From SAHARA to OASIS:The Last SAHARA RetreatThe First OASIS RetreatI3 and Tapestry Mini-Retreats16-18 June 2004 Randy H. Katz, Anthony Joseph, Ion Stoica Computer Science Division Electrical Engineering and Computer Science Department University of California, Berkeley Berkeley, CA 94720-1776
UC Berkeley Project Team Industrial Collaborators Friends Retreat Goals &Technology Transfer People Project Status Work in Progress Prototype Technology Early Access to Technology Promising Directions Reality Check Feedback
Cisco David Jaffe Hewlett-Packard Labs Wai-Tian Dan Tan Nina Bhatti IBM Honesty Young Nortel Networks Andy Gram Tal Lavian NTT MCL Tetsuya Nakamura Sun Microsystems Christoph Schuba Univ. Helsinki/Nokia Kimmo Raatikainen Special Friends John Chuang Bryan Lyles Greg Minshall Scott Shenker Who is Here (Industry) Green = First Retreat!
Professors John Chuang Anthony Joseph Randy Katz Scott Shenker Ion Stoica Technical & Admin Staff Bob Miller Glenda Smith Keith Sklower Grad Students Weidong Cui Denis Geels Philip Godfrey Ling Huang Jayanthkumar Kannan Karthik Lakshminarayanan Grad Students Yin Li Sridhar Machiraju Ana Sanz Merino George Porter Anantha Rajagoplala-Rao Mukund Seshadri Sonesh Surana Lakshmi Subramanian Mel Tsai Fang Yu Undergrad Students Enrique Cervantes Sebastian Garcia Marti Motoyama Visiting Scholars Dario Rossi Who is Here (Berkeley)
Retreat Purpose • Sixth (and last) SAHARA Retreat/First OASIS Retreat • SAHARA launched 1 July 2001 • OASIS focus on Reliable Adaptive Distributed Systems • Common thread: architectural elements for future networks • “Services” inside the network: code vs. protocols, location/topology-aware • SAHARA: • Independent service providers • Converged data + telecomm nets • Hetero access + core nets • OASIS: emerging technology of PNEs • Network layer observation, analysis, and action • Co-locate w/ROC Retreat • NSF Cybertrust Center Proposal: Center for Adaptive Trustworthy Systems (CATS)
SAHARA • Service • Architecturefor • Heterogeneous • Access, • Resources,and • Applications
SAHARA Vision and Approach • New mechanisms, techniques for end-to-end services w/ desirable, predictable, enforceable properties spanning potentially distrusting service providers • Architecture for service composition and inter-operation across separate administrative domains, supporting peering and brokering, and diverse business, value-exchange, access-control models • Routing as a Reachability “Service” • Implementing paths between composed service instances,e.g., “links” within an overlay network • Multi-provider environment, no centralized control
Reachability as a Composed Network Service • Morphed from Distributed Service Architecture to Interdomain Routing Architecture • Internet’s primary means for managing peering and achieving end-to-end reachability • Networking glue between service execution points explored by Raman’s Ph.D. dissertation on service composition • Limited visibility into AS policies makes it difficult to achieve good global behaviors from locally good specifications • Improved path visibility through AS Beaconing (Mao Ph.D. dissertation) • Root Cause Analysis of BGP Dynamics (Caesar M.S. dissertation) • Many well-known security vulnerabilities • Lakshmi’s work on checkable protocols • Motivation for overlays to achieve application-specific reachability properties • Investigations in overlay routing, orthogonal paths, multipath routing, cooperation among overlay networks, etc.
Sahara Theses • Ph.D. • Bhaskar Raman, “An Architecture for Availability and Performance in Wide-Area Service Composition,” (Ph.D., December 2002). • Jimmy Shih, “"Applying Congestion Pricing at Access Points for Voice and Data Traffic“, (Ph.D., May 2003). • Yan Chen, “Scalable Efficient Network-Aware Content Distribution Networks,” (Ph.D., Dec 2003). • Z. Morley Mao, “Solving the Interdomain Routing Puzzle—Understanding Interdomain Routing Dynamics,” (Ph.D., December 2003). • Almudena Konrad, “TAPAS: A Research Paradigm for the Modeling, Prediction, and Analysis of Non-stationary Network Behavior,” (Ph.D., December 2003). • Sharad Agarwal, “Influence of Interdomain Routing on Intradomain Traffic Engineering,” (Ph.D., August 2004, expected).
Sahara Theses • M.S. • Lakshminarayanan Subramanian, “On Inferring the Geographic Properties of the Internet,” (M.S., May 2002). • Fang Yu, “Study of the Restoration Path Block Problem in Optical Networks,” (M.S., December 2002). • Mukund Seshadri, “A Scalable Architecture for Broadcast Federation,” (M.S., December 2002). • Weidong Cui, “Backup Path Allocation Based on a Correlated Link Failure Probability Model in Overlay Networks,” (M.S., May 2003). • George Porter, “Traffic Matrix Estimation for Low-loss Routing in Hybrid Networks,” (M.S., May 2003). • Sridhar Machiraju, “A Scalable and Robust Solution for Bandwidth Allocations,” (M.S., May 2003). • Matt Caesar, “Root Cause Analysis of BGP Dynamics,” (M.S., August 2004, expected ).
Overlays and Active Services for Inter-networked Storage and Center for Adaptive Trustworthy Systems
We say: “The Computer is the Network” says: “The Network is the Computer”
F5 Networks BIG-IP LoadBalancer Web server load balancer Network Appliance NetCache Localized content delivery platform Packeteer PacketShaper Traffic monitor and shaper Cisco SN 5420 IP-SAN storage gateway Ingrian i225 SSL offload appliance Nortel Alteon Switched Firewall CheckPoint firewall and L7 switch Cisco IDS 4250-XL Intrusion detection system NetScreen 500 Firewall and VPN Extreme Networks SummitPx1 L2-L7 application switch Proliferation of Network Appliances In-the-Network Processing: the Computer IS THE Network
Buffers Buffers Buffers Input Ports Output Ports CP CP CP CP CP CP AP CP Interconnection Fabric Action Processor Classification Processor Generic PNE Architecture Tag Mem Rules & Programs
Device Edge NAT, Access Control Network-Device Configuration PNE Network Edge Firewall, IDS Traffic Shaper PNE PNE Server Load Balancing Storage Nets Server Edge Adaptive Edge Networks • Server Edge • Network Edge • Device Edge
OASIS Vision • Specification/control environment for diverse network elements to realize full power of “inside the network” services and applications • Via virtualized architecture for PNEs (aka RouterVM), retarget for diverse appliance-specific architectures • Focus on stream extraction, intrusion detection, network monitoring, iSCSI acceleration • Sys admins “program” the network through service specification and composition • Open framework for multi-platform appliances, enabling third party service development
Reliable Adaptive Distributed Systems Dramatically improve the trustworthiness of networked systems • Observe: design observation points throughout system • Analyze: infer via statistical learning • Respond: detect anomalous behavior vs. baseline • Learn: use observations to modify responses to future observations • Act: • Reactive: use control points in system for rapid recovery if detect something wrong • Proactive/protective: prophylactically act on system to prevent predicted impending failure Armando Fox, Michael Jordan, Dave Patterson, Doug Tygar
Brittle Distributed Systems • Fragile, easily broken, poor dependability and security • E.g., Amazon: yearly revenue $3.1B, downtime costs $600,000/hr • Design for rapid detection, diagnosis, recovery • Rapid application and server recovery, agile network rerouting, proactive protective actions ... • No distinction between “normal operation” and “recovery” • Elements of our solution • Programming paradigms for robust recovery • Crash-only software design for rapid server recovery • Network protocols designed for observation to allow rapid detection of behavioral violations • Instrumentation and SLT for on-line analysis, anomaly detection, diagnosis of failure • Adaptation benchmarks to measure progress • What you can’t measure, you can’t improve • Collect real failure data to drive benchmarks
Server Client Distributed Middleware Distributed Middleware Router Router Internet IP Network Reliable AdaptiveDistributed Systems Operator User Programming Abstractions For Roll-back “Reactive Systems” SLT Services Crash-Oriented Svrcs Observation Infrastructure forSystem SLT Application- Specific Overlay Network Verifiable Protocols Fast Detection & Route Recovery ObservationInfrastructure for network SLT PNE PNE Edge Network Edge Network Commodity Internet
Winter04 Retreat Feedback • Retreat Organization: • More time for posters, such as two poster sessions • Industry talks on emerging technologies or applications • Missing session on 6 month planning • Technical Comments: • Shift in focus from SAHARA network layer consideration to RADS network/application interaction • Challenges in “learning” user and application behavior—can SLT be effective? • Need for testbeds • Overlay Networks: what are the applications?
