Mobile, Jon`s Hacks!etc

Download Report

Transcript Mobile, Jon`s Hacks!etc

Network Architecture (R02) #4
Location and Identity
Jon Crowcroft,
http://www.cl.cam.ac.uk/~jac22
http://www.cl.cam.ac.uk/teaching/1011/R02
IP addr v. Id+Loc


IP Addr == Interface + Route Hints.
TCP state = 5 tuple





If we move, have to get new addr to be
reachable
Need to advertise (DNS) for new people
Need to tell old people to reconnect



Src+Dst port Src+Dst Addr, IP Proto
Can’t change during session
Or tunnel, or rewrite to maintain TCP
Mobile IP has agents to do tunnels
Mobile IPv6 can cut the triangle case out
Why not just leave as mobile ip



Don’t like triangles for ipv4
Don’t like tunnel overhead
So what about new addr trick


Map/encap service or
IPv6 trick (8+8, for example)
Re-write v. map/encap


As all said, re-write has potential
security problems, but low
overhead/scales in router terms
But map/encap has deployment
simplicity, but o/h problems - both for
encap and for binding service
-ve security for re-write?
Not clear there really is a security problem
Re-writer == NAT, we trust NATs now!
E2D TCP/IP 5 tuple assumes





IPv4 I/f+route is some sort of secure thing
Never true!
Correct model is TCP state should be bound
to EID, and not care about last hop of
path/route at all!



Syn-cookie/nonce to secure state
Or TSL/SSL or other
-ve overheads for map/encap

As currently formulated…


Fast moving device would cause a lot of rebinding
But why not try to localize this?


Movement geographically often doesn’t change
provider or even topology much
Separate geo/topo/provider cases and deal with
seperately?
Alternative 1 - just ignore

Today, clients move; servers fixed



Move- get new IP via DHCP
Break TCP connection
HTTP recover



Cross layer optimise recovery
RTP/UDP don’t care…
Or use Multipath TCP and just add
subpath transparently (make before
break, though)
What about both ends move?

In a way, unusual!





But if routers are also part of movement,
then very “ad hoc” world - so
Make hosts routers
Believe their route updates…
Use App level recovery, or MPTCP make
before break
What about new clients of re-moved
servers?
Alt 2 - change TCP



TCP shares state with routers today in
Compressed header case
So why not cache this info
When you move, send a “SYN” packet from
new addr with compressed state reset to
other end (if it hasn’t moved)


If it has moved, then the router there


And copy to router where we _were_(*)
Which should have state(*) to forward it
Could generalise for all bi-dir protocols (most
transport protocols have roughly symmetric
packet counts)
DNS

DNS update with TTL 0 is




not that big a deal!
Even the whole DNS Update rate on one
large site isn’t that big a deal
www.tjd.phlegethon.org/words/thesis.pdf
Experimental results (see



Naming for Networking byAtkinson&Bhatti
http://www.cs.st-andrews.ac.uk/~saleem/publications.html
http://portal.acm.org/citation.cfm?id=1298105
DNS Update rate




Locality?
In london, 10M people move over 1 hour
in commute
10^7/60*60 <10000 updates per second
This is trivial to run a transaction
(secure DynDNS) for on a single
machine…
New topic: Scaling == Complexity?



When we ask if an architecture, system
or protocol scales, what do we mean?
Computer Science defines complexity
In terms of incremental cost of
algorithm in terms of input scale - e.g.



Dijkstra is O(n^2) cpu in number of routers
Link state is O(E) msgs in number of edges
A FIB might be O(ln(n)) memory re: routers
Other types of complexity?

Yes - emergent properties

Synchronisation effects


Phase shifts


Most web data cacheable, verus most dynamic
Interactions 



Most long flow or most short (tcp congestion control
regimes)
Different operating regimes


Routng update-resonance
Scanning worm versus routing updates
Epidemic, Pandemic, no spread
Susceptibility, Infectious, Recover, Mortality?
Other?
Complex versus Complicated?

Some stuff is complicated





E.g. network configuration (CLI/IOS)
Important, but not really amenable to
much CS
But could undermine safety
C.f. BGP misconfigs locally disrupt global
system.
Other eg.??
Next talk for 2/11/10
Naming in the Internet has been unchanged since
Original DNS design, largely
Look at Intential Names and Content Centric Names
And discuss what new benefits they bring beyond
The DNS!