Rina renumbering, EUCNC 2017

A
ARCFIRE ICT
EUCNC, Oulu, June 2017 Seamless network renumbering in RINA: automate address changes without breaking flows! Eduard Grasa, Leonardo Bergesio, Miquel Tarzan (i2CAT) Diego Lopez (Telefonica) John Day and Lou Chitkushev (Boston University)
THE PROBLEM: NETWORK RENUMBERING 2 1
What is renumbering •  Update part or all of the addresses assigned to network entities •  What does this imply for IP networks? –  Assign IP addresses to interfaces on switches, routers, hosts –  Propagate routing information –  Update ingress/egress filters, firewalls and ACLs –  Update DNS entries –  Update network management databases if needed –  Care must be taken to support graceful termination of existing flows (old addresses have to coexist until these flows are terminated) Large-scale RINA experimentation on FIRE+ 3 1 2 3 4 5 6
WHY IS RENUMBERING HARD IN IP NETWORKS? 4 2
Lack of application names (I) •  Domain names are mapped to IP addresses by DNS •  The transport layer knows nothing about domain names •  TCP/UDP flows are between pairs of IP addresses and ports –  If IP addresses change, the identity of the flow is lost 5 §  h%p://www.i2cat.net Synonym of an interface of a host Port number (Endpoint of TCP connecPon) :80 App App App name = domain name + port number IP address MAC address IP address MAC address Internet layer routes on IP addresses
Lack of application names (II) •  The IP address is both the identifier of the IP protocol machine and the identifier used to forward IP packets •  Identifier of protocol machine should be stable and location-independent –  So that firewall rules, ACLs, etc. don’t need to be updated if the network is renumbered or the host/router moves •  Identifiers used for forwarding must be location- dependent and may change –  To minimize elements in forwarding table and routing updates •  But there is only 1 identifier: the IP address –  Can’t have both properties at the same time Large-scale RINA Experimentation on FIRE+ 6
WHAT ABOUT RENUMBERING IN RINA NETWORKS? 7 3
RINA overview Large-scale RINA Experimentation on FIRE+ 8 Host Border router Interior Router DIF DIF DIF Border router DIF DIF Distributed IPC Facility (DIF) Host App A App B Consistent API through layers App A Layer (DIF) API IPC Process 1. Register/Unregister App 2. Allocate/Deallocate flows 3. Write data (SDUs) to flows 4. Read data (SDUs) from flows 5.  Get layer informaHon
Naming and addressing, mobility, routing No need for special protocols Large-scale RINA Experimentation on FIRE+ 9 Name Indicates Property RINA IP Applica6on name What Loca6on independent Yes No Node address Where Loca6on dependent, route independent Yes No Point of A%achment How to get there Route dependent Yes Yes (twice: IP, MAC)
Flows and addresses Large-scale RINA Experimentation on FIRE+ 10 App A App B Host Host IPCP Z, @ 1 IPCP Y, @ 2 B ->2 B ->2 Register 1 4 2 3 Update mapping Update mapping Disseminate mapping Provider 1 DIF App A App B Host Host IPCP Z, @ 1 IPCP Y, @ 2 B ->2 B ->2 Accept / Deny 5 2 4 3 Access Control Check Resolve address Allocate Flow Request Provider 1 DIF 1 Allocate Flow to B 6 Allocate Flow Response 7 Flow AllocaBon ApplicaBon registraBon
