Transcript Hot Topics

Hot Topics
Next Generation Internet
Michael Wilson
[email protected]
Contents
 Internet
Ossification
 Clean Slate
»Clean Slate Project
 Overlays
»Planetlab
 Underlays/Virtualization
»Diversified Internet Architecture
 GENI
»Global Environment for Network Innovation
‹#› - Michael Wilson - 7/17/2015
Contents
 Internet
Ossification
 Clean Slate
»Clean Slate Project
 Overlays
»Planetlab
 Underlays/Virtualization
»Diversified Internet Architecture
 GENI
»Global Environment for Network Innovation
‹#› - Michael Wilson - 7/17/2015
Internet Ossification
A
bit of Internet History….
»“...A network of such centers, connected to one another by wideband communication lines and to individual users by leased-wire
services.” – JCR Licklider (1960)
»BBN’s IMP
»TCP/IP (1978)
»DNS (1983)
»NSFNet (1987)
»WWW (1993)
»Google (1998)
‹#› - Michael Wilson - 7/17/2015
Internet Ossification
 Barriers
to Innovation
»Immense scale of the Internet
»Many, many stakeholders
»Critical dependencies
 Tension
between innovation and backward compatibility
»Incremental changes of limited value
»Truly innovative, disruptive changes nearly impossible
 Downside
of Incremental changes
»Increased Complexity (bandaids on bandaids on bandaids)
»Decreasing opportunity for incremental change
»Inability to change underlying assumptions
‹#› - Michael Wilson - 7/17/2015
Internet Ossification
 Approaches
 Clean
to Internet Innovation
Slate
»Accept that change will be disruptive and redesign from scratch.
Eventually, the cost of the status quo will be more than the cost
of disruption during migration.
 Overlays
»Create a network on top of today’s Internet, and make your
changes there. If it’s a stunning success, downward migration
will follow.
 Underlays
»Create a new network platform on top of which many competing
overlay networks run, isolated from each other.
‹#› - Michael Wilson - 7/17/2015
Contents
 Internet
Ossification
 Clean Slate
»Clean Slate Project
 Overlays
»Planetlab
 Underlays/Virtualization
»Diversified Internet Architecture
 GENI
»Global Environment for Network Innovation
‹#› - Michael Wilson - 7/17/2015
Clean Slate Program
 Program
hosted out of Stanford
 Emphasis on long-term goals and motivated by two
questions:
»“With what we know today, if we were to start again with a clean
slate, how would we design a global communications
infrastructure?”
»“How should the Internet look in 15 years?”
 Fairly
recent program, September 2006.
»Results still “half baked or a tenth baked” according to
researchers in the program
»Some prior work in the older 100x100 program
‹#› - Michael Wilson - 7/17/2015
Clean Slate Program
 Currently
7 major areas of research:
»Flow-level Models for the Internet
»Wireless Spectrum Usage
»Fast Dynamic Optical Light Paths
»Enterprise Network Security
»Rate Control Protocol
»NetFPGA Platform
»Web Security Projects
‹#› - Michael Wilson - 7/17/2015
Clean Slate Program
 Flow-level
Models for the Internet
 Motivation:
Internet design validation
»Simulation

more accurate but scales poorly to very large networks.
»Theoretical models are lacking in two major ways
No end-to-end semantics
 No flow-level dynamics

 One
of the least developed of the program areas
(no publications yet)
»Expect to see some in the next few years!
‹#› - Michael Wilson - 7/17/2015
Clean Slate Program
 Wireless
Spectrum Usage
 Motivation:
Wireless spectrum use is inefficient
»Inefficiency is due to out-dated FCC regulation of the spectrum
»New model examines spectrum allocation by way of:
Game Theory
 Distributed Control

 Current
results are in game theory
»“Competition in Wireless Systems via Bayesian Interference
Games” - Sachin Adlakha, Ramesh Johari, Andrea Goldsmith
(still in peer review)
»Demonstrates Nash equilibria for “interference games” with
incomplete information. Shows a need for a regulatory protocol
to avoid a suboptimal equilibrium.
‹#› - Michael Wilson - 7/17/2015
Clean Slate Program
 Fast
Dynamic Optical Light Paths
 Motivation:
Internet backbone routers are connected by
static circuits
»Requires overprovisioning (capacity and computation)
»Serious problem with cost, power consumption, heat dissipation
 Suggestion
»Use photonic switching in the core

One tenth the cost and power, 10x speed
»Make the transport layer aware of switching possibilities

Access routers dynamically set up and tear down paths through a
core optical mesh
‹#› - Michael Wilson - 7/17/2015
Clean Slate Program
 Enterprise
Network Security
 Motivation:
Enterprise network management is complex
and error prone
»Security is usually dependant on specialized middleboxes
»Heterogeneous device management interfaces
 New
management architecture: Ethane
»Policy declared over high-level names
»Traffic paths determined by policy
»Strong binding between packet and origin
 Published
in SigComm 2007
“Ethane: Taking Control of the Enterprise”
‹#› - Michael Wilson - 7/17/2015
Clean Slate Program

Ethane (cont’d)
» Ethane is a real system in use
at Stanford
» Centralized control architecture

Experimental results show
management scales to at least
25,000 nodes on a single
commodity PC
» Low-level switches have flow
tables that describe allowable
traffic
» Traffic not matching any
existing flow is forwarded to
controller
» Controller allows or denies flow,
establishes new filters in
switches along the path and
forwards packet along
‹#› - Michael Wilson - 7/17/2015
Figure from SigComm07 Ethane Paper

Ethane switches implemented in:
» 802.11g wireless (OpenWRT)
» NetFPGA Card
» Linux PC (for rapid deployment)

Ethane switches are simpler than
full ethernet switches
Clean Slate Program

Rate Control Protocol (RCP)

Motivation: Current congestion control is inefficient for shorter
flows
» 90% of flows never leave Slow Start
» STCP/FastTCP/XCP are inefficient for today’s typical flow (1000 packets)

RCP – Processor Sharing for rate control
» Packets carry rate estimates
» Each router estimates number of flows
» If fair rate is less than current rate seen in packet, overwrite it
» Performs well in tests

Published in numerous conferences, including SigComm CCR 06,
Hotnets-IV, International Workshop on QoS (IWQoS05), Infocom06
workshop “The Terabits Challenge”, and Dr. Nandita Dukkipati’s Stanford
dissertation.
‹#› - Michael Wilson - 7/17/2015
Clean Slate Program
 NetFPGA
Platform
 Motivation:
algorithms
Hardware acceleration of network
»PCI-based FPGA with 4x1Gbps ethernet ports
From the NetFPGA Infosheet
»On-board queuing
»3Gbps board-to-board
interconnection
»Commercially available
Published (MSE'2007)
 Used to teach a class
in building Internet
Routers

‹#› - Michael Wilson - 7/17/2015
Clean Slate Program
 Web
Security Projects
»Loosely affiliated with the Clean Slate Program
 Motivation:
Attackers target web users
»Phishing by spoofed sites, context aware phishing, and password
theft
 Browser
extensions for anti-phishing
»SpoofGuard: detect spoofed sites and warn the user
»PwdHash: generate phishing-resistant passwords
»SafeCache, SafeHistory : segment browser cache by origin

Publications: SpoofGuard [NDSS’04], PwdHash [Usenix Security
Symposium ’05], SafeCache/SafeHistory [ACM WWW ’06]
‹#› - Michael Wilson - 7/17/2015
Clean Slate Program
 Personal
thoughts
 Pro:
»Well-motivated projects with good contributions
»In conjunction with other projects, Clean Slate offers some
tremendous resources.
 Con:
»Deployment strategy is weak. Particularly for the more radical
suggestions (E.g., RCP) how can we obtain wide deployment?

Some of the single-domain projects can be deployed (Ethane, web
browser security)
»Approach is somewhat scattershot. There is no “big picture.”

