版权说明:本文档由用户提供并上传,收益归属内容提供方,若内容存在侵权,请进行举报或认领
文档简介
第一章
计算机网络体系结构与Internet(2)RethinkingtheInternetArchitecture徐明伟
OutlineChallengestonetworkarchitectureNewNetworkArchitectureResearchNewArch,GENI,FINDandFIRE973项目“新一代互联网体系结构理论研究”Role-BasedArchitecture(RBA)HostIdentityProtocol(HIP)InternetIndirectionInfrastructure(I3)Information-CentricNetworking(ICN)OutlineChallengestonetworkarchitectureNewNetworkArchitectureResearchNewArch,GENI,FINDandFIRE973项目“新一代互联网体系结构理论研究”Role-BasedArchitecture(RBA)HostIdentityProtocol(HIP)InternetIndirectionInfrastructure(I3)Information-CentricNetworking(ICN)Internetissuccessful,but…TheInternetdesignhasbeenverysuccessfulScaledintoahugeworldwideinfrastructureAdaptedtomanynewcommunicationtechnologiesFrameRelay,ATM,wireless,optical,...Easilyadaptedtounforeseenapplications--Web,P2PAdaptsoverahugedynamicrangeBUT...Seriousnewchallenges--newrequirementsandissuesLossoftechnicalcoherenceNewChallengestoArchitectureCommercialInternetBusinessmodels--ISPsneedtobeabletomakemoneyNeedtoharnesscompetitiontodriveinnovationLegal,political,andpublicpolicyissuesErosionoftrust(Lossofinnocence)Spam/viruses/worms/DDoSattacks/...NewtechnologiesandapplicationsOpticalnetwork,wirelessnetwork…Contentdistribution(IPTV,P2P)…NewChallengestoArchitecture(cont’d)LossofTechnicalCoherenceEquipmentvendorswanttosellboxesTheyarebusilydesigningpointsolutionstospecificproblems;ofteninconflict,lackingingenerality.Lookslikeadownwardspiralintotechnicalchaos.ErosionoftheEnd-to-EndPrincipleArgumentaboutLayeringPrincipleScalabilityErosionoftheEnd-to-EndPrincipleAcurrentarchitecturalbattleground…
“Middleboxes”processuserpacketsinsidethenetwork.E.g.,webcachesandproxies,application-levelfirewalls,NATboxes,performance-enhancingproxies,…TheyperformusefulfunctionsbutviolatetheE2EPrinciple.Thatismorethanreligion--theyreducerobustness,generality,extensibility,andsimplicity.
Linklayer
(subnet-specific)
InternetlayerIP
Transportlayer
TCP,UDP,SCTP...ApplicationlayerSMTP,HTTP,...ArgumentaboutLayeringPrincipleMarblingtheInternetLayerCakePhysicallayer532144.5TLS3.5IPsec2.5MPLSProtocolstackorprotocolheap?CrosslayerdesignScalabilitySincetheARPANETstarted,variousmeasuresofthesizeoftheInternethaveincreasedbyfactorsbetween1,000(backbonespeed)and1,000,000(numberofhosts)IPv4addressdepletionRoutingscalabilityInthisenvironment,somearchitecturalprinciplesinevitablychange.Principlesthatseemedinviolableafewyearsagoaredeprecatedtoday.Principlesthatseemsacredtodaywillbedeprecatedtomorrow.OnBeingtheRightSizePublishedin1928(longbeforecomputernetworkswereinvented)byJ.B.S.Haldane,Discussedsizeinthenatural(biological)worldandsystems.
