SAHARA and OASIS Overviews NTT MCL Visit November 6, 2003

1
SAHARA and OASIS OverviewsNTT MCL VisitNovember
6, 2003

• Randy H. Katz
• Computer Science Division
• Electrical Engineering and Computer Science
  Department
• University of California, Berkeley
• Berkeley, CA 94720-1776

2
Presentation Outline

• 1000-1030 Overview of Sahara and Oasis Projects,
  Randy
• 1030-1050 Authenticated Roaming in Hot Spot
  Networks, Ana
• 1050-1110 BGP Health Monitoring, Matt
• 1110-1130 RouteVM A Framework for Programming
  Programmable Network Elements, Mel
• 1130-1145 Programmable Network Testbed, George
• 1145-1200 iSCSI Performance Experiments, Li

3
The SAHARA Project

• Service
• Architecture for
• Heterogeneous
• Access,
• Resources, and
• Applications

4
New OpportunityServices-Enabled Network

• New things you can do inside the network
• Connecting end-points to services with
  processing embedded in the network fabric
• Agents not protocols, executing inside the
  network
• Location-aware, data format aware
• Controlled violation of layering
• Distributed architecture aware of network
  topology
• No single technical architecture likely to
  dominate interworking plus overlays

5
SAHARA Elevator Statement

• Problem
• Achieving end-to-end services with desirable,
  predictable, enforceable properties spanning
  potentially distrusting service providers
• Approach
• Service composition and inter-operation across
  separate admin domains, supporting peering and
  brokering, and diverse business, value-exchange,
  access-control models
• Current Focus
• Interdomain routing, overlay networks, p2p
  algorithms
• Interoperator WLAN roaming and authentication
• Potential Impact
• Effective way to more rapidly extend and deploy
  enhanced network functionality

6
Layered Reference Model for Service Composition
End-User Applications
Applications Services
Application Plane
Middleware Services
End-to-End Network With Desirable Properties
Enhanced Paths (Inter-domain)
Overlay Network Links
Connectivity Plane
Enhanced Links (Intra-domain)
IP Network
7
Routing as a Composed Service

• Routing as a Reachability Service
• Paths between composed service instances--links
  within an overlay network
• Multi-provider environment, no centralized
  control
• Desirable Enhanced Properties
• Context Awareness discovery/exploitation of net
  relationships
• Agility converge quickly in response to global
  changes to retain good reachability
  performance
• Trust verify believability of routing
  advertisements
• Performance guaranteed bandwidth and latency
• Reliability detect service composition path
  failures quicklyto enable fast recomposition to
  maintain E2E service
• Scalability and Interoperability Adapt protocols
  via processing between admin domains

8
Recent Progress

• Inter-WLAN Roaming and Authentication (Ana)
• BGP Control Plane
• Verifiable BGP Listen and Whisper
• Root Cause Analysis of Routing Failures (Matt)
• Detection of Shared Points of Congestion
• Etiquette for Overlay Networks
• Fast Recovery for P2P Networks

9
The OASIS Project

• Overlays and
• Active
• Services for
• Internetworked
• Storage

10
New OpportunityThe NETWORK is the Computer

• Rise of Programmable Network Elements
• First Gen Network Appliances, Directors
• Storage Virtualizers, Intrusion Detectors,
  Traffic Shapers, Server Load Balancers, MIE
  accountants
• Next Gen Third Party Programmable beyond rules
• Needed Generalized PNE programming and control
  model
• Generalized virtual machine model for this
  class of devices
• Retargetable for different underlying
  implementations
• Applications of Interest
• Network Services L7 switching, firewalls,
  intrusion and infected machine detection, storage
  virtualization, network monitoring and
  management, etc.
• Particular focus network storage, iSCSI support

11
Proliferation of Network Appliances

• In-the-Network Processing the NETWORK is the
  Computer

12
OASIS Elevator Statement

• Problem
• Common programming/control environment for
  diverse network elements to realize full power of
  inside the network services and applications
• Approach
• Software toolkit and VM architecture for PNEs,
  with retargetable optimized backend for diverse
  appliance-specific architectures
• Current Focus
• Network health monitoring, protocol interworking
  and packet translation services, iSCSI processing
  and performance enhancement, intrusion and worm
  detection and quarantining
• Potential Impact
• Open framework for multi-platform appliances,
  enabling third party service development
• Provable application properties and invariants
  avoidance of configuration and latest patch not
  installed errors

13
Generic PNE Architecture
Tag Mem
Rules Programs
14
OASIS Testbed

• Current Testbed
• Alteon Filter Programmable Level 7 Switches
• Next generation significantly more third party
  programmable
• 2 x Enterprise Class Routers
• (Many) pizza box PCs
• In discussion
• Nortel IBM on Blade Center Storage Servers for
  UDCs
• Cisco IOS Next Generation (ION) Programmable
  Packet Filters

15
Recent Progress

• RouteVM PNE Specification (Mel)
• Oasis Testbed Development (George)
• iSCSI Storage Experiments (Li)
• Intrusion Detection Case Study

16
Reliable AdaptiveDistributed SystemsFox,
Jordan, Katz, Necula, Patterson, Stoica, Tygar
Operator
User
Reactive Systems Observe, Classify, Learn, Act
Programming Abstractions For Roll-back
SLT Services
Crash-Oriented Svrcs Observation Infrastructure
forSystem SLT
Observation Control Points
Verifiable Protocols Fast Detection Route
Recovery ObservationInfrastructure for network
SLT
PNE
PNE
Application- Specific Overlay Network
Edge Network
Edge Network
Commodity Internet
17
SAHARA and OASISRandy H. KatzThank You!