.2. TCP for 2.5G/3G wireless

6.1 Internet Transport Layer Architecture 6.2 UDP (User Datagram Protocol) 6.3 TCP (Transmission Control Protocol) 6. Transport Layer 6-1

Background: I/O Concurrency

Lecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005

Agenda Process Concept Process Scheduling Operations on Processes Interprocess Communication 3.2

Master Course Computer Networks IN2097

Network Technology 1 5th - Transport Protocol. Mario Lombardo -

Mobile Communications Chapter 9: Mobile Transport Layer

OSI Transport Layer. Network Fundamentals Chapter 4. Version Cisco Systems, Inc. All rights reserved. Cisco Public 1

Linux-CR: Transparent Application Checkpoint-Restart in Linux

Lecture 7: February 10

Agenda. Threads. Single and Multi-threaded Processes. What is Thread. CSCI 444/544 Operating Systems Fall 2008

CSE 4215/5431: Mobile Communications Winter Suprakash Datta

Applied IT Security. System Security. Dr. Stephan Spitz 6 Firewalls & IDS. Applied IT Security, Dr.

Distributed Systems. Pre-Exam 1 Review. Paul Krzyzanowski. Rutgers University. Fall 2015

Outline. What is TCP protocol? How the TCP Protocol Works SYN Flooding Attack TCP Reset Attack TCP Session Hijacking Attack

Operating Systems Design Exam 3 Review: Spring Paul Krzyzanowski

Outline. Connecting to the access network: DHCP and mobile IP, LTE. Transport layer: UDP and TCP

The aim of this unit is to review the main concepts related to TCP and UDP transport protocols, as well as application protocols. These concepts are

Operating Systems. Week 13 Recitation: Exam 3 Preview Review of Exam 3, Spring Paul Krzyzanowski. Rutgers University.

CS 416: Operating Systems Design April 22, 2015

CS 428/528 Computer Networks Lecture 01. Yan Wang

CCNA 1 Chapter 7 v5.0 Exam Answers 2013

TCP /IP Fundamentals Mr. Cantu

Status Update About COLO FT

QUIZ: Longest Matching Prefix

Remote Procedure Call. Tom Anderson

User Datagram Protocol

Features of a proxy server: - Nowadays, by using TCP/IP within local area networks, the relaying role that the proxy

Chapter 13 TRANSPORT. Mobile Computing Winter 2005 / Overview. TCP Overview. TCP slow-start. Motivation Simple analysis Various TCP mechanisms

Adaptive Cluster Computing using JavaSpaces

Part V. Process Management. Sadeghi, Cubaleska RUB Course Operating System Security Memory Management and Protection

OS DESIGN PATTERNS II. CS124 Operating Systems Fall , Lecture 4

Chapter 3: Processes

Lecture 2: Layering & End-to-End

Kernel Level Speculative DSM

EEC-484/584 Computer Networks

Announcement. Exercise #2 will be out today. Due date is next Monday

Chapter 2 - Part 1. The TCP/IP Protocol: The Language of the Internet

CSE 461 The Transport Layer

CSE/EE 461 Lecture 14. Connections. Last Time. This Time. We began on the Transport layer. Focus How do we send information reliably?

!! How is a thread different from a process? !! Why are threads useful? !! How can POSIX threads be useful?

HP OpenVMS Network Administration Exam.

4.0.1 CHAPTER INTRODUCTION

Stateless Firewall Implementation

MSMQ-MQSeries Bridge Configuration Guide White Paper

Schahin Rajab TCP or QUIC Which protocol is most promising for the future of the internet?

