12.13.06
Posted in Essays, multicast/anycast at 9:14 pm by Sailesh Kumar
Any communication process can be divided into one of the three main categories, unicast, multicast, and broadcast communication. In unicast, messages are sent from one source to one destination; the message may traverse through several intermediate nodes. In broadcast, messages are sent from one source to all destinations which have physical connectivity to the source. Multicast is the process of sending the message from a single source to a subset (containing two or more hosts) of all physically connected destinations. When messages have to be sent from one source to multiple destinations, multicast is generally a much more efficient mode of communication than simply unicasting the message to all destinations. Multicast is efficient because the message need not be replicated for every destination; replication only occurs when the message gets close to the destination. Thus, the links which are close to the source do not require large bandwidth, which is otherwise needed if the same message is unicasted multiple times. Clearly, multicasting has several applications, some of which are multi party video conferencing, broadcasting information to a large number of users, real-time video distribution, etc.
Read the rest of this entry »
Permalink
12.03.06
Posted in Essays, multicast/anycast at 9:44 pm by Michael Roche
IP multicast is a must for the Internet. It provides many advantages over a plain unicast network. With demand growing toward more streaming media, IPTV, and video conferencing applications, multicast becomes more and more of a necessity. There are many advantages that multicast offers to these type of applications. The infrastructure for IP multicast already exists. It is supported by Ethernet and many multicast protocols are already implemented in routers.
Read the rest of this entry »
Permalink
Posted in Essays, multicast/anycast at 9:44 pm by mbecchi
A multicast communication service sends packets from a source to a set of destinations, also called multicast group. The basic underlying idea is to propagate the packets into the network so to reduce the bandwidth involved. If, for instance, a packet has to be sent from a source on ISP x to N recipients connected to another ISP y, then a unique copy of the packet will be first sent from ISP x to ISP y, and then ISP y will locally dispatch N copies of the packet to the interested recipients. In a more general scenario a multicast dissemination tree, that is, a minimum spanning tree rooted at the sender, will be used in order to determine how a multicast packet will be propagated in the network. This solution will involve a degree of bandwidth consumption which is far less than simply having many unicast transmissions between the sender and every recipient.
Read the rest of this entry »
Permalink
11.26.06
Posted in Essays, naming/addressing at 7:06 pm by mbecchi
The question I want to address is the following: which, if any, would be the advantages of having geographic addressing in WANs? In order to analyze this problem, I will first summarize how routing is performed on WANs, what geographic routing is and in which context it has been deeply studied. The objective is to find out whether some of the requirements which motivated the idea of geographic routing apply also to WANs.
Read the rest of this entry »
Permalink
Posted in Essays, naming/addressing at 7:05 pm by Sailesh Kumar
Network addressing and routing protocols have received enormous attention since the inception of the Internet. Any addressing scheme used in the Internet must serve three fundamental objectives: identity (so that end nodes can be identifiable), location (so that packets destined for the end nodes can be routed), and reachability (which links should be taken to route messages from one node to the other, note that in the current Internet, by default, every connected node is reachable).
Read the rest of this entry »
Permalink
Posted in Essays, naming/addressing at 7:05 pm by BrandonHeller
The routers on today’s Internet forward packets based on the layout of the IP address, in a method called Longest Prefix Matching (LPM). Unfortunately, LPM becomes harder as line speeds get faster. Direct lookups are one method for LPM and complete in O(1) time, but would require an exorbitant 17GB of memory. Trie representation enables a tradeoff between memory and lookup speed, but is held back by the glacial pace of memory latency improvements, making trie lookup a challenge for rates greater than 10 Gbps. Ternary Content Addressable Memories (TCAMs) enable O(1) associative lookups, and thus line rate speeds, but are expensive and power-hungry. What if there was a method of addressing that could enable line-rate lookups with minimal memory, power, and cost?
Read the rest of this entry »
Permalink
Posted in Essays, naming/addressing at 7:05 pm by Paul Moceri
Mobility is becoming a huge driving force on the Internet today. More and more mobile users connect to the Internet everyday through the use of laptops, PDA’s and smart phones. Applications that take advantage of this shift towards mobility are gaining popularity. It is also becoming apparent that having host location information available in the network can unlock a whole other class of applications. Already, applications exist that could benefit from the addition of location information to the network. Geographic location in WAN addressing would reach this goal of location information in the network to enable new services. In addition, geographic addressing has the added benefit of simplifying routing.
Read the rest of this entry »
Permalink
11.20.06
Posted in Essays, naming/addressing at 8:15 am by Michael Roche
You are the owner of a small business and you are looking to advertise via email. You, like everyone else, hate spam mail so you do not want your advertising to be spam. There is such a great opportunity to advertise via email that you comply with CAN SPAM, which is a bill passed by Congress that list requirements to send unsolicited advertisments over email. This bill was signed into law to cut down on the amount of spam. So, you comply with CAN SPAM and your employees do a great job developing the advertisement. Everything is set to go. You send your email, but to your surprise it is not delivered to anyone on a major Internet Service Provider (ISP). You wonder what happened and decide to look into it in order to avoid this in the future.
Read the rest of this entry »
Permalink
Posted in Essays, naming/addressing at 8:15 am by traviskeshav
In Romeo and Juliet, Juliet wonders ‘What’s in a name?’ Earlier, she also asks ‘Wherefore art thou Romeo?’ While these may be appropriate queries when speaking of the names of persons, in the realm of the Internet, there are many issues with naming, and it is not much ado about nothing. In the real world, names are of less importance, as we can easily distinguish people by their characteristics, even those persons with the same name. Such differentiation is much more difficult with the Internet, leading to many restrictions, as precise identification is a necessity. One’s known alias, a unique hostname, is resolved to the true identity, a unique IP address, by Domain Name Servers (DNS). And therein lies the problem, for this naming architecture can be abused in numerous ways, from thieves and con artists trying to masquerade as official businesses, to attackers attempting to amplify Denial of Service (DoS) assaults. The remainder of this essay will detail the numerous flaws with the current Internet naming system, demonstrating that once again, a common IP mechanism remains only out of necessity, rather than its greatness.
Read the rest of this entry »
Permalink
Posted in Essays, naming/addressing at 8:15 am by charlie.wiseman
There can be no doubt that human-understandable names are necessary for the Internet to be useful to the broad population. After all, the vast majority of people need something easy to remember, like ‘www.yahoo.com‘, instead of some string of random-looking numbers. Having names also allows us to change the underlying mapping, as when a machine moves around, without affecting how the end users gain access to that machine. So, given that we want to attach (hopefully) meaningful names to entities on the Internet for ease of communication, we have to decide how to go about doing so. In this essay, I will argue that a single globally consistent system should be used.
Read the rest of this entry »
Permalink
11.19.06
Posted in Essays, naming/addressing at 5:45 pm by harri
The Domain Name System (DNS) is the globally distributed database that maps human-readable domain names like “www.microsoft.com” or “wikipedia.org” into router-readable IP addresses such as 207.46.199.30 or 66.230.200.100. In fact it keeps a whole set of typed resource records for each domain name, such as the address of the mail exchange server for a domain or the reverse mapping from an IP address to its canonical (fully qualified) domain name. A large number of important Internet protocols, such as HTTP (the Web) and SMTP (e-mail), rely heavily on the global namespace served by DNS. Without DNS to map the “arl.wustl.edu” part of “http://arl.wustl.edu/~jst/reInventTheNet/” onto a routable address or the “cse.wustl.edu” part of “harri@cse.wustl.edu” to the appropriate e-mail server, the usability of today’s Internet would be much reduced. A later and interesting benefactor is the XML namespace extension [1], which uses DNS domain names primarily as a mechanism for disambiguating XML document typenames, while also exploiting the fact that the names point to hosts that can serve up the corresponding type definition files. Similarly, the Java package mechanism uses the same trick to preclude name clashes in the Java type hierarchy namespace.
