Title: The SAHARA Project: Composition and Cooperation in the New Internet
1The SAHARA ProjectComposition and
Cooperationin the New Internet
- Randy H. Katz, Anthony Joseph, Ion Stoica
- Computer Science Division
- Electrical Engineering and Computer Science
Department - University of California, Berkeley
- Berkeley, CA 94720-1776
2Research Focus
- New mechanisms, techniques for end-to-end
services w/ desirable, predictable, enforceable
properties spanning potentially distrusting
service providers - Tech architecture for service composition
inter-operation across separate admin domains,
supporting peering brokering, and diverse
business, value-exchange, access-control models - Functional elements
- Service discovery
- Service-level agreements
- Service composition under constraints
- Redirection to a service instance
- Performance measurement infrastructure
- Constraints based on performance, access control,
accounting/billing/settlements - Service modeling and verification
3Focus of this Presentation
- Within context of general presentation of Sahara,
organize coherent view of the groups efforts on
connectivity - Incorporate into HP Labs presentation on
Wednesday and Microsoft Research in early August
4Technical Challenges in Composition and
Cooperation
- Trust management and behavior verification
- Meet promised functionality, performance,
availability - Recompose if component does not meet spec or
fails - Adapting to network dynamics
- React to shifting workloads and network
congestion, based on pervasive monitoring
measurement - Awareness of network topology to drive service
selection - Adapting to user dynamics
- Resource allocation responsive to client-side
workload variations - Resource provisioning and management
- Service allocation and service placement
- Interoperability across multiple service
providers - Interworking across similar services deployed by
different providers
5Layered Reference Modelfor Service Composition
- Connectivity Plane
- End-to-end network with desirable properties
composed on top of commodity IP network - Enhanced Links Paths QoS and protocol
verification within and between connectivity
service providers - Applications Plane
- Services strategically placed and actively
managed within the network topology - Applications and Middleware Services end-client
oriented vs. infrastructure oriented
6Layered Reference Model for Service Composition
End-User Applications
Applications Services
Application Plane
Middleware Services
End-to-End Network With Desirable Properties
Enhanced Paths
Connectivity Plane
Enhanced Links
IP Network
7Mechanisms for Service Composition
- Measurement-based Adaptation
- Examples
- General-purpose third party end-to-end Internet
host distance monitoring and estimation service - Universal In-box Application-specific middleware
measurement layer to exchange network and server
load using link-state algorithm - Content Distribution Networks measurement-based
DNS-based server selection to redirect client to
closest service instance
8Mechanisms for Service Composition
- Utility-based Resource Allocation Mechanisms
- Examples
- Auctions to dynamically allocate bandwidth
resource - Congestion pricing influence user behavior to
better utilize scarce resources applied in - Wireless LAN bandwidth allocation and management
- H.323 gateway selection, redirection, and load
balancing for Voice over IP services
9Mechanisms for Service Composition
- Trust Mgmt/Verification of Service Usage
- Authentication, Authorization, Accounting
Services - Authorization control scheme w/ credential
transformations to enable cross-domain service
invocation - Federated admin domains with credential
transformation rules based on established peering
agreements - AAA server makes authorization decisions,
liberating providers from preparing rules for
each affiliated domain - Service Level Agreement Verification
- Verification and usage monitoring to ensure
properties specified in SLA are being honored - Border routers monitoring control traffic from
different providers to detect malicious route
advertisements
10Mechanisms for Service Composition
- Policy Management
- Visibility into local policies to better
coordinate global policies among (cooperating)
service providers - Inter-AS policy architecture for load balancing,
performance, and failure modes throughout the
network - Internet topology discovery through AS
relationship map of the Internet plus measurement
infrastructure - Policy agent framework for inter-AS negotiation
to manage incoming traffic
11Mechanisms for Service Composition
- Interoperability through Transformation
- Interoperability of data, protocols, policies
among composed service providers - Example
- Broadcast federation global multicast service
composed from multicast implementations in
