Engineering Fault-Tolerant TCP/IP servers using FT-TCP. Dmitrii Zagorodnov University of California San Diego

Similar documents
Practical and Low-Overhead Masking of Failures of TCP-Based Servers

Practical and Low-Overhead Masking of Failures of TCP-Based Servers

Wrapping Server-Side TCP to Mask Connection Failures

TCP Server Fault Tolerance Using Connection Migration to a Backup Server

Transparent TCP Recovery

Increasing Availability of Linux System using Redundancy. Beob Kyun Kim

Networking for Data Acquisition Systems. Fabrice Le Goff - 14/02/ ISOTDAQ

Managing self-inflicted nondeterminism

Migratory TCP (MTCP) Transport Layer Support for Highly Available Network Services

Advanced Network Design

Host Solutions Group Technical Bulletin August 30, 2007

Securing the Frisbee Multicast Disk Loader

Introduction to Networking. Operating Systems In Depth XXVII 1 Copyright 2017 Thomas W. Doeppner. All rights reserved.

Fault Tolerance for Highly Available Internet Services: Concept, Approaches, and Issues

Hypervisor-based Fault-tolerance. Where should RC be implemented? The Hypervisor as a State Machine. The Architecture. In hardware

HUAWEI USG6000 Series Next-Generation Firewall Technical White Paper VPN HUAWEI TECHNOLOGIES CO., LTD. Issue 1.1. Date

Connections. Topics. Focus. Presentation Session. Application. Data Link. Transport. Physical. Network

vsphere Networking Update 1 ESXi 5.1 vcenter Server 5.1 vsphere 5.1 EN

Outline 9.2. TCP for 2.5G/3G wireless

ECE 650 Systems Programming & Engineering. Spring 2018

Chapter 2 - Part 1. The TCP/IP Protocol: The Language of the Internet

Internet Layers. Physical Layer. Application. Application. Transport. Transport. Network. Network. Network. Network. Link. Link. Link.

H

CS /29/17. Paul Krzyzanowski 1. Fall 2016: Question 2. Distributed Systems. Fall 2016: Question 2 (cont.) Fall 2016: Question 3

Today: Fault Tolerance. Reliable One-One Communication

April 21, 2017 Revision GridDB Reliability and Robustness

Mobile Transport Layer

From eventual to strong consistency. Primary-Backup Replication. Primary-Backup Replication. Replication State Machines via Primary-Backup

UDP, TCP, IP multicast

TCP so far Computer Networking Outline. How Was TCP Able to Evolve

Mobile Communications Chapter 9: Mobile Transport Layer

Good Ideas So Far Computer Networking. Outline. Sequence Numbers (reminder) TCP flow control. Congestion sources and collapse

9th Slide Set Computer Networks

Examination 2D1392 Protocols and Principles of the Internet 2G1305 Internetworking 2G1507 Kommunikationssystem, fk SOLUTIONS

Chapter 13 TRANSPORT. Mobile Computing Winter 2005 / Overview. TCP Overview. TCP slow-start. Motivation Simple analysis Various TCP mechanisms

CSE 4215/5431: Mobile Communications Winter Suprakash Datta

vsphere Networking Update 2 VMware vsphere 5.5 VMware ESXi 5.5 vcenter Server 5.5 EN

Two approaches to Flow Control. Cranking up to speed. Sliding windows in action

Fault Tolerance. Distributed Systems IT332

Mobile Communications Chapter 9: Mobile Transport Layer

AN TOÀN LỚP 4: TCP/IP ATTACKS NGUYEN HONG SON PTITHCM

H

Operating Systems and. Computer Networks. Introduction to Computer Networks. Operating Systems and

TSIN02 - Internetworking

XCo: Explicit Coordination for Preventing Congestion in Data Center Ethernet

Reminder: Datalink Functions Computer Networking. Datalink Architectures

Redundancy for Routers using Enhanced VRRP

Wireless Mesh Networks

Distributed Systems (ICE 601) Fault Tolerance

CSE 461 The Transport Layer

CS 716: Introduction to communication networks th class; 7 th Oct Instructor: Sridhar Iyer IIT Bombay

CSCI-1680 Link Layer I Rodrigo Fonseca

SPDY - A Web Protocol. Mike Belshe Velocity, Dec 2009

CMSC 417. Computer Networks Prof. Ashok K Agrawala Ashok Agrawala. October 25, 2018

Distributed Systems Exam 3 Review. Paul Krzyzanowski. Rutgers University. Fall 2016

VMware vsphere Administration Training. Course Content

Announcements Computer Networking. Outline. Transport Protocols. Transport introduction. Error recovery & flow control. Mid-semester grades

CSE 461 Module 10. Introduction to the Transport Layer

ApsaraDB for Redis. Product Introduction

CS457 Transport Protocols. CS 457 Fall 2014

CoRAL: A Transparent Fault-Tolerant Web Service

Student ID: CS457: Computer Networking Date: 5/8/2007 Name:

Current Topics in OS Research. So, what s hot?