Read the rest of this entry »
Permalink
11.12.06
Posted in Essays at 10:24 pm by nuzhet.atay
The Internet was introduced as a government funded research project. The ancestors of the Internet, ARPAnet and NSFnet, were used to connect research institutes and government computing centers, and they were not allowed to be used for commercial purposes [1]. In the late 1980s, commercial network providers which are called Internet Service Providers (ISPs) have emerged. Most of the investment in routers, servers and infrastructure came from ISPs with the commercial usage of the Internet [2]. Since then, there has been a great progress in the quality and the range of both the infrastructure types and the services. Backbone speed of NSFnet was initially 56 Kpbs, whereas that speed is offered at the slowest type of connection, dial-up connection, today. Improvements in computational hardware and transmission media have an important contribution to this fast development, but the most important factor enabling the development is definitely the demand from the network users. The demand for better Internet access is so high that policies regarding broadband access have been a debate topic in presidential campaigns [3]. As a result of this demand, there is a big potential revenue in this still immature market, and the result is the competition among several network providers for sharing this revenue.
Read the rest of this entry »
Permalink
Posted in Essays at 10:24 pm by Michael Roche
Imagine sitting in front of your computer getting ready for another episode of surfing the web. You open your favorite web browser and wait for your home page to load. To your surprise your homepage does not load; instead its another webpage. You check the address bar, but it indicates you are at http://www.myhomepage.com. You think you must have picked up some spyware and it is affecting your homepage and disguising your address bar so it appears you are on the correct page.
Read the rest of this entry »
Permalink
Posted in Essays at 10:23 pm by AndrewWan
The Internet access is still not cheap even though the users are constantly presented with unwanted advertisement and emails. There are still severe complains about how hard for customers to cancel their service from some particular network providers. All these phenomena (broader level of uses services) can be improved by introducing real competition for network providers or internet service providers.
Read the rest of this entry »
Permalink
11.11.06
Posted in General, Essays at 11:44 am by jms
Active Networks are definitely a computer scientist’s take on what networking could be. Scott Nettles of UT Austin and I wrote up some history and context in a paper, reachable at: http://repository.upenn.edu/cis_papers/46/ and give some visions for futures. While the name “Active Networking” evokes a variety of responses in the networking community, I believe the reality is far more compelling than the perception.
Best,
-JMS
Permalink
Posted in General, Essays, Proposals at 9:02 am by jms
GENI has revived interest in virtual infrastructures. Some of the proposals for active networking - see http://www.cis.upenn.edu/~jms/switchware.pdf - included applications which would be realizable with a programmable virtual infrastructure. The applications in Section 3 of this technical paper from 1996 were far-fetched at the time but illustrate both the variety and capability achievable from a distributed systems view of networking.
Key questions: (1) are these (or similar) applications still hard to realize? (I think so, but am always eager to be educated), and (2) how would they (or similar) applications be realized with GENI.
-JMS
Permalink
11.06.06
Posted in Essays at 9:11 am by Michael Wilson
There is a fairly recent trend toward so-called “smart networks,” where advanced features – QoS, security, application session management – is moved into the network infrastructure. This is obviously counter to the basic principles o the Internet: keep the network as simple as possible and implement other functionality at the end point. However, let’s not reject the concept on this point. There are so many other, better grounds!
Read the rest of this entry »
Permalink
Posted in Essays at 9:10 am by nuzhet.atay
One of the fundamental design principles of the Internet is the end-to-end arguments [1]. The Internet can be seen as a structure that is formed of the core infrastructure of interconnected routers responsible for data transfer and the end systems attached to this core infrastructure. The end-to-end arguments state that the core infrastructure should not contain any specific application-level functions, it should carry data packets the same way irrespective of the type of application the data belongs to. Applications can run on end-systems using this generic structure and implementing optimizations at the application layer. One of the main reasons for the assertion of these arguments is that it is generally not possible to support the requirements of the applications at the core alone. Even if some functions can be added to support some specific applications, there is always the danger of these functions hindering the operation of other applications. These functions added to core would also increase the complexity of the core, which in turn can make the core less robust and more susceptible to failures. The end-to-end arguments state that, as a result of these potential dangers, if a function can be implemented at the application layer, it should not be a part of the core. The evolution of the Internet showed that this basic design principle is one of the most important factors in the innovation of new applications.
Read the rest of this entry »
Permalink
10.30.06
Posted in Essays, security at 8:11 am by Paul Moceri
The openness of networks and the Internet has undoubtedly led to the success and growth of public networks. New applications and features have flourished out of the lack of strict security requirements and the anonymity offered by public networks. However, this openness has also been arguably the single greatest enabler of annoyance and malicious use of networks and the Internet. Spam, denial-of-service attacks, address spoofing, routing attacks, and a myriad of other malicious uses are, at least partially, the result of allowing unauthenticated network traffic. This leaves network applications and protocols on their own to implementing security and attack prevention. In this essay, I will argue that we need to take at a different approach: strong authentication for network traffic. Network traffic authentication will enable security and protection from applications that demand it while still allowing for innovation in network applications.
Read the rest of this entry »
Permalink
Posted in Essays, security at 8:11 am by charlie.wiseman
The ability to spoof addresses is held by many to be one of the worst problems in the current Internet. Indeed, it is often said that if only address spoofing weren’t possible then the Internet would be a better place because there would be no spam, and denial of service attacks would be easier to deal with. That is not necessarily true. Moreover, there are some legitimate ways that address spoofing is used today. In this essay, I’ll argue that the potential gain from removing the ability to spoof addresses is not enough to justify that removal.
Read the rest of this entry »
Permalink
Posted in Essays, security at 8:10 am by harri
The Internet, as we all know, was born into a friendlier world than the one it now inhabits. The merry band of academics nurturing it through its early childhood years knew and trusted one another and this spirit of sharing and openness was reflected in the Internet’s architecture. At any rate, worrying about things like authentication and abusive or malfeasant users might have distracted from more important pursuits, like getting the thing to work in the first place and perform well.
Read the rest of this entry »
Permalink
Posted in Essays, security at 8:10 am by Michael Wilson
The Security Role of Authentication
Let’s go back to security basics for a moment. Authentication is part of a system’s AAA: Authentication, Authorization, and Accountability. Think about logging on to a server: you Identify yourself by typing your user name. Then you Authenticate yourself by providing a password, proving your identity. The system Authorizes you to have access to services, such as your shell, your files, and system resources. Finally, it logs your access, to provide Accountability.
Read the rest of this entry »
Permalink
10.23.06
Posted in Essays at 4:03 pm by Niarcas
The Internet was built with the thought that the endpoints would always be static. Computers sitting on desks anywhere in the world would be able to communicate with other computers sitting on desks anywhere else in the world. With the birth of technologies, such as voice over internet protocol (VOIP), personal digital assistants (PDAs), and web-enabled cell phones it is obvious that the endpoints of the future won’t be static at all. These devices are just the beginnings of using the Internet as a core part of their functionality. In years and decades to come many more devices will hit store shelves that will use the Internet to better the lives of people everywhere by increasing information flow from and to anywhere in the world. To enable these devices to work as smoothly as possible, a lot of research is going into how to retool the Internet Protocol Suite to better allow mobile devices to send and receive data. In this paper I will look at the Internet Protocol Suite and how it is used in the current mobile solution, implemented that better facilitates dynamic end points.
Read the rest of this entry »
Permalink
Posted in Essays at 10:34 am by mbecchi
Wireless networks can be classified into two types: infrastructure networks and ad-hoc networks. The formers are characterized by the presence of special nodes, called access points (APs), able to communicate with mobile nodes as well as with existing wired networks. Mobile nodes, also known as mobile stations (STAs), interact in this case by communicating with the APs. On the opposite, ad hoc networks do not rely on any fixed infrastructure. Instead, nodes directly interact with each other by acting as transmitting/receiving hosts as well as network routers.
Read the rest of this entry »
Permalink
Posted in Essays at 10:33 am by BrandonHeller
The sales and capabilities of portable devices, including laptops, PDAs, and cellphones, have been steadily growing in recent years. Especially with laptops, users now desire the same resource access and quality of service as on their home network, regardless of current location. For example, a worker may want to spool a document to a printer a work. They may want access to employer-provided resources that verify identity by IP address, such as IEEE Xplore or ACM Portal. The user may want to continue downloading a video to their smartphone while walking to the local coffee shop. This user should expect a high level of security during these operations, and shouldn’t need to buy new any applications.
