1 upgrading transport protocols using untrusted mobile code parveen patel andrew whitaker jay...
Post on 21-Dec-2015
227 views
TRANSCRIPT
![Page 1: 1 Upgrading Transport Protocols using Untrusted Mobile Code Parveen Patel Andrew Whitaker Jay Lepreau David Wetherall Tim Stack (Univ. of Washington) (Univ](https://reader035.vdocuments.site/reader035/viewer/2022081516/56649d615503460f94a43aa6/html5/thumbnails/1.jpg)
1
Upgrading Transport Protocols using Untrusted Mobile Code
Parveen Patel Andrew WhitakerJay Lepreau David WetherallTim Stack (Univ. of Washington)(Univ. of Utah)
![Page 2: 1 Upgrading Transport Protocols using Untrusted Mobile Code Parveen Patel Andrew Whitaker Jay Lepreau David Wetherall Tim Stack (Univ. of Washington) (Univ](https://reader035.vdocuments.site/reader035/viewer/2022081516/56649d615503460f94a43aa6/html5/thumbnails/2.jpg)
2
Key Point
Untrusted mobile code can allow anybody to build and use new transport protocols cleanly, safely and without delay.
Self-spreading Transport Protocols (STP) is our prototype solution.
![Page 3: 1 Upgrading Transport Protocols using Untrusted Mobile Code Parveen Patel Andrew Whitaker Jay Lepreau David Wetherall Tim Stack (Univ. of Washington) (Univ](https://reader035.vdocuments.site/reader035/viewer/2022081516/56649d615503460f94a43aa6/html5/thumbnails/3.jpg)
3
New transport protocols keep coming
Karn/Partridge algorithm (1988) Header Prediction (1990) RFC 1232 (1992) T/TCP (1995) TCP Vegas (1995) RAP (1996) TCP SACK (1996) FACK (1996) Syn-cookies (1996) Fast recovery (1997) WTCP (1998) NewReno (1999) Congestion Manager (1999) TCP Connection Migration (2000) The eiffel algorithm (2000) TFRC (2000) D-SACK (2000) Limited Transmit (2001) ECN (2001) ECN nonce (2001) TCP Nice (2002) DCCP (2002) SCTP (2002) RR-TCP (2002) TCP Westwood (2002) Appropriate Byte Counting (2002) TCP sender timeout randomization (2003)
![Page 4: 1 Upgrading Transport Protocols using Untrusted Mobile Code Parveen Patel Andrew Whitaker Jay Lepreau David Wetherall Tim Stack (Univ. of Washington) (Univ](https://reader035.vdocuments.site/reader035/viewer/2022081516/56649d615503460f94a43aa6/html5/thumbnails/4.jpg)
4
Problem scenario
A content provider (e.g., Yahoo) develops a new transport protocol to deliver content to its customers
A mobile client needs “TCP connection migration” at a telnet server to allow itself to move
How do they deploy new protocols?
![Page 5: 1 Upgrading Transport Protocols using Untrusted Mobile Code Parveen Patel Andrew Whitaker Jay Lepreau David Wetherall Tim Stack (Univ. of Washington) (Univ](https://reader035.vdocuments.site/reader035/viewer/2022081516/56649d615503460f94a43aa6/html5/thumbnails/5.jpg)
5
Upgrading transports takes years Research and simulation Prototype Standards committee Implementation in OS 1 Implementation in OS 2 … Addition into standard build OS 1 Addition into standard build OS 2 … Enable by default Enable by default on peer
![Page 6: 1 Upgrading Transport Protocols using Untrusted Mobile Code Parveen Patel Andrew Whitaker Jay Lepreau David Wetherall Tim Stack (Univ. of Washington) (Univ](https://reader035.vdocuments.site/reader035/viewer/2022081516/56649d615503460f94a43aa6/html5/thumbnails/6.jpg)
6
Fallback: backwards-compatible change Often does not work
Can’t exchange new informationExample: TCP Migrate requires cooperation from both
ends
Does not work very wellLose the benefit of cooperation between both endsExample: one-way delay estimation using rtt includes
reverse-path noise
![Page 7: 1 Upgrading Transport Protocols using Untrusted Mobile Code Parveen Patel Andrew Whitaker Jay Lepreau David Wetherall Tim Stack (Univ. of Washington) (Univ](https://reader035.vdocuments.site/reader035/viewer/2022081516/56649d615503460f94a43aa6/html5/thumbnails/7.jpg)
7
Solution: STP Host can upgrade its connection peer with
new transports by sending untrusted code
TPFoo(Use TPFoo)
TPFoo
TPFoo
Self-spreading Transport Protocols
TPFoo
![Page 8: 1 Upgrading Transport Protocols using Untrusted Mobile Code Parveen Patel Andrew Whitaker Jay Lepreau David Wetherall Tim Stack (Univ. of Washington) (Univ](https://reader035.vdocuments.site/reader035/viewer/2022081516/56649d615503460f94a43aa6/html5/thumbnails/8.jpg)
8
Upgrading with STP is faster Research and simulation Prototype Standards committee Implementation to the STP API Implementation in OS 1 Implementation in OS 2 … Addition into standard build OS 1 Addition into standard build OS 2 … Enable by default Enable by default on peer
![Page 9: 1 Upgrading Transport Protocols using Untrusted Mobile Code Parveen Patel Andrew Whitaker Jay Lepreau David Wetherall Tim Stack (Univ. of Washington) (Univ](https://reader035.vdocuments.site/reader035/viewer/2022081516/56649d615503460f94a43aa6/html5/thumbnails/9.jpg)
9
STP Challenges
1. Network safety – should not hog bandwidth or attack other nodes
2. Host safety – must isolate and limit resource consumption
3. Performance – should not undermine improvement due to extensions
![Page 10: 1 Upgrading Transport Protocols using Untrusted Mobile Code Parveen Patel Andrew Whitaker Jay Lepreau David Wetherall Tim Stack (Univ. of Washington) (Univ](https://reader035.vdocuments.site/reader035/viewer/2022081516/56649d615503460f94a43aa6/html5/thumbnails/10.jpg)
10
STP Design
Sockets Layer
STP
Network Layer
APPLICATION 1 Compiler
TP-B
TP-A
STP SANDBOX
STP API
Download/Policy mgr
![Page 11: 1 Upgrading Transport Protocols using Untrusted Mobile Code Parveen Patel Andrew Whitaker Jay Lepreau David Wetherall Tim Stack (Univ. of Washington) (Univ](https://reader035.vdocuments.site/reader035/viewer/2022081516/56649d615503460f94a43aa6/html5/thumbnails/11.jpg)
11
1. Network safety TCP background
TCP-friendliness is well-defined [SIGCOMM ’98]
1 Rate = --------------------------------------------------------------- R*√(2 * L/3) + (t_RTO*3* √(3*L/8)*L*(1+32+L2))
R = Round-trip time, L = Loss-rate
TCP sending speed governed by inflow of acks from receiver. Prevent a TCP receiver from faking acks (hiding loss) by requiring it to echo a nonce. [ICNP’01]
![Page 12: 1 Upgrading Transport Protocols using Untrusted Mobile Code Parveen Patel Andrew Whitaker Jay Lepreau David Wetherall Tim Stack (Univ. of Washington) (Univ](https://reader035.vdocuments.site/reader035/viewer/2022081516/56649d615503460f94a43aa6/html5/thumbnails/12.jpg)
12
Loss Detection in STP Through the design of its API, STP enforces loss detection
that is independent of transport protocol header formats.
