1 / 45

Building a Strong Foundation for a Future Internet

Building a Strong Foundation for a Future Internet. Jennifer Rexford Princeton University http://www.cs.princeton.edu/~jrex/talks/stoc08.ppt. The Internet: A Remarkable Story. Tremendous success A research experiment that truly escaped from the lab The brilliance of under-specifying

Samuel
Download Presentation

Building a Strong Foundation for a Future Internet

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Building a Strong Foundation for a Future Internet Jennifer Rexford Princeton University http://www.cs.princeton.edu/~jrex/talks/stoc08.ppt

  2. The Internet: A Remarkable Story • Tremendous success • A research experiment that trulyescaped from the lab • The brilliance of under-specifying • Best-effort packet-delivery service • Key functionality at programmable end hosts • Enabled massive growth and innovation • Ease of adding hosts and links, and new technologies • Ease of adding new services (Web, P2P, VoIP, …)

  3. Rethinking the Network Architecture • But, the Internet is showing signs of age • Security, mobility, availability, manageability, … • Challenges rooted in early design decisions • Weak notions of identity, tying address to location, … • Not a simple matter of redesigning a single protocol • Revisiting the definition and placement of function • What are the types of nodes in the system? • What are their powers and limitations? • What information do they exchange? The “computational model” of the (future) Internet.

  4. Clean-Slate Network Architecture • Clean-slate architecture • Without constraints of today’s artifacts • To have a stronger intellectual foundation • And move beyond the incremental fixes • Still, some constraints inevitably remain • Ignore today’s artifacts, but not necessarily all reality • Such as… • Resource limitations (CPU, memory, bandwidth) • Time delays between nodes • Independent economic entities • Malicious parties • The need to evolve over time

  5. A Big Research Challenge Evolvable Protocols (under-specified, programmable) ? Global Properties (stability, scalability, reliability, security, managability, …) Autonomy (autonomous parties, with different economic objectives) Can we have all three? Under what conditions?

  6. A Real Need for a Theory of Networks • Formal definitions of network architecture • Can the theory community do for network architecture what it did for, e.g., cryptography and machine learning? • Programmability • What are good programming models that strike the right balance been flexibility and restraint? • Incentives • How much should we rely on economic incentives to ensure key system properties? • System properties • What are the fundamental trade-offs and bounds?

  7. Example: Wide-Area Internet Routing • Seemingly a simple matter • Computing paths on graphs • Many, many design goals • Global connectivity • Flexible local policies • Fast recovery from changes • Good end-to-end paths • Low protocol overhead • Security, scalability, … • <your wish list here> • Perhaps we cannot satisfy all of these goals • No matter how hard we try…

  8. Four Example Problems in Routing • Policy-based interdomain routing • Programmable routing policies in each network • While ensuring global stability, efficiency, … • #1: Can economic incentives ensure global stability? • #2: How should a distributed network realize its policy? • End-to-end traffic management • Adapting the flow of traffic over each path • While ensuring good aggregate performance • #3:What should hosts, routers, and operators do? • #4: How to support diverse application requirements? Getting a distributed set of nodes to do the right thing.

  9. Policy-Based Interdomain Routing $$$ = ??? +

  10. What is an Internet? • A “network of networks” • Networks run by different institutions • Autonomous System (AS) • Collection of routers run by a single institution • With a clearly defined routing policy • ASes have different goals • Different views of which paths are good • Interdomain routing is what reconciles those views • To compute end-to-end paths through the Internet Wonderful problem setting for game theory and mechanism design

  11. Autonomous Systems (ASes) Path: 6, 5, 4, 3, 2, 1 4 3 5 2 6 7 1 Web server Client Around 30,000 ASes today…

  12. Border Gateway Protocol (BGP) • ASes exchange reachability information • Destination: block of IP addresses • AS path: sequence of ASes along the path • Policies “programmed” by network operators • Path selection: which path to use? • Path export: which neighbors to tell? “I can reach d via AS 1” “I can reach d” 2 3 1 data traffic data traffic d

