Скачать презентацию Active Networks The Network Future By Samatha Скачать презентацию Active Networks The Network Future By Samatha

db7df02f0b56f1b3bbb69937a47ff79b.ppt

  • Количество слайдов: 42

Active Networks – The Network Future By Samatha Gangapuram Prashant Shanti Kumar Harish Kumar Active Networks – The Network Future By Samatha Gangapuram Prashant Shanti Kumar Harish Kumar Maringanti

Assigned Unenviable task Ø What Ø Why Ø How Ø Where Assigned Unenviable task Ø What Ø Why Ø How Ø Where

Active Networks – What ? No general agreement beyond buzz phrases. “Active networks explore Active Networks – What ? No general agreement beyond buzz phrases. “Active networks explore the idea of allowing routing elements to be extensively programmed by the packets passing through them. ”

Legacy Vs Active Legacy Networks Active Networks Passive packet. Ø Rely on agreement about Legacy Vs Active Legacy Networks Active Networks Passive packet. Ø Rely on agreement about protocols. Ø Functionality built into each router. Ø Change is a long and wrenching process. Ø Ø Active Packet. Ø General agreement on model of computation. Ø Functionality in each packet. Ø Improved resilience to change.

AN - Services AN - Services

Active Networks – Why ? Ø Rapid deployment and development. Ø Creating and Tailoring Active Networks – Why ? Ø Rapid deployment and development. Ø Creating and Tailoring network services. Ø Better performance. Ø Open to deploy and administer.

Active Networks – How ? AN Paradigms Programmable Switch Model Ø Capsule Model Ø Active Networks – How ? AN Paradigms Programmable Switch Model Ø Capsule Model Ø Ad – hoc Model Ø

Active Networks – How ? Programmable Switch : Ø Code is first transferred to Active Networks – How ? Programmable Switch : Ø Code is first transferred to the nodes, out – of – band. Ø Packets are treated as data or input to the code.

Active Networks – How ? Capsule Model : Ø Each packet is a program. Active Networks – How ? Capsule Model : Ø Each packet is a program. Ø Each intermediate node executes the packet.

Active Networks – How ? Ad – hoc Model : Ø Packet contains flags. Active Networks – How ? Ad – hoc Model : Ø Packet contains flags. Ø Node contains in-built routines. Ø Based on flag, routines are executed.

A N - Terminologies Ø User Application (UA) Ø Active Application (AA) Ø Execution A N - Terminologies Ø User Application (UA) Ø Active Application (AA) Ø Execution Environment (EE) Ø Node Operating System (Node. OS)

Node. OS The Node. OS is the base layer of any AN architecture. Ø Node. OS The Node. OS is the base layer of any AN architecture. Ø It manages the resources of the active node and co-ordinates the resource demands. Ø Node. OS is also responsible for the enforcement of security policies. Examples SANE OS, JANOS, SCOUT, Exo. Kernel Ø

EE Nerve Center of the Active Node Responsible for all aspects of user-network interface. EE Nerve Center of the Active Node Responsible for all aspects of user-network interface. Ø Nature of programming model and abstractions supported. Ø Addressing and Naming facilities. Ø Examples Smart. Packets, ANTS, CANE

AA AA is a program and associated state capable of executing one or more AA AA is a program and associated state capable of executing one or more activities in a node, to perform some particular service. Ø AA is necessarily “portable” and dynamically installable or removable. Ø Examples Active Reliable Multicasts, Protocol Boosters, Active Congestion Control.

A N - Architecture App 1 App 2 Execution Environment A App 3 Execution A N - Architecture App 1 App 2 Execution Environment A App 3 Execution Environment B App 1 App 4 Execution Environment A App 3 Execution Environment B Node OS Transmission Facilities

Packet Transition I P UDP ANEP EE 1 I P UDP IP IP ANEP Packet Transition I P UDP ANEP EE 1 I P UDP IP IP ANEP UDP IP IP EE 2 ANEP IP IP TCP EE 3 TCP IP

Implementation Challenges Ø The network should be usable Ø The network should have high Implementation Challenges Ø The network should be usable Ø The network should have high flexibility Ø The implementation should be secure Ø The network should have high performance

Killer Arguments Ø Efficiency Ø Resource Allocation Ø Security Killer Arguments Ø Efficiency Ø Resource Allocation Ø Security

Efficiency Hiccups: Ø Bandwidth demand is growing faster than CPU speed – bad idea Efficiency Hiccups: Ø Bandwidth demand is growing faster than CPU speed – bad idea to execute arbitrary programs on packets. Ø Most programming languages are interpreted – JAVA byte code, plain interpreter. Cure: ØDon’t propose AN for the core of the Internet. ØUse just-in-time compilation, native code. ØHybrid architectures (high speed AN!)

Resource Allocation Hiccups: Ø Fairness in queuing is a problem. Ø Cannot guarantee Qo. Resource Allocation Hiccups: Ø Fairness in queuing is a problem. Ø Cannot guarantee Qo. S. Ø Cannot control Looping packets. Cure: ØProvide distributed control (Scaling). Øresource reservation in advance, resource preemption. ØLimit capabilities of the active packet.

Security Ø Security cannot be limited to peripheral nodes. Ø Possible threats: Overload based Security Ø Security cannot be limited to peripheral nodes. Ø Possible threats: Overload based Denial of Service Unauthorized access to the exposed control plane. Ø Secure Node doesn’t mean Secure Network.

Security at Node. OS Ø Security Enforcement through Authorizations. Ø Authorization policies are expressed Security at Node. OS Ø Security Enforcement through Authorizations. Ø Authorization policies are expressed in terms of Access Control Lists, which is a logical 3 - tuple of the form : Ø Node. OS has a security policy database and a policy enforcement engine.

Security at EE ØEach EE has it's own protection policy, possibly a security database Security at EE ØEach EE has it's own protection policy, possibly a security database and an enforcement engine. ØThe programming model that an EE supports must also be restricted to ensure network security. ØNo broad consensus on the division of responsibility for policy enforcement between the Node. OS and the EE.

Security in Switch. Ware Ø Uses ALIEN active loader. Ø Code Modules loaded on Security in Switch. Ware Ø Uses ALIEN active loader. Ø Code Modules loaded on the fly. Ø Restricts access using namespaces. Ø Uses a language specification called CAML.

AN – APPLICATIONS Ø Network Management Ø Multicasting Ø Caching Ø Active Congestion Control AN – APPLICATIONS Ø Network Management Ø Multicasting Ø Caching Ø Active Congestion Control Ø Security

Network Management ØNo polling required Ø Network Management ØNo polling required Ø"Patrol" and "first-aid" packets can track a problem and rectify it respectively. ØCode moved to node rather than data to management center Example: Delegated Management. Decentralization helps in scalability, reducing delays from responses and effective bandwidth utilization.

Multicasting Active internal nodes elegantly solve many current problems such as: Ø NACK implosion. Multicasting Active internal nodes elegantly solve many current problems such as: Ø NACK implosion. Ø Concentrated load of retransmissions. ØDuplication of packets. Example: ARM Suppression of NACK & effective retransmission

Active Congestion Control Ø Selective dropping of units, packets or cells can be held Active Congestion Control Ø Selective dropping of units, packets or cells can be held very efficiently. Ø Multi-stream interaction. Example: APCI Backward compatibility with non-active nodes & on the fly routing employed.

Caching Tradeoff between network based storage & bandwidth. Ø Location & time of storage Caching Tradeoff between network based storage & bandwidth. Ø Location & time of storage crucial. Ø Example: Self-organizing wide-Area Network caches: small number of caches within routers form large virtual cache.

Security Ø Node – Packet conflict. Ø Node security by authentication of active packets Security Ø Node – Packet conflict. Ø Node security by authentication of active packets & PCC(Proof Correct Code). Ø Packet security by Fault-tolerance & Encryption. Example: SANE

AN - Services Ø Ø Ø Video on Demand VPN Multimedia Conferencing Vo. IP AN - Services Ø Ø Ø Video on Demand VPN Multimedia Conferencing Vo. IP / IP Telephony Active Firewalling

AN - Services New Content-type or Redirection Header Request Dynamic Proxy Server Web. Cache AN - Services New Content-type or Redirection Header Request Dynamic Proxy Server Web. Cache Proxylet Remote Method Invocation Call Dynamic Proxy Server Audio Transcoder RTP Streamed Audio Request Audio Response Audio File Response File Audio Request Proxylet Response Proxylet Request Web Browser Response Web Cache Web Server Proxylet Server

“Retrofitting “Retrofitting" AN to IP The Active IP Option: Ø Option in the IP header alerts the router to look at the packet payload more closely. Active Network Encapsulation Protocol (ANEP): Ø Adds a header that directs the router.

AN & Legacy AN & Legacy

Smart. Packets – A Case Study Uses Capsule model: Code with IP packet ØPrograms Smart. Packets – A Case Study Uses Capsule model: Code with IP packet ØPrograms must be completely self-contained. ØOperating environment provides security. Languages: Sprocket – A high level language Spanner – An assembly level language

Smart. Packets – A Case Study Uses ANEP to fit with Legacy Networks Node. Smart. Packets – A Case Study Uses ANEP to fit with Legacy Networks Node. Os – Jan. Os EE – CANES/ASP AA Network Management

Smart. Packets – A Case Study Network Management Defines 4 types of packets: Ø Smart. Packets – A Case Study Network Management Defines 4 types of packets: Ø Program Ø Data Ø Error Ø Message

Smart. Packets – A Case Study Security For Nodes: Ø Authentication of packet Ø Smart. Packets – A Case Study Security For Nodes: Ø Authentication of packet Ø Cryptographic hash of non-mutable fields For packets: Ø Redirection Ø Encryption

Smart. Packets – A Case Study Limitations Ø Packet size Ø Applications adaptability Scope Smart. Packets – A Case Study Limitations Ø Packet size Ø Applications adaptability Scope Extending for other applications

Current Work Ø Ø Ø Ø Ø Active Nets at DARPA Active. Nets at Current Work Ø Ø Ø Ø Ø Active Nets at DARPA Active. Nets at MIT ANTS at Washington Switch. Ware at UPenn JANOS & OSkit at Utah Liquid Software at Arizona Panda at UCLA Net. Script at Columbia CANES at Georgia Tech Smart Packets at BBN

Conclusion Is Active Network really the future ? Conclusion Is Active Network really the future ?

References Darpa http: //www. darpa. mil/ito/psum 1999/J 044 -0. html Switchware http: //www. cis. References Darpa http: //www. darpa. mil/ito/psum 1999/J 044 -0. html Switchware http: //www. cis. upenn. edu/~switchware/ CANES http: //www. cc. gatech. edu/projects/canes/ www. ieee. org www. citeseer. com