1 the post-pc era: it’s about the services randy h. katz computer science division electrical...
Post on 19-Dec-2015
218 views
TRANSCRIPT
1
The Post-PC Era:It’s About The Services
Randy H. KatzComputer Science Division
Electrical Engineering and Computer Science DepartmentUniversity of California, Berkeley
Berkeley, CA 94720-1776
2
Presentation Outline
• Heterogeneity in Devices and Networks• A New Service Architecture: SAHARA• Reachability as a Service• New Directions• Summary and Conclusions
3
Presentation Outline
• Heterogeneity in Devices and Networks• A New Service Architecture: SAHARA• Reachability as a Service• New Directions• Summary and Conclusions
4
The Old Days
All will demand broadbandInternet connectivity
Shape of Things Today: Diverse Appliances and
Devices
Game ConsolesPersonal Digital Assistants
Digital VCRsCommunicators
Smart TelephonesE-Toys
… and 10BaseT won’t be sufficient
5
Ever More SophisticatedMobile Phones
• Graphical UI/Joystick control• Voice dialing, voice
recognition, voice recorder• Integrated digital camera w/
640 x 480 res image capture• IR + Bluetooth +
Phone2Phone + Phone2PC• Java-support for 3rd party apps• WAP + High-speed data over
GSM + HSCSD + GPRS• But often you need to
compute!Screen. Keyboard. Storage
Nokia 7650Nokia 7600
6
High-tier
Low-tier
High Mobility Low MobilityWide Area
Local Area
Promise: Ubiquitous Connectivity
• Seamless data mobility among local and wide-area wireless networks via Mobile IP handoff
– Two orthogonal technologies:» High speed data over cellular for high mobility,
wide-area coverage» Even higher speed data over WLAN hot spots for
low mobility, local area coverage
7
Network Services: Communications
8
Network Services: Access
9
Best Implementation Method:the Internet Programming Model
• Service composition across the network– Network-aware Distributed System architecture
• Bottlenecks near edge, not core– Service deployment points close to where used– Service implementation topology-aware
• Enabled by:– Computing embedded in communications
fabric: distributed, wide-area, topology-aware– Emerging class of programmable network
elements– Per session characterization, processing,
prioritization, monitoring, management, billing
10
AccessNetworks
Core Networks
Internet Connectivity and Processing
Transit Net
Transit Net
Transit Net
PrivatePeering
NAP
PublicPeering
InternetDatacenter
PSTNRegional
WirelineRegionalVoiceVoice
CellCell
Cell
CableModem
LAN
LAN
LAN
Premises-based
WLAN
WLAN
WLAN
Premises-based
Operator-based
H.323Data
Data
RAS
Analog
DSLAM
H.323
Hot Spots
PNE
PNE
PNE
PNEPNE
11
Composed Applications:Universal In-box – Message type (phone,
email, fax)– Access network (data,
telephone, pager)– Terminal device (computer,
phone, pager, fax)– User preferences & rules– Message translation & storage
Separate end device andnetwork from end-to-endcommunications service:indirection via compositionof translators with access
12
Private Brand NetOperator (MVNO)
Single LocationNetwork Operator
(SLN)Single LocationNetwork Operator
(SLN)CooperativeNetworking
Full ServiceNetworkOperator
Full ServiceNetworkOperator
Challenge: Single Operator vs. “Virtual” Composed Operator
Premises-basedAccess
Full ServiceNetworkOperator
Single LocationNetwork Operator
(SLN)
SLN Aggregator
WISP Aggregator
RevenueSharing
Single Sign-onUnified Billing
Billing, ECommerceAuthentication
Inter-site Mobility
VPN Operator, Client-Software
13
Challenge: Multiple “Operators”
Coordination Issues• Top-Down vs. Bottom-Up Network Deployment
– Operator vs. aggregator/virtual operator models– Neighborhood cooperative mesh networks
• Security– Blurring of distinction between public & private networks:
rogue APs – Interoperation among service/access providers– End-to-end considerations in untrusted infrastructure– Authorization and billing for multi-party services
• Resource Management– Unlicensed but ignore coordination at the cost of performance– Radio resource planning and allocation
• Service Creation and Personalization Platform– Intelligent edge services: service and policy management, user
mobility and profiling, charging and billing– Deployments enabled by edge-network programmable network
elements
14
Challenge: Agile or Fragile Networking?