different provider domains - Protocol transformation gateways between admin
domains employing non-interoperable multicast
protocol implementations
12Enhanced LinksWorks in Progress
- Congestion Pricing for Access Links (Jimmy)
- Auction-based Resource (Bandwidth) Allocation
(Weidong, Matt) - Traffic Policing/Verification of Bandwidth
Allocation (Machi, Mukund, Ion)
13Access Link Congestion Pricing
- Setup
- 10 users
- 3 Classes of Service (Slow, Moderate,
Responsive), differ in traffic smoothing - 24 tokens/day, 15 minutes of usage per charge
- Acceptable
- Users make purchasing decision at most once every
15 minutes - Feasible
- Changing prices cause users to select different
CoS - Effective
- If half of users to choose lower CoS during
congestion, then reduce burstiness at access
links by 25
14Auction-based Resource Allocation
- Problem
- Allocate resources according to apps dynamic
requirementsachieve higher utilization than
possible with static schemes - Approach
- Leveraging auction schemes and work-load
predictions
- Features
- Bidders bid based on app requirements and
contention level - Bidders bid for near future resource based on
recent history - Bidders express utility and priority to
auctioneer - Auctioneer changes priority by varying token
allocation rate - Status
- On-going work
- First application bandwidth allocation in ad hoc
wireless networks
15Bandwidth Allocation
- Problem
- Scalable (stateless) and robust bandwidth
allocation - Approach
- Control Plane
- Soft state
- Per-router per-period certificates for robustness
without per-flow state - Random sampling to prevent duplicate refreshes
- Data Plane
- Monitor aggregate flows
- Recursively split misbehaving aggregates
R1 attaches new certificate to the refresh message
misbehaving aggregate split it
16Architectural Matrix
Measure-based Adaptation
Resource Allocation
Interop By Xform
Trust Verify
Policy Mgmt
Congestion Pricing For Access Links Auction-Based
Resource Allocation Traffic PolicingVerificatio
n of B/W Share
Link-oriented Measurement only
Good Behavior Assumed
17Link Management Architecture
Policy Token Price, Auction Frequency
User
Appl
Enforcement Traffic Shaping Good Behavior Policing
Allocation Decision Price Setting Auction
Bid Admission
Flow
Monitoring Aggregate Flow Bandwidth Random
Sampling
18Enhanced PathsWorks in Progress
- BGP Route Flap Dampening (Morley)
- BGP Policy Agents (Sharad)
- Backup Path Allocation in Overlay Networks
(Weidong) - Host Mobility (Shelley, Kevin)
- Multicast Interoperation (Mukund)
19BGP Stability vs. Convergence
- Problem
- Stability achieved through flap damping RFC2439
- Unexpected flap damping delays convergence!
- Topology Clique of routers
- Solution Selective flap damping sigcomm02
- Duplicate suppression
- Ignore flaps caused by transient convergence
instability - Still contains stability
- Eliminates undesired interaction!
20Policy Management for BGP
- Problem
- 3-15 minute failover time
- Slow response to congestion
- Unacceptable for Internet service composition
- General Approach
- Lack of distributed route control
- Need distributed policy management
- Explicit route policy negotiation
- Status
- Identified current routing behavior
- Inferred AS relationships, topology
- Next gather traffic data, finish code, emulate
21Backup Path Allocation in Overlay Networks
- Challenge
- Disjoint primary backup path in overlay network
share underlying links--overlay network cannot
control underlying links used by a path - Problem
- Find primary backup path pair with min failure
prob based on correlated overlay link failures - Approach
- Decouple backup routing from primary path routing
- Route backup paths based on failure prob cost
which measures incremental path failure
probability caused by using a link in the path - Status
- Finished work, submitted to ICNP02
22Host Mobility Using an Internet Indirection
Infrastructure
- Problem
- Internet hosts increasingly mobileneed to
remain reachable - Flows should not be interrupted
- IP address represents unique host ID net
location - ROAM (Robust Overlay Architecture for Mobility)
- Leverages i3 overlay network triggers forward
packets - Efficiency, robustness, location privacy,
simultaneous mobility - No changes to end-host kernel or applications
- Cost i3 infrastructure, proxies on end-hosts
- Simulation Experimental Results
- Stretch lower than MIP-bi ? able to choose nearby
triggers - 50-66 of MIP-tri when 5-28 domains deploy i3
servers - Even 4 handoffs in 10 seconds have little impact
on TCP performance
(ID, data)
(ID, R)
Sender (S)
(ID, data)
(ID, R)
Receiver (R)
23Multicast Broadcast Federation
Source
- Goal
- Compose non-interoperable m/c domains to provide
end-to-end m/c service - IP and App-layer protocols
- Approach
- Overlay Broadcast Gateways (BGs)