  13. 2 3 d 2 d 2 1 2 d 1 d d 1 3 1 d 3 d 3 Stable Paths Problem (SPP) Model • Model of routing policy • Each AS has a ranking of the permissible paths • Model of path selection • Pick the highest-ranked path consistent with neighbors • Flexibility is not free • Global system may not converge to a stable assignment • Depending on the way the ASes rank their paths http://portal.acm.org/citation.cfm?id=508332

  14. Ways to Achieve Global Stability • Detect conflicting rankings of paths? • Computationally intractable (NP-hard) • Requires global coordination • Restrict the policy programming languages? • In what way? How to require this globally? • What if the world should change, and the protocol can’t? • Rely on economic incentives? • Policies typically driven by business relationships • E.g., customer-provider and peer-peer relationships • Sufficient conditions to guarantee unique, stable solution

  15. Bilateral Business Relationships • Provider-Customer • Customer pays provider for access to the Internet • Peer-Peer • Peers carry traffic between their respective customers 1 Valid paths: “6 4 3 d” and “8 5 d” Invalid paths: “6 5 d” and “1 4 3 d” Valid paths: “1 2 d” and “7 d” Invalid path: “5 8 d” 4 3 2 d 5 6 Provider-Customer 7 Peer-Peer 8

  16. Act Locally, Prove Globally • Global topology • Provider-customer relationship graph is acyclic • Peer-peer relationships between any pairs of ASes • Route export • Do not export routes learned from a peer or provider • … to another peer or provider • Route selection • Prefer routes through customers • … over routes through peers and providers • Guaranteed to converge to unique, stable solution http://www.cs.princeton.edu/~jrex/papers/sigmetrics00.long.pdf

  17. Rough Sketch of the Proof • Two phases • Walking up the customer-provider hierarchy • Walking down the provider-customer hierarchy 1 4 3 2 d 5 6 Provider-Customer 7 Peer-Peer 8

  18. Trade-offs Between Assumptions • Three kinds of assumptions • Route export, route selection, and global topology • Relax one assumption, need to tighten the other two • Are these assumptions reasonable? • Could business practices change over time? • What if nodes are dishonest about their choices? • See Levin-Schapira-Zohar paper in the next session! • What if the protocol changes? • What if the protocol allows multiple paths?

  19. An Incomplete Understanding… • Desirable global properties • Convergence to a unique route assignment • Fast convergence after topology changes • Honesty in route announcements and packet forwarding • And how they relate to • Topology, policies, path verification, revenue models, … • And most known results are “sufficient” conditions • Lacking complete characterization of the trade-off space • With basic questions about economic incentives • When are they enough? What else do we need? • Where do the economic issues really belong?

  20. Ensuring an AS Realizes its Policy • How should the nodes inside an AS behave? • To correctly realize the AS’s routing policy • To satisfy the expectations of neighboring ASes • To minimize protocol overhead within the AS • Different problem than interdomain routing • Not about reconciling(possibly conflicting) policies • But instead about correctly realizing a single policy

  21. The Route Assignment Problem r3 { r1 … rn r2 } = R rn n 1 Route Assignment (based on policy) 2 data traffic 3 e3=rn … … en e1 e2 from R from R

  22. Propagating Information Within the AS n r3 { r1 … rn r2 } = R 1 A 2 Route Assignment (based on policy) B 3 … e3=rn … en e1 e2 from R from R What information do A and B need to propagate?

  23. An Incomplete Understanding… • How to define and model an AS • To design and analyze interdomain routing • … without regard to the intra-AS details • How to propagate routing information within an AS • So the routers can realize the policy “correctly” • … without introducing excessive overhead • What are the overhead-flexibility trade-offs? • How much information must the routers exchange • … and how does it depend on the programming model • How should an AS express (“program”) its policy?