Plan for the Retreat • Wednesday, 16 June 2004 • 1000-1200 Drive to Santa Cruz • 1200-1300 Check-in and Lunch • 1300-1500 Overviews and Status • Randy, OASIS Overview and Status • Ion, I3 Overview and Status • Anthony, Tapestry? Deter? Overview and Status • 1500-1530 Break • 1530-1700 Highlight Talks • Lakshmi: Secure Link State Routing • AP: An Overlay MAC Layer for 802.11 Networks • Kris: "Locating Nearby Objects in Peer-to-Peer Networks" • 1700-1800 Poster Session • 1800-1930 Dinner • 1930-2030 Faculty Panel • CATS Center and Preparation for Thursday Breakout • 2030-2130 Posters (continued)
Plan for the Retreat • Thursday, 17 June 2004 • 0730-0830 Breakfast • 0830-1000 PNE Architecture and Services (Randy) • Mel: RouterVM • George: StreamTracker • Li: iSCSI Performance • Fang: TCAM Classification • 0830-1000 PARALLEL SESSION ORGANIZED BY ION AND ANTHONY • 1000-1030 Break • 1030-1200 Cross Retreat Workshop and Breakout Session • Observe: Weidong, Ana, George • Analyze: Mukund, Fang, Machi • Act: Lakshmi, Mel, Li • 1200-1300 Lunch • 1300-1630 Long Break • 1630-1800 Industrial Talks • Moises Goldszmidt, HP Labs, “Pattern Recognition Approach to Characterizing System Performance” • Greg Messer, US Bank, “Performance and Dependability Issues in a Banking Service” • 1800-1930 Dinner • 1930-2100 GANNET: Generation After Next Network Models and Services (Randy) • Weidong: Monitoring • Mukund: Overlay Management and Multipath Routing • Machi: A Cryptographic Approach to Safe Inter-domain Traffic Engineering • Ana: Authentication across Heterogeneous networks • 1930-2100 PARALLEL SESSION ORGANIZED BY ION AND ANTHONY
Plan for the Retreat • Friday, 18 June 2004 • 0730-0830 Breakfast • 0830-0930 Workshop Reports and Feedback • 0930-1000 Break and Room Check-out • 1000-1200 Industrial Feedback • 1200-1300 Lunch • 1300-1500 Drive back to Berkeley
Recent SAHARA-Related Publications • S. Agarwal, T. G. Griffin, “BGP Proxy Community Community,” IETF Internet Draft, work in progress, (January 2004). • L. Subramanian, V. Roth, I. Stoica, R. H. Katz, S. Shenker, “Listen and Whisper: Security Mechanisms for BGP,” USENIX/ACM Symposium on Networked System Design and Implementation (NSDI’04), San Francisco, CA, (March 2004). Best Student Paper Award. • L. Subramanian, I. Stoica, R. H. Katz, H. Balakrishnan, “OverQoS: An Overlay Based Architecture for Enhancing Internet QoS,” USENIX/ACM Symposium on Networked System Design and Implementation (NSDI’04), San Francisco, CA, (March 2004). • Y. Matsunaga, R. H. Katz, “Inter-Domain Radio Resource Management for Wireless LANs,” Wireless Communications and Networking Conference (WCNC’2004), Atlanta, GA, (March 2004). • Z. Mao, D. Johnson, J. Rexford, J. Wang, R. H. Katz, “Scalable and Accurate Identification of AS-level Forwarding Paths,” Proc. IEEE INFOCOM Conference, San Francisco, CA, (March 2004). • S. Agarwal, C.-N. Chuah, S. Bhattacharyya, C. Diot, “Impact of BGP Dynamics on Router CPU Utilization,” Passive Active Measurement (PAM) Workshop, Antibes Juan-les-Pins, France, (April 2004). • G. Porter, M. Ji, “Delta Routing: Improving the Price-Performance of Hybrid Private Networks,” IEEE/IFIP Network Operations & Management Symposium (NOMS), Seoul, Korea, (April 2004). • S. Agarwal, C.-N. Chuah, S. Bhattacharyya, C. Diot, “Impact of BGP Dynamics on Intra-Domain Traffic,”ACM SIGMETRICS Conference, New York, NY, (June 2004). • Y. Chen, D. Bindel, H. Song, R. H. Katz, “An Algebraic Approach to Practical and Scalable Overlay Network Monitoring,” ACM SIGCOMM Conference, Portland, OR, (August 2004).
Sahara and OasisRetreatOverviewRandy H. KatzUniv. of CaliforniaBerkeley, CA94720-1776