Академический Документы
Профессиональный Документы
Культура Документы
Virendra S Shekhawat
Department of Computer Science and Information Systems
BITS Pilani
Pilani Campus
Agenda
Generalization of the Internets Point to Point
Communication (i.e. Unicast, Anycast and Multicast) using
Overlay Approach
[CH-19] & [CH-20]
Reading
Internet Indirection Infrastructure (i3) [Ion Stoica, 2002]
http://conferences.sigcomm.org/sigcomm/2002/papers/i3.pdf
3
First Sem 2015-16
Motivations [1]
Todays Internet is built around a unicast point-topoint communication abstraction:
Send packet p from host A to host B
Point-to-point communication
Implicitly assumes there is one sender and one receiver,
and that they are placed at fixed and well-known locations
4
First Sem 2015-16
Motivations [2]
This abstraction allows Internet to be highly scalable
and efficient, but
not appropriate for applications that require other
communications primitives:
Multicast
Anycast
Mobility
Solution
6
First Sem 2015-16
Solution
Multicast
Anycast
Mobility
Service
Composition
DHT
IP Layer
7
First Sem 2015-16
Sender
trigger
id
Receiver (R)
R
8
Service Model
API
sendPacket(p);
insertTrigger(t);
removeTrigger(t) // optional
Mobility
Host just needs to update its trigger as it
moves from one subnet to another
Sender
id R2
R1
Receiver
(R1)
Receiver
(R2)
10
First Sem 2015-16
Multicast
Receivers insert triggers with same identifier
Can dynamically switch between multicast and
unicast
Sender
trigger
id
R1
id
R2
Receiver (R1)
trigger
Receiver (R2)
11
Anycast
Use longest prefix matching instead of exact
matching
Prefix p: anycast group identifier
Suffix si: encode application semantics, e.g., location
12
First Sem 2015-16
Using i3
Service Composition
Server initiated
Receiver initiated
13
First Sem 2015-16
S_MPEG/JPEG
send((ID_MPEG/JPEG,ID), data)
Sender
(MPEG)
send(R, data)
send(ID, data)
ID_MPEG/JPEG S_MPEG/JPEG
ID
Receiver R
(JPEG)
14
First Sem 2015-16
Sender
(MPEG)
ID_MPEG/JPEG S_MPEG/JPEG
Receiver R
(JPEG)
send((ID_MPEG/JPEG,R), data)
ID
ID_MPEG/JPEG, R
15
First Sem 2015-16
(g, data)
g
x
x
R3
R3
g g
R1 R2
R2
x
R4
R1
R4
16
First Sem 2015-16
Implementation Overview
ID space is partitioned across infrastructure
nodes
Each node responsible for a region of ID space
Properties
Robustness, Efficiency, Scalability, Stability
Robustness: refresh triggers , trigger replication, back-up triggers
Efficiency: Routing optimizations
Scalability: For n triggers and N servers, each server will store n/N
triggers on an average
Stability: Mapping between triggers and servers is relatively stable
over time.
Example
ID space [0..63] partitioned across five i3 nodes
Each host knows one i3 node
R inserts trigger (37, R); S sends packet (37, data)
19
First Sem 2015-16
Example
ID space [0..63] partitioned across five i3 nodes
Each host knows one i3 node
R inserts trigger (37, R); S sends packet (37, data)
20
First Sem 2015-16
21
First Sem 2015-16
Private Triggers:
- S can insert a trigger [1,S] that is stored at server 3
- R can chose a trigger [30,R] that is stored at server 35
First Sem 2015-16
23
BITS Pilani, Pilani Campus
Security
i3 end-points also store routing information
New opportunities for malicious users
24
First Sem 2015-16
Some Attacks
25
First Sem 2015-16
Eavesdropping: Solutions
Attacker can diverts the traffic towards itself (multicast
scenario), simply by inserting trigger with desired id
and own IP address
Solutions
Use private triggers, periodically change them, multiple
private triggers
End hosts can use public triggers to choose private triggers
which can be used for data transfer
Brute force attack is difficult due to the length of the
identifier used (i.e. 256 bits)
26
First Sem 2015-16
DoS Attacks
Attack on end host:
A malicious user can insert a hierarchy of triggers, in which all
triggers on the last level point to the victim
A packet send to the trigger at the root of the hierarchy will
cause the packet to be replicated and all replicas to be send to
the victim
30
First Sem 2015-16
Loop Detection
When a trigger that does not points to an IP
address is inserted, the server must check for
the possibility of the loop
Conclusions
Indirection key technique to implement basic
communication abstractions
Multicast, Anycast, Mobility,
This work
Advocates for building an efficient Indirection Layer on top
of IP
Explores the implications of changing the communication
abstraction
Thank You !
33
First Sem 2015-16