Introducing New Internet Services: Why and How

David Wetherall, Ulana Legedza and John Guttag (MIT), 1998

Summary. Making routers "active" (able to execute prescribed code rather than just forwarding packets) can lead to the following decreased bandwidth, decreased server loads, faster protocol deployment. The authors introduce an active network architecture called ANTS.

More Detail...

Why Active Networks? Better functionality and performance are possible at the network level Many systems currently are implemented in an ad hoc manner at the network level. Examples:

IP multicast, several multimedia protocols
Wireless protocols: Mobile Mobile IP, Snoop-TCP.
Web servers/Ciscos CacheDirector (intercepts repeated requests) and LocalDirector (distributes requests across servers) are transparent to end users and reduce bw and latency caused by proxy servers because packets are intercepted at the router.

Also, changing network protocols requires time: standardizations procedure and backward compatible deployment.

Why not make the network layer programmable? Active Networks does this.

Sample apps (these are both examples of performance improvement through parallelism).

Stock quotes: need to cache quotes on a per-ticker basis; web caching can't do this; each client might trade response time for staleness.
Online auction: network delay causes bids to arrive at server too late, server data to arrive at client out-of-date; in AN, low bids can be filtered out in net.

Rethinking Performance. Network performance is not necessarily correlated with end-to-end performance. Ex: in auction program, performance may be better measured with winning bids per second (losing bids would be correctly filtered so as not to clog the server).

Note that the degree to which performance improves is a function of where in the network the processing is done. Processing closer to the leaves: higher degree of improvement.

There exists a tradeoff between flexibility and performance/security expectations.

ANTS Goals:

simultaneous use of a variety of protocols.
decentralized bootstrapping of protocols.
dynamic deployment of new protocols (can't go offline).

3 Key ANTS Components:

Capsules & Protocols
Active Nodes
Code Distribution Mechanism

Collectively, these support a generalized for of packet forwarding:

Forwarding routine of a capsules specified at sender and cannot be changed. Further, capsules cannot create capsules of other protocols (Security feature.)
Active nodes might elect to not execute particular forwarding routines but use the default IP-like forwarding routine.
Forwarding routines are limited in their capabilities by a generalized TTL scheme.

Capsule ID:

MD5(code) = Protocol Capsule ID.
Reduces likelihood of protocol spoofing (substitution of fake forwarding code for real).
Allows deployment to be decentralized.
Exactly how does this work? What if there are a number of routines that can be invoked? Hash all of them, I suppose.

Above allows per-protocol protection granularity.

The authors note that "authentication and other traditional security schemes are likely to be too heavyweight" for forwarding programs. Use safety of mobile code technologies (sandboxing & bytecode verification). (See issues below.)

Code distribution At one extreme: code in every packet. At the other: protocols pre-loaded by out-of-band mechanism. ANTS: Have a protocol cache. If not in cache when needed, request from previous active node. Capsules "sleep" until protocol completed locally or, if protocol not completed in a timely manner, capsules discarded.

Exceptions: very small (?) programs can be carried w/code. Can prime node caches with special capsules. Popular protocols can be preloaded.

Issues:

Standard AN argument: "major internet architecture upheaval". (Does the Active IP option address this?)
"Authentication and other traditional security schemes too heavyweight for forwarding programs...use safety of mobile code: sandboxing and bytecodes." Too restrictive (Tullman, et al., ESIGOPS '98)?