Active Networks – The Network Future By Samatha Gangapuram Prashant Shanti Kumar Harish Kumar...

Active Networks – The Active Networks – The Network FutureNetwork Future

By

Samatha Gangapuram

Prashant Shanti Kumar

Harish Kumar Maringanti

Assigned Unenviable taskAssigned Unenviable task

What

Why

How

Where

Active Networks – Active Networks – What ?What ?

No general agreement beyond buzz phrases.

“Active networks explore the idea of allowing routing elements to be extensively programmed by the packets passing through them.”

Legacy Vs Active Legacy Vs Active

Legacy Networks

Passive packet. Rely on agreement

about protocols. Functionality built

into each router. Change is a long and

wrenching process.

Active Networks

Active Packet. General agreement on

model of computation. Functionality in each

packet. Improved resilience to

change.

AN - ServicesAN - Services

Active Networks – Why ?Active Networks – Why ?

Rapid deployment and development. Creating and Tailoring network

services. Better performance. Open to deploy and administer.

Active Networks – How ?Active Networks – How ?

AN Paradigms

Programmable Switch Model Capsule Model Ad – hoc Model


Programmable Switch :

Code is first transferred to the nodes, out – of – band.

Packets are treated as data or input to the code.


Capsule Model :

Each packet is a program.

Each intermediate node executes the packet.


Ad – hoc Model :

Packet contains flags.

Node contains in-built routines.

Based on flag, routines are executed.

A N - TerminologiesA N - Terminologies

User Application (UA)

Active Application (AA)

Execution Environment (EE)

Node Operating System (NodeOS)

The NodeOS is the base layer of any AN architecture.

It manages the resources of the active node and co-ordinates the resource demands.

NodeOS is also responsible for the enforcement of security policies.

Examples

SANE OS, JANOS, SCOUT, ExoKernel

NodeOSNodeOS

E EE E

Nerve Center of the Active Node

Responsible for all aspects of user-network interface.

Nature of programming model and abstractions supported.

Addressing and Naming facilities.

ExamplesSmartPackets, ANTS, CANE

A AA A

AA is a program and associated state capable of executing one or more active activities in a node, to perform some particular service.

AA is necessarily “portable” and dynamically installable or removable.

Examples

Active Reliable Multicasts, Protocol

Boosters, Active Congestion Control.

A N - ArchitectureA N - Architecture

App 1 App 2 App 3 App 1 App 4 App 3

Execution Environment A

Execution Environment B

Execution Environment A

Execution Environment B

Node OS Node OS

Transmission Facilities

Packet TransitionPacket Transition

EE 3

EE 1

EE 2

ANEP IP

ANEP IPUDP

UDP IP

I P

I P

TCP IP

I P UDP ANEP

I P UDP

I P

I P TCP

I P

I P ANEP

Implementation Implementation ChallengesChallenges

The network should be usable

The network should have high flexibility

The implementation should be secure

The network should have high performance

Killer ArgumentsKiller Arguments

Efficiency

Resource Allocation

Security

EfficiencyEfficiencyHiccups: Bandwidth demand is growing faster than

CPU speed – bad idea to execute arbitrary programs on packets.

Most programming languages are interpreted – JAVA byte code, plain interpreter.

Cure:Don’t propose AN for the core of the Internet.Use just-in-time compilation, native code.Hybrid architectures (high speed AN!)

Resource AllocationResource AllocationHiccups: Fairness in queuing is a problem. Cannot guarantee QoS. Cannot control Looping packets.

Cure:Provide distributed control (Scaling).resource reservation in advance, resource

preemption.Limit capabilities of the active packet.

SecuritySecurity

Security cannot be limited to peripheral nodes.

Possible threats:

Overload based Denial of Service

Unauthorized access to the exposed control plane.

Secure Node doesn’t mean Secure Network.

Security at NodeOSSecurity at NodeOS

Security Enforcement through Authorizations.