  24. End-to-End Traffic Management

  25. Traffic Management Today • How much traffic should traverse each path? Operator: Traffic Engineering Routers: Routing Protocols End hosts: Congestion Control

  26. Models and Algorithms for Each Part • End hosts: congestion control • Maximizing aggregate utility over all users • Additive increase, multiplicative decrease • Routers: routing protocols • Minimizing path cost as sum of link weights • Bellman-Ford and Dijkstra’s algorithms • Operators: traffic engineering • Minimizing load on the network links • Local-search algorithms for tuning link weights But, is the whole more than the sum of its parts?

  27. Shortcoming of Today’s Architecture • Ignores protocol interactions • Congestion control assumes routing is fixed • Traffic engineering assumes traffic is inelastic • Inefficiency of traffic engineering • Tuning link weights in shortest-path routing • Cannot achieve optimal flow, and is NP-hard • … and is typically performed on long timescale • Only limited use of multiple paths • Missed opportunity for better performance What would a clean-slate redesign look like?

  28. Distributed Traffic Management Problem • Should have a clearly-stated problem • Variables: source rates and path-splitting ratios • Constraints: link load staying below capacity • Objectives: performance and robustness max. ∑iUi(xi) - ∑lf(ul) aggregate utility (as a function of the source rate xi, over all users i) aggregate congestioncost (as a function of utilization, ul, over all links l) http://www.cs.princeton.edu/~jrex/papers/conext07.pdf

  29. Distributed Traffic Management Problem • Solutions with well-understood properties • Optimality, convergence, low overhead, … • Distributed load-balancing algorithms • Feedback about network conditions • Adaptation of the sending rate on each path s s s Routers: Set up multiple paths Measure link load Update link prices s Edge nodes: Update path ratesz Rate limit incoming traffic

  30. An Incomplete Understanding… • Promising initial results • Using optimization theory, game theory, control theory… • Simple tuning of the system • Algorithms that are robust across a range of settings? • Self-tuning load-balancing algorithms? • Trade-offs in the number of paths • How many paths are really necessary? • How should these paths be computed? • Implicit vs. explicit feedback from the links • Can edge nodes adapt based on path-level metrics? • Robustness to adversaries trying to bias measurements?

  31. Supporting Multiple Classes of Traffic file vs.

  32. Different Strokes for Different Folks • Applications have different requirements • High throughput: bulk file transfers • Low delay/jitter: VoIP and gaming • Could design protocols for each traffic class • Using application-specific objective functions • But, how should these applications co-exist? • Multiple customized traffic-management protocols • On a shared underlying network • To maximize the aggregate utility of the users

  33. Virtualization to the Rescue • Multiple customized architectures in parallel • Multiple virtual nodes on a single physical node • Isolation of resources, like CPU and bandwidth • Programmability for customizing each “virtual network”

  34. An Incomplete Understanding • How important are customized architectures? • Quantifying the inefficiencies of “one size fits all” • Understanding gains and overheads of customization • How to balance isolation and efficiency? • Allowing multiple architectures to run in parallel • Without requiring static resource partitioning • How to support other application requirements? • Security/privacy, scalability trade-offs, … • With appropriate support in the underlying substrate • What kind of programming model on the nodes? • To enable creation of new networked services • Without compromising efficiency, security, …

  35. Virtualization for Economic Refactoring • Infrastructure providers: Own routers, links, data centers • Service providers:Offer end-to-end services to users Today’s Internet Virtualized Internet Competing ISPs with different goals must coordinate Single service provider controls end-to-end path Economics play out vertically on a coarser timescale. http://www.cs.princeton.edu/~jrex/papers/cabo-short.pdf

  36. Conclusions • These are just a few examples • In the context of wide-area Internet routing • Meant to illustrate a larger question • Programmability, incentives, and global properties • And importance of theoretical disciplines • In putting network architecture on a sound foundation • Great opportunities for interdisciplinary research • Grappling with problem formulations and solutions • And for significant practical impact • Adding clarity to our understanding of today’s Internet • And leading to a future Internet worthy of society’s trust

