This paper describes an active networking implementation (that is, allowing network users to specify forwarding and related code to be deployed within the network). Rather than embed code itself in the forwarded packets, this design embeds a identifier which is retrieved from the prior hop on demand. The authors implementation using this scheme show that is has less than 1 millisecond latency overhead but can only keep with approximately T1-speed links. The authors blame this inefficiency on their use of Java and argue that a production implementation which would presumably use a different isolation technique could perform at the speed of faster links. The authors envision a system where not all nodes on the network are ‘active’ (which also enables incremental deployment), making high-speed nodes failing to implement active networking not a fatal flaw.
Most of the paper deals with countermeasures to security and scalability problems arising from running external code on routers. The authors use tight resource limits per-service in terms of node resource consumption and assume software isolation between services on the active nodes. But these restrictions are not enough to prevent abuses under their scheme: malicious users can write programs that ping-pong traffic within the network to generate hundreds of times the traffic of their edge link — and possibly much more if they are to be able to implement multicast, etc. in their network programs.
The authors solution (which they acknowledge is unsatisfying) is for services to be endorsed by a central authority. Even with this restriction, it is not clear how these services are to satisfy more local constraints: how, for example, could nodes homed against the commercial Internet and the Internet2 backbone enforce the restriction that the Internet2 backbone was only to be used for non-commercial traffic? Generally, the scheme takes away control from the middle of the network (especially given the difficulty of answering “policy questions” about arbitrary forwarding programs) while asking the middle to devote a lot of resources to supporting it.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment