What does it take to define an architecture? (Part 2) David D. Clark July, 2012.

Slides:

Advertisements

Similar presentations

Information-centric networking: Concepts for a future Internet David D. Clark, Karen Sollins MIT CFP November, 2012.

Advertisements

CST Computer Networks NAT CST 415 4/10/2017 CST Computer Networks.

Expressive Privacy Control with Pseudonyms Seungyeop Han, Vincent Liu, Qifan Pu, Simon Peter, Thomas Anderson, Arvind Krishnamurthy, David Wetherall University.

Internetworking II: MPLS, Security, and Traffic Engineering

Loose Source Routing as a Mechanism for Traffic Policies Katerina Argyraki and David R. Cheriton Presented by Thuan Huynh, Robert Patro, and Shomir Wilson.

IPv4 to IPv6 Migration strategies. What is IPv4  Second revision in development of internet protocol  First version to be widely implied.  Connection.

PRIVATE NETWORK INTERCONNECTION (NAT AND VPN) & IPv6

Computer Networks20-1 Chapter 20. Network Layer: Internet Protocol 20.1 Internetworking 20.2 IPv IPv6.

1 Internet Protocol Version 6 (IPv6) What the caterpillar calls the end of the world, nature calls a butterfly. - Anonymous.

IP Version 6 Next generation IP Prof. P Venkataram ECE Dept. IISc.

Information-Centric Networks02b-1 Week 2 / Paper 2 Tussle in Cyberspace: Defining Tommorow’s Internet –David D. Clark, John Wroclawski, Karen R. Sollins.

Tussle in cyberspace: Defining tomorrow ’ s internet (2002) D.Clark, J. Wroclawski, K. Sollins & R. Braden Presented by: Gergely Biczok (Slides in courtesy.

How do Networks work – Really The purposes of set of slides is to show networks really work. Most people (including technical people) don’t know Many people.

Network Layer Packet Forwarding IS250 Spring 2010

CS 268: Active Networks Ion Stoica May 6, 2002 (* Based on David Wheterall presentation from SOSP ’99)

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 14: Troubleshooting Remote Connections.

CS 268: Future Internet Architectures Ion Stoica May 1, 2006.

Part I: Core networking concepts Naming & Addressing.

Tussle in cyberspace: Defining tomorrow ’ s internet D.Clark, J.Wroclawski, K.Sollins & R.Braden Presented by: Ao-Jan Su (Slides in courtesy of: Baoning.

Tussle in Cyberspace: Defining Tomorrow’s Internet by David D. Clark, John Wroclawski Karen R. Sollins, Robert Braden Offense: Ionut Trestian.

Chapter 1 Read (again) chapter 1.

Future Research Directions Jennifer Rexford Advanced Computer Networks Tuesdays/Thursdays 1:30pm-2:50pm.

Tussle in Cyberspace: Defining Tomorrow’s Internet Offense by Amit Mondal Courtesy to Ahamed Mohammed/Rice.

CS 268: Future Internet Architectures Ion Stoica May 6, 2003.

Network Layer IS250 Spring 2010

IP/ICMP Translation Algorithm (IIT) Xing Li, Congxiao Bao, Fred Baker

Guide to TCP/IP, Third Edition

1 Internet Protocol: Forwarding IP Datagrams Chapter 7.

Intranet, Extranet, Firewall. Intranet and Extranet.

IIT Indore © Neminath Hubballi

Feb 20, 2001CSCI {4,6}900: Ubiquitous Computing1 Announcements.

NETWORK SECURITY PRESENTed By SADASIVARAO.G. ABSTRACT:  Network security is a complicated subject, historically only tackled by well-trained and experienced.

1 An Introduction to the future of the Internet (part 1) David Clark MIT CSAIL July 2012.

Architecting for Innovation ACM SIGCOMM Computer Communication Review 2011 July Presenter ：許耀中

Tussle in Cyberspace: Defining Tomorrow’s Internet Offense by Ahamed Mohammed.

Fall 2005Computer Networks20-1 Chapter 20. Network Layer Protocols: ARP, IPv4, ICMPv4, IPv6, and ICMPv ARP 20.2 IP 20.3 ICMP 20.4 IPv6.

Tussle in cyberspace: Defining tomorrow’s internet D.Clark, J.Wroclawski, K.Sollins, R.Braden Presenter: Baoning Wu.

Chapter 18 IP: Internet Protocol Addresses

ECE 526 – Network Processing Systems Design Networking: protocols and packet format Chapter 3: D. E. Comer Fall 2008.

Topic of Presentation IPv6 Presented by: Mahwish Chaudhary Roll No 08TL01.

Chapter 6 Delivery and Forwarding of IP Packets

CSC 600 Internetworking with TCP/IP Unit 7: IPv6 (ch. 33) Dr. Cheer-Sun Yang Spring 2001.

1 Lessons from IPv6 Steven M. Bellovin

IP1 The Underlying Technologies. What is inside the Internet? Or What are the key underlying technologies that make it work so successfully? –Packet Switching.

University of California/Berkeley Internet and IPv6 Reviews for EE290T Minghua Chen

Supporting DiffServ with Per-Class Traffic Engineering in MPLS.

Chapter 27 IPv6 Protocol.

1 Extreme Networking at Home Jari Arkko, Ericsson.

Conceiving “Availability” 1. It seems like the basic objective “All” a network does is make stuff available. – We view with suspicion networks that transform.

Firewalls A brief introduction to firewalls. What does a Firewall do? Firewalls are essential tools in managing and controlling network traffic Firewalls.

1 Review – The Internet’s Protocol Architecture. Protocols, Internetworking & the Internet 2 Introduction Internet standards Internet standards Layered.

CSE5803 Advanced Internet Protocols and Applications (13) Introduction Existing IP (v4) was developed in late 1970’s, when computer memory was about.

K. Salah1 Security Protocols in the Internet IPSec.

Ch. 23, 25 Q and A (NAT and UDP) Victor Norman IS333 Spring 2015.

© 2006 Cisco Systems, Inc. All rights reserved. BSCI v3.0—8-1 Implementing IPv6 Defining IPv6 Addressing.

Mobile IP THE 12 TH MEETING. Mobile IP  Incorporation of mobile users in the network.  Cellular system (e.g., GSM) started with mobility in mind. 

Behrouz A. Forouzan TCP/IP Protocol Suite, 3rd Ed.

NAT (Network Address Translation)

Towards an Evolvable Internet Architecture

NDN (Named Data Networking)

The Design Philosophy of the DARPA Internet Protocols [Clark 1988]

Lecture 2 Overview.

CPE 401 / 601 Computer Network Systems

What’s “Inside” a Router?

INTERNET PROTOCOL Presented by: Md:Faruque-A-Azam ID:1642CSE00570 Batch:42 CSE,MIU.

Lecture 6: TCP/IP Networking 1nd semester By: Adal ALashban.

Chapter 11: Network Address Translation for IPv4

CSE 542: Operating Systems

Chapter 4: outline 4.1 Overview of Network layer data plane

Presentation transcript:

What does it take to define an architecture? (Part 2) David D. Clark July, 2012

Describing an architecture IETF has published over 6630 RFCs. Too much, for sure. A CCR paper proposed a minimalist answer in 6 pages*. Enough? * Koponen, T., S. Shenker, et al. (2011). "Architecting for innovation." SIGCOMM Comput. Commun. Rev. 41(3):

What needs to be specified? Primary specifications: Those things about which we all have to agree on the same answer. Secondary specifications: Those things about which it is convenient/necessary to have a common agreement, but there can be more than one answer.

The current Internet as example TCP: secondary DNS: secondary IP: primary, but Global address space: we thought so, but no. TTL semantics: primary, but not important. What actually matters?

Look at the IP address We thought it had to represent a global address space. Then we got NATs, intranets, etc. We thought it addressed a port on a host. Then we did multicast, anycast, etc. What is the persistent constraint? It is 32 bits long.

The actual semantics of IP The IP address field, at each end of the connection, must remain constant for a given connection. But the TCP pseudo-header was a bad idea. But see discussion of security. The IP address field can be rewritten anywhere in the network, so long as: The rewriting complies with rule 1. There is matching routing state in the region routers. That is the core of the Internet: the primary specification. A painful discovery.

Packet forwarding In some respects, this is “all” that a network does. What else actually matters? Go back to that CCR paper.

Framework for Internet Innovation (FII) Define the service provided They propose an API with version number. Version number primary, API secondary. Warning: IP has a version number. Not enough… Support inter-domain routing They propose pathlets*. Support security/availability They conclude DDoS is the only issue. Availability may imply other requirements. * P. B. Godfrey, I. Ganichev, S. Shenker, and I. Stoica. Pathlet Routing. In Proc. SIGCOMM, 2009.

What is missing? Packet format and how forwarding works. Their claim: packets can look different in different parts of the network. How forwarding/addressing state is managed is a regional matter. (Too optimistic: does not really solve migration.) Resource management. They say multiplexing and QoS is a regional matter. (I do not agree: need inter-region interface.)

Summary of minimalist view Agreement on the service model. Inter-region interface specifications Routing Resource allocation Tools to support availability Tools to support anti-availability (DDoS)

Courtesy of Pamela Zave, AT&T

What might we conclude The minimalist approach was about the base set of primary specifications to allow evolution. Has nothing to say about what we actually build at any one time. Begs the question: what aspects of what networks actually do should be recognized in their core design.

Generalize/formalize Generalize what a “router” does: Per-hop behavior (PHB). Simple forwarding Authorization (indirection, capabilities) Encryption Overlay/tunnel (e.g. TOR) Inspection/blocking (e.g. firewall) Resource management Redirection (e.g. mobility) Successful operation (but what does that mean?) occurs when the forwarding mechanisms have connected the intended set of PHBs in the right order.

Tussle Network delivery is a adversarial game. Sender, receiver, ISPs, third parties all have preferred outcomes. Sender and receiver may be aligned (normal) or not (attack). ISPs may be aligned with users (normal) or not (blocking content, etc.) Third parties (e.g. governments, rights- holders, employers) may attempt to intervene.

Composing PHBs Each PHB: Executes its internal operation Compute the correct forwarding to the next PHB. If a PHB can compute “anything”, is this some sort of generalized processor? Perhaps, but composed out of steps that are adversarial. Ross Anderson: “Programming Satan’s computer”.

How to use forwarding tools Sender picks the PHBs Source routing, TOR, etc. The PHB (the network) picks the next PHB Normal IP routing (explicit L2 addresses) MPLS (explicit labels) The topology picks the next PHB Firewall (representing the interests of the receiver). The receiver coerces the sender to pick Indirection, capabilities.

And my conclusion? If “forwarding” is all a network does, forwarding is a complex process. Many goals, many actors. We have a choice of incorporating this complexity inside the design, or having the design be only part of the larger outcome that addresses the complexity. Zave again…

Security—the recurring theme Security (however we choose to define it) is one of the things we did not understand in the 1970’s. Any proposal to improve the Internet must have better security as a key objective. But note earlier comments that we still don’t understand the topic. It would be easy to design an Internet if all the parts could be trusted to do the right thing.