1 A Data-Oriented Network Architecture ACM Sigcomm’07 (M. Chowla, T. Koponen, K. Lakshminarayanan, A. Ramachandran, A. Tavakoli, Scott Shenker, I. Stoica)

Slides:

Advertisements

Similar presentations

1 Data-Oriented Network Architecture (DONA) Scott Shenker (M. Chowla, T. Koponen, K. Lakshminarayanan, A. Ramachandran, A. Tavakoli, I. Stoica)

Advertisements

IPv6 at NCAR 8/28/2002. Overview What is IPv6? What’s wrong with IPv4? Features of IPv6 IPv6 will soon be available at NCAR How to use IPv6.

Guide to Network Defense and Countermeasures Second Edition

CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.

Content Centric Networking in Tactical and Emergency MANETs Soon Y. Oh, Davide Lau, and Mario Gerla Computer Science Department University of California,

Incrementally Deployable Information Centric Networking 1 Seyed K. Fayazbakhsh, Yin Lin, Amin Tootoonchian, Ali Ghodsi, Teemu Koponen, Bruce Maggs, KC.

Data-Oriented (and Beyond) Network Architecture Article from 2007 SIGCOMM conference Presented by Vilen Looga, M.Sc. DCS Lab Aalto University School of.

Location vs. Identities in Internet Content: Applying Information-Centric Principles in Today’s Networks Instructor: Assoc. Prof. Chung-Horng Lung Group.

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

An Engineering Approach to Computer Networking

A Security Pattern for a Virtual Private Network Ajoy Kumar and Eduardo B. Fernandez Dept. of Computer Science and Eng. Florida Atlantic University Boca.

CDNs & Replication Prof. Vern Paxson EE122 Fall 2007 TAs: Lisa Fowler, Daniel Killebrew, Jorge Ortiz.

Understanding Networks. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.

Anycast Jennifer Rexford Advanced Computer Networks Tuesdays/Thursdays 1:30pm-2:50pm.

1 A Course-End Conclusions and Future Studies Dr. Rocky K. C. Chang 28 November 2005.

1 Review of Important Networking Concepts Introductory material. This module uses the example from the previous module to review important networking concepts:

1 Routing as a Service Karthik Lakshminarayanan (with Ion Stoica and Scott Shenker) Sahara/i3 retreat, January 2004.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

Wide-area cooperative storage with CFS

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.

1 Web Content Delivery Reading: Section and COS 461: Computer Networks Spring 2007 (MW 1:30-2:50 in Friend 004) Ioannis Avramopoulos Instructor:

1 DNS,NFS & RPC Rizwan Rehman, CCS, DU. Netprog: DNS and name lookups 2 Hostnames IP Addresses are great for computers –IP address includes information.

DNS. Outline r Domain Name System r DNS Hierarchy r Resolution.

Best Practices in IPv4 Anycast Routing Version 0.9 August, 2002 Bill Woodcock Packet Clearing House.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Application Layer Functionality and Protocols Network Fundamentals – Chapter.

Web Proxy Server Anagh Pathak Jesus Cervantes Henry Tjhen Luis Luna.

1 Review of Important Networking Concepts Introductory material. This slide uses the example from the previous module to review important networking concepts:

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

1 Content Distribution Networks. 2 Replication Issues Request distribution: how to transparently distribute requests for content among replication servers.

A Brief Taxonomy of Firewalls

Network Architecture and Protocol Concepts. Network Architectures (1) The network provides one or more communication services to applications –A service.

1 Domain Name System (DNS). 2 DNS: Domain Name System Internet hosts: – IP address (32 bit) - used for addressing datagrams – “name”, e.g.,

Host Mobility for IP Networks CSCI 6704 Group Presentation presented by Ye Liang, ChongZhi Wang, XueHai Wang March 13, 2004.

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

{ Content Distribution Networks ECE544 Dhananjay Makwana Principal Software Engineer, Semandex Networks 5/2/14ECE544.

Computation for Physics 計算物理概論 Introduction to Linux.

Rhys McBreen (How the internet works) X. Contents The Layers and what they do IP Addressing X.

