Multi-homing

Download Report

Transcript Multi-homing

T-110.455 Network Application
Frameworks and XML
Distributed Hash Tables (DHTs) and
multi-homing
16.2.2005
Sasu Tarkoma
Based on slides by Pekka Nikander
Contents

Introduction




Layered model, routing table vs. address
Multi-homing
Overlay networks
Summary
Introduction


A name determines the node / service
An address gives its location





May change in mobility
A path determines how to get there
Routing determines the path from an
address
Directories convert names to addresses
You can think of routing tables and
directories as distributed databases
Layered-model revisited
Finding, meta-data, invoking,
syncing, mobility. Web Services
Object API
Presentation
XML presentation
DNS names
Firewall bypass
Congestion control
End-to-end
IP addresses
Routing
Routing paths
Topology in address vs.
routing table
Reactive
AD HOC
(MANET)
routing
Proactive
ad hoc
(MANET)
routing
ATM
PNNI
Pure source routing
Original IP
CIDR routing
Host-based hop-by-hop
Identity/Locator split

New name space for IDs





Maybe based on DNS
Maybe a separate
namespace
Maybe IP addresses are
used for location
Good for hiding IP versions
Communication endpoints (sockets) bound to
identifiers
Process
Transport
identifier
ID Layer
IP Layer
Link Layer
locator
Multi-addressing

Multi-homing




Server has multiple addresses on different
networks for increased reliability
Client has multiple addresses
Multi-homing requires support for
address change
Topology change can cause
renumbering



From old prefix to new prefix
Changing the IP host addresses of each
device within the network
Related with multi-homing and must be
supported by mobility protocols
HIP, SCTP
Multihoming
End-host
multihoming
End-host
mobility
Mobility
Mobile IP,
HIP,
One
SCTP
host
reliability, loadsharing
SoHo site
multihoming
enterprise
multihoming
Moving
ad hoc
multi-homed
networks Site multihoming networks
challenge: prefixes
Moving networks
create additional state
(NEMO) MULTI6 in IETF for
IPv6 multihoming
Single
Parts of
All
subnet
topology
hosts
Multi-homing Examples
Site multi-homing
ISP1
End-host multi-homing
NAT1
Multi-homed
site
ISP2
Internet
NAT2
WLAN
GPRS
Wireless Host
Multi-homing

End-host multihoming

Transport-level (SCTP)



Locator / Identity split




Good when there is a connection
Needs mobility management for boot-strapping
Host Identity Protocol
Natural way to decouple topological
location/locations and identity
Needs directories to solve bootstrapping
problems
We need directories for coping with
mobility and multi-homing

Scalability, low latency updates
Overlays



Motivation
Terminology
Overlays


Clusters and wide-area
Applications for DHTs


Internet Indirection Infrastructure (i3)
Delegation Oriented Architecture (DOA)
Motivation for Overlays

Directories are needed


Name resolution
Mobility support


Required properties



Fast updates
Scalability
DNS has limitations



Fast updates
Update latency
Administration
One solution

Overlay networks
Terminology

Peer-to-peer (P2P)



Overlay networks


Routing systems that run on top of another
network, such as the Internet.
Distributed Hash Tables (DHT)



Different from client-server model
Each peer has both client/server features
An algorithm for creating efficient distributed
hash tables (lookup structures)
Used to implement overlay networks
Typical features of P2P / overlays

Scalability, resilience, high availability, and
they tolerate frequent peer connections and
disconnections
Peer-to-peer in more detail

A P2P system is distributed



Large faction of nodes are unreliable



Nodes come and go
P2P enabled by evolution in data
communications and technology
Current challenges:


No centralized control
Nodes are symmetric in functionality
Security, IPR issues
P2P systems are decentralized overlays
Evolution of P2P systems

Started from centralized servers

Napster



Second generation used flooding

Gnutella



Centralized directory
Single point of failure
Local directory for each peer
High cost, worst-case O(N) messages for
lookup
Research systems use DHTs


Chord, Tapestry, CAN, ..
Decentralization, scalability
Challenges

Challenges in the wide-area




Scalability
Increasing number of users, requests, files,
traffic
Resilience: more components -> more
failures
Management: intermittent resource
availability -> complex management
Overlay Networks



Origin in Peer-to-Peer (P2P)
Builds upon Distributed Hash Tables
(DHTs)
Easy to deploy



No changes to routers or TCP/IP stack
Typically on application layer
Overlay properties



Resilience
Fault-tolerance
Scalability
Upper layers
DNS names, custom
identifiers
Overlay
Overlay addresses
Congestion
End-to-end
Routing
IP addresses
Routing paths
Cluster vs. Wide-area

Clusters are





single, secure, controlled, administrative
domains
engineered to avoid network partitions
low-latency, high-throughput SANs
predictable behaviour, controlled environment
Wide-area




Heterogeneous networks
Unpredictable delays and packet drops
Multiple administrative domains
Network partitions possible
Wide-area requirements



Easy deployment
Scalability to millions of nodes and
billions of data items
Availability



Copes with routine faults
Self-configuring, adaptive to network
changes
Takes locality into account
Distributed Data Structures
(DSS)


DHTs are an example of DSS
DHT algorithms are available for clusters
and wide-area environments


Cluster-based solutions



They are different!
Ninja
LH* and variants
Wide-area solutions



Chord, Tapestry, ..
Flat DHTs, peers are equal
Maintain a subset of peers in a routing table
Distributed Data Structures
(DSS)

Ninja project (UCB)



New storage layer for cluster services
Partition conventional data structure across
nodes in a cluster
Replicate partitions with replica groups in
cluster



Availability
Sync replicas to disk (durability)
Other DSS for data / clusters


LH* Linear Hashing for Distributed Files
Redundant versions for high-availability
Cluster-based Distributed
Hash Tables (DHT)





Directory for non-hierarchical data
Several different ways to implement
Each “brick” maintains a partial map
Overlay addresses used to direct to the
right “brick”
Resilience through parallel, unrelated
mappings
clients interact
with anyclient
service
“front-end”
client
service
DSS lib
Brick = singlenode, durable
hash table,
replicated
client
client
service
DSS lib
SAN
Service interacts
with DSS lib
Hash table API
Redundant, low
latency, high
throughput
network
storage
“brick”
storage
“brick”
storage
“brick”
storage
“brick”
storage
“brick”
storage
“brick”
DHT interfaces

DHTs offer typically two functions




put(key, value)
get(key) --> value
delete(key)
Supports wide range of applications

Similar interface to UDP/IP





Send(IP address, data)
Receive(IP address) --> data
No restrictions are imposed on the
semantics of values and keys
An arbitrary data blob can be hashed to
a key
Key/value pairs are persistent and global
Distributed applications
put(key, value)
get(key)
value
Distributed Hash Table (DHT)
Node
Node
Node
DHT balances keys and
data across nodes
Node
Some DHT applications









File sharing
Web caching
Censor-resistant data storage
Event notification
Naming systems
Query and indexing
Communication primitives
Backup storage
Web archive
Chord

Chord is an overlay algorithm from MIT


Chord is a lookup structure (a directory)


Stoica et. al., SIGCOMM 2001
Resembles binary search
Uses consistent hashing to map keys to
nodes


Keys are hashed to m-bit identifiers
Nodes have m-bit identifiers



IP-address is hashed
SHA-1 is used as the baseline algorithm
Support for rapid joins and leaves


Churn
Maintains routing tables
Chord routing I


A node has a well determined place
within the ring
Identifiers are ordered on an identifier
circle modulo 2m



A node has a predecessor and a
successor
A node stores the keys between its
predecessor and itself


The Chord ring
The (key, value) is stored on the successor
node of key
A routing table (finger table) keeps track
of other nodes
Finger Table



Each node maintains a routing table with
at most m entries
The i:th entry of the table at node n
contains the identity of the first node, s,
that succeeds n by at least 2i-1 on the
identifier circle
s = successor(n + 2i-1)

The i:th finger of node n
Finger
Real node
Maps to
1,2,3
x+1,x+2,x+4
N14
4
x+8
N21
5
x+16
N32
x+32
N42
6
m=6
2m-1 0
N56
N1
for j=1,...,m the
fingers of p+2j-1
Predecessor node
N8
N51
+1
+2
+4
N14
N42
+8
+32
N21
N38
+16
N32
Chord routing II

Routing steps




check whether k is found between n and the
successor of n
if not, forward the request to the closest finger
preceding k
Each know knows a lot about nearby
nodes and less about nodes farther
away
The target node will be eventually found
Chord lookup
m=6
2m-1 0
N56
N1
N8
N51
N14
N42
N21
N38
N32
Chord Properties




Each node is responsible for K/N keys (K
is the number of keys, N is the number of
nodes)
When a node joins or leaves the
network only O(K/N) keys will be
relocated
Lookups take O(log N) messages
To re-establish routing invariants after
join/leave O(log2 N) messages are
needed
Tapestry

DHT developed at UCB


Used in OceanStore



Secure, wide-area storage service
Tree-like geometry
Suffix - based hypercube


Zhao et. al., UC Berkeley TR 2001
160 bits identifiers
Suffix routing from A to B


hop(h) shares suffix with B of length digits
1245 routes to 5432 via


5432 -> 3235 -> 1245 -> 6245 -> 1245
Tapestry Core API:



publishObject(ObjectID,[serverID])
routeMsgToObject(ObjectID)
routeMsgToNode(NodeID)
Pastry I


A DHT based on a circular flat identifier
space
Prefix-routing





Message is sent towards a node which is
numerically closest to the target node
Procedure is repeated until the node is found
Prefix match: number of identical digits before
the first differing digit
Prefix match increases by every hop
Similar performance to Chord
Pastry II

Routing a message
 If
leaf set has the prefix --> send to
local
 else send to the identifier in the
routing table with the longest common
prefix (longer then the current node)
 else query leaf set for a numerically
closer node with the same prefix
match as the current node
 Used in event notification (Scribe)
Security Considerations

Malicious nodes


Attacker floods DHT with data
Attacker returns incorrect data




self-authenticating data
Attacker denies data exists or supplies
incorrect routing info
Basic solution: using redundancy
What if attackers have quorum?


Need a way to control creation of node Ids
Solution: secure node identifiers

Use public keys
Applications for DHTs

DHTs are used as a basic building block
for an application-level infrastructure

Internet Indirection Infrastructure (i3)


New forwarding infrastructure based on Chord
DOA (Delegation Oriented Architecture)

New naming and addressing infrastructure
based on overlays
Internet Indirection
Infrastructure (i3)

A DHT - based overlay network



Based on Chord
Aims to provide more flexible
communication model than current IP
addressing
Also a forwarding infrastructure




i3 packets are sent to identifiers
each identifier is routed to the i3 node
responsible for that identifier
the node maintains triggers that are installed
by receivers
when a matching trigger is found the packet is
forwarded to the receiver
i3 II


An i3 identifier may be bound to a host,
object, or a session
i3 has been extended with ROAM



Robut Overlay Architecture for Mobility
Allows end hosts to control the placement of
rendezvous-points (indirection points) for
efficient routing and handovers
Legacy application support

user level proxy for encapsulating IP packets
to i3 packets
R inserts a trigger (id, R) and receives
all packets with identifier id.
Mobility is transparent for the sender
the host changes its address from R1 to R2,
it updates its trigger from (id, R1) to (id, R2).
Source: http://i3.cs.berkeley.edu/
A multicast tree using a hierarchy of triggers
Source: http://i3.cs.berkeley.edu/
Anycast using the longest matching prefix rule.
Source: http://i3.cs.berkeley.edu/
Sender-driven service composition using
a stack of identifiers
Receiver-driven service composition using
a stack of identifiers
Source: http://i3.cs.berkeley.edu/
DOA (Delegation Oriented
Architecture)



Proposed to circumvent the harmful sideeffects of middleboxes
Middleboxes are used to improve
scalability, but they also constrain the
Internet architecture
Two changes




persistent host identifiers
a mechanism for resolving these
Each host has a unique 160 bit EID
(End-point Identifier)
Works in a similar fashion to HIP

EID hash of a public key, identity/locator split,
DOA II




DOA header is located between IP and
TCP headers and carries source and
destination EIDs
The mapping service maps EIDs to IP
addresses
This allows the introduction of various
middleboxes to the routing of packets
Outsourcing of intermediaries


Ideally clients may select the most useful
network elements to use
Differences to i3


Not a forwarding infrastructure
i3 does not provide a primitive for specifying
intermediaries
Layered-model
Object API
Presentation
Host Identity,
public key
Firewall bypass
Congestion control
IP addresses
End-to-end
Routing
Routing paths
Summary

Mobility and multi-homing require
directories


Overlay networks have been proposed




Scalability, low-latency updates
Searching, storing, routing, notification,..
Lookup (Chord, Tapestry, Pastry),
coordination primitives (i3), middlebox
support (DOA)
Logarithmic scalability, decentralised,…
Host/identity split and overlays for
directories seem good candidates for
solving many of the issues with mobility
and multi-homing