• Baltimore Tunnel Fire, 18 July 2001– “… The fire also damaged fiber optic cables, slowing Internet
service across the country, …”– “… Keynote Systems … says the July 19 Internet slowdown was
not caused by the spreading of Code Red. Rather, a train wreck in a Baltimore tunnel that knocked out a major UUNet cable caused it.”
– “PSINet, Verizon, WorldCom and AboveNet were some of the bigger communications companies reporting service problems related to ‘peering,’ methods used by Internet service providers to hand traffic off to others in the Web's infrastructure. Traffic slowdowns were also seen in Seattle, Los Angeles and Atlanta, possibly resulting from re-routing around the affected backbones.”
– “The fire severed two OC-192 links between Vienna, VA and New York, NY as well as an OC-48 link from, D.C. to Chicago. … Metromedia routed traffic around the fiber break, relying heavily on switching centers in Chicago, Dallas, and D.C.”
15
Evolution of Internet
• Diversity of devices and access networks– Wireless overlays provide continuum of connectivity– Increasing importance of “services” to mitigate
diversity/provide new functionality and customization– Global services via managed composition– Enabled by processing embedded in the network
interconnect, locally and globally
• Multiple service providers/admin domains– No single operator deploys the global service– But can a reliable service be deployed by multiple,
uncoordinated providers?
• Overcoming the reliability bottlenecks
16
Presentation Outline
• Heterogeneity in Devices and Networks• A New Service Architecture: SAHARA• Reachability as a Service• New Directions• Summary and Conclusions
17
The SAHARA Project
• Service• Architecture for• Heterogeneous• Access,• Resources, and• Applications
18
SAHARA Goals
• New mechanisms, techniques for end-to-end services w/ desirable, predictable, enforceable properties spanning potentially distrusting service providers
• Architecture for service composition and inter-operation across separate administrative domains, supporting peering and brokering, and diverse business, value-exchange, access-control models
19
Exploits the New Opportunities
• New things you can do inside the network• Connecting end-points to “services” with
processing embedded in the network fabric• “agents” not protocols, executing inside the
network• Location-aware, data format aware• Controlled violation of layering necessary!• Distributed architecture aware of network
topology• No single technical architecture likely to
dominate: think overlays, system of systems
20
IsolatedIntra-cloud
service
Traditionalunicastpeering
Administrativedomain
Admindomain
Administrativedomain
Admindomain
Admindomain
Overlays:Creating New Interdomain Services
• Deploy new services above the routing layer– E.g., interdomain multicast management and peering– E.g., alternative connectivity for performance, resilience
Planet-Lab
21
Layered Reference Model for Service Composition
IP Network
Enhanced Links(Intra-domain)
Enhanced Paths(Inter-domain)
End-to-End NetworkWith Desirable Properties
Middleware Services
Applications Services
End-User Applications
Connect
ivit
yPla
ne
Applic
ati
on
Pla
ne
Serv
ice
Com
posi
tion
OverlayNetwork“Links”
22
Presentation Outline
• Heterogeneity in Devices and Networks• A New Service Architecture: SAHARA• Reachability as a Service• New Directions• Summary and Conclusions
23
Routing as a Composed Service
• Composable Interdomain Routing: BGP– Complex policy interactions yield non-optimal routes– Slow convergence to routing changes render parts of the IP
address space unreachable for tens of minutes at a time– Vulnerabilities to malicious attacks and unintentional mistakes
• Routing as a Reachability “Service”– Implementing paths between composed service instances,
e.g., “links” within an overlay network– Multi-provider environment, no centralized control
• Desirable Enhanced Properties– Performance: controlled loss and bandwidth guarantees
(OverQoS)– Reliability: detect reachability failure, faster convergence– Security: verify believability of routing advertisements
24
Overlay Approach for Achieving Desirable Performance: OverQoS
• Embed QoS functionality in Internet via Overlays
– Overlay nodes implement QoS functions– No support needed from IP routers
• Challenges– Nodes not connected to congested points– Have no control over cross-traffic– Cannot avoid losses (reducing sending rate doesn’t help!)
