최 양 희서울대학교 컴퓨터공학과http://mmlab.snu.ac.kr

Active NetworkActive Network

ContentsContents

• Active Network ?

• Motivations

• Lead Users

• New Applications

• Programmable Switch

• Capsule

• Programming Model

• Ongoing Research Projects

• ABONE

• Hard Problems

Active NetworkActive Network

Active Router

Active Router

Active Router

Active Router

Active Router

Host

Host

ActivePacket

ActivePacket

ActivePacket

AN : What is it ?AN : What is it ?

• Software-intensive network architecture• Network switches perform customized computations

on the messages flowing through them• Customizable on a per user or per application basis• Individuals can inject programs into the network• Applicable to Internet : overlay or substitution• DARPA sponsored research projects

MotivationsMotivations

• Internet is difficult to maintain : 8 years from prototype to deployment (backlogs are multicast, authentication, mobility extension, RSVP, IPv6)

• Mismatch between user requirement change rate and the physical system change rate

• Router/switch is proprietary hardware plus customized software (mainframe mindset)

ApproachesApproaches

• Virtualized approach : software detached from hardware (anyone can provide innovative software)

• Protocol components instead of layers• Equivalent computational model instead of equivalent

program at each node

Lead UsersLead Users

• Firewall• Web Proxy• Mobile/Nomadic Router• Transport Gateway• Application-specific Gateway• Multicast (MBONE)• RSVP (RBONE)• IPv6 (6BONE)• AIN

New ApplicationsNew Applications

• Merging and distribution of information• User-aware network protection• Active network management

• Router, switch, packet analyzer, firewall, RTP mixermultimedia transcoder, web streaming, congestion control, Internet phone, NACK filtering in multicast

Two ApproachesTwo Approaches

• Programmable Switches• Capsule

Programmable SwitchProgrammable Switch

• Discrete approach : program loading is separated from message processing

• Easy migration• Program injection by authenticated operators• Upon header examination, appropriate programs are

dispatched to operate on message contents

CapsuleCapsule

• Integrated approach : every message is a program (a la Postscript)

• capsule = program + data

Programming ModelProgramming Model

• Program Encoding– Mobility– Safety– Efficiency

• Common Primitives– change header/payload/length– access to node’s environment (address, time, link status)– control packet flow (forwarding, copying, discarding)– access to node storage and scheduling

• Node Resources and their Allocation– physical resources (bandwidth, processing capacity, storage)– logical resources (routing table, MIB)

Program EncodingProgram Encoding

• Source Level : script language– Tcl– NetScript

• Intermediate Representation– Java

• Object-code Level– Omniware

Research ProjectsResearch Projects

• Columbia NetScript• MIT SpectrumWare, ANTS• Upenn SwitchWare, PLAN, Security• Bellcore OPCV2, Active Router,

Protocol Booster• BBN Smart Packet• GeorgiaTech CANES• UArizona Liquid Software• UCLA/LBNL Adaptive Web Caching

SwitchWareSwitchWare

• Upenn + Bellcore• SwitchWare switch = I/O + program (computer)• Hierarchical Layers :

– Active Packet, Switchlet, Active Router Infrastructure

Active PacketActive Packet

Active Packet

Active Router Infrastructure

Network

switchlets

SwitchWare (cont’d) SwitchWare (cont’d)

• Active Packet – mobile program (code + data)– PLAN : Programming Language for Active Networks

• Switchlet – dynamically-loaded extensions, not mobile– not lightweight, tight security mechanisms

• Secure Active Network Environment (SANE)– static, secure foundation

SwitchWare ApplicationSwitchWare Application

• Active Network Striping for Software Scalable Bandwidth

Host A Host BSwitchWare

SwitchA

SwitchWareSwitch

B

Channel 1

Channel 2

Channel 3

Channel 4

PseudocodePseudocode

• Switchlet for sender striping

When Arrives(Packet, InPort){

Send ((SequenceNumber, Packet),OutPort);OutPort := (OutPort+1) Mod Channels;

}

PseudocodePseudocode

• Switchlet for receiver stripingWhen (Arrives ((SequenceNumber,Packet), InPort)){

If (InOrder(SequenceNumber,Expected)){

Send (Packet,OutPort);Expected:=Expected+1;While(CheckQueue(QueueName,Expected)){

Dequeue((Expected,Packet));Send(Packet,OutPort);Expected:=Expected+1;

}}else

Queue((SequenceNumber,Packet),QueueName);}

ANTS (Active Node Transfer System)ANTS (Active Node Transfer System)

• Capsule-based active network toolkit– written in Java, protocols carried as bytecodes

• Capsules carry program state as they travel– they are external representation of object instances

• Protocol code is demand loaded by nodes– depends on previous node and caching

• Nodes provide API for protocol writer– soft-state cache, routing primitives

ANTS GoalsANTS Goals

• Today’s networks lack flexibility …

• Active networks are an appealing solution, but no convincing demonstration that they can work …

Seek to allow new network services to be introduced rapidly.

Evaluate the hypothesis that they can provide useful flexibility at a reasonable security/performance cost.

ANTS ArchitectureANTS Architecture

• Approach– uncoordinated introduction, automatic deployment– application-specific protocols used “on-the-fly”

• Model– programmable routers generalize IP forwarding– mobile code used to implement new services

• Goal– show feasibility/usefulness, explore tradeoffs

ANTS GlossaryANTS Glossary

• Node– programmable router that implements services

• Capsule– generalized packet (header + data + program)– different capsule types have different programs

• Protocol– communication rules that provide a service– codified as set of related capsule types

• Application– network client that uses services via protocols

Capsules are Generalized Capsules are Generalized PacketsPackets

Node Node

Capsule

Protocol+Program Id Data

• carry the program and protocol by reference using a fingerprint to prevent code spoofing

• header includes at least fields for default forwarding, resource limits and source identification

Header

Node Operating SystemNode Operating System

• hosts user-defined protocols– capsule API: soft-storage, routing, …– admits new protocols at its discretion

• protects network/protocol integrity– executes untrusted code, limits resource use– provides each protocol with its network “view”

• distributes code among nodes

Code is Loaded at Code is Loaded at RoutersRouters

previousnode

loadingnode

loadrequest

load response

time

• application provides code at end systems, while node loading is triggered by capsules

need to be efficient, adaptive, and load-limited

Smart PacketsSmart PacketsA DARPA-Funded Research A DARPA-Funded Research

ProjectProject

A. Jackson, G. Lauer, C. Partridge,

D. Rockwell, B. Schwartz, W. Zhou

Overall GoalOverall Goal• Our goal is to add programmability to management

and diagnostic packets– constrained scope realizable in individual packets– flexible and rich programming environment as possible in

one packet– code authentication and run-time authorization

Component OverviewComponent Overviewcompiler

assembler inje

ctorauthentication

display

smart pkt

smart pkt

smart pkt

data

data

dataSource

Destination

Router 2

Router 1

• Program in single packet• Hop-by-hop evaluation• Data returns to source

executionenvironment

executionenvironment

executionenvironment

ABONEABONE

• Experiment prototype active node implementations• MIT (ANTS) -- ISI (ANTS)

MIT (ANTS) -- UArizona (ANTS)ISI (ANEP) -- UKansas (ANEP)

• Active Network Encapsulation Protocol (ANEP)• Active Network Overlay Network (ANON)

Hard ProblemsHard Problems

• Security• Management• Applications• Performance• Interoperability

What to do ?What to do ?

• Initiate research programs on advanced Internet, and active network is one of them.

• Develop new generation of low cost network nodes (router, ATM switch) with open architecture.

• Close collaboration is required among different research communities : programming language, operating system, object technology, and networking

• Capitalize on selected application servers : hierarchical web caching, multimedia stream server

• Build testbed network

R&D ProposalsR&D Proposals

• Low Cost Switch with Open Architecture• Multicast Multimedia Application with loadable softwa

re at switches – Conferencing– Internet phone– Stream service (broadcasting, interactive)

DiscussionsDiscussions

• AN may be a solution to IP vs. ATM debate. True or not ?

• Can AN switches replace public telco switches?• Proliferation of user-defined switch functions and ass

ociated applications will create new industries and companies like Microsoft will die out. Will it happen ?

• What is our role (HSN community) in this business ?