  37. Acknowledgments • My research group and collaborators • Including the problems mentioned in this talk • See pointers to references at end of slides • Colleagues in the theoretical CS community • Especially at AT&T Research and Princeton • Forcing greater precision in problem formulation • Particularly Joan Feigenbaum • For great discussions on network architecture • … and advice and feedback about this talk http://www.cs.princeton.edu/~jrex/talks/stoc08.ppt

  38. Thank you!

  39. References: Policy-Based Routing • T. Griffin, B. Shepherd, and G. Wilfong, “The stable paths problem and interdomain routing” • http://portal.acm.org/citation.cfm?id=508332 • L. Gao and J. Rexford, “Stable Internet routing without global coordination” • http://www.cs.princeton.edu/~jrex/papers/sigmetrics00.long.pdf • T. Griffin and J. Sobrinho, “Metarouting” • http://www.sigcomm.org/sigcomm2005/paper-GriSob.pdf • H. Levin, M. Schapira, and A. Zohar, “Interdomain routing and games” • In the next session here at STOC’08!

  40. References: Dynamic Traffic Management • A. Elwalid, C. Jin, S. Low, and I. Widjaja, “MATE: MPLS Adaptive Traffic Engineering” • http://ieeexplore.ieee.org/iel5/7321/19795/00916625.pdf • S. Kandula, D. Katabi, B. Davie, and A. Charny, “Walking the tightrope: Responsive yet stable traffic engineering” • http://nms.lcs.mit.edu/papers/index.php?detail=128 • S. Fischer, N. Kammenhuber, and A. Feldmann, “Dynamic traffic engineering based on Wardrop routing policies” • http://adetti.iscte.pt/events/CONEXT06/Conext06_Proceedings/papers/f58.pdf • J. He, M. Suchara, M. Bresler, J. Rexford, and M. Chiang, “Rethinking Internet traffic management: From optimization theory to a practical protocol” • http://www.cs.princeton.edu/~jrex/papers/conext07.pdf

  41. References: Network Virtualization • J. Turner and D. Taylor, “Diversifying the Internet” • http://www.arl.wustl.edu/~jst/pubs/globecom05divNet.pdf • T. Anderson, L. Peterson, S. Shenker, and J. Turner, “Overcoming the Internet impasse through virtualization” • http://geni.net/GDD/GDD-05-01.pdf • N. Feamster, L. Gao, and J. Rexford, “How to lease the Internet in your spare time” • http://www.cs.princeton.edu/~jrex/papers/cabo-short.pdf

  42. Backup Slides on Monitoring in an Adversarial Setting

  43. Importance of Monitoring in Routing • Path-quality monitoring • Identify performance problems along a path • E.g., to drive load-balancing decisions • E.g., to decide what service provider to hire • E.g., to identify violations of service-level agreements • Presence of adversaries • Drop, delay, add, or tamper with any packets • Bias measurements by preferentially treating probes • Out of malice or greed ? Bob Alice

  44. Many Variations on the Problem • Threat model • Drop/delay packets only? • Also tamper or add? • Goal of the measurement • Loss/delay estimates vs. alarm on a threshold? • One-way path measurements vs. round-trip? • Verification that packets follow advertised path? • Identification of the links/nodes responsible for problem? • Practical constraints • (Not) allowing modification of packets • (A)symmetric forward and reverse paths • (No) clock synchronization between Alice and Bob • Large number of Alice-Bob pairs

  45. An Incomplete Understanding… • Promising initial results • Fundamental bounds • Secure sampling • Secure sketches • Challenges remain • Complete characterization of the design space • Larger architectural questions • Role of security in routing • Why should we care if packets follow the (BGP) advertised path? • Is routing’s only job is to provide (multiple) end-to-end paths? • Role of monitoring in routing • Can path-quality monitoring drive load-balancing decisions?

More Related