• Why Overlays?– Previous QoS architectures not deployed globally– Overlay-model empowers third-party providers to provide
some form of QoS
Lakshmi Subramanian, Hari Balakrishnan, Ion Stoica
25
OverQoS Method
Entry Node
Exit Node
Overlay Traffic
Redundant Traffic
N-TCP pipe
• Step 1: Aggregate Loss and Bandwidth Control
Flow 2
Flow 1
Scheduler Rate Ctrl
• Step 2: Distribute b/w and loss among flows
Lakshmi Subramanian, Hari Balakrishnan, Ion Stoica
26
OverQoS Method
OverlayNode
OverlayNode
OverlayNode
Flow 1
Flow 2 Flow 3
• Step 3: Provide QoS guarantees (b/w,loss) to a flow “bundle” by “stitching” guarantees on overlay links
• Step 4: Perform QoS-routing of multiple flows with different requirements on overlay network
• Used successfully to support Counterstrike gameLakshmi Subramanian, Hari Balakrishnan, Ion Stoica
27
Agility in Response to Route Changes:Internet Converges Slowly
• Convergence Times [Labovitz et al.]– Theory: O(n!) (n: number of ASes)– Practice: linear with the longest backup path length– Measurement: up to 15 minutes
• Why so slow?– BGP protocol effects: path exploration– Route flap damping!?
» Delay convergence of relatively stable routes» Unexpected interaction between flap damping and
convergence
Morley Mao, Ramesh Govindan, George Varghese
28
Flap Damping (RFC2439)
• Suppress routes that change too frequently– For each peer, per
destination, keep penalty value, increase for each route change (aka “flap”)
– Exponential decay
• Parameters:– Fixed: Penalty increment– Configurable: half-life,
suppress-, reuse-threshold, max suppressed timeReuse threshold
Time
Pen
alt
y
Suppress threshold
Exponentially decayed
)'()()'( ttetPtP
Morley Mao, Ramesh Govindan, George Varghese
29
Selective Route Flap Damping
• Flaps occur due to certain topologies among routers causing triggered announcements and withdrawals– Not toy scenarios!
• Approach: ignore flap sequences indicating path exploration—these likely to trigger more changes in near future
• Redefine a flap:– “Any route change is considered a flap” “must alter direction
of route preference value change, relative to flaps”– Flaps due to withdrawal: increasing AS_Path lengths, route
value keeps decreasing
• Morley Mao Ph.D. dissertation (AT&T Labs)
Morley Mao, Ramesh Govindan, George Varghese
30
• Stability achieved through flap damping [RFC2439]• BUT unexpected:flap damping delays
convergence!
Topology: clique of routers
Selective flap damping– Duplicate suppression: ignore flaps
caused by transient convergence instability
– Eliminates undesired interaction without sacrificing stability
31
Can You Depend on Your Routes? BGP Route Verification
• BGP is highly vulnerable!– Allows ASes to propagate invalid routes that deviate
from actual Internet topology– Critical implications for performance and correctness
» Misconfigured routers cause long outages• Drop packets (“blackholes”)• Roughly 6% of misconfigurations cause reachability
problems
» Malicious routers cause even greater damage • Misroute or eavesdrop on traffic• Impersonate destinations• Collude with other nodes to make detection difficult
Lakshmi Subramanian, Ion Stoica, Volker Roth, Scott Shenker
32
“Listen” and “Whisper”
• One approach: route verification with PKI authentication– Deployment has been difficult– Political issues with single PKI: who controls it?