Read the rest of this entry »
Permalink
10.15.06
Posted in Essays, security at 8:45 pm by traviskeshav
It is a general principle that the whole is more than the sum of its parts. Unfortunately, the Internet provides an apt example of where this rule holds true in an unpleasant manner; while one computer attempting to overwhelm a target with traffic may be effectively insignificant, the combination of these small burdens can mount into an overwhelming flood, causing this Distributed Denial of Service (DDoS) attack to succeed, and rendering the victim unable to service legitimate traffic. To combat such attacks, much research has been done concerning in-network defenses, leading to many new protocols and systems; however, none of these can end the DDoS threat. In fact, all of this research ignores one point – if end-systems can be secured, then attackers cannot subvert other computers to aid in their attacks, and DDoS is avoided. This should be the goal of networking specialists, rather than simply trying to create more and more intricate shells of defense. However, securing end-systems, while a theoretically simple task, proves to be quite difficult in the real world. Consequently, further possibilities and solutions must be examined, although such methods as tracebacks and CAPTCHAs prove of limited use.
Read the rest of this entry »
Permalink
Posted in Essays, security at 8:45 pm by Sailesh Kumar
ABSTRACT – Today, denial of service (DoS) attack is one of the most serious threats to the Internet. In a DoS attack, a single or a collection of attacker floods a system with more packets than it can handle, thus overloading the system and preventing the legitimate users from using it. While a naïve DoS attack may require a large number of attack hosts to bring down a system, an intelligent attacker can exploit the known vulnerabilities of a system and a network, and therefore poses a much more serious threat. DoS attacks are fundamentally difficult to defend against, as it is often difficult to discriminate a legitimate user from an attacker. Moreover, the Internet has been designed with the “open and free for all” philosophy in mind, therefore, any host connected to the Internet becomes vulnerable to misuse by any other connected host. Recently, several novel ideas have been proposed to combat DoS attacks, and in this essay I will cover some of the well known proposals.
Read the rest of this entry »
Permalink
10.08.06
Posted in Essays at 9:30 pm by BrandonHeller
An overlay network is simply one network built on top of another [1]. For example, dial-up internet is considered an overlay over the original telephone system. In recent years, a variety of applications, built as overlay networks, have gained both widespread usage and notoriety. Peer-to-peer (P2P) applications, commercial content distribution networks, research testbeds, and other systems all add custom routing functions on top of the original Internet. Overlay networks can be divided into two types, structured and unstructured, differentiated by their data-placement strategies. In structured overlays (SOs), placement of data is based on knowledge of topology, while in unstructured overlays (UOs), no knowledge of topology affects data placement.
Read the rest of this entry »
Permalink
Posted in Essays at 9:30 pm by Amy Freestone
The Internet as provided by IP allows for a reasonable amount of flexibility on the parts of applications where it provides functionality, but there are a number of functions which applications might like which are not provided by IP. Just because IP does not provide all the tools that application develops might want is no reason to completely abandon it when the additional abilities can merely be built on top of it.
Read the rest of this entry »
Permalink
Posted in Essays at 9:29 pm by nuzhet.atay
In general terms, an overlay network is a network that is built on another network. Following this definition, the Internet itself is an overlay network developed on the telephone system. Today, overlay network term is generally used to define networks working on top of the Internet and using the basic Internet infrastructure. The main motivation for introducing overlay networks is the need to obtain improved services from the Internet. These services can be provided by modifying the current Internet infrastructure, but the cost and the need for coordination of the Internet service providers all over the world make this update infeasible [1]. Moreover, new architecture proposals such as NewArch [2] do not address all of these problems. For example at NewArch, the new Internet architecture is still optimized for non-mobile end-systems, and mobility is considered as a special case. As a result, overlay networks present an alternative solution to overcome the limitations of the Internet without costly modifications. Indeed, although the lack of extensibility and flexibility of the Internet can be thought of the problems resulted from poor design choices, with the introduction of overlay networks, current architecture can be seen as the solid structure that the new generation Internet services can be built on.
Read the rest of this entry »
Permalink
10.01.06
Posted in Essays at 9:03 pm by AndrewWan
1. Abstract
Peer-to-peer and ad hoc nets have an important representation in current Internet world [1]. Their success is undeniable; however network insecurity will always remain the Achilles heel of this type of networks. Here the peer-to-peer networks will be discussed first, and briefly the focus will shift to ad hoc networks.
