Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Designing the Internet in 90 Minutes! EE 122: Intro to Communication Networks Fall 2010 (MW 4-5:30 in 101 Barker) Scott Shenker TAs: Sameer Agarwal,

Published byBrice Chase Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Designing the Internet in 90 Minutes! EE 122: Intro to Communication Networks Fall 2010 (MW 4-5:30 in 101 Barker) Scott Shenker TAs: Sameer Agarwal,"— Presentation transcript:

1 1 Designing the Internet in 90 Minutes! EE 122: Intro to Communication Networks Fall 2010 (MW 4-5:30 in 101 Barker) Scott Shenker TAs: Sameer Agarwal, Sara Alspaugh, Igor Ganichev, Prayag Narula http://inst.eecs.berkeley.edu/~ee122/ Materials with thanks to Jennifer Rexford, Ion Stoica, Vern Paxson and other colleagues at Princeton and UC Berkeley

2 News Project will be released today Ask a TA if something isn’t clear Igor has an announcement 2

3 Goal for Today Discuss some basic design decisions –Propose some possible designs This is not about how the current Internet works This is about how you think it should work –With a little help from me….. 3

4 Process I’ll ask lots of questions Sometimes I’ll wait for answers, sometimes not –Not always the same people answering questions –I may call on names from class list  Not punitive, just trying to get your head in the game But no matter what, think about the question! –Otherwise we are both wasting our time…. 4

5 Why This Lecture? (which is risky) Textbook stresses mechanisms –Design of IP, TCP, BGP, DNS etc. But does not discuss many alternatives Only by considering alternatives can one understand what we have today 5

6 Basic Scenario Alice wants to retrieve a movie from the Internet –Legally, of course Alice is sitting a host A Content on a variety of hosts around the Internet 6

7 Packets vs Circuits? Which kind of network should we use? 7

8 Host Software What is the structure of software on Alice’s laptop? Do applications interact directly with the network? –Or is there a common interface? Possible organization –Application –“Stack” –Network interface Two interfaces: application/stack, host/net 8

9 Service Model What service model does the network offer? –Reliable? –Assurances about delay? –Multiple priorities? What service model does the API offer? –Reliable? –Assurances about delay? –Multiple priorities? Who is responsible for reliability? Host or Network? 9

10 API What does the application tell the “stack” –Contact that host? –Get this data? Do all applications want the same API? –Should SSH and HTTP use the same API? –What about streaming video? Can the API ever change? Should it be extensible? Whatever the API, it needs to name hosts, data,… 10

11 Name Resolution What should name resolution tell you? –Where a nearby copy of the name is Two approaches: –Lookup in database –Route-by-name Need an infrastructure that: –Finds shortest paths –Handles failures –Scales Isn’t this a job for routing? 11

12 Name Resolution (continued) How does name resolution know about objects? Objects must be “registered” What prevents false registrations? Need to “verify” names –How can I prove that this file’s name is X? 12

13 Naming (next six slides confusing) What gets named? –Hosts? –Data? –People? What properties must a name have? –Globally unique –Persistent –Verifiable What does a name tell you? –Location? Anything else that might change? 13

14 Key Observation Names should be verifiable! And contain no other information What about today’s names? –Exactly the opposite! 14

15 Principles about Naming Principals Principals are “responsible entities” –Locus of trust –Person, company –Not files, etc. Principals can name objects –Files, hosts, etc. –Think of object names as P:L (ex.: CNN:headlines) What should a name tell you? –Principal: allows me to prove my name belongs to me –Object: allows me to prove the object belongs to me 15

16 Identity What does Internet identity mean? –Not a semantic statement –Merely one of consistency Cryptographic notion of identity –Associate each identity with a public key –Can prove you are associated with that key by signing with private key How do you tie names to public keys? –Make names a hash of a key! –This makes them verifiable 16

17 Attaching Meaning to Names Outside of architecture –Why? Mechanisms to attach semantics to names: –Certificate authorities –Trusted databases –Webs of trust –Social networks –……. 17

18 Phishing The key to dealing with phishing is to allow users to verify identity How could we do this? I have no idea. –But linking names to keys is a good start –And depriving users of “human-readability” avoids common errors 18

19 Back to API Should ask for content by name Let network figure out where closest copy is –Through name resolution (route by name) Why not do it like today? –App gets address –Connects to address This forces application to know about addresses 19

20 Design so far (not like today’s net) Host Software: –Application talks to stack through extensible API –Stack talks to network –Network service model: best-effort datagram delivery –Applications refer to objects by name  Do not know anything about low-level addresses, etc. Naming –Names are “semantic-free” (not tied to location) –They are cryptographically linked to principal –Everything that you refer to is named directly Identity is tied to public key 20

21 Design so far (continued) Name resolution: –Route-by-name to location –Can ask for content directly 21

22 Security and Network Security What is network security? –What aspects does the “network” have to handle? –What about viruses? Minimal definition of network security –Confidentiality: end-to-end encryption –Integrity: end-to-end cryptography –Provenance: end-to-end cryptography  This is easy due to names being linked to keys –Availability: huh? Everything else is host or application security…… 22

23 Carrying the packets After packet leaves host, what happens? What does the packet header carry? –Destination? –Source? Why? What about privacy? 23

24 Addressing How do you describe network locations? Network is comprised of “domains” Interdomain routing can just be done on domain –Can ignore everything else until it arrives in domain –Can make domains hierarchical Should interdomain routing know about internal addressing? Result: –Addresses that look like Domain:LocalAddress –Back to the Future! 24

25 Interdomain Routing What freedom should domains have? –Ability to decide which peers to route to How to embed that in routing algorithm? –Cover later in semester 25

26 Intradomain Routing How do you compute routes? –Shortest path? Highest bandwidth path?.... What happens when there is a failure? –How do you restore connectivity? Global recomputation? –What happens in the meantime? –Can you restore connectivity with “local” adjustments? Multiple routes? –Allow host to choose another path 26

27 Back to Security All but availability handled –Now look at threats to availability Attacks on control plane –Make sure routers can’t lie about who they are –Solved by naming Internal attacks on data plane –Can’t stop; but hosts can use multiple paths to avoid External attacks on data plane –Denial of service attacks 27

28 Denial-of-Service How do you handle denial of service? –Make people ask before they send? –Make people shut up if you want them to?  Keep them from sending to you, not sending to anyone Must be able to reach source of packets –Not necessarily a source field, but something like that –Need accountability and anonymity! 28

29 Avoiding Congestion Alice finally starts to download her file How fast is the download? How is that determined? In general, how do we control congestion? –Adaptive algorithms? How do we detect congestion? How do we react to congestion? 29

30 Sharing the Network Alice wants to get a file Bob wants to get a file How do you share the network between them? When the network is congested, who gets the bandwidth? –Fair allocation? –Pricing? 30

31 Other Topics Delivery models: –Multicast? –Anycast? Mobility: –Allow frequent updates in naming system –Provide current location –And make sure transport protocol doesn’t embed addresses Protocol details: –Lower-level details not embedded in implementations 31

32 Design since last summary Network Security: –All handled by end-to-end crypto except availability –Availability requires:  Multipath routing (to avoid attacks on links)  Defense against denial-of-service Addressing: –Addresses separate interdomain from intradomain  Domain:LocalAddress –Interdomain routing cares only about the domain part of the address –Intradomain routing cares only about the local part of the address 32

33 Design summary (continued) Need adaptive algorithms to control congestion Need way to share bandwidth among users 33

34 How is this different from today? Host software and service model: same API: currently embeds addresses –Makes it hard to change underlying network Naming: –Today  Location specified in names (domains)  No cryptographic content in names  Resolution by lookup from database –Problems  Names are not persistent  Makes it harder to find nearby copies of data  Makes it harder to associate names with keys 34

35 Differences from today Network security: –Provenance much harder today –Availability: also much harder (below) Addressing: –Today, mixes inter- and intra- domain addressing –Scaling problems, inflexible Routing: –Today, only computes single path –Upon failure, must wait for global recomputation 35

36 Point of Today’s Lecture We could do much better than current architecture But for the rest of the semester we will focus on the current design so you learn the basics Will revisit alternatives in the last two lectures 36

Download ppt "1 Designing the Internet in 90 Minutes! EE 122: Intro to Communication Networks Fall 2010 (MW 4-5:30 in 101 Barker) Scott Shenker TAs: Sameer Agarwal,"

Similar presentations

Secure Routing Panel FIND PI Meeting (June 27, 2007) Morley Mao, Jen Rexford, Xiaowei Yang.

Secure Routing Panel FIND PI Meeting (June 27, 2007) Morley Mao, Jen Rexford, Xiaowei Yang.
Holding the Internet Accountable David Andersen, Hari Balakrishnan, Nick Feamster, Teemu Koponen, Daekyeong Moon, Scott Shenker.

Holding the Internet Accountable David Andersen, Hari Balakrishnan, Nick Feamster, Teemu Koponen, Daekyeong Moon, Scott Shenker.
1 Data-Oriented Network Architecture (DONA) Scott Shenker (M. Chowla, T. Koponen, K. Lakshminarayanan, A. Ramachandran, A. Tavakoli, I. Stoica)

1 Data-Oriented Network Architecture (DONA) Scott Shenker (M. Chowla, T. Koponen, K. Lakshminarayanan, A. Ramachandran, A. Tavakoli, I. Stoica)
Internetworking II: MPLS, Security, and Traffic Engineering

Internetworking II: MPLS, Security, and Traffic Engineering
COS 461 Fall 1997 Routing COS 461 Fall 1997 Typical Structure.

COS 461 Fall 1997 Routing COS 461 Fall 1997 Typical Structure.
6.033: Intro to Computer Networks Layering & Routing Dina Katabi & Sam Madden Some slides are contributed by N. McKewon, J. Rexford, I. Stoica.

6.033: Intro to Computer Networks Layering & Routing Dina Katabi & Sam Madden Some slides are contributed by N. McKewon, J. Rexford, I. Stoica.
Cs/ee 143 Communication Networks Chapter 6 Internetworking Text: Walrand & Parekh, 2010 Steven Low CMS, EE, Caltech.

Cs/ee 143 Communication Networks Chapter 6 Internetworking Text: Walrand & Parekh, 2010 Steven Low CMS, EE, Caltech.
CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.
UNIT-IV Computer Network Network Layer. Network Layer Prepared by - ROHIT KOSHTA In the seven-layer OSI model of computer networking, the network layer.

UNIT-IV Computer Network Network Layer. Network Layer Prepared by - ROHIT KOSHTA In the seven-layer OSI model of computer networking, the network layer.
(4.4) Internet Protocols Layered approach to Internet Software 1.

(4.4) Internet Protocols Layered approach to Internet Software 1.
Data and Computer Communications Eighth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 2 – Protocol Architecture, TCP/IP, and Internet-Based.

Data and Computer Communications Eighth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 2 – Protocol Architecture, TCP/IP, and Internet-Based.
Data and Computer Communications Eighth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 2 – Protocol Architecture, TCP/IP, and Internet-Based.

Data and Computer Communications Eighth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 2 – Protocol Architecture, TCP/IP, and Internet-Based.
Lecture 2 Protocol Layers CPE 401 / 601 Computer Network Systems slides are modified from Dave Hollinger.

Lecture 2 Protocol Layers CPE 401 / 601 Computer Network Systems slides are modified from Dave Hollinger.
CSCD 433/533 Advanced Computer Networks Lecture 1 Course Overview Fall 2011.

CSCD 433/533 Advanced Computer Networks Lecture 1 Course Overview Fall 2011.
© 2003 By Default! A Free sample background from www.powerpointbackgrounds.com Slide 1 SAVE: Source Address Validity Enforcement Protocol Authors: Li,

© 2003 By Default! A Free sample background from Slide 1 SAVE: Source Address Validity Enforcement Protocol Authors: Li,
Chapter 4 Network Layer slides are modified from J. Kurose & K. Ross CPE 400 / 600 Computer Communication Networks Lecture 14.

Chapter 4 Network Layer slides are modified from J. Kurose & K. Ross CPE 400 / 600 Computer Communication Networks Lecture 14.
ISOC-Chicago 2001John Kristoff - DePaul University1 Journey to the Center of the Internet John Kristoff +1 312 362-5878 DePaul University.

ISOC-Chicago 2001John Kristoff - DePaul University1 Journey to the Center of the Internet John Kristoff DePaul University.
1 A Course-End Conclusions and Future Studies Dr. Rocky K. C. Chang 28 November 2005.

1 A Course-End Conclusions and Future Studies Dr. Rocky K. C. Chang 28 November 2005.
1 Designing the Internet in 75 Minutes…. EE122 Fall 2011 Scott Shenker Materials with thanks to Jennifer Rexford,

1 Designing the Internet in 75 Minutes…. EE122 Fall 2011 Scott Shenker Materials with thanks to Jennifer Rexford,
Delivery, Forwarding, and Routing

Delivery, Forwarding, and Routing

Similar presentations

Ads by Google