• Alternative: route consistency testing to detect suspicious ASes– Listen: “Passive” TCP-probing
» Modified nodes watch TCP traffic to detect reachability problems» No modifications to BGP, incrementally deployable» Ineffective for detecting malicious hosts: can’t distinguish
between genuine and malicious hosts– Whisper: Advertisements sent consistent with those received
» Route advertisement invalid if AS-PATH does not match its propagation path (Mao: true for 8% of observed paths!)
» Use redundant net connectivity to verify route consistency
Lakshmi Subramanian, Ion Stoica, Volker Roth, Scott Shenker
33
Detection Scenarios
Lakshmi Subramanian, Ion Stoica, Volker Roth, Scott Shenker
CNN
Browser
Browser
MaliciousNode
Internet
No detectionin this case
Browser
CNN
Browser
Alarm Alarm and Avoid
Adversarial Router onthe Regular Path
IsolatedAdversary
Adversary AnnouncingMany Invalid Routes
CNN
Browser
Reuters
Browser
34
Whisper (aka “Telephone”)
• Alternative Whisper Protocols– Loop Whisper, (Weak/Strong) Split Whisper– Vary in ability to detect malicious behavior given acceptable
levels of false positive rate
Verifier
Originator
Intermediary
Intermediary’
Route Propagation
Advertisements
Verifier
Originator
Intermediary
Intermediary’
Loop Testing
Advertisements
Lakshmi Subramanian, Ion Stoica, Volker Roth, Scott Shenker
35
Presentation Outline
• Heterogeneity in Devices and Networks• A New Service Architecture: SAHARA• Reachability as a Service• New Directions• Summary and Conclusions
36
The OASIS Project•Overlays and •Active •Services for •Internetworked •Storage
37
New Opportunity:“The Computer is the
Network”• Emergence of Programmable Network Elements
– First Gen Network Appliances, Directors– Storage Virtualizers, Intrusion Detectors, Traffic Shapers,
Server Load Balancers, MIE accountants– Next Gen: Third Party Programmable beyond rules
• Generalized PNE programming and control model– Generalized “virtual machine” model for this class of devices– Retargetable for different underlying implementations
• Apps of Interest– Network Services: L7 switching, firewalls, intrusion and
infected machine detection, storage virtualization, network monitoring and management, etc.
– Network storage, iSCSI support– Streaming media transcoding/adaptation– Billing, accounting, stream customization for Mobile Network
Edge
38
Proliferation of Network Appliances
In-the-Network Processing: the Computer IS THE Network
F5 Networks BIG-IP LoadBalancerWeb server load balancer
Packeteer PacketShaperTraffic monitor and shaper
Ingrian i225SSL offload appliance
Network Appliance NetCacheLocalized content delivery platform
Nortel Alteon Switched FirewallCheckPoint firewall and L7 switch
Cisco IDS 4250-XLIntrusion detection system
Cisco SN 5420IP-SAN storage gateway
Extreme Networks SummitPx1L2-L7 application switch
NetScreen 500Firewall and VPN
39
OASIS Vision• Problem
– Common programming/control environment for diverse network elements to realize full power of “inside the network” services and applications
• Approach– Software toolkit and VM architecture for PNEs, with
retargetable optimized backend for diverse appliance-specific architectures
• Current Focus – Network health monitoring, protocol interworking and packet
translation services, iSCSI processing and performance enhancement, intrusion and worm detection and quarantining
• Potential Impact– Open framework for multi-platform appliances, enabling
third party service development– Provable application properties and invariants; avoidance of
configuration and “latest patch not installed” errors
40
Generic PNE Architecture
InterconnectionFabric
Inp
ut
Port
s
Outp
ut
Port
s
Buffers
Buffers
Buffers
TagMem
CPCPCPAP
ActionProcessor
CPCPCPCP
ClassificationProcessor
Rules &Programs
41
OASIS Testbed
• Programmable Networking Testbed
– Alteon Filter Programmable Level 7 Switches
» Next generation significantly more third party programmable
– 2 x Enterprise Class Routers– (Many) 1U PCs
• In discussion– Nortel + IBM on Blade Center
Storage Servers for UDCs– Cisco IOS Next Generation (ION)
Programmable Packet Filters
42
Presentation Outline
• Heterogeneity in Devices and Networks• A New Service Architecture: SAHARA• Reachability as a Service• New Directions• Summary and Conclusions
43
SAHARA• Evolve Internet architecture better supporting
multi-network/multi-service provider model– Dynamic environment, many service providers & service
instances– Achieve desirable properties across multiple, potentially
distrusting (Internet) service providers– Exploit PlanetLab infrastructure to construct wide-area
prototype
• Routing as a composed service– Essential for successfully connecting applications endpoints in a
distributed network environment» QoS through Overlays: loss and bandwidth guarantees» Enhanced route reliability through fast convergence» Security: BGP Verification/Detection + Containment
44
New Service ArchitectureIntegrated Communications and Processing
• Increasing diversity of interconnected devices• Increasing importance of “services” to mitigate
diversity/provide new functionality and customization– Refocus from performance to reliability/dependendabilty
• Enabled by processing embedded in the network interconnect, locally and globally– “Active networking” is real
• Global services via managed composition– Role of multiple service providers and administrative domains– Separation of services from connectivity via overlays– No single operator deploys the global service– Predictable performance and end-to-end reliability
45
The Post-PCEra:
It’s About the Services
Randy H. Katz
Thank You!
46
AnyQuestions
?
47
The Post-PC Era:It’s About The Services
Randy H. KatzComputer Science Division
Electrical Engineering and Computer Science DepartmentUniversity of California, Berkeley
Berkeley, CA 94720-1776
48
Controlled-Loss Virtual Link (CLVL)
• Two parameters:– Statistical bound on loss rate, q (<= p; typically << p)– Capacity, c(t), possibly time-varying
• Can prove: if offered load < c(t), then loss rate < q
• How is c(t) determined?– Given f(t) to be the redundancy factor:
c(t) = b(t)( 1- f(t))
Buffer mgmt &Scheduling & Traffic regulator
Coderc(t), q De-
coderb(t), p(t)
Flow 1
Flow 2
Flow n
OverQos Nodecontrol planeCLVL
49
Characterizing the Internet Hierarchy from Multiple Vantage
Points• Customer-Provider Relationships
– Customer pays provider for Internet access– AS exports customer’s routes to all neighbors– AS exports provider’s routes only to its customers
• Peer-to-Peer Relationships– Peers exchange traffic between their customers – Free of charge (assumption of even traffic load)– AS exports a peer’s routes only to its customers
Sharad Agarwal. Lakshmi Subramanian, Jennifer Rexford
50
These Relationships Matter!
