Download
psmc proxy server based multipath connection n.
Skip this Video
Loading SlideShow in 5 Seconds..
PSMC Proxy Server-based Multipath Connection PowerPoint Presentation
Download Presentation
PSMC Proxy Server-based Multipath Connection

PSMC Proxy Server-based Multipath Connection

79 Views Download Presentation
Download Presentation

PSMC Proxy Server-based Multipath Connection

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. PSMCProxy Server-based Multipath Connection CS 526 Advanced Networking - Richard White

  2. Network Architectures Network Overlays SCOLD PSMC Issues Conclusion On Proxy Server Based Multipath Connections Yu Cai, PhD Dissertation, UCCS, 2005 Overview

  3. Network Architecture • Clients • Servers • Name Servers • Routers • Links

  4. Client/Server Model 1. Client requests DNS name translaton 2. Router directs query to local proxy server 3. Proxy server redirects shortest path to host

  5. Client/Server Problems 1. Client requests DNS name translation 2. Router directs query to local proxy server 3. Proxy server redirects shortest path to host • Shortest path not always fastest! • Wasted bandwidth!

  6. Client/Server Vulnerability 1. Client requests DNS name translation 2. Router directs query to local proxy server 3. Proxy server redirects shortest path to host • Shortest path not always fastest! • Wasted bandwidth! • Distributed Denial of Service (DDoS) Attack!

  7. Layered Architecture

  8. Service Overlays • Build on existing capabilities • Don’t need to retrofit existing services • Modular compatibility for adding and removing

  9. Secure Collective Defense (SCOLD) • SCOLD Coordinator • SCOLD Proxy Servers

  10. Secure Collective Defense (SCOLD) • SCOLD Coordinator • SCOLD Proxy Servers • Defends against DDoS attacks!

  11. Secure Collective Defense (SCOLD) • SCOLD Coordinator blocks incoming attack on main gateway • Notifies trusted DNSs to use trusted proxys • Trusted proxys route requests through alternate gateways

  12. SCOLD Performance • SCOLD overhead incurs performance delays • SCOLD overhead is insignicant compared to attacks!

  13. Proxy Server-based Multipath Connection (PSMC) • Can we extend the SCOLD concept to enhance network perfromance? • Shortest path not always fastest! • Wasted bandwidth!

  14. PSMC Architecture • Sender module responsible for packet distribution among multiple paths • Some packets go through normal “direct route” • Some packets go through “indirect routes” • Receiver module reassembles packets in correct order.

  15. Proxy Server-based Multipath Connection (PSMC) • Aggregating bandwidth increases throughput • Multiple paths increase reliability, decrease vulnerability

  16. Proxy Server-based Multipath Connection (PSMC) • PSMC increases probability packets arrive out of order 6 6 5 5 4 4 3 3 2 2 1 1 3 4 6 5 2 2 1 1

  17. Proxy Server-based Multipath Connection (PSMC) • PSMC increases probability packets arrive out of order • Resulting in significantly higher retransmit requests 6 6 5 5 4 4 3 3 2 2 1 1 3 6 4 5 6 4 5 3 2 1

  18. Buffer 2 6 5 4 3 2 1 Buffer 1 Proxy Server-based Multipath Connection (PSMC) • PSMC increases probability packets arrive out of order • Resulting in significantly higher retransmit requests • Solution: Create a double receiving buffer! 6 6 5 5 4 4 3 3 2 2 1 1 3 3 4 4 6 6 5 5 2 2 1 1

  19. PSMC Performance • PSMC without double buffering was worse than standard routing! • PSMC with double buffering was significantly better than standard routing!

  20. Detecting compromised proxy servers Controlling malicious users More efficient double-buffer management Investigating quality of service capabilities Issues

  21. Increase bandwidth utilization Decrease vulnerability to attack & failure Can be used to implement quality of service proportional differentiation Conclusion