Pub Date : 2015-05-07DOI: 10.1109/ANCS.2015.7110135
Jaehyun Nam, M. Jamshed, Byungkwon Choi, Dongsu Han, KyoungSoo Park
In this work, we present a highly scalable network intrusion detection system on many-core processors. To maximize the NIDS performance, we take advantage of the underlying hardware and adhere to four design principles: shared-nothing architecture, computation offloading, lightweight data structure, and flow offloading. Through the experimental results, we find that our design choices can significantly improve the NIDS performance (79 Gbps with 1514B synthetic packets). We believe that our design decisions can be easily extended to other many-core processors and programmable NICs.
{"title":"Scaling the performance of network intrusion detection with many-core processors","authors":"Jaehyun Nam, M. Jamshed, Byungkwon Choi, Dongsu Han, KyoungSoo Park","doi":"10.1109/ANCS.2015.7110135","DOIUrl":"https://doi.org/10.1109/ANCS.2015.7110135","url":null,"abstract":"In this work, we present a highly scalable network intrusion detection system on many-core processors. To maximize the NIDS performance, we take advantage of the underlying hardware and adhere to four design principles: shared-nothing architecture, computation offloading, lightweight data structure, and flow offloading. Through the experimental results, we find that our design choices can significantly improve the NIDS performance (79 Gbps with 1514B synthetic packets). We believe that our design decisions can be easily extended to other many-core processors and programmable NICs.","PeriodicalId":186232,"journal":{"name":"2015 ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS)","volume":"112 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-05-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132555224","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2015-05-07DOI: 10.1109/ANCS.2015.7110144
L. Durbeck
Although much effort has gone into conserving energy in networks at the device level and at the application level, these represent individual-centered metrics of energy conservation. This paper utilizes a large-scale network measure of energy efficiency for competing network architectures, dubbed the content-delivery energy (CDE). This energy-efficiency measure is derived in terms of the total network traffic typically generated over a time range to satisfy n randomly chosen receivers requesting a single item of interest: all downloads of a new album within the first two weeks after its release, for example. This network-wide measure is intended to assess energy efficiency not only by reflecting the cost of typical single-sink-to-source communication within the scheme, but to capture also how the strategy amortizes costs over multiple receivers. The delivery methods considered include several peer to peer protocols and several server layouts using unicast delivery.
{"title":"Graph measures of network content-delivery energy","authors":"L. Durbeck","doi":"10.1109/ANCS.2015.7110144","DOIUrl":"https://doi.org/10.1109/ANCS.2015.7110144","url":null,"abstract":"Although much effort has gone into conserving energy in networks at the device level and at the application level, these represent individual-centered metrics of energy conservation. This paper utilizes a large-scale network measure of energy efficiency for competing network architectures, dubbed the content-delivery energy (CDE). This energy-efficiency measure is derived in terms of the total network traffic typically generated over a time range to satisfy n randomly chosen receivers requesting a single item of interest: all downloads of a new album within the first two weeks after its release, for example. This network-wide measure is intended to assess energy efficiency not only by reflecting the cost of typical single-sink-to-source communication within the scheme, but to capture also how the strategy amortizes costs over multiple receivers. The delivery methods considered include several peer to peer protocols and several server layouts using unicast delivery.","PeriodicalId":186232,"journal":{"name":"2015 ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS)","volume":"60 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-05-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127431293","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2015-05-07DOI: 10.1109/ANCS.2015.7110136
B. Alzahrani, M. Reed, V. Vassilakis
Line Speed Publish/Subscribe Inter-networking (LIPSIN) is one of the proposed forwarding mechanisms in Information Centric Networking (ICN). It is a stateless source-routing approach based on Bloom filters. However, it has been shown that LIPSIN is vulnerable to brute-force attacks which may lead to distributed denial-of-service (DDoS) attacks and unsolicited messages. In this work, we propose a new forwarding approach that maintains the advantages of Bloom filter based forwarding while allowing forwarding nodes to statelessly verify if packets have been previously authorized, thus preventing attacks on the forwarding mechanism. Analysis of the probability of attack, derived analytically, demonstrates that the technique is highly-resistant to brute-force attacks.
{"title":"Resistance against brute-force attacks on stateless forwarding in information centric networking","authors":"B. Alzahrani, M. Reed, V. Vassilakis","doi":"10.1109/ANCS.2015.7110136","DOIUrl":"https://doi.org/10.1109/ANCS.2015.7110136","url":null,"abstract":"Line Speed Publish/Subscribe Inter-networking (LIPSIN) is one of the proposed forwarding mechanisms in Information Centric Networking (ICN). It is a stateless source-routing approach based on Bloom filters. However, it has been shown that LIPSIN is vulnerable to brute-force attacks which may lead to distributed denial-of-service (DDoS) attacks and unsolicited messages. In this work, we propose a new forwarding approach that maintains the advantages of Bloom filter based forwarding while allowing forwarding nodes to statelessly verify if packets have been previously authorized, thus preventing attacks on the forwarding mechanism. Analysis of the probability of attack, derived analytically, demonstrates that the technique is highly-resistant to brute-force attacks.","PeriodicalId":186232,"journal":{"name":"2015 ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS)","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-05-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124166685","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2015-05-07DOI: 10.1109/ANCS.2015.7110130
Mehrdad Moradi, Feng Qian, Qiang Xu, Z. Morley Mao, D. Bethea, M. Reiter
In response to the critical challenges of the current Internet architecture and its protocols, a set of so-called clean slate designs has been proposed. Common among them is an addressing scheme that separates location and identity with self-certifying, flat and non-aggregatable address components. Each component is long, reaching a few kilobits, and would consume an amount of fast memory in data plane devices (e.g., routers) that is far beyond existing capacities. To address this challenge, we present Caesar, a high-speed and length-agnostic forwarding engine for future border routers, performing most of the lookups within three fast memory accesses. To compress forwarding states, Caesar constructs scalable and reliable Bloom filters in Ternary Content Addressable Memory (TCAM). To guarantee correctness, Caesar detects false positives at high speed and develops a blacklisting approach to handling them. In addition, we optimize our design by introducing a hashing scheme that reduces the number of hash computations from k to log(k) per lookup based on hash coding theory. We handle routing updates while keeping filters highly utilized in address removals. We perform extensive analysis and simulations using real traffic and routing traces to demonstrate the benefits of our design. Our evaluation shows that Caesar is more energy-efficient and less expensive (in terms of total cost) compared to optimized IPv6 TCAM-based solutions by up to 67% and 43% respectively. In addition, the total cost of our design is approximately the same for various address lengths.
{"title":"Caesar: high-speed and memory-efficient forwarding engine for future internet architecture","authors":"Mehrdad Moradi, Feng Qian, Qiang Xu, Z. Morley Mao, D. Bethea, M. Reiter","doi":"10.1109/ANCS.2015.7110130","DOIUrl":"https://doi.org/10.1109/ANCS.2015.7110130","url":null,"abstract":"In response to the critical challenges of the current Internet architecture and its protocols, a set of so-called clean slate designs has been proposed. Common among them is an addressing scheme that separates location and identity with self-certifying, flat and non-aggregatable address components. Each component is long, reaching a few kilobits, and would consume an amount of fast memory in data plane devices (e.g., routers) that is far beyond existing capacities. To address this challenge, we present Caesar, a high-speed and length-agnostic forwarding engine for future border routers, performing most of the lookups within three fast memory accesses. To compress forwarding states, Caesar constructs scalable and reliable Bloom filters in Ternary Content Addressable Memory (TCAM). To guarantee correctness, Caesar detects false positives at high speed and develops a blacklisting approach to handling them. In addition, we optimize our design by introducing a hashing scheme that reduces the number of hash computations from k to log(k) per lookup based on hash coding theory. We handle routing updates while keeping filters highly utilized in address removals. We perform extensive analysis and simulations using real traffic and routing traces to demonstrate the benefits of our design. Our evaluation shows that Caesar is more energy-efficient and less expensive (in terms of total cost) compared to optimized IPv6 TCAM-based solutions by up to 67% and 43% respectively. In addition, the total cost of our design is approximately the same for various address lengths.","PeriodicalId":186232,"journal":{"name":"2015 ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS)","volume":"148 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-05-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123433007","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2015-05-07DOI: 10.1109/ANCS.2015.7110143
Mohammad Aazam, E. Huh
Still lacking a standard architecture, cloud computing requires sophisticated ways to estimate resources for the requesting cloud service customers (CSCs). CSC show random behavior in utilizing various services. In this regard, if all the CSCs are treated in the same way, not only cloud service providers (CSPs) suffer because of uctuating utilization behavior of CSCs, but also CSCs suffer, since they do not get any incentive for their loyalty. We propose a dynamic resource estimation method, taking into account CSCs historical record of service utilization or relinquish. With the intent of showing practical implications of our method, we implemented it using Amazon EC2 pricing. Based on various services, differentiated through Amazon's price plans, and historical record of CSCs, the model determines resources to be allocated. More loyal CSC gets better service, while for the contrary case, CSP reserves resources cautiously.
{"title":"Cloud customers’ historical record based on-demand resource reservation","authors":"Mohammad Aazam, E. Huh","doi":"10.1109/ANCS.2015.7110143","DOIUrl":"https://doi.org/10.1109/ANCS.2015.7110143","url":null,"abstract":"Still lacking a standard architecture, cloud computing requires sophisticated ways to estimate resources for the requesting cloud service customers (CSCs). CSC show random behavior in utilizing various services. In this regard, if all the CSCs are treated in the same way, not only cloud service providers (CSPs) suffer because of uctuating utilization behavior of CSCs, but also CSCs suffer, since they do not get any incentive for their loyalty. We propose a dynamic resource estimation method, taking into account CSCs historical record of service utilization or relinquish. With the intent of showing practical implications of our method, we implemented it using Amazon EC2 pricing. Based on various services, differentiated through Amazon's price plans, and historical record of CSCs, the model determines resources to be allocated. More loyal CSC gets better service, while for the contrary case, CSP reserves resources cautiously.","PeriodicalId":186232,"journal":{"name":"2015 ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS)","volume":"38 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-05-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122019084","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2015-05-07DOI: 10.1109/ANCS.2015.7110116
Tom Barbette, Cyril Soldani, L. Mathy
In recent years, we have witnessed the emergence of high speed packet I/O frameworks, bringing unprecedented network performance to userspace. Using the Click modular router, we rst review and quantitatively compare several such packet I/O frameworks, showing their superiority to kernel-based forwarding. We then reconsider the issue of software packet processing, in the context of modern commodity hardware with hardware multi-queues, multi-core processors and non-uniform memory access. Through a combination of existing techniques and improvements of our own, we derive modern general principles for the design of software packet processors. Our implementation of a fast packet processor framework, integrating a faster Click with both Netmap and DPDK, ex-hibits up-to about 2.3x speed-up compared to other software implementations, when used as an IP router.
{"title":"Fast userspace packet processing","authors":"Tom Barbette, Cyril Soldani, L. Mathy","doi":"10.1109/ANCS.2015.7110116","DOIUrl":"https://doi.org/10.1109/ANCS.2015.7110116","url":null,"abstract":"In recent years, we have witnessed the emergence of high speed packet I/O frameworks, bringing unprecedented network performance to userspace. Using the Click modular router, we rst review and quantitatively compare several such packet I/O frameworks, showing their superiority to kernel-based forwarding. We then reconsider the issue of software packet processing, in the context of modern commodity hardware with hardware multi-queues, multi-core processors and non-uniform memory access. Through a combination of existing techniques and improvements of our own, we derive modern general principles for the design of software packet processors. Our implementation of a fast packet processor framework, integrating a faster Click with both Netmap and DPDK, ex-hibits up-to about 2.3x speed-up compared to other software implementations, when used as an IP router.","PeriodicalId":186232,"journal":{"name":"2015 ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-05-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129885074","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2015-05-07DOI: 10.1109/ANCS.2015.7110118
Sebastian Gallenmüller, Paul Emmerich, F. Wohlfart, Daniel Raumer, G. Carle
Network stacks currently implemented in operating systems can no longer cope with the packet rates offered by 10 Gbit Ethernet. Thus, frameworks were developed claiming to offer a faster alternative for this demand. These frameworks enable arbitrary packet processing systems to be built from commodity hardware handling a traffic rate of several 10 Gbit interfaces, entering a domain previously only available to custom-built hardware. In this paper, we survey various frameworks for high-performance packet IO. We analyze the performance of the most prominent frameworks based on representative measurements in packet forwarding scenarios. Therefore, we quantify the effects of caching and look at the tradeoff between throughput and latency. Moreover, we introduce a model to estimate and assess the performance of these packet processing frameworks.
{"title":"Comparison of frameworks for high-performance packet IO","authors":"Sebastian Gallenmüller, Paul Emmerich, F. Wohlfart, Daniel Raumer, G. Carle","doi":"10.1109/ANCS.2015.7110118","DOIUrl":"https://doi.org/10.1109/ANCS.2015.7110118","url":null,"abstract":"Network stacks currently implemented in operating systems can no longer cope with the packet rates offered by 10 Gbit Ethernet. Thus, frameworks were developed claiming to offer a faster alternative for this demand. These frameworks enable arbitrary packet processing systems to be built from commodity hardware handling a traffic rate of several 10 Gbit interfaces, entering a domain previously only available to custom-built hardware. In this paper, we survey various frameworks for high-performance packet IO. We analyze the performance of the most prominent frameworks based on representative measurements in packet forwarding scenarios. Therefore, we quantify the effects of caching and look at the tradeoff between throughput and latency. Moreover, we introduce a model to estimate and assess the performance of these packet processing frameworks.","PeriodicalId":186232,"journal":{"name":"2015 ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS)","volume":"50 5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-05-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122420635","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2015-05-07DOI: 10.1109/ANCS.2015.7110117
J. H. Han, Prashanth Mundkur, Charalampos Rotsos, G. Antichi, Nirav H. Dave, A. Moore, P. Neumann
Previous research on consistent updates for distributed network configurations has focused on solutions for centralized networkconfiguration controllers. However, such work does not address the complexity of modern switch datapaths. Modern commodity switches expose opaque configuration mechanisms, with minimal guarantees for datapath consistency and with unclear configuration semantics. Furthermore, would-be solutions for distributed consistent updates must take into account the configuration guarantees provided by each individual switch - plus the compositional problems of distributed control and multi-switch configurations that considerably transcend the single-switch problems. In this paper, we focus on the behavior of individual switches, and demonstrate that even simple rule updates result in inconsistent packet switching in multi-table datapaths. We demonstrate that consistent configuration updates require guarantees of strong switch-level atomicity from both hardware and software layers of switches - even in a single switch. In short, the multiple-switch problems cannot be reasonably approached until single-switch consistency can be resolved. We present a hardware design that supports a transactional configuration mechanism, and provides packet-consistent configuration: all packets traversing the datapath will encounter either the old configuration or the new one, and never an inconsistent mix of the two. Unlike previous work, our design does not require modifications to network packets. We precisely specify the hardwaresoftware protocol for switch configuration; this enables us to prove the correctness of the design, and to provide well-specified invariants that the software driver must maintain for correctness. We implement our prototype switch design using the NetFPGA-10G hardware platform, and evaluate our prototype against commercial off-the-shelf switches.
{"title":"Blueswitch: enabling provably consistent configuration of network switches","authors":"J. H. Han, Prashanth Mundkur, Charalampos Rotsos, G. Antichi, Nirav H. Dave, A. Moore, P. Neumann","doi":"10.1109/ANCS.2015.7110117","DOIUrl":"https://doi.org/10.1109/ANCS.2015.7110117","url":null,"abstract":"Previous research on consistent updates for distributed network configurations has focused on solutions for centralized networkconfiguration controllers. However, such work does not address the complexity of modern switch datapaths. Modern commodity switches expose opaque configuration mechanisms, with minimal guarantees for datapath consistency and with unclear configuration semantics. Furthermore, would-be solutions for distributed consistent updates must take into account the configuration guarantees provided by each individual switch - plus the compositional problems of distributed control and multi-switch configurations that considerably transcend the single-switch problems. In this paper, we focus on the behavior of individual switches, and demonstrate that even simple rule updates result in inconsistent packet switching in multi-table datapaths. We demonstrate that consistent configuration updates require guarantees of strong switch-level atomicity from both hardware and software layers of switches - even in a single switch. In short, the multiple-switch problems cannot be reasonably approached until single-switch consistency can be resolved. We present a hardware design that supports a transactional configuration mechanism, and provides packet-consistent configuration: all packets traversing the datapath will encounter either the old configuration or the new one, and never an inconsistent mix of the two. Unlike previous work, our design does not require modifications to network packets. We precisely specify the hardwaresoftware protocol for switch configuration; this enables us to prove the correctness of the design, and to provide well-specified invariants that the software driver must maintain for correctness. We implement our prototype switch design using the NetFPGA-10G hardware platform, and evaluate our prototype against commercial off-the-shelf switches.","PeriodicalId":186232,"journal":{"name":"2015 ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS)","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-05-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123517995","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2015-05-07DOI: 10.1109/ANCS.2015.7110140
Yacine Benchaïb, Stefano Secci, Chi-Dung Phung
The use by a growing number of users of Cloud-based services requires an adaptation of the network technologies used to access them. We propose to combine two novel protocols at the state of the art at Cloud access middle-boxes to better profit from spare unused network path diversity. The first protocol, Multipath TCP, allows creating multiple TCP/IP sub flows, as much as needed. The second, the Locator/Identifier Separation Protocol (LISP), can be used to route the subflows on different wide-area network paths, possibly disjoint, and also allows native support for seamless virtual machine migrations. In this paper we specify how we can combine these two protocols to increase the bandwidth available to access applications run in multi-homed data-centers. We describe how these protocols can be integrated into a Cloud access middle-box. By means of a combined MPTCP-LISP access proxy, the acceleration is transparent to the user terminal that does not necessitate any upgrade. We provide the detailed system-level architecture based on open source code, and we document results from preliminary experimentations on one of two targeted use-cases. The evaluations conducted show that the overhead generated by our solution remains moderate despite the various system-level steps required to translate incoming TCP packets into MPTCP-LISP packets then routed over different IP paths.
{"title":"Transparent cloud access performance augmentation via an MPTCP-LISP connection proxy","authors":"Yacine Benchaïb, Stefano Secci, Chi-Dung Phung","doi":"10.1109/ANCS.2015.7110140","DOIUrl":"https://doi.org/10.1109/ANCS.2015.7110140","url":null,"abstract":"The use by a growing number of users of Cloud-based services requires an adaptation of the network technologies used to access them. We propose to combine two novel protocols at the state of the art at Cloud access middle-boxes to better profit from spare unused network path diversity. The first protocol, Multipath TCP, allows creating multiple TCP/IP sub flows, as much as needed. The second, the Locator/Identifier Separation Protocol (LISP), can be used to route the subflows on different wide-area network paths, possibly disjoint, and also allows native support for seamless virtual machine migrations. In this paper we specify how we can combine these two protocols to increase the bandwidth available to access applications run in multi-homed data-centers. We describe how these protocols can be integrated into a Cloud access middle-box. By means of a combined MPTCP-LISP access proxy, the acceleration is transparent to the user terminal that does not necessitate any upgrade. We provide the detailed system-level architecture based on open source code, and we document results from preliminary experimentations on one of two targeted use-cases. The evaluations conducted show that the overhead generated by our solution remains moderate despite the various system-level steps required to translate incoming TCP packets into MPTCP-LISP packets then routed over different IP paths.","PeriodicalId":186232,"journal":{"name":"2015 ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS)","volume":"508 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-05-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115562653","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2015-05-07DOI: 10.1109/ANCS.2015.7110126
Wen-Fei Fu, Hila Ben Abraham, P. Crowley
Data synchronization-long a staple in le systems-is emerging as a signicant communications primitive. In a distributed system, data synchronization resolves di erences among distributed sets of information. In named data networking (NDN), an information-centric communications architecture, data synchronization between multiple nodes is widely used to support basic services, such as public key distribution, le sharing, and route distribution. While existing NDN synchronization schemes are unctional, their implementations rely on log-based representations of information, which creates a limitation on their performance and scalability. This paper presents iSync, a high performance synchronization protocol for NDN. iSync supports efficient data reconciliation by representing the synchronized datasets using a two-level invertible Bloomfilter (IBF) structure. A set-differences can be found by subtracting a remote IBF from a local IBF. The protocol can obtain multiple differences from a single round of data exchange, and does not require prior context in most application scenarios. We evaluated iSync's performance by comparing it to the CCNx synchronization protocol. Experiments show that iSync is about eight times faster across a range of network topologies and sizes, and that it reduces the number of packets sent by about 90%.
数据同步——长期以来一直是系统的主要内容——正在成为一种重要的通信原语。在分布式系统中,数据同步解决了分布式信息集之间的差异。NDN (named data networking)是一种以信息为中心的通信体系结构,多节点间的数据同步被广泛用于支持公钥分发、密钥共享、路由分发等基础业务。虽然现有的NDN同步方案是功能性的,但它们的实现依赖于基于日志的信息表示,这对它们的性能和可伸缩性造成了限制。本文提出了一种高性能的NDN同步协议iSync。iSync通过使用两级可逆Bloomfilter (IBF)结构表示同步数据集来支持高效的数据协调。通过从本地IBF中减去远程IBF,可以找到集差。该协议可以从单轮数据交换中获得多个差异,并且在大多数应用场景中不需要事先的上下文。我们通过将iSync与CCNx同步协议进行比较来评估其性能。实验表明,iSync在各种网络拓扑结构和大小上的速度大约是iSync的8倍,并且它将发送的数据包数量减少了约90%。
{"title":"Synchronizing namespaces with invertible bloom filters","authors":"Wen-Fei Fu, Hila Ben Abraham, P. Crowley","doi":"10.1109/ANCS.2015.7110126","DOIUrl":"https://doi.org/10.1109/ANCS.2015.7110126","url":null,"abstract":"Data synchronization-long a staple in le systems-is emerging as a signicant communications primitive. In a distributed system, data synchronization resolves di erences among distributed sets of information. In named data networking (NDN), an information-centric communications architecture, data synchronization between multiple nodes is widely used to support basic services, such as public key distribution, le sharing, and route distribution. While existing NDN synchronization schemes are unctional, their implementations rely on log-based representations of information, which creates a limitation on their performance and scalability. This paper presents iSync, a high performance synchronization protocol for NDN. iSync supports efficient data reconciliation by representing the synchronized datasets using a two-level invertible Bloomfilter (IBF) structure. A set-differences can be found by subtracting a remote IBF from a local IBF. The protocol can obtain multiple differences from a single round of data exchange, and does not require prior context in most application scenarios. We evaluated iSync's performance by comparing it to the CCNx synchronization protocol. Experiments show that iSync is about eight times faster across a range of network topologies and sizes, and that it reduces the number of packets sent by about 90%.","PeriodicalId":186232,"journal":{"name":"2015 ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS)","volume":"355 ","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-05-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"120876925","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: