Transcript Defense
Overcoming the Internet
Impasse through Virtualization
Defense
Chen, Jiazhen & Teng, Xian Yi
The problem we face
• Internet’s increasing ubiquity and centrality has
brought with it a number of challenges for which
the current architecture is ill-suited.
• To support new application
– Modifications have arisen to meet legitimate needs
that the architecture itself could not.
• However, modification serve a valuable short-term purpose
• But impair the long-term flexibility, reliability and
manageability.
The Impasse
• Since the current architecture is not well
suited to nowadays application.
– WHY NOT Design a new one?
• The Impasse:
– Persuade ISPs to adopt a new architecture
– Traditional test-beds have limitations.
Our Goal
• To issue a call to ACTION!
– Cease being satisfied with paper design that
have no future.
– Overcome the Impasse.
• To reduce the barrier to evaluate new idea
in architectural design.
– How to make a test that simulates the reality?
How to OVERCOME
•
3
separate requirements
– Easily experiment with new architectures on live
traffic
– A plausible deployment path s. t. design can come
into practice.
– Comprehensively proposed architectural solutions
• To meet these requirements
– We propose a Virtual Test-bed
Virtualization
• A high level abstraction that hides the
underlying implementation details.
– Let node treat an overlay as if it were the
native network
– Multiple overlays are simultaneously used
• This approach does not require universal
architectural agreement
– More plausible deployment.
Limitations of
current approaches
• Two ways in which researchers currently
experiment with new architecture:
– Physical Test-beds
– Overlays
Limitations of
Physical Test-beds
• Production-oriented Testbed
– The users have no choice about whether or
not to participate in the testbed
• Research Testbed
– Driven by synthetically generated traffic
• Both utilize dedicated transmission links
– Involve substantial cost.
Limitations
of Overlays
• Advantages
– Not limited geographically
– Usage is voluntary
– Not involve significant expenditure
• Drawbacks:
– Overlays have been seen as a way of deploying
narrow fixes to specific problems
– Overlays have been architecturally tame, most
typically assume IP as the architecture inside the
overlay itself
• No dramatic architectural advancement
Virtual Testbed
• Two basic components
– Substrate Overlay
• Set of dedicated but multiplexed overlay nodes
• Amortized by concurrently running experiments
– Drastically lower the barrier-to-entry for individual researcher.
– General Client-proxy mechanism
• Allows any host to opt-in to a particular experiment
• Treats nearby overlay node as the host’s first-hop router
– Not require IP addressing
• Multiplexed substrate overlay and general proxy
solve the barrier-to-entry and architectural
limitations.
Virtual Testbed - 2
• However there are issues to explore
– To achieve sufficiently high throughput rates
on PlanetLab nodes.
• The packet forwarding capability of nodes has
physical limitation.
• New designed architecture may purpose to
achieve higher throughput.
– Virtual links cannot compete with dedicated
links [QoS]
How the Proxy works
• Either return the true IP address of fake IP
address
– For fake IP address, the packets can be
forwarded to the nearest VT node
• The VT node can do whatever it wants with the
packet.
– At the boundary of VT,
• VT egress node, reconverts the packet into
Internet format for delivery to the server
– Similar to NAT
Drawbacks of VT
• Cannot control the Quality of Service of
packets traversing the virtual testbed.
• However, we assume
– Routing and Addressing that more urgently
warrant attention and for which the virtual test
bed approach is well-suited
Related works
• Part of the idea is not new
– X-bone
• Suite of tools supports automated establishment and
management of overlays.
– Virtual Internet [VI]
• Allows multiple levels of virtualization
• But, it is closely tie to the current Internet architecture
• But different emphasis
– The focus on the VT is on the virtualization of overlay
nodes themselves. [X-bone vs. VT]
– Aim at new architecture design. [VI vs. VT]
Future Plan for VT
• To Include a high performance backbone
• High-speed backbone with PlanetLab has
two major advantages:
– PlanetLab-based overlays serve as an access
network for the backbone bring real traffic
– Developing and deploying the hardware does
not gate the architectural work.
Deployment
• Old story (discredited): “next generation”
architecture -> validation -> magic ->
adopted by ISPs, router vendors
• Our strategy: NGSP has new architecture
-> overlay supporting it, proxy software =>
backwards compatible
• If successful, NGSP offers direct access,
or competitors start adopting
Deployment
• Overlays as opportunity to radically
change architecture instead of merely
providing limited enhancements
Deployment
• New architecture could be supported natively
• Single NGSP or long-running virtual testbed
• Successful -> attract more users ->
architecture migrates from virtual testbed to
dedicated
• Instead of single architectural winner, might
be large number of narrowly targeted
overlays
• Prevent chaos -> coordination
Virtualization:
Means or Ends
• Virtual testbed approach uses
virtualization:
– Overlay is qualitatively equivalent to native
network, users freed from local ISP, network
providers don’t need to deploy new
functionality at every node
– Many virtual testbeds running simultaneously,
reduced barrier-to-entry
Virtualization:
Means or Ends
• Means:
– Architectural changes are rare
– Purist view
– Virtualization is means for architectural
change
– Architecture must have flexibility
Virtualization:
Means or Ends
• Ends:
– Internet changes constantly, with many
coexisting components
– Pluralist view
– Virtualization is crucial to support many
components and constant change
– Flexibility is in adding or augmenting overlays
Virtualization:
Means or Ends
• Don’t know which is correct, but our
approach lets us find out
Conclusions
• If new architecture is promising, ISPs, router
vendors will adopt
• No longer true, so researchers narrowed their
focus -> empirical or incremental studies ->
insufficient to meet new Internet requirements
• Through virtual testbeds, hopefully there will
be new research unrestricted to incremental
designs
• Through new deployment strategy closer to
experimental methodology, raise sights of
researchers
Oasis: An Overlay-Aware
Network Stack
Harsha V. Madhyastha, Arun
Venkataramani, Arvind Krishnamurthy,
and Thomas Anderson
University of Washington and
University of Massachusetts Amherst