“notonlytentimesashigh,buttentimesaswideandtentimesasthick,sothattheirtotalweightwasathousandtimeshis,…sothateverysquareinchofgiantbonehadtosupporttentimestheweight”Thisiswhygazelleswithlongandthinlegs,whilerhinoceroswithshortandthicklegs.Thinkaboutwhetherthereisa"rightsize"foranetwork,andwhataspectsofanetworkdeterminethe"rightsize“.OutlineChallengestonetworkarchitectureNewNetworkArchitectureResearchNewArch,GENI,FINDandFIRE973项目“新一代互联网体系结构理论研究”Role-BasedArchitecture(RBA)HostIdentityProtocol(HIP)InternetIndirectionInfrastructure(I3)Information-CentricNetworking(ICN)NewArch2000–2003,asmallDARPA-fundedprojectObjective:tofigureoutwhattheInternetarchitecturewouldhavebeenifwehadknownin1979whatweknowtoday.Cleanslatedesign:ignorecompatibility/transitionissuesNewArchPlayers:DaveClark(MIT),BobBraden(ISI),MarkHandley&ScottShenker(ICIR),etc.NewArch--theProcessRe-examinetherequirementsandassumptionsTrytounderstandimplicationsfortheInternetarchitectureofeconomic,political,andsocialforcesExamineasetofpropositionsoftheform:WhatifwerelaxedassumptionX?WhatifweaddedassumptionY?AndpursueafewofthepromisingXsandYsSampleofPropositionsConsideredRelaxedassumptionX:X=Allpackets(e.g.,nobitstreams)X=ProtocollayeringX=Networklocator==End-pointidentifierAddedassumptionY:Y=ProvideregionsoftrustY=SupportubiquitousmobilityY=CarrycongestionstateinpacketheadersY=EmpoweruserstochooseISPs(=>competition)Finaltechnicalreport:GENI:GlobalEnvironmentforNetworkInnovationsAprojectsponsoredbytheNationalScienceFoundationGENIisavirtuallaboratoryatthefrontiersofnetworkscienceandengineeringforexploringfutureinternetsatscale.Somehighlights,suchasOpenFlowMoUbetweenGENIandCERNET
FIND:FutureInternetDesignFINDisalong-terminitiativeoftheNSFNeTSresearchprogramFINDinvitestheresearchcommunitytoconsiderWhattherequirementsshouldbeforaglobalnetworkof15yearsfromnowHowwecouldbuildsuchanetworkifwearenotconstrainedbythecurrentInternet--ifwecoulddesignitfromscratch.
MotivationforFINDChallengescommunitytothinkaboutwhywebuiltwhatwebuiltAlotwegotright(perhapssurprising…)AlotisalmostanaccidentChallengesustoenvisionafutureNotjustimprovethepresentFreeourmindsfromtheconstraintsofwhatis,toimaginewhatwemightbeFIA:FutureInternetArchitecture2010.8.27,NSFannouncedawardsforfournewprojectsaspartoftheFIAprogramNamedDataNetworkingMovethecommunicationparadigmfromtoday'sfocuson"where“to"what“MobilityFirstUseDTNtoproviderobustnessandproposeanarchitecturecenteredonmobilityasthenormNEBULA(nebulaisLatinforcloud)eXpressiveInternetArchitectureAddressthegrowingdiversityofnetworkusemodelsFIRE:FutureInternetResearchandExperimentationFIREisaninitiativeundertheEUFP7TheinitiativehastworelateddimensionsBuildaEuropeanExperimentalFacilityforFutureInternetresearchSupportexperimentally-drivenadvancedresearch
973项目新一代互联网体系结构理论研究互联网面临的重大理论挑战超高速光传输的科学进步,使基于不可靠低速通信线路的分组交换理论及其互联网体系结构面临重大挑战互联网“尽力而为、边缘复杂、核心简单”的体系结构如何满足新一代互联网多目标服务质量控制的需求计算机网络、电信网、电视网的功能融合对互联网体系结构提出新的挑战互联网中大量通信协议软件的开发对传统软件理论提出重大挑战:形式化描述、验证、测试和可重用性传统的基于泊松过程的马尔可夫理论无法描述互联网突发流量的自相似性和无连接特性人们对互联网日益依赖与互联网体系结构脆弱和不可信的矛盾问题日益加据:单一性带来巨大安全隐患拟解决的关键科学问题互联网体系结构的多维可扩展性研究解决现有网络体系结构的单一可扩展性和网络功能的复杂多样性之间的矛盾。探索从单一的规模可扩展,到功能可扩展、性能可扩展、安全可扩展和服务可扩展的多维可扩展理论。网络动态行为及其可控性研究解决未知的网络行为与确定的传输控制目标之间的矛盾。探索互联网动态行为模型和基于该模型的自适应控制方法。脆弱复杂巨系统的可信性研究解决网络的脆弱性和安全可信需求之间的矛盾。研究脆弱复杂互联网的安全可信模型和控制方法。稳定网络体系结构的服务多样性研究解决网络体系结构的相对稳定性和网络服务需求的复杂多变之间的矛盾。