STP
TP-A
packet with nonce
stp_send (packet, seq)
STP
TP-A
packet with nonce
packet with nonce
sender receiver
![Page 13: 1 Upgrading Transport Protocols using Untrusted Mobile Code Parveen Patel Andrew Whitaker Jay Lepreau David Wetherall Tim Stack (Univ. of Washington) (Univ](https://reader035.vdocuments.site/reader035/viewer/2022081516/56649d615503460f94a43aa6/html5/thumbnails/13.jpg)
13
Loss Detection in STP
STP
TP-A
ack + nonce
STP
TP-A
stp_send_ack (nonce)
ack + nonce
sender receiver
stp_got_ack (seq, nonce)
![Page 14: 1 Upgrading Transport Protocols using Untrusted Mobile Code Parveen Patel Andrew Whitaker Jay Lepreau David Wetherall Tim Stack (Univ. of Washington) (Univ](https://reader035.vdocuments.site/reader035/viewer/2022081516/56649d615503460f94a43aa6/html5/thumbnails/14.jpg)
14
2. Host safety Constrained domain: no shared state between
transportsMakes resource accounting straightforwardMakes termination tractable
Memory safety: type-safety of Cyclone [PLDI ’02]
CPU timer-based CPU resource protection
![Page 15: 1 Upgrading Transport Protocols using Untrusted Mobile Code Parveen Patel Andrew Whitaker Jay Lepreau David Wetherall Tim Stack (Univ. of Washington) (Univ](https://reader035.vdocuments.site/reader035/viewer/2022081516/56649d615503460f94a43aa6/html5/thumbnails/15.jpg)
15
3. Performance
Connections proceed without delaysCode is downloaded out of the critical pathBenefits later connectionsExploits communication pattern of today’s Internet
Efficient to interface C with CycloneShare data between the kernel and Cyclone codeNot necessary to use garbage collection
![Page 16: 1 Upgrading Transport Protocols using Untrusted Mobile Code Parveen Patel Andrew Whitaker Jay Lepreau David Wetherall Tim Stack (Univ. of Washington) (Univ](https://reader035.vdocuments.site/reader035/viewer/2022081516/56649d615503460f94a43aa6/html5/thumbnails/16.jpg)
16
Implementation
Prototype in FreeBSD 4.7
Ported UDP-Flood, TCP NewReno and TCP SACK to the STP API
![Page 17: 1 Upgrading Transport Protocols using Untrusted Mobile Code Parveen Patel Andrew Whitaker Jay Lepreau David Wetherall Tim Stack (Univ. of Washington) (Univ](https://reader035.vdocuments.site/reader035/viewer/2022081516/56649d615503460f94a43aa6/html5/thumbnails/17.jpg)
17
Evaluation
Network Safety
Overall Performance
CPU Overhead
Transport Experience
![Page 18: 1 Upgrading Transport Protocols using Untrusted Mobile Code Parveen Patel Andrew Whitaker Jay Lepreau David Wetherall Tim Stack (Univ. of Washington) (Univ](https://reader035.vdocuments.site/reader035/viewer/2022081516/56649d615503460f94a43aa6/html5/thumbnails/18.jpg)
18
STP enforces TCP-friendliness
0
1
2
3
4
5
6
7
8
9
10
0 20 40 60 80 100 120
Round-trip time (ms)
Mb
/sec
UDP-flood, .2% loss
TCP, .2% loss
UDP-flood, 1% lossTCP, 1% loss
![Page 19: 1 Upgrading Transport Protocols using Untrusted Mobile Code Parveen Patel Andrew Whitaker Jay Lepreau David Wetherall Tim Stack (Univ. of Washington) (Univ](https://reader035.vdocuments.site/reader035/viewer/2022081516/56649d615503460f94a43aa6/html5/thumbnails/19.jpg)
19
STP does not restrict TCP
0
0.5
1
1.5
2
2.5
3
0 10 20 30 40 50 60 70 80 90 100Time (seconds)
Mb
/se
cTCP in STP
TCP in FreeBSD
![Page 20: 1 Upgrading Transport Protocols using Untrusted Mobile Code Parveen Patel Andrew Whitaker Jay Lepreau David Wetherall Tim Stack (Univ. of Washington) (Univ](https://reader035.vdocuments.site/reader035/viewer/2022081516/56649d615503460f94a43aa6/html5/thumbnails/20.jpg)
20
STP is as fast as TCP for Internet-like paths
1.513.51
23.8
1.483.48
23.8
0
5
10
15
20
25
WAN1 WAN2 WAN3
Mb
ps
Native-TCP STP-Cyclone
![Page 21: 1 Upgrading Transport Protocols using Untrusted Mobile Code Parveen Patel Andrew Whitaker Jay Lepreau David Wetherall Tim Stack (Univ. of Washington) (Univ](https://reader035.vdocuments.site/reader035/viewer/2022081516/56649d615503460f94a43aa6/html5/thumbnails/21.jpg)
21
STP transports achieve gigabit speed
860.3 895.3
752
894.5
688.5
894.3
0
200
400
600
800
1000
1500 Byte Eth 8192 Byte Eth
Mb
ps
Native TCP STP-C STP-Cyclone
2GHz machine with fast PCI bus
![Page 22: 1 Upgrading Transport Protocols using Untrusted Mobile Code Parveen Patel Andrew Whitaker Jay Lepreau David Wetherall Tim Stack (Univ. of Washington) (Univ](https://reader035.vdocuments.site/reader035/viewer/2022081516/56649d615503460f94a43aa6/html5/thumbnails/22.jpg)
22
CPU utilization (gigabit link)
Overhead inherent in Cyclone’s type-safety (bounds/null checks) is low: 6%
Suspect most of overhead due to marshaling that will be straightforward to optimize in newer version of compiler.
TCP Version
FreeBSD STP-C(ratio to BSD)
STP-Cyclone(ratio to BSD)
Sender 59% 59% (1.01) 73% (1.24)
Receiver 48% 61% (1.29) 73% (1.54)
![Page 23: 1 Upgrading Transport Protocols using Untrusted Mobile Code Parveen Patel Andrew Whitaker Jay Lepreau David Wetherall Tim Stack (Univ. of Washington) (Univ](https://reader035.vdocuments.site/reader035/viewer/2022081516/56649d615503460f94a43aa6/html5/thumbnails/23.jpg)
23
Transport experience
API supports all 27 studied extensions except 2 that are inherently not TCP-friendly
Shipping whole protocols is practical:
4K33K31KObject
10K95K87KSource(Gzip)
UDPFloodSACKTCPCode
![Page 24: 1 Upgrading Transport Protocols using Untrusted Mobile Code Parveen Patel Andrew Whitaker Jay Lepreau David Wetherall Tim Stack (Univ. of Washington) (Univ](https://reader035.vdocuments.site/reader035/viewer/2022081516/56649d615503460f94a43aa6/html5/thumbnails/24.jpg)
24
Future work
So far: STP is proof-of-concept of a system that
synthesizes a set of ideas
Next up: Make the vision more realStress-test system with adversarial transportsProve that API is sufficient and OS-portableLearn what policies work well in practice
![Page 25: 1 Upgrading Transport Protocols using Untrusted Mobile Code Parveen Patel Andrew Whitaker Jay Lepreau David Wetherall Tim Stack (Univ. of Washington) (Univ](https://reader035.vdocuments.site/reader035/viewer/2022081516/56649d615503460f94a43aa6/html5/thumbnails/25.jpg)
25
Conclusions
STP lets anybody build and use new transport protocols cleanly, safely and without delay. Built on untrusted mobile code Avoids hacks, standards and OS vendors
This is a qualitative change! Imagine real experience before standardsFundamental change in incentive balance
![Page 26: 1 Upgrading Transport Protocols using Untrusted Mobile Code Parveen Patel Andrew Whitaker Jay Lepreau David Wetherall Tim Stack (Univ. of Washington) (Univ](https://reader035.vdocuments.site/reader035/viewer/2022081516/56649d615503460f94a43aa6/html5/thumbnails/26.jpg)
26
END OF TALK
….
BACKUP/DETAIL SLIDES