Presentation is loading. Please wait.

Presentation is loading. Please wait.

NodeOS Programming Forwarding Functions for Extensible Routers Department of Computer Science Princeton University Router Workshop 2000-08-17 Yitzchak.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "NodeOS Programming Forwarding Functions for Extensible Routers Department of Computer Science Princeton University Router Workshop 2000-08-17 Yitzchak."— Presentation transcript:

1 NodeOS Programming Forwarding Functions for Extensible Routers Department of Computer Science Princeton University Router Workshop 2000-08-17 Yitzchak Gottlieb

2 2000-08-17Router Workshop Forwarding Functions n Hardware u Static F Users can not easily change n Software u Dynamic F Restart all flows (Reboot) F Restart single flow

3 2000-08-17Router Workshop n Simple Paths u IP Forwarding n Optimized Paths u Very Limited, High Performance forwarding Forwarding Paths NET IP NETETH—IP—ETH

4 2000-08-17Router Workshop n Complicated Paths u Filters F Firewalls F Traffic Shapers u Proxies Forwarding Paths TCP IP NET IP TCP Proxy

5 2000-08-17Router Workshop Demultiplexing and Processsing n Demultiplexing u Path Selection n Processing u Path execution n Does one determine the other? u Protocol Stack u Classical Proxies u Transparent Proxies

6 2000-08-17Router Workshop More Forwarding Paths n Trusted Components n Distrusted Components NodeOS JVM ANTS IP v N NET IP NET

7 2000-08-17Router Workshop Distrusted Modules n Why should they be allowed? u Rapid protocol development u Third party software n How should they be allowed? u Provide a trust barrier F Export capabilities F Limit resources Protect the router

8 2000-08-17Router Workshop Distrusted Modules NETIPNETRSVPIP ETH—IP—ETH Channel Creation

9 2000-08-17Router Workshop NodeOS Abstractions n Communication u Channels F Processing F Demultiplexing n Resource Accounting u Threads u Memory u Flows

10 2000-08-17Router Workshop Scout and NodeOS n What Scout provides u Module Composition u Resource Accounting n What it doesn’t u Pattern Matching Demultiplexing u Decoupled processing and Demux u Hardware based trust boundaries (SILK)

11 2000-08-17Router Workshop Scout and NodeOS n Channels u Left part is inChannel u Right part is outChannel u Processing only NodeOS JVM ANTS IP v N NET IP NET

12 2000-08-17Router Workshop Scout and NodeOS n CutChannels u Packets avoid NodeOS module in processing WaveDrop NodeOS ETH

13 2000-08-17Router Workshop Scout and NodeOS Data from a 450 MHz Pentium II

14 2000-08-17Router Workshop Review n Multiple forwarding paths may exist n Scout provides architecture for many types of paths n NodeOS provides a minimum interface for distrusted applications

Download ppt "NodeOS Programming Forwarding Functions for Extensible Routers Department of Computer Science Princeton University Router Workshop 2000-08-17 Yitzchak."

Similar presentations

Department of Computer Science and Engineering University of Washington Brian N. Bershad, Stefan Savage, Przemyslaw Pardyak, Emin Gun Sirer, Marc E. Fiuczynski,

Department of Computer Science and Engineering University of Washington Brian N. Bershad, Stefan Savage, Przemyslaw Pardyak, Emin Gun Sirer, Marc E. Fiuczynski,
CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.

CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.
Extensible Networking Platform 1 1 - IWAN 2005 Extensible Network Configuration and Communication Framework Todd Sproull and John Lockwood

Extensible Networking Platform IWAN 2005 Extensible Network Configuration and Communication Framework Todd Sproull and John Lockwood
Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung(1203584897) SriramGopinath(1203800749)

Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung( ) SriramGopinath( )
A Comparative Study of Extensible Routers Yitzchak Gottlieb and Larry Peterson.

A Comparative Study of Extensible Routers Yitzchak Gottlieb and Larry Peterson.
A Comparative Study of Extensible Routers Yitzchak Gottlieb.

A Comparative Study of Extensible Routers Yitzchak Gottlieb.
Spring 2004 1 EE4272 Switch vs. Router Switch:  Def. 1: A network node that forwards packets from inputs to outputs based on header information in each.

Spring EE4272 Switch vs. Router Switch:  Def. 1: A network node that forwards packets from inputs to outputs based on header information in each.
Rob Jaeger, University of Maryland, Department of Computer Science 1 Active Networking “ The active network provides a platform on which network services.

Rob Jaeger, University of Maryland, Department of Computer Science 1 Active Networking “ The active network provides a platform on which network services.
Circuit & Application Level Gateways CS-431 Dick Steflik.

Circuit & Application Level Gateways CS-431 Dick Steflik.
2004-04-28 Decomposing Overlay Applications Yitzchak Gottlieb Princeton University Achieving Extensibility with High Performance.

Decomposing Overlay Applications Yitzchak Gottlieb Princeton University Achieving Extensibility with High Performance.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Chapter 9 Classification And Forwarding. Outline.

Chapter 9 Classification And Forwarding. Outline.
A Guide to major network components

A Guide to major network components
Firewall and Proxy Server Director: Dr. Mort Anvari Name: Anan Chen Date: Summer 2000.

Firewall and Proxy Server Director: Dr. Mort Anvari Name: Anan Chen Date: Summer 2000.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
 Introduction Introduction  Definition of Operating System Definition of Operating System  Abstract View of OperatingSystem Abstract View of OperatingSystem.

 Introduction Introduction  Definition of Operating System Definition of Operating System  Abstract View of OperatingSystem Abstract View of OperatingSystem.
Networking Components

Networking Components
CECS 5460 – Assignment 3 Stacey VanderHeiden Güney.

CECS 5460 – Assignment 3 Stacey VanderHeiden Güney.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
NW Security and Firewalls Network Security

NW Security and Firewalls Network Security

Similar presentations

Ads by Google