TCP/IP Protocol Suite 1

CSE 461 Module 11. Connections

Mobile Communications Chapter 9: Mobile Transport Layer

Building an IPS solution for inline usage during Red Teaming

The Client Server Model and Software Design

Process. Heechul Yun. Disclaimer: some slides are adopted from the book authors slides with permission

Transport Protocols and TCP: Review

TSIN02 - Internetworking

Operating Systems. 18. Remote Procedure Calls. Paul Krzyzanowski. Rutgers University. Spring /20/ Paul Krzyzanowski

Performance Objects and Counters for the System

ETSF05/ETSF10 Internet Protocols Transport Layer Protocols

Network Implementation

Chapter 09 Network Protocols

Design and Implementation of Service Migration

Transport Protocols & TCP TCP

Linux-CR: Transparent Application Checkpoint-Restart in Linux

HPX. High Performance ParalleX CCT Tech Talk Series. Hartmut Kaiser

Master s thesis Design of the Session Layer Gateway Supporting Mobile, Delay and Disconnection Tolerant Communication

CSEP 561 Connections. David Wetherall

NYC Utility DAS SCADA Network General Protocol and Traffic Analysis September 2005 Applied Methodologies, Inc.

Chapter 12 Network Protocols

Computer Network Vulnerabilities

! How is a thread different from a process? ! Why are threads useful? ! How can POSIX threads be useful?

Transcription:

MIGSOCK A Migratable TCP Socket in Linux Bryan Kuntz Karthik Rajan Masters Thesis Presentation 21 st February 2002 Agenda Introduction Process Migration Socket Migration Design Implementation Testing and Demo Impact and Future Work Related Work (time permitting) Demo (at NSH 1604) 1

Introduction What is process migration? What is socket migration? What is MIGSOCK? Scenario 1 2

Agenda Introduction Process Migration Socket Migration Design Implementation Testing and Demo Impact and Future Work Related Work (time permitting) Demo (at NSH 1604) Process Migration What is it? the act of transferring a process between two machines during its execution More specifically: Capture the state of a running process at a given moment Transfer this state information to the new host of the process Resume the process execution from the point at which it was captured 3

Process Migration Importance Load balancing Fault tolerance Anytime system administration Data access locality Process Migration Difficulties Places limitations on the architecture similar computers, similar libraries, etc. Complexity of adding transparent migration to systems Overheads / performance 4

Types of Solutions Operating System level support Use a standard OS and modify kernel for migration MOSIX, CRAK, SPRITE Use/code a custom OS better suited for migration MACH microkernel architecture User level support Application re-link and re-compile CONDOR Programming environment Java libraries NOMADS Agenda Introduction Process Migration Socket Migration Design Implementation Testing and Demo Impact and Future Work Related Work (time permitting) Demo (at NSH 1604) 5

Introduction What is a Socket? OS interface that abstracts TCP & UDP over IP Behaves like a file to the user application A two-way connection between two hosts Sockets identified by (hostip, hostport, destinationip, destinationport) OSI Model Application Presentation Session Transport Network Data Link Physical 7 6 5 4 3 2 1 Socket Interface 6

Migration vs. Handoff Socket Migration Involves transferring the end-point of the connection that is migrating with the process Preserve the connection state Important use: Allows processes with open sockets to migrate Socket Handoff Transfer only the socket state, not the process Requires some cooperation from the new socket host Important use: Enables processes to maintain execution during a network reconfiguration. Ad-hoc private networks that suddenly go online, for example. Migration Solutions Proxy Migration within the proxy network using NAT Proxy Knows Current Location (IP & port) of process Advantages Easy to understand and implement Stateless Avoids changes at the OS level Disadvantages Limited Migration Proxy becomes single point of failure Hard to maintain TCP end-to-end semantics Examples MSOCKS, TCP Handoffs for Clustering 7

Proxy Method Gateway Source Host (Proxy process) TCP Remote Entity Destination 1 Before migration After 1st Migration time Destination n After nth Migration Migration Solutions User Level Layer 7 of the OSI model Application layer Wrap socket library with migratable API Use migratable API in user applications Advantages Simple to implement No kernel changes Disadvantages Applications need to be re-written not transparent Slow as low level sockets are established again Examples MOCKETS 8

Types of Solutions OS Level Layers 4 and below of the OSI model TCP and IP Modify TCP directly Support at the kernel level Advantages Fast Potentially transparent depending on where control lies Disadvantages Both hosts should implement TCP stack Kernel changes require special permissions Examples Our Design Agenda Introduction Process Migration Socket Migration Design Implementation Testing and Demo Impact and Future Work Related Work (time permitting) Demo (at NSH 1604) 9