探索大规模互联网服务理论,研究多样性网络服务模型和服务可管理性问题。其他网络体系结构相关的973项目一体化可信网络与普适服务体系基础研究面向服务的未来互联网体系结构可重构信息通信基础网络体系研究OutlineChallengestonetworkarchitectureNewNetworkArchitectureResearchNewArch,GENI,FINDandFIRE973项目“新一代互联网体系结构理论研究”Role-BasedArchitecture(RBA)HostIdentityProtocol(HIP)InternetIndirectionInfrastructure(I3)Information-CentricNetworking(ICN)RBASupportedbyNewArchMotivationTheIETFhaseanarchitecturalpretzelfactory.LayerviolationsSub-layerproliferationE.g.,MPLSat2.5,IPsecat3.5ErosionofE2Emodel--middleboxesFirewalls,NATs,proxies,caches,...Canwesomehowreducethecomplexityandincreasethearchitecturalflexibility?SuggestionSuggestion1:Replacethetraditionalprotocollayeringparadigmwithamoregeneralmodel.Manyoftheseproblemsseemtoberelatedtotraditionallayering.Suggestion2:Provideaprotocolmechanismtoattachadditionalmetadatatodatapackets--“in-bandsignaling”--formiddleboxes.Attachcolor-coded“stickies”topacketsinthenetwork.ThesesuggestionsledtotheconceptsofRole-BasedArchitecture(RBA)Givinguplayeringhasprofoundconsequencesforhowwethinkaboutprotocols.WhatDoesNon-LayeredMean?TraditionallayeredarchitectureModularityFunctionalunitforeachprotocollayer.Packetheaderformat:Sub-headerforeachlayer,formingalogicalstack.Headerprocessingrules:Order:Headersprocessedinorderbylayer(LIFO)Access:Afunctionalmodulecanread/writeonlyitsownsub-headerWhatDoesNon-LayeredMean?(Cont’d)Non-LayeredarchitectureModularity:Role:Functionalspecofacommunicationbuildingblock.Packetheaderformat:Anarbitrarycollectionofsub-headers:“roledata”.TheseareRole-SpecificHeaders(RSHs).RSHsareaddressedtoroles.HeaderdatastructureisnowalogicalheapofRSHs.Processingrules:neednewrulesfororder,access.RSHProcessinginaNodeRoleARoleBRoleCNetworkNodePayloadRSH1RSH2RSH3HeapPacketWriteReadObjectivesofRBAClarity:Replace“layerviolations”witharchitectedroleinteractionsFlexibilityRoleshavemoreflexiblerelationshipsthanlayersExtensibilityRolesaremodularandhopefullyorthogonal.Nolayerrestrictions.InbandSignalingRSHscanactas“stickies”,e.g.,tocontrolmiddleboxes.AuditabilityCanleaveRSHsaftertheyhavebeen“consumed”,tosignaltodownstreamnodesthatafunctionhasbeenperformed.ObjectivesofRBA(Cont’d)PortabilityAllowrolestobesitedarbitrarilyonnodes.Forextracredit:mobilerolesthatmigrateamongnodesRe-ModularizationCurrentmonolithicprotocollayersarelargeandcomplex;
canre-modularizeintosmallerunits.ThisisnotanewideaItisunclearhowfaroneshouldgotowardsmicro-rolesButRBAgivesusfreedomofchoiceonfunctionalgranularitySecurityHideparticularroledata(Don’tmuckwithmymeta-data!)RSHmightbeunitforencryptionofroledataConclusionsAdvantagesofRBAModularizesfunctionalitybetterthanlayeringdoes.ProvidesanexplicitplaceformiddleboxmetadataShouldcreatefewerunexpectedfeatureinteractionsDisadvantagesofRBAReplacementofdeployedprotocolsLessefficient(headerspace,processing).GreaterflexibilitymayitselfincreasecomplexityandconfusionOutlineChallengestonetworkarchitectureNewNetworkArchitectureResearchNewArch,GENI,FINDandFIRE973项目“新一代互联网体系结构理论研究”Role-BasedArchitecture(RBA)HostIdentityProtocol(HIP)InternetIndirectionInfrastructure(I3)Information-CentricNetworking(ICN)TheHIPProtocolOverviewProtocolproposalcontains:Anewnamespace/newidentityAnauthenticationandkeyexchangeprotocolArchitecturalthoughtsHostIdentityUsinganIPaddresstoidentifyahostisnotthebestidea(seemulti-homedhosts,virtualinterfaces)AnewnamespacefortheInternetCryptograpicallybasedNon-spoofable‘Statistically’globalscopeUsedinsecurityassociationbindingsandpacketforwardingmechanismsSeparatesroutingfromendpointidentificationHostIdentity(cont’d)Newlyintroducedidentities:HostIdentity(=publickey)HostIdentityTag(=hashofthepublickey,128bit)LSI(32-bitLocalScopeIdentity)Higherlayersonlyseeidentities,notaddressesIPv6applicationsusethe128bitHITIPv4applicationsusethe32bitLSIHostIdentitiescanbewell-knownoranonymousEachhosthasatleastoneidentityTheProtocolStackApplication-specificidentifiersDataLinkLayer
NetworkLayer
TransportLayer
ApplicationLayerPairs<IPaddress,Port#>+TransportProtocolID
HostIdentityHostIdentity(HI)IPaddressesLinklayeraddressesTheHIPProtocol
AnauthenticationandkeyexchangeprotocolTheHIPprotocolisusedtoverifytheHostIdentityandtocreateanIPsecESPsecurityassociationHIPisalwayscombinedwithIPsecESPwheretheHIPIdentityis“compressed”intoIPsecESPSPITheprotocolhasthefollowingproperties:Denial-of-Serviceprotectionwiththeclient-puzzlemechanismDigitalsignatures,identitiesandcertificatesareexchangedSummaryHIPintroducesnewandinterestingconcepts.Theintroductionofanewaddressspacebasedonacryptographicidentitymakesalotofthingseasier:MobilityMulti-HomingSolutionsarealreadytherefortheseproblems;
HIPsolvestheproblemsinadifferentway.AdditionallyHIPhassecurityintegratedintotheprotocolWorkinIETFandIRTFOutlineChallengestonetworkarchitectureNewNetworkArchitectureResearchNewArch,GENIandFINDFIRE973项目“新一代互联网体系结构理论研究”Role-BasedArchitecture(RBA)HostIdentityProtocol(HIP)InternetIndirectionInfrastructure(I3)Information-CentricNetworking(ICN)InternetIndirectionInfrastructure(I3)
MotivationsToday’sInternetisbuiltaroundaunicastpoint-to-pointcommunicationabstraction:Sendpacket“p”fromhost“A”tohost“B”ThisabstractionallowsInternettobehighlyscalableandefficient,but……notappropriateforapplicationsthatrequiremoregeneralcommunicationabstractions:MulticastAnycastMobility…
Why?Point-to-pointcommunication
implicitlyassumesthereisonesenderandonereceiver,andthattheyaremostlyplacedatfixedandwell-knownlocationsE.g.,ahostidentifiedbytheIPaddress166.111.xxx.xxxislocatedinTsinghuaE.g.,anapplicationincommunicationisusuallyidentifiedbyher/hisIPaddress+portnumberWeWantMoreGeneralCommunicationTheidentitiesofthereceivinghostsareunknown:multicastandanycast.Thereceivinglocationnofixed:mobility.Strictbindingofsendingandreceiving(asitistoday)causesthestatedproblemsKeyObservationVirtuallyallpreviousproposalsuseindirection,e.g.,PhysicalindirectionpointmobileIPLogicalindirectionpointIPmulticast“Anyproblemincomputersciencecanbesolvedbyaddingalayerofindirection”I3SolutionUseanoverlaynetworktoimplementindirectionIncrementallydeployable;don’tneedtochangeIPBuildanefficientindirectionlayerontopofIPIPTCP/UDPApplicationIndir.layerServiceModelLogicalidentifier(Rendezvous-Based)“glue”ofsendingandreceivingAsourcesendspacketsassociatedtoalogicalidentifier
id
intotheoverlaynetworkAreceiverexpressesinterestinreceivingapacketwithidentifieridbyinsertingatrigger
(id,R)intotheoverlaynetworkServiceModel(cont’d)Rendezvous/i3ServerMaintaintriggersReceiveandforwardpacketsOthermodificationsAPIsendPacket(p);insertTrigger(t);removeTrigger(t)//optionalBest-effortservicemodel(likeIP)Controlatend-hostsAnExampleTrigger(id,R)
Sender(id,data)