• Useful for:– Placement of servers for content distribution– Selection of new peers or providers for an AS– Analyzing convergence properties of BGP– Installing route filters to protect against misconfiguration– Understanding basic structure of the Internet
• Knowing the AS graph is Not Enough– Interdomain routing is not shortest-path routing– Some paths not allowed (e.g., transit through a peer)– Local preference of paths (e.g., prefer customer path)– Node degree does not define the Internet hierarchy
• Need to Know Relationship between AS Pairs
51
Underlying AS Structure
• Peer-peer relationships hard to infer– Mislabeling P-P edge as P-C does not
change valid path into invalid– Heuristics to detect P-P edges
• Some unusually relationships– Siblings providing mutual transit– Backup relationship for failed connectivity– Misconfigured conventional relationships– Detect cases by analyzing “invalid” paths
• Access to large path set is hard– Exploit BGP routing tables from multiple
vantage points (10 public BGP tables)
April 200111K ASs
24K edges20 AS’s
Inner Core
129 AS’s
Outer Core897 AS’s
Transit Core
Regional ISPs971 AS’s
Customers8898 AS’s
52
Policy Management for BGP
• Integrate BGP with Policy Agent control plane
– Improved BGP convergence through explicit fail over policies
– Constrained routing for performance or trust reasons
– Traffic discrimination, low quality vs. high quality connectivity or fair use issues
– Load balancing outbound and inbound flows for multi-homed ASs
– Sharad Agarwal’s Ph.D. thesis (Sprint ATL)
AS AS
ASAS
AS
PA
PA
PA
PA
PA
53
Policy Control Architecture for InterAS RoutingSharad Agarwal
• Tremendous growth in multi-ISP connectivity– But slow failover & weak traffic balancing– Bogus announcement & static peering problems
• Approach : separate policy control architecture
– BGP not designed for such issues– Explicit negotiation, traffic & peering intelligence– More flexibility, control, verification
• Impact : media / application service providers, users
– Available connectivity– Manageable congestion
54
Tomography-based Overlay Network Monitoring
Yan Chen• Given n end hosts on an
overlay network and O(n2) paths, how to select a minimal subset of paths to monitor so that the loss rates/latency of all other paths can be inferred.
• Approach: select a basis set of k path segments that completely describe all O(n2) paths (k = O(n))
– Select and monitor k linearly independent paths to compute the loss rates of basis set
– Infer the loss rates of all other paths
• Find > 97% lossy paths with < 5% false positive
Overlay Network Operation Center
topology
End hosts
55
Performance Characteristics of TCP Throughput for Peer Selection in
Peer-to-Peer NetworksWeidong Cui
• Problem– How to select the optimal peer for download from a
set of candidates
• Approach– Evaluate performance of various probing techniques:
RTT-based, size-based, time-based– Investigate the relationship between probing
parameters and various download file sizes
• Impact– Improve the performance of p2p networks
56
Underlay Optical NetworksTal Lavian
• Problem – Radical mismatch between the optical transmission world and the
electrical forwarding/routing world. Currently, a single strand of optical fiber can transmit more bandwidth than the entire Internet core.
– Mismatch between L3 core capabilities and disk cost. With $2M disks (2PB) can fill the entire core internet for a year
• Approach – Service architecture interacts with the optical control, provides
applications a dedicated, on-demand, point-to-point optical link that is not on the public Internet
• Current Focus – Grid Computing, OGSA, MEMs, 10GE, Optical technologies– OmniNet testbed in Chicago, which will be connected to major
national and international optical networks
• Potential Impact– Enabling technology for Data-Intensive applications (multi
Terabytes)
57
Estimating Shared Congestion Among Internet Paths
Sridhar Machiraju• Problem
– Given two paths in the Internet, estimate the fraction of packet drops at shared points of congestion (PoCs) using probe flows along the paths
• Approach– Count correlated (simultaneous) packet drops of two
probe flows (UDP or TCP)– “Inflate” the fraction using delay jitter correlation
• Applications using path diversity e.g., multimedia streaming, parallel downloads, etc.
58
Routing Dynamics in Simultaneous Overlay Networks
Mukund Seshadri• Problem: When is “greedy” overlay-level route selection
unstable/inefficient, when multiple such overlay networks interact?
• Motivation: why will many overlay networks be deployed?– Due to pure Overlay Network protocols (RON[3], Detour[4], ESM[5])– Due to deployment of overlay primitives (“Path reflection”, i3-arch.)
• Model and Focus: Overlays make independent decisions; no info. shared.
– Size: 50-100 overlay networks; 10-100 nodes each.– App: Multimedia streams, long-lived, need bandwidth level + stability
• Impact: simple design principles to ease deployment of multiple overlay networks
– Randomization of route selection improves stability and loss-rates.» With high path sharing, variation in link b/w, loaded links, low cross-
traffic.– Random-subset method improves stability even more, with comparable
loss-rate, and lower measurement overhead.