Read the rest of this entry »
Permalink
Posted in Essays at 9:03 pm by Paul Moceri
Internet and network users are becoming used to an on-demand lifestyle. They can already read, listen to and watch the media they want, when they want, where they want. The next step for this on-demand lifestyle will be the ability for users to be anywhere they want, whenever they want, from anywhere they want. This ability to be present and interact in a location, real or virtual, different from one’s physical location is called telepresence.
Read the rest of this entry »
Permalink
09.25.06
Posted in Essays at 7:11 am by charlie.wiseman
First, let’s get a few possibly jumbled ideas straight. Interfaces sit at the boundaries between separate components of an architecture. For instance, part of the Internet infrastructure is the application programmer’s interface which defines how an application gains access to the lower layers of the network. Indeed, this interface also provides a logical break between the network itself and the entities that use the network. In this context, then, the evolution of networks comes from internal change, while the survivability of networks deals primarily with external change. Although the two ideas are clearly related, the utility of the network is what keeps it alive in the short term, while the ability to adapt to changing conditions drives the evolution in the long term. Given all that, one of the most important factors in enabling networks to evolve and survive is having well-defined interfaces.
Read the rest of this entry »
Permalink
Posted in Essays at 7:10 am by harri
Although layered protocols are seen by some as an unmitigated good, this essay will try to lay bare a fundamental truth: layers doesn’t matter, interfaces do!
To begin with, I offer my definition of what a (strictly) layered design is: a special case of modules communicating via interfaces. Specifically, each module communicates with exactly two other modules and the undirected graph of pair wise communicating modules is acyclic. For our discussion, let the stack of layers be terminated at one end with an application module and at the other by a physical module. We say that a layer A is higher (lower) than a layer B if it is closer to the application module (physical module) than B is.
Read the rest of this entry »
Permalink
09.17.06
Posted in Essays at 7:20 pm by Niarcas
From North America to Australia, over one billion people, use the Internet everyday. Many take it for granted and never stop to think about the visionaries who put it together. If it were up to the media, people would think Al Gore invented the Internet, but we all know that’s not true. There is no better example of designing for the future, then the Internet protocol suite. The architects behind the Protocol suite should be all over the news, but many don’t even realize they exist. The Internet, as it stands today, is the achievement of decades of work by scientists all over America. The current protocol suite is an evolution of testing and tweaking of the past protocols. It is a triumph of thoughtful design and engineering, after looking at the missteps of the past. To understand the current protocol suite, we must look at its beginnings. This paper will dive into the history of the Internet protocol suite, the people behind it, and how it all came together to weave a digital fabric that still changes people’s lives even today.
Read the rest of this entry »
Permalink
Posted in Essays at 6:15 pm by traviskeshav
While the Internet has become an omnipresent entity on the Earth, this by no means condones the protocols of the Internet Protocol suite (TCP/IP). The Internet has ‘succeeded’, perhaps, if simply considering its spread as progress. However, this expansion has occurred in spite of TCP/IP, rather than because of it. When examining design decisions, ranging from the earliest choices by naive developers, to the mistakes made with IPv6 in more recent times, TCP/IP is no triumph – it instead provides numerous examples of poor design and expedient choice-making.
Read the rest of this entry »
Permalink
09.10.06
Posted in Essays at 6:21 pm by Michael Wilson
Ethernet is unquestionably the dominant LAN technology in the world today. Aside from a few legacy installations, almost nobody uses any other technology in the LAN. Even in 1994, industry estimates indicated that over 40 million Ethernet nodes had been installed worldwide. [1]
The question arises: why has ethernet been so successful?
Read the rest of this entry »
Permalink
Posted in Essays at 6:20 pm by AndrewWan
Click the semi-transparent plastic end into the computer jack, click on the icon on the computer desktop and you are into the wild Web. This’s the Ethernet, which has brought so much change to our life. I quote here from Bob Metcalfe’s blog: “Last year, according to IDC, 33 years after Ethernet’s invention at Xerox Parc, a quarter billion new Ethernet switch ports were shipped worldwide.”
Read the rest of this entry »
Permalink
08.04.06
Posted in Essays at 3:56 pm by jon.turner
This category is for extended essays on various topics in network architecture. Subcategories will be added as needed, for specific topics.
Permalink