Introducing New Internet Services: Why and How
David Wetherall, Ulana Legedza and John Guttag (MIT), 1998
Summary. Making routers "active" (able to execute prescribed
code rather than just forwarding packets) can lead to the following
decreased bandwidth, decreased server loads, faster protocol deployment.
The authors introduce an active network architecture called ANTS.
More Detail...
Why Active Networks?
Better functionality and performance are possible at the network level
Many systems currently are implemented in an ad hoc manner at the
network level. Examples:
- IP multicast, several multimedia protocols
- Wireless protocols: Mobile Mobile IP, Snoop-TCP.
- Web servers/Ciscos CacheDirector (intercepts repeated requests) and
LocalDirector (distributes requests across servers)
are transparent to end users and reduce bw and latency caused by
proxy servers because packets are intercepted at the router.
Also, changing network protocols requires time: standardizations
procedure and backward compatible deployment.
Why not make the network layer programmable? Active
Networks does this.
Sample apps (these are both examples of performance improvement
through parallelism).
- Stock quotes: need to cache quotes on a per-ticker basis; web caching
can't do this; each client might trade response time for staleness.
- Online auction: network delay causes bids to arrive at server too late,
server data to arrive at client out-of-date; in AN, low bids can be
filtered out in net.
Rethinking Performance. Network performance is not necessarily
correlated with end-to-end performance. Ex: in auction program,
performance may be better measured with winning bids per second (losing
bids would be correctly filtered so as not to clog the server).
Note that the degree to which performance improves is a function of
where in the network the processing is done. Processing closer to
the leaves: higher degree of improvement.
There exists a tradeoff between flexibility and performance/security
expectations.
ANTS Goals:
- simultaneous use of a variety of protocols.
- decentralized bootstrapping of protocols.
- dynamic deployment of new protocols (can't go offline).
3 Key ANTS Components:
- Capsules & Protocols
- Active Nodes
- Code Distribution Mechanism
Collectively, these support a generalized for of packet forwarding:
- Forwarding routine of a capsules specified at sender and cannot be
changed. Further, capsules cannot create capsules of other protocols
(Security feature.)
- Active nodes might elect to not execute particular forwarding routines
but use the default IP-like forwarding routine.
- Forwarding routines are limited in their capabilities by a
generalized TTL scheme.
Capsule ID:
-
MD5(code) = Protocol Capsule ID
.
- Reduces likelihood of protocol spoofing (substitution of fake
forwarding code for real).
- Allows deployment to be decentralized.
- Exactly how does this work? What if there are a number of routines
that can be invoked? Hash all of them, I suppose.
Above allows per-protocol protection granularity.
The authors note that "authentication and other traditional security
schemes are likely to be too heavyweight" for forwarding programs. Use
safety of mobile code technologies (sandboxing & bytecode verification).
(See issues below.)
Code distribution
At one extreme: code in every packet. At the other: protocols
pre-loaded by out-of-band mechanism. ANTS: Have a protocol cache. If
not in cache when needed, request from previous active node. Capsules
"sleep" until protocol completed locally or, if protocol not completed
in a timely manner, capsules discarded.
Exceptions: very small (?) programs can be carried w/code. Can prime
node caches with special capsules. Popular protocols can be preloaded.
Issues:
- Standard AN argument: "major internet architecture upheaval".
(Does the Active IP option address this?)
- "Authentication and other traditional security schemes too
heavyweight for forwarding programs...use safety of mobile code: sandboxing
and bytecodes." Too restrictive (Tullman, et al., ESIGOPS '98)?