Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 The XIA Future Internet Architecture and its Testbed-based Evaluation Peter Steenkiste, Dave Andersen, David Eckhardt, Sara Kiesler, Jon Peha, Adrian.

Published byStuart Preston Garrett Modified over 8 years ago

Similar presentations

Presentation on theme: "1 The XIA Future Internet Architecture and its Testbed-based Evaluation Peter Steenkiste, Dave Andersen, David Eckhardt, Sara Kiesler, Jon Peha, Adrian."— Presentation transcript:

1 1 The XIA Future Internet Architecture and its Testbed-based Evaluation Peter Steenkiste, Dave Andersen, David Eckhardt, Sara Kiesler, Jon Peha, Adrian Perrig, Srini Seshan, Marvin Sirbu, Hui Zhang Carnegie Mellon University John Byers, Boston University Bruce Maggs, Duke Aditya Akella, University of Wisconsin

2 What is XIA? Software prototype Usage scenarios, testbed/experiment plan 2

3 Problems with the IP Narrow Waist Security – no support built into the network (IP) – DOS attacks, address spoofing, routing attacks, … New usage models add complexity, overhead – Content, service networking require a level of indirection Adding functionality in the network is difficult – IPv6, multicast, caching, “transparent” middleboxes,.. Evolvability Applications Link Technologies

4 XIA Ideas: Multiple Principal Types Associated with different forwarding semantics – Support heterogeneity in usage and deployment models Hosts XIDs support host-based communication – who? Service XIDs allow the network to route to possibly replicated services – what does it do? – LAN services access, WAN replication, … Content XIDs allow network to retrieve content from “anywhere” – what is it? – Opportunistic caches, CDNs, … Set of principal types can evolve over time 4

5 XIA Ideas: Fallbacks and DAGs Introduction of a new principal type will be incremental – no “flag day”! NID:HID 5 XIA: intent and fallback address – Intent allows the network to optimize based on user intent – Fallback: guaranteed to be reachable, used if the intent “fails” – Encoded using DAGs CID …. NID:HID …. Payload Dest Src CID S Source networkInternet Destination network HID S Cache NID S

6 XIA Ideas: Intrinsic Security XIA uses self-certifying identifiers that guarantee security properties for communication operation – Host ID is a hash of its public key – accountability (AIP) – Content ID is a hash of the content – correctness – Does not rely on external configurations Intrinsic security is specific to the principal type: – Content XID: content is correct – Service XID: the right service provided content – Host XID: content was delivered from right host 6

7 Open Source XIA Release https://github.com/xia-project/ https://github.com/xia-project/ XIA Prototype released in May 2012 – Includes full XIA protocol stack, SID/CID support, utilities Being used to support evaluation, applications, services New functionality is being added regularly 7 Datalink XIA XDPXSP XChunkP Cache Chunking Xsockets Applications XHCP XCMP ARP BIND Routing

8 Prototype Features Full host and router protocol stack SDN-based control plane supporting routing for SIDs, HIDs, CIDs Inter domain routing for NIDs Anycast for SIDs Support for intrinsic security Mobility for new/active sessions 8

9 Compatibility Library XIA changes socket API – Changing apps painful Idea: apps continue to use IP addresses but they are used as IDs for an XIA address – (IP, socket) -> XIA DAG – Think: per host NAT Mapping service keeps mappings consistent Works really well – E.g., ported Firefox XIA Protocol Stack XIA Xsockets GLIBC Kernel Wrapper Application “IP as ID” sockets

10 Experimental Evaluation of FIAs Experiment requirements are very diverse! – Focus on core versus edge, control vs data vs both – Differences in requirements for scale, realism of topology, richness of domains, realism cross-traffic,.. – Geographic diversity is often important Shared devices/links are often fine 10

11 Classes of Experiments Edge centric experiments – Mobility, vehicular use case, caching, anycast, … – Need many edge networks; core can be simplified Core centric experiments – Evolvable routing, new routing protocols (e.g., Scion, BGP extensions), Internet scale trust management, … – Realistic core topology: customer-provider/peer links, many core domains; edge can be simple Some experiment stress core + edge: video distr. – Diverse edge networks: clients, CDNs, brokers, … – Core network routing and bottlenecks play big role as well 11

12 Large Scale Video Distribution A Video Control Plane Use XIA control and data plane to optimize and simplify video distribution with high QoE – Numbers of individual entities, and control desired, vary Will use XIA control plane and data plane features Player ISPsCDNs Content Broker Monitoring Analysis and Optimization QoE …. System Control

13 Extreme Mobility: Vehicular XIA Networking Support for high-speed mobility Use of SIDs and CIDs to improve efficiency Fast authentication and handoff 13

14 Testbed Deployment Plan Permanent XIA deployment consisting of: – Edge networks at XIA sites and simple GENI backbone – Pieces are being put in place – Must expand on-demand for specific experiments More edge and transit domains based on need Gain experience in running XIA networks, experiment with (limited versions) of two use-cases – Explore richer inter-domain experiment support in the future 14 Duke CMU BU Wisc Other Transit Edge

15 “Narrow Waist” of the Internet Key to its Success Has allowed Internet to grow and evolve dramatically in the last 40 years Adoption throughout society – E-commerce, social networks, cyber-physical, … Transformation usage models – Host-based → content, services Revoluti on in infrastructure – Kilobits/sec -> Terabits/sec – Copper -> fiber + wireless Applications Internet Protocol Link Technologies

16 Service ID: Nearest Instance Content ID: From Anywhere XIA Example: Retrieving Content 16 Service SID CID Host HID SID CID Content CID Content CID Content CID Content CID Content CID Content CID Content CID Service SID Service SID Host HID SID Host HID ID choice involves tradeoffs: Control Efficiency Trust Privacy Host ID: Same as Today

17 XIA Dataplane Concepts Intrinsic Security Flexible Addressing Multiple Communicating Principal Types Deal with routing “failures”Built in security forms basis for system level security Directly support diverse network usage models Evolution of principal types Customization Principal-specific security properties DAG security

18

19 Combining intent and fallback using DAGs offers flexibility for network in completing request – Also supports scoping Flexible Addressing: DAGs 19 CID S Source networkInternet Destination network HID S Cache NID S NID:HID CID …. NID:HID …. Payload Dest Src

20 XIA Dataplane Concepts Intrinsic Security Flexible Addressing Multiple Communicating Principal Types Deal with routing “failures”Built in security forms basis for system level security Directly support diverse network usage models

21 Porting Applications to XIA XIA modifies the socket API – Different address class: AF_XIA instead of AF_INET – Chunk-based communication: CID GET and PUT – Send/receive calls for byte steams and datagrams are similar to those for IP, but … – Lots of IP/TCP specific details, e.g., options Porting IP applications turned out to be exceedingly labor intensive and error prone – Well over 100 calls are used for network communications 21

Download ppt "1 The XIA Future Internet Architecture and its Testbed-based Evaluation Peter Steenkiste, Dave Andersen, David Eckhardt, Sara Kiesler, Jon Peha, Adrian."

Similar presentations

Holding the Internet Accountable David Andersen, Hari Balakrishnan, Nick Feamster, Teemu Koponen, Daekyeong Moon, Scott Shenker.

Holding the Internet Accountable David Andersen, Hari Balakrishnan, Nick Feamster, Teemu Koponen, Daekyeong Moon, Scott Shenker.
Improving Internet Availability. Availability of Other Services Carrier Airlines (2002 FAA Fact Book) –41 accidents, 6.7M departures –99.9993% availability.

Improving Internet Availability. Availability of Other Services Carrier Airlines (2002 FAA Fact Book) –41 accidents, 6.7M departures – % availability.
XIA: Efficient Support for Evolvable Internetworking Dongsu HanAshok AnandFahad Dogar Boyan LiHyeontaek LimMichel Machado Arvind MukundanWenfei Wu Aditya.

XIA: Efficient Support for Evolvable Internetworking Dongsu HanAshok AnandFahad Dogar Boyan LiHyeontaek LimMichel Machado Arvind MukundanWenfei Wu Aditya.
1 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential Session Number Presentation_ID Next Generation Network Architectures Summary John.

1 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential Session Number Presentation_ID Next Generation Network Architectures Summary John.
1 XIA: Network Deployments Dave Andersen, David Eckhardt, Sara Kiesler, Jon Peha, Adrian Perrig, Srini Seshan, Marvin Sirbu, Peter Steenkiste, Hui Zhang.

1 XIA: Network Deployments Dave Andersen, David Eckhardt, Sara Kiesler, Jon Peha, Adrian Perrig, Srini Seshan, Marvin Sirbu, Peter Steenkiste, Hui Zhang.
Why do current IP semantics cause scaling issues? −Today, “addressing follows topology,” which limits route aggregation compactness −Overloaded IP address.

Why do current IP semantics cause scaling issues? −Today, “addressing follows topology,” which limits route aggregation compactness −Overloaded IP address.
CPSC 441 - Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-

CPSC Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-
Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.

Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.
Project by: Palak Baid (pb2358) Gaurav Pandey (gip2103) Guided by: Jong Yul Kim.

Project by: Palak Baid (pb2358) Gaurav Pandey (gip2103) Guided by: Jong Yul Kim.
IPv6-The Next Generation Protocol RAMYA MEKALA UIN:01008672.

IPv6-The Next Generation Protocol RAMYA MEKALA UIN:
Socket Programming with IPv6. Why IPv6? Addressing and routing scalability Address space exhaustion Host autoconfiguration QoS of flow using flowlabel.

Socket Programming with IPv6. Why IPv6? Addressing and routing scalability Address space exhaustion Host autoconfiguration QoS of flow using flowlabel.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.
IP Version 6 Next generation IP Prof. P Venkataram ECE Dept. IISc.

IP Version 6 Next generation IP Prof. P Venkataram ECE Dept. IISc.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
Software-Defined Networking, OpenFlow, and how SPARC applies it to the telecommunications domain Pontus Sköldström - Wolfgang John – Elisa Bellagamba November.

Software-Defined Networking, OpenFlow, and how SPARC applies it to the telecommunications domain Pontus Sköldström - Wolfgang John – Elisa Bellagamba November.
Hash-Based IP Traceback Best Student Paper ACM SIGCOMM’01.

Hash-Based IP Traceback Best Student Paper ACM SIGCOMM’01.
1 In VINI Veritas: Realistic and Controlled Network Experimentation Jennifer Rexford with Andy Bavier, Nick Feamster, Mark Huang, and Larry Peterson

1 In VINI Veritas: Realistic and Controlled Network Experimentation Jennifer Rexford with Andy Bavier, Nick Feamster, Mark Huang, and Larry Peterson
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
10/31/2007cs6221 Internet Indirection Infrastructure ( i3 ) Paper By Ion Stoica, Daniel Adkins, Shelley Zhuang, Scott Shenker, Sonesh Sharma Sonesh Sharma.

10/31/2007cs6221 Internet Indirection Infrastructure ( i3 ) Paper By Ion Stoica, Daniel Adkins, Shelley Zhuang, Scott Shenker, Sonesh Sharma Sonesh Sharma.
Jang, Donghyun 2011/4/4 1/21.

Jang, Donghyun 2011/4/4 1/21.

Similar presentations

Ads by Google