Receiver(R,data)IPinformationhiddenfromendusersSendingonlywhenallowedSenderidRtriggeriddataReceiver(R)iddataRdataPacket/TriggerLogicSimplestform:CompletematchPacket(id,
data)
Trigger(id,
addr)addr:(IP,
port),towherethedataisforwardedonIPlayerGeneralization:Inexactmatchofididt
in
(id,data)isalongestprefixmatchofidAtleastkbitsmatch(exactmatchthreshold)Challenge:efficientlymatchpacketsandtriggersMobilityHostjustneedstoupdateitstriggerasitmovesfromonesubnettoanotherSenderReceiver(R1)Receiver(R2)idR1idR2MulticastiddataReceiversinserttriggerswithsameidentifierCandynamicallyswitchbetweenmulticastandunicastReceiver(R1)idR1Receiver(R2)idR2SenderR1dataR2dataiddataAnycastUselongestprefixmatchinginsteadofexactmatchingPrefixp:anycastgroupidentifierSuffixsi:encodeapplicationsemantics,e.g.,location SenderReceiver(R1)p|s1R1Receiver(R2)p|s2R2p|s3R3Receiver(R3)R1datap|adatap|adataPerformanceIssuesRobustnessRouting:LargelydependsonDHTManagement:SoftstateTriggerloss:reinsert,backupid,successorreplicaProblem:alltriggerswiththesameprefixshouldbecachedtogetherEfficiencyandloadbalancingCachingservers’IPaddressesofrecentidsSamplingmorei3servers/rendezvouspointsScalabilityConflictwithefficiency?HierarchyAnindirectionlayerbasedonoverlaynetworkdecouplingsendingandreceivingMulticastAnycastMobilityServiceCompositionIPLayerDHTDesignPrinciplesHostInfrastructureInternet&InfrastructureoverlaysDataplaneControlplanep2p&End-hostoverlaysDataplaneControlplanei3DataplaneControlplaneOutlineChallengestonetworkarchitectureNewNetworkArchitectureResearchNewArch,GENI,FINDandFIRE973项目“新一代互联网体系结构理论研究”Role-BasedArchitecture(RBA)HostIdentityProtocol(HIP)InternetIndirectionInfrastructure(I3)Information-CentricNetworking(ICN)PopularConception:
ContentDistributionOvertheInternetDoesNotScaleAttemptstoMitigateP2PEnhancingscalabilitybydistributingservingloadBut:trafficmanagementandpeerselectioncontroldeemednecessaryAlso:combiningP2Pwithdedicatedin-networkstorage(DECADE)CDNEnhancingscalabilityandperformancebyoperatingdedicatedcachesclosetoaccessnetworksBut:proprietary,standalonenetworks–increasingdemandforinterconnect:CDNIRequirementRepresentsaneedfor
Accessingnamedresources,nothostsScalabledistributionthroughreplicationandcachi
温馨提示
- 1. 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。图纸软件为CAD,CAXA,PROE,UG,SolidWorks等.压缩文件请下载最新的WinRAR软件解压。
- 2. 本站的文档不包含任何第三方提供的附件图纸等,如果需要附件,请联系上传者。文件的所有权益归上传用户所有。
- 3. 本站RAR压缩包中若带图纸,网页内容里面会有图纸预览,若没有图纸预览就没有图纸。
- 4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
- 5. 人人文库网仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对用户上传分享的文档内容本身不做任何修改或编辑,并不能对任何下载内容负责。
- 6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
- 7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。
最新文档
- 2024-2030年中国巨型线路减震器行业市场发展趋势与前景展望战略研究报告
- 2024-2030年中国工作手套市场发展分析及市场趋势与投资方向研究报告
- 2024-2030年中国工业级制冷装备市场现状规模与前景趋势研究研究报告
- 2024-2030年中国工业柔性PVC软管行业发展状况与前景方向分析研究报告
- 2024-2030年中国对羟基苯甲酸甲酯钠行业产销动态及盈利前景预测报告版
- 2024-2030年中国客轮市场发展分析及市场趋势与投资方向研究报告
- 2024-2030年中国女式皮革服装市场发展分析及市场趋势与投资方向研究报告
- 2024-2030年中国太阳能玻璃市场发展趋势与前景展望分析研究报告
- 2024-2030年中国大应用行业市场发展分析及竞争格局与投资前景研究报告
- 2024-2030年中国多媒体(音乐和视频)手机行业市场发展趋势与前景展望战略研究报告
- 个人退股协议书
- 《亿以内数的大小比较》说课稿
- 国有企业管理人员选拔任用管理办法
- 危化品单位标准化手册作业活动清单详解
- 初中音乐校本教材
- 烈士纪念日活动方案4篇
- T∕CCMA 0098-2020 移动式升降工作平台操作工
- 硫辛酸的药理及临床应用
- 《做更好的自己》PPT优秀课件
- 2021年出诊登记表
- 肺挫伤(精品课件)
评论
0/150
提交评论