- Interdomain peering via BGs
- Interdomain, local mc capability used
- Clustered gateways for scale
- Independent data control flow
Broadcast Domains
CDN
IP Mul
SSM
Clients
BG
Peering
Data
- Implementation
- Linux/C event-driven program
- Easily customizable i/f to local mc capability
(700 lines) - Up to 1 Gbps BG thruput w/6 nodes
- Up to 2500 sessions w/6 nodes
24Architectural Matrix
Measure-based Adaptation
Resource Allocation
Interop By Xform
Trust Verify
Policy Mgmt
Interdomain RoutingBGP Convergence Load
Balancing Overlay NetworksOverQoS Enhanced
RoutingMobility Multicast Path
Reliability Failure Detection Back-up
Provisioning
25Enhanced Path Architecture
Robust Paths Failure Detection Backup Path
Provisioning
Keep-alive SignalingAlternative Path
Routing Real Time Design Time
Overlays Quality of Service Mobility
Adaptive FEC (OverQoS) Mobility via
Wide-areaNaming Triggers
Interdomain Protocol Interoperation Multicast
Protocol Transformation
Scalable Gateways
Route Advertisements Flap Detection/Damping Fast
Prop of New RoutesMulti-homed Load Balance
Enhanced Interdomain Routing Verification/Converge
nceFast RecoveryPolicy- and Load-based Routing
Topology Discovery AS Hierarchy via Route
AdvertisementsDistance (Latency) Measurements
BGP Log Analysis Active Probing (ROAM)
26Enhanced Path Architecture
Robust Paths Keep-Alive, Backup Pathing
Policy Agent Coordination
Policy-Based Routing Advert Propagation
Scalable Gateways Protocol Interop
Overlay Network
Flap Detection Dampening
Mobility via Naming Triggers
Verification of Advertisements
QoS via FEC
Topology-Aware Routing Policy
Internet
PA
AS
AS
PA
GW
Routing Logs
GW
AS
PA
27Middleware ServicesWorks in Progress
- Measurement and Monitoring Infrastructure (Yan)
- Robust Service Composition (Bhaskar)
- Authorization Interworking (Suzuki)
28Internet Distance Monitoring Infrastructure
- Problem N end hosts in different administrative
domains, how to select a subset to be probes, and
build an overlay distance monitoring service
without knowing the underlying topology?
- Solution Internet Iso-bar
- Clustering of hosts perceiving similar
performance - Good scalability
- Good accuracy stability
- Tested with NLANR
- AMP Keynote data
- Small overhead
- Incrementally deployable
- SIGMETRICS PAPA 02
- CMG journal 02
Cluster C
Cluster B
Cluster A
Monitor
Distance from monitor to its hosts
Distance measurements among monitors
End Host
29Availability in Wide-AreaService Composition
Text to audio
- Issue Multi-provider ? WA composition
- Poor availability of Internet path ? Poor service
availability for client
Text to audio
- gt15sec outage
- Note BGP recovery could take several minutes
Labovitz00
- Fix detect and recover from failures using
service replicas - Highlight of results
- Quick detection (2sec) possible
- Scalable messaging for recovery (can handle
simultaneous failure recovery of 1000s of
clients) - See SPECTS02 paper
- More recent results on load balancing across
service replicas
- End-to-end recovery in about 3.6sec 2sec
detection, 600ms signaling, 1sec state
restoration
WA setup UCB, Berk. (Cable), SF (DSL), Stan.,
CMU, UCSD, UNSW (Aus), TU-Berlin (Germany)
30Authorization Control Across Administrative
Domains
Trusted third party
Domain 1
Should grant access?
Authorization Authority
Service
Decision
Request - certificates - credentials
Verification
Policy compliance check
Certificates Credentials
Credential transformation
Domain 2
User
Trust peering agreement - credential
transformation rule
- Authorization authority
- Provides authorization decision service.
- Manages different verification methods and
credentials. - Trust peering agreement
- Credential transformation rule
- Acceptable verification method
31Applications ServicesWorks in Progress
- Applications Services
- Voice Over IP (Matt)
- Adaptive Content Distribution (Yan)
- (Universal In-Box) (Bhaskar)
32IP Telephony Gateway Selection
LS
ITG
LS
ITG
LS
ITG
- Results
- Congestion sensitive pricing decreases
unnecessary call blocking, increases revenue, and
improves economic efficiency - Hybrid redirection achieves good QoS and low
blocking probability
- Goal High quality, economically efficient
telephony over the Internet - Questions How to
- Perform call admission control?
- Route calls thru converged net?
33SCAN Scalable Content Access Network
- Problem Provide content distribution to clients
with small latency, small of replicas and
efficient update dissemination - Solution SCAN
- Leverage P2P location services to improve
scalability and locality - Simultaneous dynamic replica placement
app-level multicast tree construction
data plane
data source
- Close to optimal of replicas wrt latency
guarantee - Small latency bandwidth for sending updates
- IPTPS 02
- Pervasive 02
Web server
SCAN server
network plane