Oasis: Anycast for Any Service Michael J. Freedman Karthik Lakshminarayanan David Mazières in NSDI 2006 Presented by: Sailesh Kumar.

Network Protocols. Why Protocols?  Rules and procedures to govern communication Some for transferring data Some for transferring data Some for route.

70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 3: TCP/IP Architecture.

Chapter 6: Packet Filtering

Lecture 8 Page 1 Advanced Network Security Review of Networking Basics: Internet Architecture, Routing, and Naming Advanced Network Security Peter Reiher.

Protocol Architectures. Simple Protocol Architecture Not an actual architecture, but a model for how they work Similar to “pseudocode,” used for teaching.

1 Application Layer Lecture 6 Imran Ahmed University of Management & Technology.

Application-Layer Anycasting By Samarat Bhattacharjee et al. Presented by Matt Miller September 30, 2002.

An XMPP (Extensible Message and Presence Protocol) based implementation for NHIN Direct 1.

Less Pain, Most of the Gain: Incrementally Deployable ICN 1 Seyed K. Fayazbakhsh, Yin Lin, Amin Tootoonchian, Ali Ghodsi, Teemu Koponen, Bruce Maggs, KC.

World Wide Web Hypertext model Use of hypertext in World Wide Web (WWW) WWW client-server model Use of TCP/IP protocols in WWW.

Networks – Network Architecture Network architecture is specification of design principles (including data formats and procedures) for creating a network.

Computer Networks (CS 132/EECS148) General Networking Example Karim El Defrawy Donald Bren School of Information and Computer Science University of California.

FIREWALLS Prepared By: Hilal TORGAY Uğurcan SOYLU.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 2: TCP/IP Architecture.

Hour 7 The Application Layer 1. What Is the Application Layer? The Application layer is the top layer in TCP/IP's protocol suite Some of the components.

Data Oriented Network Architecture (DONA) Andrey Ermolinskiy Mohit Chawla CS 262 A Project Poster December 14.

A Layered Naming Architecture for the Internet by Hari Balakrishnan, Karthik Lakshminarayanan, Sylvia Ratnasamy, Scott Shenker, Ion Stoica, Michael Walfish.

Othman Othman M.M., Koji Okamura Kyushu University 1.

Information-Centric Networks06b-1 Week 6 / Paper 2 A layered naming architecture for the Internet –Hari Balakrishnan, Karthik Lakshminarayanan, Sylvia.

Security, NATs and Firewalls Ingate Systems. Basics of SIP Security.

Protocols COM211 Communications and Networks CDA College Olga Pelekanou

Less Pain, Most of the Gain: Incrementally Deployable ICN 1 Seyed K. Fayazbakhsh, Yin Lin, Amin Tootoonchian, Ali Ghodsi, Teemu Koponen, Bruce Maggs, KC.

Teemu Koponen, Mohit Chawla, Byung-Gon Chun, Andrey Ermolinskiy, Kye Hyun Kim, Scott Shenker, Ion Stoica SIGCOMM 2007 Presented by Ye Tian for Course CS05112.

Information-Centric Networks Section # 6.2: Evolved Naming & Resolution Instructor: George Xylomenos Department: Informatics.

A Layered Naming Architecture for the Internet Authors: Balakrishnan et al. Presentation: Vinay Goel 01/14/2005 Authors: Balakrishnan et al. Presentation:

Basics of the Domain Name System (DNS) By : AMMY- DRISS Mohamed Amine KADDARI Zakaria MAHMOUDI Soufiane Oujda Med I University National College of Applied.

IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.

Multicast in Information-Centric Networking March 2012.

Mobile IP THE 12 TH MEETING. Mobile IP  Incorporation of mobile users in the network.  Cellular system (e.g., GSM) started with mobility in mind. 

Part I. Overview of Data Communications and Networking

An Engineering Approach to Computer Networking

Data-Oriented Network Architecture (DONA)

Presentation transcript:

1 A Data-Oriented Network Architecture ACM Sigcomm’07 (M. Chowla, T. Koponen, K. Lakshminarayanan, A. Ramachandran, A. Tavakoli, Scott Shenker, I. Stoica)

2 Problem Internet was designed for host-to-host communication -“contact this host...” -ftp, and telnet -care about the location of host Internet is mainly used for data access -“get me this data.....” -data retrieval, service access -care about the content, and be oblivious to location Mismatch between usage and design: -data migration and replication unnecessarily hard -requires Akamai- and BitTorrent-like designs to scale Question: what would the Internet look like if we designed it around data access?

3 Style of this Work Almost every aspect of this design is borrowed from other work, but our contribution is the synthesis of these various ideas into a coherent architecture. Mechanisms: HTTP, anycast, pub/sub, SFS, HIP,... Architecture: -content routing:TRIAD -naming: LFN/DOA no new ideas!

4 What Do Users Care About? Persistence of names: -Follow data migration: once given a name for some data or service, the user would like that name to remain valid as long as the underlying data or service is available. -Today: HTTP redirects, forwarding (not sufficient) Availability of data: (both latency and reliability) -Take advantage of replicated data -Today: Akamai/BitTorrent Authenticity of data: -Know that data came from intended source, not from some spoofing adversary. -Today: securing the channel (IPsec, TLS), or PKI

5 Current Barriers Rigid and Weak Naming: hostname/path -Ties data to host, making migration/replication hard -Doesn’t help much with authentication Protocol Mess: e.g., DNS, TCP, HTTP -Data isn’t named until the application is invoked -Caching (and other data handling) is application-specific -No low-level support for anycast-like service discovery

6 Fix #1: Flat, Self-certifying Names Self-certifying (SFS, HIP) -Data associated with principal P with public key Kp -Names are of the form: Hash(Kp): label -Data requests return: -Can verify name related to Kp, and Kp signed data Name not tied to location, so naming isn’t rigid -resolution mechanism described later

7 Gives Better Separation of Concerns Names take care of persistence, authenticity Protocols can then focus on availability -latency -reliability

8 Fix #2: Better Protocol Structure Implement replication and caching at lower level: -find closest replica without application-level tricks -caching infrastructure not application-specific DONA does this through two major changes: -insert data-handling shim layer right above IP -resolve name by routing to data (TRIAD) better fate sharing less complicated management No DNS, no lookup, just routing on names

9 New Network Entities Data Handlers (DHs): operate at data-handling layer -DHs do name-based routing and caching -a logical DH per administrative unit think of AS hierarchy (and finer grain below) Authoritative Resolvers (ARs): -AR(P) can point to authoritative copy of P’s data -think of as P’s DNS resolver

10 New Network Primitives Fetch(name): data request -data name -transport header -application header Register(name): offer to serve data (authenticated) -Register individual data items: Hash(Kp):label -Register authoritative resolver: Hash(Kp):*

11 Overview Clients configured with local DH (replaces DNS) to which they send their fetch requests DHs respond to fetch if data is in cache Otherwise, DH routes fetch towards nearest copy of data by sending to a next-hop DH -can insert own address in fetch packet so that it receives data on way back If name isn’t in routing table, fetch routed towards AR

12 Routing Fetches Need to implement anycast routing at DONA-layer Use RH hierarchy to guide routing RH

13 Register Commands... RHs forward register commands to parents and peers RH AR Copy 1 Copy 2

14...Establish Routing State Arrows represent next-hop entries for registered data Scaling: RHs only hold state for items below -core: few TBs -edge: typically far less than a GB RH AR Copy 1 Copy 2

15 Anycast Routing of Fetches If there’s an entry for a data item, follow next-hop Otherwise, send to parent Standard routing behavior, but at DONA-layer RH AR Copy 1 Copy 2Client

16 DONA Naming makes it easy to authenticate data DONA-layer provides easy access to data: -name-based “resolution through routing” -caching and replication infrastructure DONA makes it easier to build transport, applications

17 Extensions Cache both data and fetches: -RSS-like behavior, cache invalidation Policy (tbd): -based on first packet, domains can decide to deny route through proxies ask for more authentication hand back capabilities set up state -think of this as “off path” signaling (PF)

18 Open Questions Does this scale? -Boils down to money: edges cheap, core not-so-cheap -Big unknown: (compounded) cache hit rates Is caching and replica-selection too app-specific? -Our guess is no, but the burden of proof is on us Is there an incrementally deployable version of DONA? -Suggestions welcome!