IPCP procedures Large-scale RINA Experimentation on FIRE+ 11 IPCP Y, @ 2 IPCP Z 1 Allocate Flow to Y 3 Accept / Deny 2 Host Router 4 Authen3ca3on 5 Access Control IPCP Z joins DIF Allowed IPCPs: Z, T, R Provider 1 DIF Access DIF Net Mgmt DIF MA K Mgr L 1 Allocate Flow to L 3 Accept / Deny 2 Router Mgmt. System System discovers Manager
Experimental setup: Backbone net •  37 node network, Single DIF over Ethernet •  All nodes in the DIF change addresses every 30-240s •  IRATI RINA implementation Large-scale RINA Experimentation on FIRE+ 12 •  Check out this demo at booth # 9 (ARCFIRE)
Experimental setup: DC net •  Leaf-spine DC configuration •  IRATI RINA implementation •  All nodes in both DIFs constantly renumber every 30-240s •  38 nodes Large-scale RINA Experimentation on FIRE+ 13 PtP DIF PtP DIF PtP DIF PtP DIFDC Fabric DIF VPN DIF VPN DIF ToR router Spine router ToR router Server Server DC FABRIC DIF TOR1 TOR2 TOR3 TOR4 SPI1 SPI2 TOR1 TOR2 S11 S12 S13 S14 S21 S22 S23 S24 VPN (1-4) DIF
Experimental results •  No packet loss during renumbering events •  Almost no penalty in throughput •  Penalty in delay for the worst case scenario Large-scale RINA Experimentation on FIRE+ 14 0 0.05 0.1 0.15 0.2 0.25 0.3 0.35 0.4 0.45 VPN 1: s14 - s24 VPN2 : s18 - s28 VPN3: s31 - s41 VPN4: s35 -s45 rina-echo-*me flows between nodes Applica*on RTT (ms) vs. renumbering frequency Every [30, 60] s Every [60, 120] s Every [120, 240] s No renumbering 0 10 20 30 40 50 60 70 80 90 100 VPN 1: s14 - s24 VPN2 : s18 - s28 VPN3: s31 - s41 VPN4: s35 -s45 rina-tgen flows between nodes Applica4on goodput (Mbps) vs. renumbering frequency Every [30, 60] s Every [60, 120] s Every [120, 240] s No renumbering •  Results in the worst case scenario (constanly renumbering network) •  Renumbering can be done live
IMPLICATIONS, FURTHER WORK 15 4
Implications •  With a proper naming and addressing structure in place, life network renumbering can be done –  without impacting existing flows –  without the need of extra protocols or mechanisms –  in a fully automated way (minimize opex and network downtime) •  Use cases –  Network consolidation (e.g. acquisition of other networks) –  Update network addressing scheme to optimize routing (e.g. due to changes in network topology) –  Better support for mobility (change address of moving nodes if they attach to different subnets) Large-scale RINA Experimentation on FIRE+ 16
Ongoing RINA R&D activities Large-scale RINA Experimentation on FIRE+ 17 •  Current research projects –  FP7 PRISTINE (2014-2016) http://ict-pristine-eu –  H2020 ARCFIRE (2016-2017) http://ict-arcfire.eu –  Norwegian project OCARINA(2016-2021) –  BU RINA team http://csr.bu.edu/rina •  Open source implementations –  IRATI (Linux OS, C/C++, kernel components, policy framework, RINA over X) http://github.com/irati/stack –  RINASim (RINA simulator, OMNeT++) –  ProtoRINA (Java, RINA over UDP, quick prototyping) •  Key RINA standardization activities –  Pouzin Society (experimental specs) http://pouzinsociety.org –  ISO SC6 WG7 (2 new projects: Future Network – Architectures, Future Network- Protocols) –  ETSI Next Generation Protocols ISG 1 2 3 4 1 2 3 1 2 3
1 of 17