Authorization policies are expressed in terms of Access Control Lists, which is a logical 3 - tuple of the form : <resource, user, permissions>

NodeOS has a security policy database and a policy enforcement engine.

Security at EESecurity at EE

Each EE has it's own protection policy, possibly a security database and an enforcement engine.The programming model that an EE supports must also be restricted to ensure network security.No broad consensus on the division of responsibility for policy enforcement between the NodeOS and the EE.

Security in SwitchWareSecurity in SwitchWare

Uses ALIEN active loader.

Code Modules loaded on the fly.

Restricts access using namespaces.

Uses a language specification called CAML.

AN – APPLICATIONSAN – APPLICATIONS

Network Management Multicasting Caching Active Congestion Control Security

Network ManagementNetwork Management

No polling required"Patrol" and "first-aid" packets can track a problem and rectify it respectively.Code moved to node rather than data to management center

Example:Delegated Management. Decentralization helps in scalability, reducing delays from responses and effective bandwidth utilization.

MulticastingMulticasting

Active internal nodes elegantly solve many current problems such as:

NACK implosion.

Concentrated load of retransmissions.

Duplication of packets.

Example: ARM

Suppression of NACK & effective retransmission

Active Congestion Active Congestion ControlControl

Selective dropping of units, packets or cells can be held very efficiently.

Multi-stream interaction.

Example: APCI

Backward compatibility with non-active

nodes & on the fly routing employed.

CachingCaching

Tradeoff between network based storage & bandwidth.

Location & time of storage crucial.

Example:

Self-organizing wide-Area Network

caches: small number of caches within

routers form large virtual cache.

SecuritySecurity

Node – Packet conflict.

Node security by authentication of active

packets & PCC(Proof Correct Code).

Packet security by Fault-tolerance &

Encryption.

Example:SANE


Video on Demand VPN Multimedia Conferencing VoIP / IP Telephony Active Firewalling


Web Browser

Web Cache Web Server Proxylet Server

Dynamic Proxy Server

WebCache Proxylet

Request

Response

Dynamic Proxy Server

Audio Transcoder

Remote MethodInvocation Call

Request

Request

AudioResponse

ProxyletRequest

ProxyletResponseAudio File

Request

Audio FileResponse

RTP Streamed Audio

New Content-type orRedirection Header

““Retrofitting" AN to IPRetrofitting" AN to IP

The Active IP Option: Option in the IP header alerts the router to

look at the packet payload more closely.

Active Network Encapsulation Protocol (ANEP):

Adds a header that directs the router.

AN & LegacyAN & Legacy

SmartPackets – A Case SmartPackets – A Case StudyStudy

Uses Capsule model: Code with IP packetPrograms must be completely self-contained.Operating environment provides security.

Languages:

Sprocket – A high level language

Spanner – An assembly level language


Uses ANEP to fit with Legacy Networks

NodeOs – JanOs

EE – CANES/ASP

AA - Network Management


Network ManagementDefines 4 types of packets: Program Data Error Message


Security

For Nodes: Authentication of packet Cryptographic hash of non-mutable fields

For packets: Redirection Encryption


Limitations Packet size Applications adaptability

Scope

Extending for other applications

Current WorkCurrent Work

Active Nets at DARPA ActiveNets at MIT ANTS at Washington SwitchWare at UPenn JANOS & OSkit at Utah Liquid Software at Arizona Panda at UCLA NetScript at Columbia CANES at Georgia Tech Smart Packets at BBN

ConclusionConclusion

Is Active Network really the future ?

ReferencesReferences

Darpa

http://www.darpa.mil/ito/psum1999/J044-0.html

Switchware

http://www.cis.upenn.edu/~switchware/

CANES

http://www.cc.gatech.edu/projects/canes/

www.ieee.org

www.citeseer.com

Date post:	30-Dec-2015
Category:	Documents
Upload:	elwin-williams
View:	215 times
Download:	1 times

Active Networks – The Network Future By Samatha Gangapuram Prashant Shanti Kumar Harish Kumar...

Documents