Growing of Internet a permanent challenge for designers and network engineering - PowerPoint PPT Presentation

oshin
growing of internet a permanent challenge for designers and network engineering l.
Skip this Video
Loading SlideShow in 5 Seconds..
Growing of Internet a permanent challenge for designers and network engineering PowerPoint Presentation
Download Presentation
Growing of Internet a permanent challenge for designers and network engineering

play fullscreen
1 / 38
Download Presentation
Growing of Internet a permanent challenge for designers and network engineering
345 Views
Download Presentation

Growing of Internet a permanent challenge for designers and network engineering

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Growing of Interneta permanent challenge for designers and network engineering Jiří Navrátil jiri@cesnet.cz European Future Networking Initiatives Workshop22.2.2007 Amsterdam

  2. Introduction to EFNI workshop • Internet expansion and consequences • Next generation of Internet (directions and supporting projects, FIND, GENI) • New terminology: Slicing, Virtualizaton, PlanetLab,VINI, etc. • New networking phenomena, concepts, approaches (DHT, P2P, CAN, ROS)

  3. Partial visibility of the Internet from one router (from the routing tables) BGP table analysis Source: http://www.caida.org/tools/measurement/skitter/

  4. What are the problems of Internet ? Speed and capacity ? In network backbones ? In aggregation networks? last mile ? wireless (ad hoc networks, Wimax) ? Access to the network ? from individual machines (PC,MAC,Linux), Supercomputers, PDA, phones, edge points Distribution of services in requested quality to end users to universities, offices (thousands of sites in each country) to homes (millions of access points) mobile users Utilization of existing networks (Measurement and monitoring) How do we know what users are doing and what they want, what are the loads od individual segments of Internet? Security aspects ? Yes, definitely, all of these areas has own difficulties and clear road map for future developments However, they don’t threaten the system as whole

  5. The real problems of IP world are in the principles • IP addresses ? Yes, before 1994 nearly collapsed. Problem postponed because of reusable private IP, NAT. It is reason why IPv6 is not so hot • Naming ?Yes, DNS still dominate and it has more and more problems the other systems start to use own naming strategy based on GUID • Routing ?Yes, since 1989 BGP (protocol based purely on agreement of ISPs - routing policy). All other known protocols are unacceptable, technically problematic and they are used just locally, many existing routes is not used, quality of routes is not under control BGP4 ? Yes, Introducing AS was step to aggregation for routing purposes, it helps to postpone problem with effectiveness of routing. AND the # of ISP and # of AS growexponentially !

  6. How Internet Grows In history Expectations 70000 routes 350 CIDR, PRIVATE IP, NAT bring slowdown of growing RT (in 2000 - 980 millions of users ???)

  7. How AS growingbrings problem to BGP Grow in 94– 06 Source http://www.routeviews.org/dynamics Remark. Individual lines are prefixes (paths) from different peers This is a reason why your engineers needs more and more powerfull systems Flapping = routes on- off-on-off … http://sahara.cs.berkeley.edu/jan2004-retreat/slides/mcc_rootcause_sahara.ppt

  8. More about the weaknesses of the Internet - performance bottlenecks at peering points • Ignores many existing alternate paths • Prevents sophisticated algorithms • Route selection uses fixed, simple metrics • Routing isn’t sensitive to path quality (See next examples) The Internet is ill suited to mission-critical applications Paxson (95-97) 3.3% of all routes has serious problems Labovitz (97-00) 10% of routes available <95% of time 65% of routes available <99.9 3 minutes minimum detection time for failure average recovery ~ 15 minutes Chandra (01) 5% of faults last more than 2 hours 45 minutes Wang (06) 80 %of problems on the path is caused by routing

  9. RON - Resilient overlay networks David Andersen, Hari Balakrishnan,Frans Kaashoek, and Robert Morris MIT Laboratory for Computer Science http://nms.lcs.mit.edu/ron/ • Measure all links between nodes • Compute path properties • Determine best route • Forward traffic over that path Experimental testbed running for users, Main problems - not suitable for disruptive operation, - low statistics of problematic cases (waiting for errors)

  10. Menu Traceroute analysis Via Abilene Via CALREN/CENIC Example of routing changes (path SLAC – CALTECH) ABwE Overview

  11. com TLD TLD ns ns ns .cz ns ns ns ns .cvut. ns ns ns ns ns ns .fel. ns ns ns ns ns ns .fjfi. ns ns ns ns ns ns ns ns Internet naming based on DNS PROBLEM IS NOT ONLY TO HAVE NAME (registration) But how TO HANDLE resolution (conversion from/to IP) and UPDATE databases which are bigger and bigger .hp. Recursing requests .ibm. .nl .de .fs.cvut.cz Most request is resolved on the lowest level but not all data are available => Recursing requests browsers Remember: Each nice Web page can contain several resolutions !! (reference to icon/picture/doc located somewhere in Internet) and for seeing it must be resolved !!

  12. DNS - update All these systems were designed for traffic loads that reflect the rate and complexity of human activities How DNS will react on machine-machine applications (crowlers, traffic reviewer,..) How is robust, scalable, sensitive to the attacks and misconfigurations What is the rate of DNS updates and big volume of data it represents ? 1-2 M updates/hour on root DNS 20 top ASes make 50 % updates (China, US, Spain) 97% updates is from WINDOWS machines Wrong coordination between DHCP and DNS for private IP can creates unwanted traffic and requests to global DNS. This leakage is inappropriate from the traffic and also from the security aspects. REFERENCE CAIDA papers: A.Broido, E.Nemeth, kc claffy, SPECTROSCOPY of Private DNS update Sources A.Broido, H.Shang, M.Fomenkov, Y.Hyun, kc claffy, The Windows of Private DNS Updates

  13. NSF FIND “Future Internet Design”in 2005 as reaction to existing problems • Creating the Internet you want in 10,15 Years • The Internet which society TRUST • Support pervasive computing (from PDA to Supercomputing) • Connecting devices and users with all types communication channels from wireless to optical light paths • Enable accept further developments and innovations

  14. from Darleen Fisher and Guru Parulkar NSF-CISE presentation

  15. from Darleen Fisher and Guru Parulkar NSF-CISE presentation

  16. from Darleen Fisher and Guru Parulkar NSF-CISE presentation

  17. Situation is getting worse From: David Alderson CALTECH , NSF Find meeting, Dec. 2005

  18. Larry Peterson Princeton University: A Strategyfor Continually Reinventing Internet (May 2005) Why now ? many architectional proposals ( look on the statistics RFC, papers, etc.) research community is ready to making it real Enabling technology Infrastructure exists (NLR, Planetlab, .. GN2,.. } HOW ? Two paths for changes Incremental Clean-Slate (replace Internet with new architecture) many problems on first path (many limits, hard manage,, vulnerability, hostile) there are Barriers to second path: Internet ossificated, cannot be replaced Inadequate validation of potential solutions tesbed dilemma: production testbed = incremental change experimental testbed = no real users !

  19. Focus of FIND On Reinvented Internet Architecture andnot on individual network technologies Internet evolutioninfluenced by clean-slate approach Alternate architecture(s) coexistwith the current Internet Virtualization becomes the norm with plurality of architectures New services and applications enabled

  20. Defined Stages of Research for 2007 and Later Architectures as they emerge will be made operational and tested • Simulation • Emulation • Run on a large-scale GENI facility Experiments with new architectures at global scale

  21. http://nile.wpi.edu/NS/

  22. Peter A.Freeman NSFVICE Jan 2006 ? ? 2009 2007 Filling GAP (validate new arch. Under realistic conditions Keep potential deployment in sight) Work on existing experimental. infrastructure Emulab front-end to PlanetLab Experiments spanning some combination of… Emulab + ORBIT + WAIL + PlanetLab ViNI: Virtualized Network Infrastructure PlanetLabslices on layer 2 networks (NLR + Abilene) Internet-in-a-Slice (Click + XORP)

  23. Larry Peterson Princeton University: A Strategyfor Continually Reinventing Internet (May 2005) Each architecture (service) runs in own slice Planetlab node as INGRESS NLR as high-speed backbone

  24. In “A Strategyfor Continually Reinventing Internet” (May 2005, Larry Peterson) NLR NLR NLR NLR

  25. Distribution of load and functionality in Hardware Source: From GENI backbone working group

  26. Why virtual architectures ? The programs that should control many different entities in real time with complex timingoften multiplicatively same for different segments of the huge systems are rather complex. You can separate the tasks into independent HW (computers) each responsible for part of the whole system). The reason is not only the distribution of the load butalso distribution of complexity. The computers are more and more powerful so they are ready to work in “pseudo parallel mode” and to accept some overhead.Application software is much simple. The next step is to create more independent systems(virtual machine VM) on one physical computer. Each VM can run one or more programs. The complexity for writing and running application is much lower than in original design

  27. Packet Packet Packet Default filter 1 filter 2 filter filter n L2 Switching L2 Switching Engine w/ARP Engine w/ARP Generalized Packet Filters • GPFs are the key to flexibility in this approach • Extends concept of “filters” normally found on routers • A relatively small number of GPFs can be used as building blocks for a large number of applications • Ideally, the database of GPFs precludes the writing of new code! • Supports flexible classification, computation, and actions • GPFs are executed in numeric order: Source :http://sahara.cs.berkeley.edu/jan2004-retreat/index.html http://sahara.cs.berkeley.edu/jan2004-retreat/slides/tsai_routervm_1-9-04.ppt

  28. Source : http://sahara.cs.berkeley.edu/jan2004-retreat/index.html http://sahara.cs.berkeley.edu/jan2004-retreat/slides/tsai_routervm_1-9-04.ppt

  29. Ethernet Forward TCP/IP lookup IP Drop Intrusion Detect TCP Route NAT HTTP Load Balance Store/Ret. State iSCSI Replace Fields Error Detect FCIP Resize Pkt Checksum MPLS Encrypt Count/Tag ATM Compress …? …? …? Classify-Infer-Act • A server and router in “one” • Tight integration between packet processing and routing • High bandwidth (routers) and computation (servers) Infer Classify Act

  30. Group/class of applications “G” (voice) “P” (video) (data) “B” (interactive gaming) “Y” Core network with classified application multilayers “Slicing” SHARED IP layer in horizontal level RN2 RN3 sublayer 1 RN1 RN4 RN5 l l1 sublayer 2 Core network RN1 RN4 l2 Different L2 allocation between RN, different routing for each L3 sub-layer RN5 sunlayer 3 RN1 RN4 l3 RN5 RN = routernode sublayer 4 RN1 RN4 RN5 l4 Different application packets Different application packets Edge node Domain Z Edge node (BASED ON PNE ?) Domain X Questions: Who can create applicaton layer? *jn*

  31. Multi-user Java Environment. A standard Java Virtual Machine is a multi-thread-enabled but mono-application environment Sun's Multi-tasking Virtual Machine runs several Java applications, called isolates The overlay is the single application that runs in the JVM, but it allows several pseudo-applicationsn run concurrently ontop of it. JVM, ISOLATES etc. http://java.sun.com/developer/technicalArticles/Programming/mvm/

  32. APPLICATION FOR MILLIONS HOMES Multi-user Java Environment. IPTV HDTV VOD INTERNET Lastmile Open Service Gateway MULTISERVICE MULTIUSER The overlay is the single application that runs in the JVM, but it allows several pseudo-applicationsn run concurrently ontop of it. Gateway operator Lastmile VOD Service providers Open Service Gateway The gateway operator, through the core service gateway, acts much like a Unix root user. He allows users (service providers) to launch their shell or execution environment (their virtual service gateway). The core gateway runs services accessible to all users. However, contrary to Unix root users, the core gateway does not have access to service gateways' data, files, etc, since these would belong to different, potentially competing companies. Source: MUSE -NRIA More details:http://perso.citi.insa-lyon.fr/sfrenot//publications/royonCBSE06vosgi.pdf

  33. Xen 3.0 Architecture VM3 VM0 VM1 VM2 Device Manager & Control s/w Unmodified User Software Unmodified User Software Unmodified User Software GuestOS (XenLinux) GuestOS (XenLinux) GuestOS (XenLinux) Unmodified GuestOS (WinXP)) AGP ACPI PCI Back-End Back-End SMP Native Device Driver Native Device Driver Front-End Device Drivers Front-End Device Drivers VT-x x86_32 x86_64 IA64 Virtual CPU Virtual MMU Control IF Safe HW IF Event Channel Xen Virtual Machine Monitor Hardware (SMP, MMU, physical memory, Ethernet, SCSI/IDE)

  34. http://www.planet-lab.org

  35. VMM VMM VMM VMM VS – Virtual server Independent OS LINUX (BSD) running on VM, with own administartion including root with own file system and computation capability Slice set of VS on different VM

  36. Node/Slice in PlanetLab N10 N1 N3 N8 N2 N4 N7 N9 N6 SLICEA1(N3,N1,N2,N3,N4,N5,N6.N7,N8,N9) N5 SLICEA2(N1,N5,N6,N4,N8) SLICEA3(N1,N2,N7,N10 SLICEA4(N3,N6,N5,N4) Node App1 On each node can run more users (slices) Each of them is running in own virtual system One user can run more applications SLICE App2 App3

  37. switch wired What is emulation?the ability to mimic another machine on your computer. You can run the same programs that you would on whatever the other machine is. http://www.cs.utah.edu/flux/testbed-docs/emulab-dev-jan06.pdf

  38. Thank You for your attention