Rina renumbering, EUCNC 2017

Download to read offline
Internet

Seamless network renumbering in RINA: automate address changes without breaking flows!

A
ARCFIRE ICT

Recommended

RINA Distributed Mobility Management over WiFi by
RINA Distributed Mobility Management over WiFiRINA Distributed Mobility Management over WiFi
RINA Distributed Mobility Management over WiFiARCFIRE ICT
634 views15 slides
4. Clearwater on rina by
4. Clearwater on rina4. Clearwater on rina
4. Clearwater on rinaARCFIRE ICT
948 views28 slides
RINA Tutorial at ETSI ISG NGP#3 by
RINA Tutorial at ETSI ISG NGP#3RINA Tutorial at ETSI ISG NGP#3
RINA Tutorial at ETSI ISG NGP#3ARCFIRE ICT
805 views24 slides
RINA research results - NGP forum - SDN World Congress 2017 by
RINA research results - NGP forum - SDN World Congress 2017RINA research results - NGP forum - SDN World Congress 2017
RINA research results - NGP forum - SDN World Congress 2017ARCFIRE ICT
656 views21 slides
Generic network architecture discussion by
Generic network architecture discussionGeneric network architecture discussion
Generic network architecture discussionARCFIRE ICT
532 views65 slides
Advanced network experiments in FED4FIRE by
Advanced network experiments in FED4FIREAdvanced network experiments in FED4FIRE
Advanced network experiments in FED4FIREARCFIRE ICT
464 views41 slides

More Related Content

What's hot

1. RINA motivation - TF Workshop by
1. RINA motivation - TF Workshop1. RINA motivation - TF Workshop
1. RINA motivation - TF WorkshopARCFIRE ICT
1.6K views23 slides
Rina sdn-2016 mobility by
Rina sdn-2016 mobilityRina sdn-2016 mobility
Rina sdn-2016 mobilityARCFIRE ICT
690 views12 slides
Rina converged network operator - etsi workshop by
Rina converged network operator - etsi workshopRina converged network operator - etsi workshop
Rina converged network operator - etsi workshopARCFIRE ICT
727 views13 slides
3. RINA use cases, results, benefits by
3. RINA use cases, results, benefits3. RINA use cases, results, benefits
3. RINA use cases, results, benefitsARCFIRE ICT
1.7K views65 slides
2. RINA overview - TF workshop by
2. RINA overview - TF workshop2. RINA overview - TF workshop
2. RINA overview - TF workshopARCFIRE ICT
1.6K views21 slides
Architectures and buildings by
Architectures and buildingsArchitectures and buildings
Architectures and buildingsARCFIRE ICT
283 views26 slides

What's hot(20)

1. RINA motivation - TF Workshop by ARCFIRE ICT
1. RINA motivation - TF Workshop1. RINA motivation - TF Workshop
1. RINA motivation - TF Workshop
ARCFIRE ICT1.6K views
Rina sdn-2016 mobility by ARCFIRE ICT
Rina sdn-2016 mobilityRina sdn-2016 mobility
Rina sdn-2016 mobility
ARCFIRE ICT690 views
Rina converged network operator - etsi workshop by ARCFIRE ICT
Rina converged network operator - etsi workshopRina converged network operator - etsi workshop
Rina converged network operator - etsi workshop
ARCFIRE ICT727 views
3. RINA use cases, results, benefits by ARCFIRE ICT
3. RINA use cases, results, benefits3. RINA use cases, results, benefits
3. RINA use cases, results, benefits
ARCFIRE ICT1.7K views
2. RINA overview - TF workshop by ARCFIRE ICT
2. RINA overview - TF workshop2. RINA overview - TF workshop
2. RINA overview - TF workshop
ARCFIRE ICT1.6K views
Architectures and buildings by ARCFIRE ICT
Architectures and buildingsArchitectures and buildings
Architectures and buildings
ARCFIRE ICT283 views
The hague rina-workshop-mobility-eduard by ICT PRISTINE
The hague rina-workshop-mobility-eduardThe hague rina-workshop-mobility-eduard
The hague rina-workshop-mobility-eduard
ICT PRISTINE808 views
Rumba presentation at FEC2 by ARCFIRE ICT
Rumba presentation at FEC2Rumba presentation at FEC2
Rumba presentation at FEC2
ARCFIRE ICT578 views
6TiSCH + RPL @ Telecom Bretagne 2014 by Pascal Thubert
6TiSCH + RPL @ Telecom Bretagne 20146TiSCH + RPL @ Telecom Bretagne 2014
6TiSCH + RPL @ Telecom Bretagne 2014
Pascal Thubert4.8K views
Eucnc rina-tutorial by ICT PRISTINE
Eucnc rina-tutorialEucnc rina-tutorial
Eucnc rina-tutorial
ICT PRISTINE1.4K views
The hageu rina-workshop-security-peter by ICT PRISTINE
The hageu rina-workshop-security-peterThe hageu rina-workshop-security-peter
The hageu rina-workshop-security-peter
ICT PRISTINE848 views
Pristine rina-sdk-icc-2016 by ICT PRISTINE
Pristine rina-sdk-icc-2016Pristine rina-sdk-icc-2016
Pristine rina-sdk-icc-2016
ICT PRISTINE1.8K views
CTTC presentation WSN in Contiki by Tania Ellinidou
CTTC presentation WSN in ContikiCTTC presentation WSN in Contiki
CTTC presentation WSN in Contiki
Tania Ellinidou491 views
Multi-operator "IPC" VPN Slices: Applying RINA to Overlay Networking by ARCFIRE ICT
Multi-operator "IPC" VPN Slices: Applying RINA to Overlay NetworkingMulti-operator "IPC" VPN Slices: Applying RINA to Overlay Networking
Multi-operator "IPC" VPN Slices: Applying RINA to Overlay Networking
ARCFIRE ICT1.6K views
Pristine rina-tnc-2016 by ICT PRISTINE
Pristine rina-tnc-2016Pristine rina-tnc-2016
Pristine rina-tnc-2016
ICT PRISTINE1.4K views
Rpl2016 by Pascal Thubert
Rpl2016Rpl2016
Rpl2016
Pascal Thubert2.2K views
Presentation on CCNA(Networking & Troubleshooting) by Arunabh Deka
Presentation on CCNA(Networking & Troubleshooting)Presentation on CCNA(Networking & Troubleshooting)
Presentation on CCNA(Networking & Troubleshooting)
Arunabh Deka1.9K views
Rina acc-icc16-stein by ICT PRISTINE
Rina acc-icc16-steinRina acc-icc16-stein
Rina acc-icc16-stein
ICT PRISTINE1.4K views
Unifying WiFi and VLANs with the RINA model by ARCFIRE ICT
Unifying WiFi and VLANs with the RINA modelUnifying WiFi and VLANs with the RINA model
Unifying WiFi and VLANs with the RINA model
ARCFIRE ICT1.4K views
Experimental evaluation of a RINA prototype - GC 2014 by Eleni Trouva
Experimental evaluation of a RINA prototype - GC 2014Experimental evaluation of a RINA prototype - GC 2014
Experimental evaluation of a RINA prototype - GC 2014
Eleni Trouva2.1K views

Similar to Rina renumbering, EUCNC 2017

Mobility mangement rina iwcnc by
Mobility mangement rina iwcncMobility mangement rina iwcnc
Mobility mangement rina iwcncARCFIRE ICT
93 views18 slides
Distributed mobility management and application discovery by
Distributed mobility management and application discoveryDistributed mobility management and application discovery
Distributed mobility management and application discoveryARCFIRE ICT
272 views35 slides
Exp3mq by
Exp3mqExp3mq
Exp3mqARCFIRE ICT
253 views18 slides
LTEcloudSecurityIssuesTakeaways-GP by
LTEcloudSecurityIssuesTakeaways-GPLTEcloudSecurityIssuesTakeaways-GP
LTEcloudSecurityIssuesTakeaways-GPDr. Galina Diker Pildush
489 views40 slides
Pristine rina-tnc-2016 by
Pristine rina-tnc-2016Pristine rina-tnc-2016
Pristine rina-tnc-2016ARCFIRE ICT
314 views19 slides
Networking interview questions by
Networking interview questionsNetworking interview questions
Networking interview questionszahadath
2.3K views13 slides

Similar to Rina renumbering, EUCNC 2017(20)

Mobility mangement rina iwcnc by ARCFIRE ICT
Mobility mangement rina iwcncMobility mangement rina iwcnc
Mobility mangement rina iwcnc
ARCFIRE ICT93 views
Distributed mobility management and application discovery by ARCFIRE ICT
Distributed mobility management and application discoveryDistributed mobility management and application discovery
Distributed mobility management and application discovery
ARCFIRE ICT272 views
Exp3mq by ARCFIRE ICT
Exp3mqExp3mq
Exp3mq
ARCFIRE ICT253 views
LTEcloudSecurityIssuesTakeaways-GP by Dr. Galina Diker Pildush
LTEcloudSecurityIssuesTakeaways-GPLTEcloudSecurityIssuesTakeaways-GP
LTEcloudSecurityIssuesTakeaways-GP
Dr. Galina Diker Pildush489 views
Pristine rina-tnc-2016 by ARCFIRE ICT
Pristine rina-tnc-2016Pristine rina-tnc-2016
Pristine rina-tnc-2016
ARCFIRE ICT314 views
Networking interview questions by zahadath
Networking interview questionsNetworking interview questions
Networking interview questions
zahadath2.3K views
Latihan soal by joko
Latihan soalLatihan soal
Latihan soal
joko131 views
Protocol and Integration Challenges for SDN by Gerardo Pardo-Castellote
Protocol and Integration Challenges for SDNProtocol and Integration Challenges for SDN
Protocol and Integration Challenges for SDN
Gerardo Pardo-Castellote1.1K views
IRATI Experimentation, US-EU FIRE Workshop by Eleni Trouva
IRATI Experimentation, US-EU FIRE WorkshopIRATI Experimentation, US-EU FIRE Workshop
IRATI Experimentation, US-EU FIRE Workshop
Eleni Trouva1.7K views
Network Layer by Lakshika Rasanjali
Network LayerNetwork Layer
Network Layer
Lakshika Rasanjali84 views
TCP/IP Basics by SMC Networks Europe
TCP/IP BasicsTCP/IP Basics
TCP/IP Basics
SMC Networks Europe4.9K views
Tcp by giaolvq
TcpTcp
Tcp
giaolvq935 views
In Defence of NATs by APNIC
In Defence of NATsIn Defence of NATs
In Defence of NATs
APNIC159 views
Software Defined Networking: Primer by Bangladesh Network Operators Group
Software Defined Networking: Primer Software Defined Networking: Primer
Software Defined Networking: Primer
Bangladesh Network Operators Group1.4K views
Ccna pres by Danish Nauman
Ccna presCcna pres
Ccna pres
Danish Nauman799 views
A new perspective on Network Visibility - RISK 2015 by Network Performance Channel GmbH
A new perspective on Network Visibility - RISK 2015A new perspective on Network Visibility - RISK 2015
A new perspective on Network Visibility - RISK 2015
Network Performance Channel GmbH 477 views
Nad710 Network Address Translation by tmavroidis
Nad710 Network Address TranslationNad710 Network Address Translation
Nad710 Network Address Translation
tmavroidis1K views
A Platform for Data Intensive Services Enabled by Next Generation Dynamic Opt... by Tal Lavian Ph.D.
A Platform for Data Intensive Services Enabled by Next Generation Dynamic Opt...A Platform for Data Intensive Services Enabled by Next Generation Dynamic Opt...
A Platform for Data Intensive Services Enabled by Next Generation Dynamic Opt...
Tal Lavian Ph.D.660 views
CCNA 1 by Asish Verma
CCNA 1CCNA 1
CCNA 1
Asish Verma690 views
Gohil-Network layer & Address Resolution Protocol.pptx by Juvil2
Gohil-Network layer & Address Resolution Protocol.pptxGohil-Network layer & Address Resolution Protocol.pptx
Gohil-Network layer & Address Resolution Protocol.pptx
Juvil22 views

More from ARCFIRE ICT

Error and Flow Control Protocol (EFCP) Design and Implementation: A Data Tran... by
Error and Flow Control Protocol (EFCP) Design and Implementation: A Data Tran...Error and Flow Control Protocol (EFCP) Design and Implementation: A Data Tran...
Error and Flow Control Protocol (EFCP) Design and Implementation: A Data Tran...ARCFIRE ICT
1.3K views14 slides
Large-scale Experimentation with Network Abstraction for Network Configuratio... by
Large-scale Experimentation with Network Abstraction for Network Configuratio...Large-scale Experimentation with Network Abstraction for Network Configuratio...
Large-scale Experimentation with Network Abstraction for Network Configuratio...ARCFIRE ICT
1.1K views40 slides
Design Considerations for RINA Congestion Control over WiFi Links by
Design Considerations for RINA Congestion Control over WiFi LinksDesign Considerations for RINA Congestion Control over WiFi Links
Design Considerations for RINA Congestion Control over WiFi LinksARCFIRE ICT
1.2K views33 slides
One of the Ways How to Make RIB Distributed by
One of the Ways How to Make RIB DistributedOne of the Ways How to Make RIB Distributed
One of the Ways How to Make RIB DistributedARCFIRE ICT
1.2K views14 slides
First Contact: Can Switching to RINA save the Internet? by
First Contact: Can Switching to RINA save the Internet?First Contact: Can Switching to RINA save the Internet?
First Contact: Can Switching to RINA save the Internet?ARCFIRE ICT
1.3K views11 slides
Experimenting with Real Application-specific QoS Guarantees in a Large-scale ... by
Experimenting with Real Application-specific QoS Guarantees in a Large-scale ...Experimenting with Real Application-specific QoS Guarantees in a Large-scale ...
Experimenting with Real Application-specific QoS Guarantees in a Large-scale ...ARCFIRE ICT
1.1K views13 slides

More from ARCFIRE ICT(15)

Error and Flow Control Protocol (EFCP) Design and Implementation: A Data Tran... by ARCFIRE ICT
Error and Flow Control Protocol (EFCP) Design and Implementation: A Data Tran...Error and Flow Control Protocol (EFCP) Design and Implementation: A Data Tran...
Error and Flow Control Protocol (EFCP) Design and Implementation: A Data Tran...
ARCFIRE ICT1.3K views
Large-scale Experimentation with Network Abstraction for Network Configuratio... by ARCFIRE ICT
Large-scale Experimentation with Network Abstraction for Network Configuratio...Large-scale Experimentation with Network Abstraction for Network Configuratio...
Large-scale Experimentation with Network Abstraction for Network Configuratio...
ARCFIRE ICT1.1K views
Design Considerations for RINA Congestion Control over WiFi Links by ARCFIRE ICT
Design Considerations for RINA Congestion Control over WiFi LinksDesign Considerations for RINA Congestion Control over WiFi Links
Design Considerations for RINA Congestion Control over WiFi Links
ARCFIRE ICT1.2K views
One of the Ways How to Make RIB Distributed by ARCFIRE ICT
One of the Ways How to Make RIB DistributedOne of the Ways How to Make RIB Distributed
One of the Ways How to Make RIB Distributed
ARCFIRE ICT1.2K views
First Contact: Can Switching to RINA save the Internet? by ARCFIRE ICT
First Contact: Can Switching to RINA save the Internet?First Contact: Can Switching to RINA save the Internet?
First Contact: Can Switching to RINA save the Internet?
ARCFIRE ICT1.3K views
Experimenting with Real Application-specific QoS Guarantees in a Large-scale ... by ARCFIRE ICT
Experimenting with Real Application-specific QoS Guarantees in a Large-scale ...Experimenting with Real Application-specific QoS Guarantees in a Large-scale ...
Experimenting with Real Application-specific QoS Guarantees in a Large-scale ...
ARCFIRE ICT1.1K views
6 security130123 by ARCFIRE ICT
6 security1301236 security130123
6 security130123
ARCFIRE ICT214 views
5 mngmt idd130115 by ARCFIRE ICT
5 mngmt idd1301155 mngmt idd130115
5 mngmt idd130115
ARCFIRE ICT295 views
5 mngmt idd130115jd by ARCFIRE ICT
5 mngmt idd130115jd5 mngmt idd130115jd
5 mngmt idd130115jd
ARCFIRE ICT166 views
4 addressing theory130115 by ARCFIRE ICT
4 addressing theory1301154 addressing theory130115
4 addressing theory130115
ARCFIRE ICT165 views
3 addressingthe problem130123 by ARCFIRE ICT
3 addressingthe problem1301233 addressingthe problem130123
3 addressingthe problem130123
ARCFIRE ICT159 views
2 introto rina-e130123 by ARCFIRE ICT
2 introto rina-e1301232 introto rina-e130123
2 introto rina-e130123
ARCFIRE ICT507 views
1 lost layer130123 by ARCFIRE ICT
1 lost layer1301231 lost layer130123
1 lost layer130123
ARCFIRE ICT231 views
Rumba CNERT presentation by ARCFIRE ICT
Rumba CNERT presentationRumba CNERT presentation
Rumba CNERT presentation
ARCFIRE ICT230 views
5. Rumba presentation by ARCFIRE ICT
5. Rumba presentation5. Rumba presentation
5. Rumba presentation
ARCFIRE ICT1.4K views

Recently uploaded

hamro digital logics.pptx by
hamro digital logics.pptxhamro digital logics.pptx
hamro digital logics.pptxtupeshghimire
10 views36 slides
Affiliate Marketing by
Affiliate MarketingAffiliate Marketing
Affiliate MarketingNavin Dhanuka
18 views30 slides
ATPMOUSE_융합2조.pptx by
ATPMOUSE_융합2조.pptxATPMOUSE_융합2조.pptx
ATPMOUSE_융합2조.pptxkts120898
35 views70 slides
How to think like a threat actor for Kubernetes.pptx by
How to think like a threat actor for Kubernetes.pptxHow to think like a threat actor for Kubernetes.pptx
How to think like a threat actor for Kubernetes.pptxLibbySchulze1
7 views33 slides
Marketing and Community Building in Web3 by
Marketing and Community Building in Web3Marketing and Community Building in Web3
Marketing and Community Building in Web3Federico Ast
15 views64 slides
The Dark Web : Hidden Services by
The Dark Web : Hidden ServicesThe Dark Web : Hidden Services
The Dark Web : Hidden ServicesAnshu Singh
16 views24 slides

Recently uploaded(6)

hamro digital logics.pptx by tupeshghimire
hamro digital logics.pptxhamro digital logics.pptx
hamro digital logics.pptx
tupeshghimire10 views
Affiliate Marketing by Navin Dhanuka
Affiliate MarketingAffiliate Marketing
Affiliate Marketing
Navin Dhanuka18 views
ATPMOUSE_융합2조.pptx by kts120898
ATPMOUSE_융합2조.pptxATPMOUSE_융합2조.pptx
ATPMOUSE_융합2조.pptx
kts12089835 views
How to think like a threat actor for Kubernetes.pptx by LibbySchulze1
How to think like a threat actor for Kubernetes.pptxHow to think like a threat actor for Kubernetes.pptx
How to think like a threat actor for Kubernetes.pptx
LibbySchulze17 views
Marketing and Community Building in Web3 by Federico Ast
Marketing and Community Building in Web3Marketing and Community Building in Web3
Marketing and Community Building in Web3
Federico Ast15 views
The Dark Web : Hidden Services by Anshu Singh
The Dark Web : Hidden ServicesThe Dark Web : Hidden Services
The Dark Web : Hidden Services
Anshu Singh16 views

Rina renumbering, EUCNC 2017

  • 1. EUCNC, Oulu, June 2017 Seamless network renumbering in RINA: automate address changes without breaking flows! Eduard Grasa, Leonardo Bergesio, Miquel Tarzan (i2CAT) Diego Lopez (Telefonica) John Day and Lou Chitkushev (Boston University)
  • 3. What is renumbering •  Update part or all of the addresses assigned to network entities •  What does this imply for IP networks? –  Assign IP addresses to interfaces on switches, routers, hosts –  Propagate routing information –  Update ingress/egress filters, firewalls and ACLs –  Update DNS entries –  Update network management databases if needed –  Care must be taken to support graceful termination of existing flows (old addresses have to coexist until these flows are terminated) Large-scale RINA experimentation on FIRE+ 3 1 2 3 4 5 6
  • 5. Lack of application names (I) •  Domain names are mapped to IP addresses by DNS •  The transport layer knows nothing about domain names •  TCP/UDP flows are between pairs of IP addresses and ports –  If IP addresses change, the identity of the flow is lost 5 §  h%p://www.i2cat.net Synonym of an interface of a host Port number (Endpoint of TCP connecPon) :80 App App App name = domain name + port number IP address MAC address IP address MAC address Internet layer routes on IP addresses
  • 6. Lack of application names (II) •  The IP address is both the identifier of the IP protocol machine and the identifier used to forward IP packets •  Identifier of protocol machine should be stable and location-independent –  So that firewall rules, ACLs, etc. don’t need to be updated if the network is renumbered or the host/router moves •  Identifiers used for forwarding must be location- dependent and may change –  To minimize elements in forwarding table and routing updates •  But there is only 1 identifier: the IP address –  Can’t have both properties at the same time Large-scale RINA Experimentation on FIRE+ 6
  • 8. RINA overview Large-scale RINA Experimentation on FIRE+ 8 Host Border router Interior Router DIF DIF DIF Border router DIF DIF Distributed IPC Facility (DIF) Host App A App B Consistent API through layers App A Layer (DIF) API IPC Process 1. Register/Unregister App 2. Allocate/Deallocate flows 3. Write data (SDUs) to flows 4. Read data (SDUs) from flows 5.  Get layer informaHon
  • 9. Naming and addressing, mobility, routing No need for special protocols Large-scale RINA Experimentation on FIRE+ 9 Name Indicates Property RINA IP Applica6on name What Loca6on independent Yes No Node address Where Loca6on dependent, route independent Yes No Point of A%achment How to get there Route dependent Yes Yes (twice: IP, MAC)
  • 10. Flows and addresses Large-scale RINA Experimentation on FIRE+ 10 App A App B Host Host IPCP Z, @ 1 IPCP Y, @ 2 B ->2 B ->2 Register 1 4 2 3 Update mapping Update mapping Disseminate mapping Provider 1 DIF App A App B Host Host IPCP Z, @ 1 IPCP Y, @ 2 B ->2 B ->2 Accept / Deny 5 2 4 3 Access Control Check Resolve address Allocate Flow Request Provider 1 DIF 1 Allocate Flow to B 6 Allocate Flow Response 7 Flow AllocaBon ApplicaBon registraBon
  • 11. IPCP procedures Large-scale RINA Experimentation on FIRE+ 11 IPCP Y, @ 2 IPCP Z 1 Allocate Flow to Y 3 Accept / Deny 2 Host Router 4 Authen3ca3on 5 Access Control IPCP Z joins DIF Allowed IPCPs: Z, T, R Provider 1 DIF Access DIF Net Mgmt DIF MA K Mgr L 1 Allocate Flow to L 3 Accept / Deny 2 Router Mgmt. System System discovers Manager
  • 12. Experimental setup: Backbone net •  37 node network, Single DIF over Ethernet •  All nodes in the DIF change addresses every 30-240s •  IRATI RINA implementation Large-scale RINA Experimentation on FIRE+ 12 •  Check out this demo at booth # 9 (ARCFIRE)
  • 13. Experimental setup: DC net •  Leaf-spine DC configuration •  IRATI RINA implementation •  All nodes in both DIFs constantly renumber every 30-240s •  38 nodes Large-scale RINA Experimentation on FIRE+ 13 PtP DIF PtP DIF PtP DIF PtP DIFDC Fabric DIF VPN DIF VPN DIF ToR router Spine router ToR router Server Server DC FABRIC DIF TOR1 TOR2 TOR3 TOR4 SPI1 SPI2 TOR1 TOR2 S11 S12 S13 S14 S21 S22 S23 S24 VPN (1-4) DIF
  • 14. Experimental results •  No packet loss during renumbering events •  Almost no penalty in throughput •  Penalty in delay for the worst case scenario Large-scale RINA Experimentation on FIRE+ 14 0 0.05 0.1 0.15 0.2 0.25 0.3 0.35 0.4 0.45 VPN 1: s14 - s24 VPN2 : s18 - s28 VPN3: s31 - s41 VPN4: s35 -s45 rina-echo-*me flows between nodes Applica*on RTT (ms) vs. renumbering frequency Every [30, 60] s Every [60, 120] s Every [120, 240] s No renumbering 0 10 20 30 40 50 60 70 80 90 100 VPN 1: s14 - s24 VPN2 : s18 - s28 VPN3: s31 - s41 VPN4: s35 -s45 rina-tgen flows between nodes Applica4on goodput (Mbps) vs. renumbering frequency Every [30, 60] s Every [60, 120] s Every [120, 240] s No renumbering •  Results in the worst case scenario (constanly renumbering network) •  Renumbering can be done live
  • 16. Implications •  With a proper naming and addressing structure in place, life network renumbering can be done –  without impacting existing flows –  without the need of extra protocols or mechanisms –  in a fully automated way (minimize opex and network downtime) •  Use cases –  Network consolidation (e.g. acquisition of other networks) –  Update network addressing scheme to optimize routing (e.g. due to changes in network topology) –  Better support for mobility (change address of moving nodes if they attach to different subnets) Large-scale RINA Experimentation on FIRE+ 16
  • 17. Ongoing RINA R&D activities Large-scale RINA Experimentation on FIRE+ 17 •  Current research projects –  FP7 PRISTINE (2014-2016) http://ict-pristine-eu –  H2020 ARCFIRE (2016-2017) http://ict-arcfire.eu –  Norwegian project OCARINA(2016-2021) –  BU RINA team http://csr.bu.edu/rina •  Open source implementations –  IRATI (Linux OS, C/C++, kernel components, policy framework, RINA over X) http://github.com/irati/stack –  RINASim (RINA simulator, OMNeT++) –  ProtoRINA (Java, RINA over UDP, quick prototyping) •  Key RINA standardization activities –  Pouzin Society (experimental specs) http://pouzinsociety.org –  ISO SC6 WG7 (2 new projects: Future Network – Architectures, Future Network- Protocols) –  ETSI Next Generation Protocols ISG 1 2 3 4 1 2 3 1 2 3