Presentation is loading. Please wait.

Presentation is loading. Please wait.

Joe Touch USC/ISI July 10, 2003 1 The X-Bone ICB Meeting July 10, 2003 Joe Touch Director, Postel Center for Experimental Networking Computer Networks.

Similar presentations


Presentation on theme: "Joe Touch USC/ISI July 10, 2003 1 The X-Bone ICB Meeting July 10, 2003 Joe Touch Director, Postel Center for Experimental Networking Computer Networks."— Presentation transcript:

1 Joe Touch USC/ISI July 10, The X-Bone ICB Meeting July 10, 2003 Joe Touch Director, Postel Center for Experimental Networking Computer Networks Division USC/ISI

2 Joe Touch USC/ISI July 10, X-Bone IP Overlays Web GUI X-Bone system Multiple views Automated monitoring link xd GUI Overlay Manager Overlay Manager Resource Daemon Resource Daemon Resource Daemon Resource Daemon Resource Daemon Resource Daemon router host ring-ovl IP Base A B D C A B D C star-ovl A B D C Star Overlay Base IPv4 Network Ring Overlay

3 Joe Touch USC/ISI July 10, What is the X-Bone? Virtual Internet Architecture Consistent with dynamic routing, existing Internet applications and services Distributed VPN Manager SNMP-like client/server Multicast invites Interfaces Overlay Language GUI front-end

4 Joe Touch USC/ISI July 10, Virtual Internet Arch. VHs & VRs connected by tunnels VHs add/delete headers VRs transit only Completely virtual Revisitation Recursion Network-as-router recursion Control Recursion (compile-time) Rename unbound inner network VR interfaces Network Recursion (run-time) Phantom VHs at unbound inner network VR interfaces

5 Joe Touch USC/ISI July 10, X-Bone View of VPN E2E Closed set of participants More controlled than PE-based Support ALL Internet apps Network, not a full mesh (supports use of an internal AS structure) IP over IP Current deployment assumes mcastIP NO OTHER ASSUMPTIONS Can use any tunnel to get IP in IP, but uses explicit key distribution (interoperability)

6 Joe Touch USC/ISI July 10, Software Architecture OM runs the overlay Control or network recursion RD configures nodes SNMP-like transactions Multicast invites RD privacy Security ACLs, resource counts S/MIME invites SSL configuration

7 Joe Touch USC/ISI July 10, Interfaces Overlay Joe Node apple (OS=BSD) (iface a b c) Node pear (CPU=P4) (iface p) Ring r3 (BW=2M) (mac,gran,gold=apple, one,two,three=pear), (one.p mac.a>) (two.p gran.a>) (three.p gold.a>) (mac.b gran.c) (gran.b gold.c) (gold.b mac.c)

8 Joe Touch USC/ISI July 10, Capabilities Revisitation Recursion (scalability, multilayer) Dynamic routing Integration with DNS Application deployment

9 Joe Touch USC/ISI July 10, Revisitation A BCD F X Y Z A F B C D E E

10 Joe Touch USC/ISI July 10, Recursion Hierarchy w/connected sub-overlays Sub-overlays look like routers Base network Primary overlay Sub-1 Sub- 2

11 Joe Touch USC/ISI July 10, Application deployment (User Input) App-Instance Specific Params Application Generator Script 1 2 (XBone-Auto) Overlay/Node Specific: Ovl Name, IPs, Topol ring-ovl A B D C OM edit Action File Generator Script 3 4 RD Node Action File 5

12 Joe Touch USC/ISI July 10, Project Status DynaBone (DARPA) 10/03 {04? } Multilayer overlays for dynamic defense Adding native recursion X-Tend (NSF) 12/05 Augmenting X-Bone for education & research Add features based on need Add documentation, instruction examples Green-box install

13 Joe Touch USC/ISI July 10, X-Tensions Due Aug 2003 Net list topology Divide-and-conquer control Layered VPNs Revised API & code Dynamic & secure DNS +1 yr Layered restoration Incremental add/delete Ad-hoc mgt Application jails, process policy (MAC) Due within 6 mos. IPv6 Cisco Linux IPsec (?) Dynamic routing Proximity topology Revisitation Specific host list, find-and- select, directory discovery (LDAP) Apple OS-X Symbolic hostnames OM fault tolerance (hot backup, state-full recovery) Monitor link performance

14 Joe Touch USC/ISI July 10, Header FAQ Why two headers? Inet needs net and link ARP Revisitation Why overlap inside X-Bone, not outside? Innerlays never reuse interfaces: by construction

15 Joe Touch USC/ISI July 10, Outerlay DynaBone architecture Spread-Spectrum Multilayer Internet Overlays Innerlays Base network 3DES encrypt / Linkstate RC5 encrypt / RIP MD5 auth / static X PRMPRM PRMPRM

16 Joe Touch USC/ISI July 10, Performance issues Nesting: 800+ parallel innerlays 15 layers of recursion Bandwidth as 1/N for recursion

17 Joe Touch USC/ISI July 10, Demo configuration Outerlay 50 #50 TCP S/F – 3DES Others – MD5 UDP – SHA1 Base network Innerlays

18 Joe Touch USC/ISI July 10, Monitor & Control GUI

19 Joe Touch USC/ISI July 10, Issue Positions Optimization Pathchar, proximity, node – OK Not for link QoS Upper-bound, increase delay – OK No guarantees IP for simplicity Any IP encapsulation tunnel Esp. if it looks like an interface

20 Joe Touch USC/ISI July 10, URLs All at


Download ppt "Joe Touch USC/ISI July 10, 2003 1 The X-Bone ICB Meeting July 10, 2003 Joe Touch Director, Postel Center for Experimental Networking Computer Networks."

Similar presentations


Ads by Google