Performance Implications of Security Protocols

TSIN02 - Internetworking

HARTs: High Availability Cluster Architecture with Redundant TCP Stacks*

Chapter 5.6 Network and Multiplayer

Final Exam for ECE374 05/03/12 Solution!!

Advanced iscsi Management April, 2008

Transport layer. UDP: User Datagram Protocol [RFC 768] Review principles: Instantiation in the Internet UDP TCP

TCP over wireless links

Last lecture we talked about how Intrusion Detection works. Today we will talk about the attacks. Intrusion Detection. Shell code

Transport Layer. Application / Transport Interface. Transport Layer Services. Transport Layer Connections

TCP. CSU CS557, Spring 2018 Instructor: Lorenzo De Carli (Slides by Christos Papadopoulos, remixed by Lorenzo De Carli)

Transport layer. Review principles: Instantiation in the Internet UDP TCP. Reliable data transfer Flow control Congestion control

Networks and distributed computing

The Google File System

Configure the IM and Presence Service

ECS-087: Mobile Computing

TCP Basics : Computer Networking. Overview. What s Different From Link Layers? Introduction to TCP. TCP reliability Assigned reading

Transport Layer Protocols TCP

Reliable Communication for Datacenters

CSE 461 Connections. David Wetherall

Outline Computer Networking. TCP slow start. TCP modeling. TCP details AIMD. Congestion Avoidance. Lecture 18 TCP Performance Peter Steenkiste

CS 111. Operating Systems Peter Reiher

IsoStack Highly Efficient Network Processing on Dedicated Cores

The case for ubiquitous transport-level encryption

ELEC5616 COMPUTER & NETWORK SECURITY

CS 162 Operating Systems and Systems Programming Professor: Anthony D. Joseph Spring Lecture 21: Network Protocols (and 2 Phase Commit)

Fault Tolerant Java Virtual Machine. Roy Friedman and Alon Kama Technion Haifa, Israel

MySQL HA Solutions Selecting the best approach to protect access to your data

Primary-Backup Replication

Networked Control Systems for Manufacturing: Parameterization, Differentiation, Evaluation, and Application. Ling Wang

NPTEL Course Jan K. Gopinath Indian Institute of Science

6.033 CHRONICLE. Andres Romero Julián González - Andrew Moran - Instructor: Srini Devadas

Configuring the Oracle Network Environment. Copyright 2009, Oracle. All rights reserved.

CSE398: Network Systems Design

CMSC 417. Computer Networks Prof. Ashok K Agrawala Ashok Agrawala. October 30, 2018

Today: Fault Tolerance. Replica Management

EMC RecoverPoint. EMC RecoverPoint Support

Transcription:

Engineering Fault-Tolerant TCP/IP servers using FT-TCP Dmitrii Zagorodnov University of California San Diego

Motivation Reliable network services are desirable but costly! Extra and/or specialized hardware Custom software, deployment Performance Guiding principles: Off-the-shelf components No changes to the applications, protocols, and OS Minimize interference with execution and data flow May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 2

Problem Server TCP/IP TCP/IP Client Back-End Server TCP/IP Back-end Communication State Coordination Connection Failover May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 3

State Coordination Theory is well-understood Same inputs Same behavior Use active backup, primary backup, rollback recovery... Applying it is hard No simple, well-defined boundary» system calls» signals» shared memory May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 4

Client-assisted failover Primary Backup TCP/IP TCP/IP TCP/IP Client Very popular [Veritas, IBM, etc.] Problems: Engineering cost Redoing work Deployment Redundant hardware is common May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 5

Socket-level Approach Primary Backup TCP/IP TCP/IP TCP/IP Client Provide a reliable socket by reconnecting... in the middleware [Orgiyan Fetzer 01] [Nasika Dasgupta 00] in the protocol [Snoeren et al 01] [Sultan Srinivasan Iftode 01] Advantage: Allows failover to a distant replica Problem: Requires changing software on clients May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 6

Proxy-based Approach Primary Backup TCP/IP TCP/IP Proxy TCP/IP Client Use a proxy on the network path Advantage: Client is unchanged Problems: Single point of failure Potential performance bottleneck May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 7

Server-Side Approach Primary Backup TCP/IP TCP/IP TCP/IP Client Transfer TCP and application state [INFOCOM 01], a separate session at DSN 03 Advantages: changes only to server no single point of failure Problem: TCP implementation-specific May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 8

Our Approach : FT-TCP Primary Backup TCP/IP TCP/IP TCP/IP Client Wrap the server s TCP/IP stack Advantages: No changes to TCP No changes to client No single point of failure May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 9

Talk Outline Failure-free FT-TCP operation Failure-free performance State Synchronization Handling Failures May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 10

TCP Basics A A4 A3 A2 A1 A4 A3 A2 A4 Retransmission Timeout A4 A1 A2 A3 A4 A4 ack A1 win 2 ack A3 win 0 ack A3 win 3 ack A4 win 2 B A1 A1 A2 A1 A2 A3 A4 May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 11

FT-TCP Architecture Primary Server NSW TCP/IP SSW TCP/IP Client Stable Buffer Cold & Hot backups Backup Server NSW TCP/IP SSW They differ in timing, not functionality Primary mode & Backup mode May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 12

Primary Mode Stable Buffer recv( ), size P ack ack send( recv( ) send( recv( ) P P Primary Server data, size NSW data, size TCP/IP ack SSW ack May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 13

Backup Mode Create a backup process with a connection accept( ) accept( ) syn Backup NSW TCP/IP SSW ok ok Backup process runs using information from the stable buffer read( ) syn+ack ack Backup NSW data, ret Upon failure, exhaust the buffer & insert backup for primary May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 14

TCP state synchronization States of TCP stacks on replicas are different Initial Sequence Number Primary (ISN=10) 10 11 12 Backup (ISN=20) IP address» Translate address in IP headers Incremental checksum is fast -7 20 21 22 13 14 15 May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 15

Talk Outline Failure-free FT-TCP operation Failure-free performance State Synchronization Handling Failures May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 16

Performance Measurements 10Mbps 100Mbps 1000Mbps Primary Backup 10Mbps 100Mbps 1000Mbps Client Metrics: Failure-free throughput Failure-free latency Failover duration Experiments: Bulk transfers (4-40MB) Small requests Induce primary failure May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 17

Applications Micro-benchmark (ttcp) Samba Long-lived TCP connections SMB clients give up aborted data transfers Darwin Streaming Server (DSS) RTSP connections over TCP port 80 are common QuickTime player pauses when connection breaks Apache Popular May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 18

Micro-benchmark throughput Primary - Backup Link Bandwidth (Mbps) Incoming Transfer Shared 10 100 1000 Client - Server Link Bandwidth (Mbps) Outgoing Transfer Client - Server Link Bandwidth (Mbps) 10 43% 86% 100% 100 85% 100% 1000 60% Primary - Backup Link Bandwidth (Mbps) Shared 10 100 1000 10 97 100 100 100 100 100 1000 100 May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 19

Samba throughput Primary - Backup Link Bandwidth (Mbps) Incoming Transfer Shared 10 100 1000 Client - Server Link Bandwidth (Mbps) Outgoing Transfer Client - Server Link Bandwidth (Mbps) 10 38 75 100 100 79 95 1000 63 Primary - Backup Link Bandwidth (Mbps) Shared 10 100 1000 10 80 98 99 100 93 96 1000 71 May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 20

Failure-free Performance Throughput under 100-1000 configuration: Samba: over 95% of Clean throughput DSS & Apache: ~100% Tuning for best results algorithm, acknowledgement approach Scales with the number of connections (up to 128) Latency: Insignificant for bulk transfers Noticeable for small requests May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 21

Talk Outline Failure-free FT-TCP operation Failure-free performance State Synchronization Handling Failures May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 22

Application state synchronization Consistent network input is not sufficient Conservative approach: Virtual Process Environment Performance overhead Engineering challenge Minimal interception Theoretically, hard Empirically... May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 23

Non-Determinism System-induced ND system calls, threads, signals Application-induced ND: random number QuickTime: in the form of a random SessionID Samba:» File handle» Random challenge used in authentication ND is part of these protocols May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 24

Consistency filter Allow inconsistent system call results NSW consistency filter based on the protocol specs Primary Client Backup New Primary Generalizes SSW packet manipulations May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 25

Talk Outline Failure-free FT-TCP operation Failure-free performance State Synchronization Handling Failures May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 26

Handling Failures Detect failures process crash: close( ) on the socket machine crash: heartbeat timeout Maintain connection with closed window acks Roll forward the backup process Cold: start a process, exhaust the buffer Hot: exhaust the buffer Ethernet address switch Restart the flow of data simultaneous May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 27

End-point switch Ethernet address differences: Hub & promiscuous mode Use broadcast Ethernet address & virtual NIC Update gateway s IP Ethernet mapping via gratuitous ARP Change Ethernet address of the backup IP address differences: Everyone has unique IP addresses & translates IP in headers Everyone has the same IP address via an alias May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 28

Restart the flow of data May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 29

Failover Latencies Failure Detection 40 Process Startup 10 Replay (Minimal) 35 Replay (Samba Bulk) Replay (Samba Small) 160 8000 per 1MB Endpoint Switch 2 Retransmission (Short) 200 Retransmission (Long) 64000 1 10 100 1000 10000 100000 Duration (Milliseconds) May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 30

Conclusions FT-TCP: low-overhead, scalable, connection failover Failure-free throughput overhead under 5% Latency» unaffected for bulk transfers» noticeable for small requests Hot backup is almost as fast as cold backup Recovery: Hot backup can recover in 200ms or less Few sources of non-determinism in applications Application-level consistency filter May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 31

Thank you! Questions?

TCP Packets Sequence Number Length Acknowledgement Number Initial Sequence Number Sent, Acked Sent, Not Acked Can send Cannot send Advertised Window May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 33

Primary Mode client sn asn sn + o stable_seq + i w + (asn - stable_seq) SSW stable_seq = sn + L sn- i asn- o sn asn w server TCP May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 34

Backup Mode promotion SSW stable_seq: 300 primary_seq: 400 i=300-100-1 o=400-200-1 400 300 seq : ack : SYN 100 SYN+ACK 200 101 ACK 101 201 201 101 server TCP system calls NSW server accept() write(10) May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 35

Interference with data flow Stable Buffer Stable Buffer connection algorithm? Acks to the client Delayed - delay empty ack packets SSW Ack? Client Eager - ack for every stable packet May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 36

TCP Acknowledgements Problem client retransmission timeout 1 2 0 1 2 SSW 0 1 2 1 2 2 1 2 TCP May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 37

Delayed Ack Strategy client 1 2 2 3 4 SSW 0 1 2 3 1 2 2 3 4 4 TCP May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 38

Eager Ack Strategy client 1 2 1 2 3 SSW 0 1 2 3 4 3 1 2 2 TCP 3 4 May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 39

Incoming ttcp Shared 10 100 1000 No No No No 10 100 1000 Delayed 43 38 86 77 100 100 Eager 43 38 86 77 100 100 Delayed 80 77 100 100 Eager 85 77 100 100 Delayed 36 57 Eager 56 60 May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 40

Incoming Samba Shared 10 100 1000 No No No No 10 100 1000 Delayed 21 38 55 75 61 100 Eager 34 37 55 75 61 100 Delayed 15 78 15 95 Eager 15 79 15 95 Delayed 1 38 Eager 2 63 May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 41

Outgoing Samba Shared 10 100 1000 No No No No 10 100 1000 Delayed 56 80 42 98 42 99 Eager 56 80 42 98 43 98 Delayed 7 93 7 96 Eager 8 92 8 94 Delayed 3 71 Eager 3 71 May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 42

Latency of Samba Requests Average Latency (microseconds) 7000 6000 5000 4000 3000 2000 1000 0 6183 2181 2337 748 Clean FT-TCP 551 Samba Requests TCP Packet Buffering May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 43

Challenge-response protocol Used for authentication in Samba and others Server (from password file) {challenge}hash(valid password) challenge {challenge} hash(typed password) Client (user logs in) Problem: filter cannot obtain client s password or hash Filter must authenticate the client itself, and then force the server to make the same decision» If client is OK: send the hash of the correct password» If client is not OK: send anything but the correct hash Kerberos, SSL are possible May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 44

Other Crypto Protocols Kerberos no randomness on the server Secure Socket Layer random numbers on the client and on the server given server s private key filter can be the man-in-the-middle Limitations of the consistency filter results of one-way functions cannot be retrieved and changed» e.g. anything encrypted with client s public key May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 45

Recovery: 24 connections, 24ms break, retransmissions May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 46

Snooping Approaches Permanent snooping No retransmission gap - minimal failover time Heavy load on the CPU Reactive snooping Start snooping upon failure Catches the first retransmission - limits the gap to 200ms When promotion is long (cold backup) May 19, 2004 Engineering Fault-Tolerant TCP/IP Servers using FT-TCP 47

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback