Download SwitchWare

Active Network
최양희
서울대학교 컴퓨터공학과
http://mmlab.snu.ac.kr
Contents
•
•
•
•
•
•
•
•
•
•
Active Network ?
Motivations
Lead Users
New Applications
Programmable Switch
Capsule
Programming Model
Ongoing Research Projects
ABONE
Hard Problems
Active Network
Active
Router
Active
Router
Active
Packet
Host
Active
Packet
Active
Router
Active
Router
Active
Packet
Active
Router
Host
AN : What is it ?
• Software-intensive network architecture
• Network switches perform customized computations
on the messages flowing through them
• Customizable on a per user or per application basis
• Individuals can inject programs into the network
• Applicable to Internet : overlay or substitution
• DARPA sponsored research projects
Motivations
• Internet is difficult to maintain : 8 years from
prototype to deployment (backlogs are multicast,
authentication, mobility extension, RSVP, IPv6)
• Mismatch between user requirement change rate and
the physical system change rate
• Router/switch is proprietary hardware plus
customized software (mainframe mindset)
Approaches
• Virtualized approach : software detached from
hardware (anyone can provide innovative software)
• Protocol components instead of layers
• Equivalent computational model instead of equivalent
program at each node
Lead Users
•
•
•
•
•
•
•
•
•
Firewall
Web Proxy
Mobile/Nomadic Router
Transport Gateway
Application-specific Gateway
Multicast (MBONE)
RSVP (RBONE)
IPv6 (6BONE)
AIN
New Applications
• Merging and distribution of information
• User-aware network protection
• Active network management
• Router, switch, packet analyzer, firewall, RTP mixer
multimedia transcoder, web streaming, congestion
control, Internet phone, NACK filtering in multicast
Two Approaches
• Programmable Switches
• Capsule
Programmable Switch
• Discrete approach : program loading is separated
from message processing
• Easy migration
• Program injection by authenticated operators
• Upon header examination, appropriate programs are
dispatched to operate on message contents
Capsule
• Integrated approach : every message is a program (a
la Postscript)
• capsule = program + data
Programming Model
• Program Encoding
– Mobility
– Safety
– Efficiency
• Common Primitives
–
–
–
–
change header/payload/length
access to node’s environment (address, time, link status)
control packet flow (forwarding, copying, discarding)
access to node storage and scheduling
• Node Resources and their Allocation
– physical resources (bandwidth, processing capacity, storage)
– logical resources (routing table, MIB)
Program Encoding
• Source Level : script language
– Tcl
– NetScript
• Intermediate Representation
– Java
• Object-code Level
– Omniware
Research Projects
•
•
•
•
Columbia
MIT
Upenn
Bellcore
•
•
•
•
BBN
GeorgiaTech
UArizona
UCLA/LBNL
NetScript
SpectrumWare, ANTS
SwitchWare, PLAN, Security
OPCV2, Active Router,
Protocol Booster
Smart Packet
CANES
Liquid Software
Adaptive Web Caching
SwitchWare
• Upenn + Bellcore
• SwitchWare switch = I/O + program (computer)
• Hierarchical Layers :
– Active Packet, Switchlet, Active Router Infrastructure
Network
Active Packet
switchlets
Active Router
Infrastructure
SwitchWare (cont’d)
• Active Packet
– mobile program (code + data)
– PLAN : Programming Language for Active Networks
• Switchlet
– dynamically-loaded extensions, not mobile
– not lightweight, tight security mechanisms
• Secure Active Network Environment (SANE)
– static, secure foundation
SwitchWare Application
• Active Network Striping for Software Scalable
Bandwidth
Channel 1
Host A
SwitchWare
Switch
A
Channel 2
Channel 3
Channel 4
SwitchWare
Switch
B
Host B
Pseudocode
• Switchlet for sender striping
When Arrives(Packet, InPort)
{
Send ((SequenceNumber, Packet),OutPort);
OutPort := (OutPort+1) Mod Channels;
}
Pseudocode
• Switchlet for receiver striping
When (Arrives ((SequenceNumber,Packet), InPort))
{
If (InOrder(SequenceNumber,Expected))
{
Send (Packet,OutPort);
Expected:=Expected+1;
While(CheckQueue(QueueName,Expected))
{
Dequeue((Expected,Packet));
Send(Packet,OutPort);
Expected:=Expected+1;
}
}
else
Queue((SequenceNumber,Packet),QueueName);
}
ANTS (Active Node Transfer System)
• Capsule-based active network toolkit
– written in Java, protocols carried as bytecodes
• Capsules carry program state as they travel
– they are external representation of object instances
• Protocol code is demand loaded by nodes
– depends on previous node and caching
• Nodes provide API for protocol writer
– soft-state cache, routing primitives
ANTS Goals
• Today’s networks lack flexibility …
Seek to allow new network services to
be introduced rapidly.
• Active networks are an appealing solution, but no convincing
demonstration that they can work …
Evaluate the hypothesis that they can provide useful
flexibility at a reasonable security/performance cost.
ANTS Architecture
• Approach
– uncoordinated introduction, automatic deployment
– application-specific protocols used “on-the-fly”
• Model
– programmable routers generalize IP forwarding
– mobile code used to implement new services
• Goal
– show feasibility/usefulness, explore tradeoffs
ANTS Glossary
• Node
– programmable router that implements services
• Capsule
– generalized packet (header + data + program)
– different capsule types have different programs
• Protocol
– communication rules that provide a service
– codified as set of related capsule types
• Application
– network client that uses services via protocols
Capsules are Generalized
Packets
Protocol+Program Id
Header
Node
Data
Node
Capsule
• carry the program and protocol by reference using a fingerprint to
prevent code spoofing
• header includes at least fields for default forwarding, resource
limits and source identification
Node Operating System
• hosts user-defined protocols
– capsule API: soft-storage, routing, …
– admits new protocols at its discretion
• protects network/protocol integrity
– executes untrusted code, limits resource use
– provides each protocol with its network “view”
• distributes code among nodes
Code is Loaded at
Routers
need to be efficient, adaptive, and load-limited
previous
node
load
request
load
response
loading
node
time
• application provides code at end systems, while node
loading is triggered by capsules
Smart Packets
A DARPA-Funded Research
Project
A. Jackson, G. Lauer, C. Partridge,
D. Rockwell, B. Schwartz, W. Zhou
Overall Goal
•
Our goal is to add programmability to management
and diagnostic packets
–
–
–
constrained scope realizable in individual packets
flexible and rich programming environment as possible in
one packet
code authentication and run-time authorization
Component Overview
Router 1
smart pkt
compiler
assembler
execution
environment
injector
authentication
data
display
Router 2
execution
environment
Source
•
•
•
Program in single packet
Hop-by-hop evaluation
Data returns to source
execution
environment
Destination
ABONE
• Experiment prototype active node implementations
• MIT (ANTS) -- ISI (ANTS)
MIT (ANTS) -- UArizona (ANTS)
ISI (ANEP) -- UKansas (ANEP)
• Active Network Encapsulation Protocol (ANEP)
• Active Network Overlay Network (ANON)
Hard Problems
•
•
•
•
•
Security
Management
Applications
Performance
Interoperability
What to do ?
• Initiate research programs on advanced Internet, and
active network is one of them.
• Develop new generation of low cost network nodes
(router, ATM switch) with open architecture.
• Close collaboration is required among different
research communities : programming language,
operating system, object technology, and networking
• Capitalize on selected application servers :
hierarchical web caching, multimedia stream server
• Build testbed network
R&D Proposals
• Low Cost Switch with Open Architecture
• Multicast Multimedia Application with loadable
software at switches
– Conferencing
– Internet phone
– Stream service (broadcasting, interactive)
Discussions
• AN may be a solution to IP vs. ATM debate.
True or not ?
• Can AN switches replace public telco switches?
• Proliferation of user-defined switch functions and
associated applications will create new industries and
companies like Microsoft will die out. Will it happen ?
• What is our role (HSN community) in this business ?