What are Active Networks
Download
Report
Transcript What are Active Networks
Author : David Wetherall
([email protected])
Presented By : Gokul Nadathur
([email protected])
Tour Guide ...
Introduction
Design of ANTS
Implementation of ANTS
Protection and resource management issues
What’s beyond active networks …
Active Networks : Visions and
Reality
2
What is an Active Network
?
• Network architecture that allows :
– Application Customized Code to be dynamically
deployed in the network
– Code to be Executed in a controlled framework
within the network
• Similar to extensible operating systems (SPIN,
Synthesize etc)
• Packet = Code + data
Active Networks : Visions and
Reality
3
Motivation
Client
Result
Client
Bid
Server
Schema for Auction Service
Dynamic deployment of
new Internet services
Online Auctions
Client submits bids
Central Server processes bids
Responds to requests for
current price
During high load on server,
current price may become
invalid by the time it reaches
the client
Active Networks : Visions and
Reality
4
Auction Service in an Active
Network
Client
Bid
Active
Router
Fail
Bid
Filter
Customized forwarding
routine in active router
if (bid is valid) success else
fail
Filters low bids in the
network before they reach
server
Server periodically updates
current prices to active
routers
Lowers load on server
Server
Active Networks : Visions and
Reality
5
Apprehensions
Security
Untrusted user code executing in core routers - Is it safe ?
Efficiency
Dynamic code distribution consumes bandwidth
Every packet now requires additional processing
Auction Service example :Every router has to check if ( user bid > current bid )
Kills packet forwarding performance
Active Networks : Visions and
Reality
6
ANTS
Architecture designed to provide extensible network
layer service
Routers are active
Extendable at packet level in the form of Capsules
A code distribution scheme
Active Networks : Visions and
Reality
7
Entities in ANTS
Active Nodes :
Programmable routers connected to IP routers through network
channels
Maintain a cache of forwarding code (protocols) and data used
by different services
Responsible for secure execution of forwarding code
Active Networks : Visions and
Reality
8
Capsules
ANTS Header
IP header
Version
Type
Previous Address
Dep fields Payload
Type
Identifier for the forwarding routine to be executed (carries code
by reference)
Previous address
Where to get the forwarding routine from if it is not available in
the present node (Code Distribution)
Dependent Fields
Parameters for the forwarding code
Payload
Header + data of higher layers
Active Networks : Visions and
Reality
9
Example
Client
Bid
Code
Code Request
Active Router
(Caches
Forwarding
Code)
Previous Address field
Server
Online Auction :
FILTER Capsule : Sent
periodically by server to
update current bids
BID Capsule : Used by client
to submit bid
Forwarding Code not found ?
Code provided by end user
software
Light weight Code
Distribution within the
network
Active Networks : Visions and
Reality
10
Code Distribution
Capsule
Capsule
Extract
Type
Continue
Execution
Wake up
Capsule
No
Check in
Cache
Yes
Bootstrap
code to cache
Active Networks : Visions and
Reality
Suspend
Execution
Discard on
Timeout
Fetch code from
Previous Addr
Receive
Response
11
Code Distribution (Contd)...
Need for Bootstrap Capsules to transfer code
Well known type (System Capsules)
Directory service for selecting protocols
Advantages
Adapts to packet loss, node failures, changing routes
Disadvantages
High Latency of loading can trigger end-system timeouts
Active Networks : Visions and
Reality
12
Implementation
Active
Node
Runtime
• User level process in Java
• Node Runtime :
Application
CH 1
Soft Store
Cached
code + data
– Schedules and executes
capsule instances
– Controlled access of soft
store using restricted API
Node API
CH 2
• Channel Class : Creates
Capsule instance from IP
packet
• Capsule : Execute custom
forwarding routines from cache
Active Networks : Visions and
Reality
13
Protection Schema
Type : MD5 fingerprint of forwarding routine
Prevents code spoofing
Provides authentication free foundation
Java SandBox
Prevents untrusted code from corrupting node runtime
type field is defined as constant
Impossible to create a Firewall
Very Slow ( PLANet - 3 times faster)
Active Networks : Visions and
Reality
14
Protection Schema ...
Code is read-only
Data is protected by hashing the store on the type of
service to which it belongs
Active Networks : Visions and
Reality
15
Shared State Protection
R/W sharing of Cached state between related capsule
types
Auction Example :
FILTER Capsule sent by server updates current bids
BID Capsule sent by client uses this data to validate its bid
Hierarchical Fingerprint for shared state :
Complex Type identifiers for shared state
Forwarding routines A and B share state
Type identifier for shared state: (A,(A, B)H )H and (B,(A, B)H )H
Identifies a single service (A, B)H to which both A and B belong
Active Networks : Visions and
Reality
16
Resource Management
Unbounded utilization of
Computing resources (Long forwarding routines)
Network Bandwidth ( Flooding child capsules )
Solutions :
Watchdog timers for breaking long forwarding routines
TTL to limit number of hops
Static limit on fanouts
Application floods Network
network based resource allocation
Active Networks : Visions and
Reality
17
Open Issues
Administrative Issues
Who can introduce new services ?
Hackers Paradise
Open Research Area : A Killer Application ?
Active Networks : Visions and
Reality
18
And Beyond …
Radio Active Networks
Adaptable Wireless Network Architecture
Extend programmability to physical layer
Uses Software Radios and Active Networks
Higher layers interact with physical layer to observe changing
conditions
Based on the change appropriate physical layer is selected
Example : Basestation to mobile system
Dynamically create channels according to mobile host
population
Create channels of different priority and QoS
Active Networks : Visions and
Reality
19