On the plus side, this allows focus on the most important individual
projects.
‹#› - Michael Wilson - 7/17/2015
Contents
 Internet
Ossification
 Clean Slate
»Clean Slate Project
 Overlays
»Planetlab
 Underlays/Virtualization
»Diversified Internet Architecture
 GENI
»Global Environment for Network Innovation
‹#› - Michael Wilson - 7/17/2015
Overlays
 PlanetLab
»For researchers, this is the most important overlay to know!
 Overlay
network testbed
»Researchers can request a slice of the overlay network for
experiments with large-scale services.
 Deployment
platform
»Once a new service has been created and tested, it can support
a client base of actual users.
 The
paradigm: Experiment to Deployment
‹#› - Michael Wilson - 7/17/2015
Overlays
 What
is PlanetLab?
 Planetlab
consists of a large number (>800) of nodes
distributed around the world.
»Nodes are hosted at participating institutions and companies,
with peering links on most major backbone providers
»Researchers allocate a slice of Planetlab resources
A slice: a set of processing nodes
 communicate with each other over UDP tunnels (transparent to the
experimenter)

»All nodes are managed by Planetlab Central (Princeton)
Imaged-based network boot
 Uniform administration
 Thorough logging for accountability

‹#› - Michael Wilson - 7/17/2015
Overlays
Slices
Diagram courtesy Larry Peterson’s Planetlab Presentation
‹#› - Michael Wilson - 7/17/2015
Overlays
Slices
Diagram courtesy Larry Peterson’s Planetlab Presentation
‹#› - Michael Wilson - 7/17/2015
Overlays
Per-Node View
Node
Mgr
Local
Admin
VM1
VM2
…
VMn
Virtual Machine Monitor (VMM)
Diagram courtesy Larry Peterson’s Planetlab Presentation
‹#› - Michael Wilson - 7/17/2015
Overlays

Uses of PlanetLab
» Too many to list, but some of the major services are:










Content Nistribution Networks (CDN) (at least 4)
Distributed Hash Table (DHT) (2)
DHT-based Name Resolution (1)
Location Service (1)
Anycast network (1)
File transfer networks (4, 2 experiments not running)
Network diagnostics (5)
Routing overlay (4)
Anonymous communication overlay (2)
PlanetLab lists 54 papers related to or enabled by Planetlab,
and 7 PhDs.
‹#› - Michael Wilson - 7/17/2015
Overlays
 Other
overlays
»Colyseus

DHT-based overlay designed to ease latency constraints by leveraging
tolerance for weak consistency. “Colyseus: A Distributed Architecture
for Online Multiplayer Games” [NSDI ’06]
»Bittorrent

Peer-to-peer file transfer. Bittorrent was designed pragmatically, with
ad hoc principles. Current research is focused on understanding all
of the implications, such as impact on ISPs.
»Akamai

Unquestionably the most successful CDN. Networking researchers
study Akamai to determine what makes this CDN so successful. One
interesting paper is “Drafting Behind Akamai” [SigComm ’06], which
showed how one-hop routing overlays could use Akamai redirections
for improved network performance.
‹#› - Michael Wilson - 7/17/2015
Overlays
 Personal
thoughts
 Pro:
»Allow for immediate deployment and testing
»Allow for application-aware network forwarding
 Con:
»Underneath, it’s still the same old Internet with the same old
flaws (No QoS, no network-level security)

…but what about dedicated links?
»Nothing truly disruptive can be deployed on an overlay without
impacting the Internet
‹#› - Michael Wilson - 7/17/2015
Overlays
 Overlay
Hosting Services
 What
if we had dedicated bandwidth connecting
distributed overlay nodes?
»Overcomes the QoS problem!
»Last mile could be short-hop IP tunnels
 Current
cost.
barrier to innovative networks is deployment
»Single organization could implement an overlay hosting service
»Entrepreneurs could contract with the hosting service to deploy
new overlay networks
 Who’d
want such a thing? GameRail comes to mind…
‹#› - Michael Wilson - 7/17/2015
Contents
 Internet
Ossification
 Clean Slate
»Clean Slate Project
 Overlays
»Planetlab
 Underlays/Virtualization
»Diversified Internet Architecture
 GENI
»Global Environment for Network Innovation
‹#› - Michael Wilson - 7/17/2015
Underlays/Virtualization
 Diversified
Internet Architecture
»Project here at ARL, Washington University
 General
Concept
»Provide a common substrate on top of which new networks will
run

Metanetworks – “Virtual” is so overloaded today that we’ll co-opt a
new name.
»Today’s Internet would run as an overlay on top of the substrate
»Other metanets would share the same infrastructure

Strong isolation guarantees
 Substrate
provides only resource provisioning
»Substrate platforms host metarouters
»Metarouters connected by provisioned metalinks
»Metarouters and metalinks dynamically provisioned on request
‹#› - Michael Wilson - 7/17/2015
Underlays/Virtualization
substrate
link
metalink
substrate
platform
meta
router
metanet
protocol
stack
‹#› - Michael Wilson - 7/17/2015
substrate links
may run over
Ethernet, IP,
MPLS, . . .
Underlays/Virtualization
ISPs
become
substrate
domains
metanets
span multiple
domains
‹#› - Michael Wilson - 7/17/2015
Underlays/Virtualization
 Minimize
the substrate
»Substrate will be hard to change
»Keep it simple, allow metanets to provide complex services
»Provide raw resources to metanets, and nothing else!
»Support diversity of resource types
 Metanets
provide all interesting functionality
»Host mobility: metanet requests metalink changes as hosts
move
»Security: substrate enables metanets to provide security

Spoofless networks: metalinks provide point-to-point connectivity
»End-to-end delivery: metanet handles routing, reliability, etc.
‹#› - Michael Wilson - 7/17/2015
Underlays/Virtualization
 What’s
new here?
 Resource
provisioning is a core concept.
»All metalinks have performance guarantees, although “Best
Effort” is a valid option
»Metalinks extend all the way to the network edge
»Hosting platforms are open for metarouters
»Isolation is strictly enforced

…unless a metanet wants to interact with another metanet!
 Barriers
to innovation are reduced
»Metanet providers lease resources from substrate providers
12-month lease on 4 metarouters and 50 metalinks: cheaper than
running miles of cable!
 Pay for right now… or make long-term leases for long-term plans

‹#› - Michael Wilson - 7/17/2015
Underlays/Virtualization
 Personal
thoughts
 Pro:
»No longer such a thing as a disruptive technology
»Denial of Service attacks mitigated – isolation and leased
resources
»Barriers to innovation reduced
»Maintains backward compatibility – today’s Internet makes an
acceptable metanet

Provides a deployment direction
»All of the Clean Slate projects help support a Diversified Internet
 Con:
»Years from development, let alone deployment
»Virtualized platforms are always slower or more expensive than
native platforms.
‹#› - Michael Wilson - 7/17/2015
Contents
 Internet
Ossification
 Clean Slate
»Clean Slate Project
 Overlays
»Planetlab
 Underlays
»Diversified Internet Architecture
 GENI
»Global Environment for Network Innovation
‹#› - Michael Wilson - 7/17/2015
GENI
 GENI
»Global Environment for Network Innovation
 NSF
funded program to develop a large scale
experimental facility for network innovation.
Compatibility with the Internet is not required.
»Many ideas from PlanetLab – virtualization still key
»Focus is on the network, not applications
»Security, Mobility
»Resource control, Isolation
»High performance platforms (10Gbps)
‹#› - Michael Wilson - 7/17/2015
GENI
 Goals:
 Slices,
like PlanetLab
 Wide deployment, like PlanetLab
 Experiment to Deployment, like PlanetLab
 Resource Broker, like the DIA
 Isolation, like the DIA
 Enable “Clean Slate” types of experiments
 Instrumentation / Sensors – to track experiments
 Is
GENI the next Internet?
»Maybe, maybe not. GENI is for experimentation. However, the
ideas developed in GENI will certainly be a part of it.
‹#› - Michael Wilson - 7/17/2015
Conclusions
 These
are some of the approaches to the Next-Gen
Internet architecture.
»Clean Slate
»Overlays
»Underlays/Virtualization
 Right
now, PlanetLab gives the best “immediate
gratification.”
 GENI aims to be the next step.
‹#› - Michael Wilson - 7/17/2015
Questions?
‹#› - Michael Wilson - 7/17/2015
Supplemental Slides
‹#› - Michael Wilson - 7/17/2015
RCP Algorithm
From Nandita Dukkipati’s presentation on RCP
‹#› - Michael Wilson - 7/17/2015