Our Solution: Design Goals Transparency Kernel level support Compliance with TCP semantics Modular implementation Performance No serious overheads Minimize message exchange Ease of integration into existing process migration environments Assumptions Kernel support at all participating hosts Minimal security measures / not our primary concern A process migration system is already in place, otherwise steal a socket Upper layer state consistency Socket handoff requires a connected state Post-migration attempts by the remote host to reconnect to the original server IP and port will not succeed. Unavoidable latency during migration Shared file system (NFS) or some other way to transfer state 10

Socket Handoff Migrate only the socket connection; not the process. 1. Suspend an established connection and capture the socket state. 2. Transfer this state to a host with a running process. 3. This process must be running the same application layer, using a socket descriptor that is connected. In most applications, this will require STEALING a socket that is already in the connected state. 4. Replace this socket s state with the transferred state. 5. Resume the connection with the remote host. Socket Handoff Scenario Client TCP Socket connection Client updates its socket point to the new server Connection Stolen from Handoff Complete Source Server Other Host Established TCP socket to other host other host and repointed to client Destination Server 11

Socket Migration 1. Socket migration is initiated at source host 2. TCP message is sent to remote host suspending his side of the connection 3. Socket state is gathered and written to a file 4. State is transferred to the destination host 5. Socket is recreated with new host and port information of the destination host, and connected to remote host 6. TCP message is sent to remote host updating his half of the socket and resuming his side of the connection Socket Migration Scenario Source 2 Socket Communication is 1 Suspended Established TCP Socket 3 Destination Process and Socket state are captured and transferred to Destination 4 Socket Reconnected to remote host; Process restarted Remote Entity 12

MIGSOCK API Send_Migration_Request(pid, sockfd) Serialize_Socket_Data (pid, sockfd, buf) Deserialize_Socket_Data (pid, sockfd, buf) For socket handoff Deserialize_And_Restart(pid, sockfd, buf) For socket migration Send_Remote_Restart (pid, sockfd, msg_contents) Get_Local_Host (pid, sockfd) Usage Example Source side algorithm // Obtain the pid and socket fd for the migrating socket. Send_Migration_Request(pid, fd) num_bytes = Serialize_Socket_Data (pid, sockfd, buf) write(somefile, dest_buf, num_bytes); // Transfer somefile to destination host Destination side algorithm // Create a socket using the socket() call for the process // Obtain the pid and socket fd for the process and newly created socket. read(somefile, buf); newport = Deserialize_And_Restart(pid, sockfd, buf) newhost = Get_Local_Host(pid, sockfd) // Add the newport and newhost to msg_contents // Get oldhost and oldport from buf and add this to msg_contents Send_Remote_Restart(pid, sockfd, msg_contents) 13

Migration Initiation Request (Source Host) 1. Suspend local process 2. Flag set in struct sock tells packet-send routine that migration is under way. 3. Special TCP message generated over the socket 4. Remote host sets a flag in struct sock 5. Remote host unimpeded unless he tries to write (send()) to the socket, in which case he blocks 6. Capture and record socket state, return it in a buffer to the user State transfer 1. The user program should write the buffer to a file or a network message 2. Send the file or message to the destination host 3. The data in this buffer should not be modified in any way or it could become unreadable by the API 14

Migration Completion (Destination Host) 1. Obtain socket descriptor that is used by the application layer in an appropriate state 2. Call a deserialize function to construct a connected socket it returns a local port number 3. User constructs the restart message by adding the new and old ports and IP addresses 4. Special TCP message generated to remote host 5. Remote host resets the migration flag, repoints the socket to the new destination, and signals any blocking send() calls. Message Timeline Source Remote Destination SYN SYN + ACK Established ACK Socket Migration Start Transfer of State MIG REQ ACK MIG RST Time End of Migration ACK 15

Agenda Introduction Process Migration Socket Migration Design Implementation Testing and Demo Impact and Future Work Related Work (time permitting) Demo (at NSH 1604) Implementation Modules Kernel function changes Kernel data structures Message format 16

Migsock Architecture User Application C Libraries / OS Services System Call Interface User Space Kernel Space TCP/IP Protocol MIGSOCK Module OS CORE Modules Syscalls implemented using the device ioctl() interface Requires the creation of a device /dev/migsock Most functionality is contained within the modules except for the bottom-half side of the kernel TCP implementation Migratable socket option can be selected / deselected in the kernel configuration menu 17

Kernel Flow (Socket Read) Application Socket Call Top Half C Socket Library Socket Layer Read TCP Layer Read User Space Kernel Space TCP Layer Processor IP Layer Processor struct sock data queues Network Driver Bottom Half Kernel Function Changes (TCP) The bottom-half portion of the TCP functionality needs to be changed to Send specially flagged migration request messages source and destination Prevent the passing of migration messages to the upper layer (application) remote Update IP address and port information after migration remote Achieved by changing the following source files: tcp_input.c, tcp_output.c, tcp_ipv4.c 18

Kernel Data Structures struct sock struct socket struct tcp_opt struct file struct task_struct Message Format 0 0 32 bits 1 2 3 4 5 Message Code OPERATION Old Host IP Old Port New Port New Host IP 19

Agenda Introduction Process Migration Socket Migration Design Implementation Testing and Demo Impact and Future Work Related Work (time permitting) Demo (at NSH 1604) Testing and Demo Handoff Handoff one end of a live socket from a process on a host to another host s process Migration Migrate a program along with its TCP socket from one host to another 20

Integration with CRAK MIGSOCK aware CRAK Source side prevent CRAK from aborting Destination side recreate socket entity Serialize socket state before checkpointing process Process restarts only after sockets are restored Change scheduling to account for delay in socket restoration Agenda Introduction Process Migration Socket Migration Design Implementation Testing and Demo Impact and Future Work Related Work (time permitting) Demo (at NSH 1604) 21

Impact Flexible and easy to integrate into any system level process migration schema demonstrated with CRAK Implementation is kernel level and modular Low messaging overheads Transparent to running processes Any binary program compiled for Linux is eligible for socket migration Control can be integrated or separate from migrating application Maintained TCP semantics Modular implementation Future Work Build on a security infrastructure Reconstruct a listening socket Improve compatibility with non-migration hosts Port it to other Kernels Merge with the official Linux kernel source tree Submit patch to LKML and Linus Integrate with other process migration systems Add a state-transportation mechanism remove responsibility from user or shared file system Initiate an RFC 22

Agenda Introduction Process Migration Socket Migration Design Implementation Testing and Demo Impact and Future Work Related Work (time permitting) Demo (at NSH 1604) Mockets Part of the NOMADS project from the University of West Florida User level socket migration Provides API on top of Java sockets Abstracts the re-connection process Each Mocket uses a Java socket Specially coded applications Large overheads 23

Mockets Structure TCP Handoff From HP Labs and Michigan State Univ. Hand-off one end of a live socket connection Typical use in HTTP web clusters Client is unaware of the handoff How is it different from ours? One-way handoff only (ours is twoway) Client protocol stack can remain unchanged 24

M-TCP Rutgers University Meant for Clustered Service Providers Decouples service provider from service Servers keep connection-specific state Lazy transfer of client connection state How is it different from ours? Client Initiated migration No client side migration Transfer takes place AFTER SYN is sent, leading to a possible performance weakness M-TCP State Transitions 25

CRAK Columbia University No support of Socket Migration Aug 01 Method described Jan 02 No binaries or source code released to prove it! Proposed solution: User level (application layer) calls Remote host can still communicate during migration Data is retransmitted / lost during this process Extra overhead due to user level calls Restore slower than our implementation: CRAK = SSH MIGSOCK = Existing socket Questions? 26

Scenario 2 Source Remote Malicious SYN Destination SYN + ACK Established ACK Socket Migration Start MIG REQ ACK MIG RST Time End of Migration Transfer of State ACK RST MIG RST Disconnected 27

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback