SAHARA/I3 First Summer Retreat 10-12 June 2002

1
SAHARA/I3 First Summer Retreat10-12 June 2002

• Randy H. Katz, Anthony Joseph, Ion Stoica
• Computer Science Division
• Electrical Engineering and Computer Science
  Department
• University of California, Berkeley
• Berkeley, CA 94720-1776

2
Retreat Goals Technology Transfer
People Project Status Work in Progress Prototype
Technology
Early Access to Technology Promising Directions
Reality Check Feedback
3
Who is Here (Industry)

• ATT Research
• Yatin Chawathe
• CMU
• Hui Zhang
• Ericsson Research
• Per Johansson (VIF)
• Martin Korling
• Hewlett-Packard Labs
• John Apostolopoulos
• Wai-Tian Dan Tan
• Intel Research
• Timothy Roscoe
• Keynote Systems
• Chris Overton
• Microsoft Research
• Venkat Padmanabhan
• Lili Qui
• Helen Wang
• Nokia

• Nortel Networks
• Tal Lavian (PhD student)
• NTTDoCoMo
• Takashi Suzuki (VIF)
• Gang Wu
• Sprint ATL
• Bryan Lyles
• Paul Jardetzky
• UC Davis
• Chen-nee Chuah
• Dipak Ghosal
• Univ. Helsinki
• Kimmo Raatikainen
• Univ. Washington
• Tom Anderson
• Other Affiliation
• Peter Danzig

Italics indicates Ph.D. from Berkeley VIFVisiting
Industrial Fellow
4
Who is Here (Berkeley)

• Professors
• Anthony Joseph
• Randy Katz
• Ion Stoica
• Doug Tygar
• Postdocs
• Kevin Lai
• Technical Admin Staff
• Nathan Berneman
• Bob Miller
• Keith Sklower
• Grad Students
• Sharad Agarwal
• Matt Caesar
• Weidong Cui
• Steve Czerwinski

• Grad Students
• Yitao Duan
• Ling Huang
• Almadena Konrad
• Karthik Lakshminarayanan
• Yin Li
• Huang Ling
• Sridhar Machiraju
• George Porter
• Bhaskar Raman
• Anantha Rajagoplala-Rao
• Mukund Seshadri
• Jimmy Shih
• Lakshmi Subramanian
• Ben Zhao
• Shelley Zhuang

5
Retreat Purpose

• Second SAHARA retreat
• Project launched 1 July 2001
• Review progress, set directions, particularly in
  terms of integrating the diverse efforts underway
  
• Generation after next networks
• Software agents, not protocols
• Converged data and telecommunications networks
• Heterogeneous access plus core networks
• Emerging network-aware distributed architecture
• Confederation vs. brokering in service
  provisioning
• Exploiting network structure-awareness
• Four layer reference architecture
• Industrial feedback and directions
• Real-world networking problems/limitations
• Helping us do relevant research at Internet-scale

6
Plan for the Retreat

• Monday, 10 June 2002
• 1200-1315 Lunch
• 1315-1500 Retreat Overview and Introductions
  (Randy)
• Retreat Overview Sahara Progress, Randy Katz
• Research on Adaptive Systems, Anthony Joseph
• I3 Overview, Ion Stoica
• 1500-1530 Break
• 1530-1700 Routing as a Cross-Domain Service
  (Randy)
• Ion Student Multicast on I3
• Mukund Interdomain Multicast
• Sharad Policy Agent for Interdomain Routing
• Lakshmi Overlay QoS 
• 1700-1730 View from a Tier-1 ISP (Chen-nee)
• 1730-1800 Break
• 1800-1915 Dinner (Joint with ROC Retreat)
• 1915-2015 Alfred Spector, IBM (Joint with ROC
  Retreat)
• 2015-2100 Student Poster Session

7
Plan for the Retreat

• Tuesday, 11 June 2002
• 0730-0830 Breakfast
• 0830-1000 Joint I3/Tapestry Session (Kubi/Ion)
• Services on Infrastructure, Kubi/Ion
• Mobility on I3, Shelley/Kevin
• Mobility on Tapestry, Ben
• 1000-1030 Break
• 1030-1200 Adaptation and Applications (Anthony)
• Modeling/Analysis of Non-Stationary Net
  Characteristics, Almudena
• Always Best Connected, Machi
• VoIP Gateway Selection, Matt
• 1200-1300 Lunch
• 1300-1600 Long Break
• 1600-1800 SAHARA Architecture and Brainstorming
  Session (Randy)
• Four Layer Architecture, Bhaskar
• Hot Spot WLAN Testbed for Sahara Integration,
  Jimmy
• 1800-1915 Dinner (Joint with ROC Retreat)
• 1915-2000 Panel on Robust Manageable Distributed
  Systems
• 2000-2130 Second Graduate Student Poster Session

8
Plan for the Retreat

• Wednesday, 12 June 2002
• 0730-0830 Breakfast
• 0830-1000 Six Month Planning (Anthony)
• 1000-1030 Break/Room Checkout/Photo Session
• 1030-1200 Industrial Feedback (Randy)
• 1200-1300 Lunch
• 1300-1700 Bus back to Berkeley

9
SAHARA 2001-2003

• Service
• Architecture for
• Heterogeneous
• Access,
• Resources, and
• Applications

10
Scenario ServiceComposition
11
Sahara Research Themes

• New mechanisms, techniques for end-to-end
  services w/ desirable, predictable, enforceable
  properties spanning potentially distrusting
  service providers
• Architecture for service composition
  inter-operation across separate admin domains,
  supporting peering brokering, and diverse
  business, value-exchange, access-control models
• Functional elements
• Service discovery
• Service-level agreements
• Service composition under constraints
• Redirection to a service instance
• Performance measurement infrastructure
• Constraints based on performance, access control,
  accounting/billing/settlements
• Service modeling and verification

12
Connectivity and Processing
13
Service Composition Models
14
Layered Reference Model for Service Composition
End-User Applications
Applications Services
Application Plane
Middleware Services
End-to-End Network With Desirable Properties
Enhanced Paths
Connectivity Plane
Enhanced Links
IP Network
15
Layered Reference Modelfor Service Composition
Composed Service at Layer i
16
Mechanisms for Service Composition

• Measurement-based Adaptation
• Examples
• General-purpose third party end-to-end Internet
  host distance monitoring and estimation service
• Universal In-box Application-specific middleware
  measurement layer to exchange network and server
  load using link-state algorithm
• Content Distribution Networks measurement-based
  DNS-based server selection to redirect client to
  closest service instance

17
Mechanisms for Service Composition

• Utility-based Resource Allocation Mechanisms
• Examples
• Auctions to dynamically allocate resources
  applied for spectrum/bandwidth resource
  assignments to MVNO from underlying competiting
  MNOs
• Congestion pricing influence user behavior to
  better utilize scarce resources applied in
• Voice port allocation to user-initiated calls in
  H.323 gateway/Voice over IP service management
• Wireless LAN bandwidth allocation and management
• H.323 gateway selection, redirection, and load
  balancing for Voice over IP services

18
Mechanisms for Service Composition

• Trust Mgmt/Verification of Service Usage
• Authentication, Authorization, Accounting
  Services
• Authorization control scheme w/ credential
  transformations to enable cross-domain service
  invocation
• Federated admin domains with credential
  transformation rules based on established peering
  agreements
• AAA server makes authorization decisions,
  liberating providers from preparing rules for
  each affiliated domain
• Service Level Agreement Verification
• Verification and usage monitoring to ensure
  properties specified in SLA are being honored
• Border routers monitoring control traffic from
  different providers to detect malicious route
  advertisements

19
Mechanisms for Service Composition

• Policy Management
• Visibility into local policies to better
  coordinate global policies among (cooperating)
  service providers
• Developing inter-AS architecture for load
  balancing, performance and failure mode policies
  to be applied throughout the network
• Internet topology discovery through AS
  relationship map of the Internet plus measurement
  infrastructure
• Policy agent framework for inter-AS negotiation
  to manage incoming traffic

20
Mechanisms for Service Composition

• Interoperability through Transformation
• Interoperability of data, protocols, policies
  among composed service providers
• Example
• Broadcast federation global multicast service
  composed from multicast implementations in
  different provider domains
• Protocol transformation gateways between admin
  domains employing non-interoperable multicast
  protocol implementations

21
Summary and Conclusions

• Goal Evolve (mobile) Internet architecture to
  better support multi-network/multi-service
  provider model
• Dynamic environment, location-based implies
  larger numbers of service providers service
  instances
• Status architectural specification driven by
  selected applications and underlying wide-area
  services
• Focus
• Composition across confederated vs. independent
  service providers peer-to-peer vs. brokering
• Explore new techniques/technologies
• Market-based mechanisms
• Trust management, SLA verification, perf.
  monitoring

22
Work in Progress

• Enhanced Links
• Congestion Pricing for Access Links
• Auction-based Resource (Bandwidth) Allocation
• Traffic Policing/Verification of Bandwidth
  Allocation

23
Congestion Pricing at Access Links

• Setup
• 10 users
• 3 QoS (Slow-going, Moderate, Responsive)differ
  on degree of traffic smoothing
• 24 tokens/day, 15 minutes of usage per charge
• Acceptable
• Users make purchasing decision at most once every
  15 minutes
• Feasible
• Changing prices cause users to select different
  QoS
• Effective
• If entice half of users to choose lower QoS
  during congestion, then reduce burstiness at
  access links by 25

24
Auction-based Resource Allocation

• Problem
• Efficiently and effectively allocate resources
  according to applications dynamic requirements
• Approach
• Leveraging auction schemes and work-load
  predictions

• Capabilities
• Bidders can place bids based on application
  requirements and contention level.
• Bidders can place bids for near future resource
  requirements based on recent history.
• Bidders can express both utility and priority to
  auctioneer.
• Auctioneer can dynamically change applications
  priority by changing the token allocation rate.
• Status
• On-going work
• First application bandwidth allocation in ad hoc
  wireless networks

25
Bandwidth Allocation
R1 attaches new certificate to the refresh message

• Problem scalable (stateless) and robust
  bandwidth allocation
• Control Plane
• Soft state
• Per-router per-period certificates for robustness
  without per-flow state
• Random sampling to prevent duplicate refreshes
• Data Plane
• Monitor aggregate flows
• Recursively split misbehaving aggregates

misbehaving aggregate split it
26
Work in Progress

• Enhanced Paths
• BGP Route Flap Dampening
• BGP Policy Agents
• Backup Path Allocation in Overlay Networks
• Host Mobility
• Multicast Interoperation

27
BGP Stability vs. Convergence

• Problem
• Stability achieved through flap dampingRFC2439
• Unexpectedflap damping delays convergence!

• Topology clique of routers

• Solution selective flap damping sigcomm02
• Duplicate suppression
• Ignore flaps caused by transient convergence
  instability
• Still contains stability
• Eliminates undesired interaction!

28
Policy Management for BGP

• 3-15 minute failover time
• Slow response to congestion
• Unacceptable for Internet service composition

• Lack of distributed route control
• Need distributed policy management
• Explicit route policy negotiation

• Identified current routing behavior
• Inferred AS relationships, topology
• Next gather traffic data, finish code, emulate

29
Backup Path Allocation in Overlay Networks

• Challenge
• Disjoint primary and backup path in the overlay
  network may share underlying links because the
  overlay network cannot control underlying links
  used by a path
• Problem
• Find a primary and backup path pair with minimal
  failure probability based on correlated overlay
  link failures
• Approach
• Decouple backup path routing from primary path
  routing
• Route backup paths based on failure probability
  cost which measures the incremental path failure
  probability caused by using a link in the path
• Status
• Finished work, submitted to ICNP02

30
Host Mobility Using an Internet Indirection
Infrastructure

• The Problem
• Internet hosts increasingly mobileneed to
  remain reachable
• Flows should not be interrupted
• IP address represents unique host ID net
  location
• ROAM (Robust Overlay Architecture for Mobility)
• Leverages i3 overlay network triggers forward
  packets
• Efficiency, robustness, location privacy,
  simultaneous mobility
• No changes to end-host kernel or applications
• Cost i3 infrastructure, and proxies on
  end-hosts
• Simulation Experimental Results
• Stretch lower than MIP-bi ? able to choose nearby
  triggers
• 50-66 of MIP-tri when 5-28 domains deploy i3
  servers
• Even 4 handoffs in 10 seconds have little impact
  on TCP performance

(ID, data)
(ID, R)
Sender (S)
(ID, data)
(ID, R)
Receiver (R)
31
Multicast Broadcast Federation

• Goal compose different non-interoperable
  multicast domains to provide an end-to-end
  multicast service.
• Should work for both IP and App-layer protocols.
• Approach overlay of Broadcast Gateways (BGs)
• BGs establish peering between domains.
• Inside a domain, local multicast capability is
  used.
• Clustered gateways for scalability.
• Independent data flows and control flow.

Source
Broadcast Domains
CDN
IP Mul
SSM
Clients
BG
Peering
Data

• Implementation
• Linux/C event-driven program
• Easily customizable interface to local multicast
  capability (700 lines)
• Upto 1 Gbps BG thruput with 6 nodes.
• Upto 2500 sessions with 6 nodes.

32
Work in Progress

• Middleware Services
• Measurement and Monitoring Infrastructure
• Robust Service Composition
• Authorization Interworking

33
Internet Distance Monitoring Infrastructure

• Problem N end hosts in different administrative
  domains, how to select a subset to be probes, and
  build an overlay distance monitoring service
  without knowing the underlying topology?

• Solution Internet Iso-bar
• Clustering of hosts perceiving similar
  performance
• Good scalability
• Good accuracy stability
• Tested with NLANR
• AMP Keynote data
• Small overhead
• Incrementally deployable
• SIGMETRICS PAPA 02
• CMG journal 02

Cluster C
Cluster B
Cluster A
Monitor
Distance from monitor to its hosts
Distance measurements among monitors
End Host
34
Availability in Wide-AreaService Composition
Text to audio

• Issue Multi-provider ? WA composition
• Poor availability of Internet path ? Poor service
  availability for client

Text to audio

• gt15sec outage
• Note BGP recovery could take several minutes
  Labovitz00

• Fix detect and recover from failures using
  service replicas
• Highlight of results
• Quick detection (2sec) possible
• Scalable messaging for recovery (can handle
  simultaneous failure recovery of 1000s of
  clients)
• See SPECTS02 paper
• More recent results on load balancing across
  service replicas

• End-to-end recovery in about 3.6sec 2sec
  detection, 600ms signaling, 1sec state
  restoration

WA setup UCB, Berk. (Cable), SF (DSL), Stan.,
CMU, UCSD, UNSW (Aus), TU-Berlin (Germany)
35
Authorization Control Across Administrative
Domains
Trusted third party
Domain 1
Should grant access?
Authorization Authority
Service
Decision
Request - certificates - credentials
Verification
Policy compliance check
Certificates Credentials
Credential transformation
Domain 2
User
Trust peering agreement - credential
transformation rule

• Authorization authority
• Provides authorization decision service.
• Manages different verification methods and
  credentials.
• Trust peering agreement
• Credential transformation rule
• Acceptable verification method

36
Work in Progress

• Applications Services
• Voice Over IP
• Adaptive Content Distribution
• (Universal In-Box)

37
IP Telephony Gateway Selection
LS
ITG
LS
ITG
LS
ITG

• Results
• Congestion sensitive pricing decreases
  unnecessary call blocking, increases revenue, and
  improves economic efficiency
• Hybrid redirection achieves good QoS and low
  blocking probability

• Goal High quality, economically efficient
  telephony over the Internet
• Questions How to
• Perform call admission control?
• Route calls thru converged net?

38
SCAN Scalable Content Access Network

• Problem Provide content distribution to clients
  with small latency, small of replicas and
  efficient update dissemination
• Solution SCAN
• Leverage P2P location services to improve
  scalability and locality
• Simultaneous dynamic replica placement
  app-level multicast tree construction

data plane
data source

• Close to optimal of replicas wrt latency
  guarantee
• Small latency bandwidth for sending updates
• IPTPS 02
• Pervasive 02

Web server
SCAN server
network plane
39
Recent Publications

• C. Chuah, L. Subramanian, A. D. Joseph, R. H.
  Katz, QoS Provisioning Using A Clearing House
  Architecture, 8th International Workshop on
  Quality of Service (IWQOS 2000), Pittsburgh, PA,
  (June 2000).
• S. Zhuang, B. Zhao, A. Joseph, R. H. Katz, J.
  Kubiatowicz, Bayeux An Architecture for
  Wide-Area, Fault-Tolerant Data Dissemination
  Protocol, ACM NOSSDAV 2001, New York, (June
  2001).
• Z. Mao, W. So, R. H. Katz, Network Support for
  Mobile Multimedia Using a Self-Adaptive
  Distributed Proxy, ACM NOSSDAV 2001, New York,
  (June 2001).
• Y. Chen, A. Bargteil, R. H. Katz, Quantifying
  Network Denial of Service A Location Service
  Case Study, Third International Conference on
  Information and Communication Security
  (ICICS2001), Xian, China, (November 2001).

40
Recent Publications

• J. Shih, R. H. Katz, Pricing Experiments for a
  Computer-Telephony-Service Usage Allocation,
  IEEE Globecom 2001, San Antonio, TX, (November
  2001).
• Y. Chen, R. H. Katz, J. Kubiatowicz, Replica
  Placement for Scalable Content Delivery,
  Proceedings First International Conference on
  Peer-to-Peer Systems (IPTPS02), Cambridge, MA,
  (March 2002).
• T. Suzuki, R. H. Katz, An Authorization Control
  Framework to Enable Service Composition Across
  Domains, Proceedings Eleventh World Wide Web
  Conference (WWW2002), Honolulu, HI, (May 2002).
• M. Caesar, D. Ghosal, R. H. Katz, Resource
  Management for IP Telephony Networks,
  Proceedings 10th International Workshop on
  Quality of Service (IWQoS), Miami Beach, FL, (May
  2002).
• S. Machiraju, M. Seshadri, I. Stoica, A Scalable
  and Robust Solution for Bandwidth Allocation,
  Proceedings 10th International Workshop on
  Quality of Service (IWQoS), Miami Beach, FL, (May
  2002).

41
Recent Publications

• Y. Chawathe, M. Seshadri, Broadcast Federation
  An Application-layer Broadcast Internet,
  Proceedings Network and Operating System Support
  for Digital Audio and Video (NOSSDAV02), Miami
  Beach, FL, (May 2002).
• L. Subramanian, V. Padmanabhan, R. H. Katz,
  Geographic Properties of Internet Routing,
  USENIX Conference, Monterey, California, (June
  2002).
• Z, Mao, C. Cranor, F. Douglis, M. Rabinovich, O.
  Spatscheck, J. Wang, A Precise and Efficient
  Evaluation of the Proximity between Web Clients
  and their Local DNS Servers, USENIX Conference,
  Monterey, California, (June 2002).
• L. Subramanian, S. Agarwal, J. Rexford, R. H.
  Katz, Characterizing the Internet Hierarchy from
  Multiple Vantage Points, IEEE Infocomm
  Conference, New York, NY, (June 2002).

42
Recent Publications

• J. Shih, R. H. Katz, Evaluating Tradeoffs of
  Congestion Pricing for Voice Calls, Extended
  Abstract, ACM Sigmetrics Conference, San Diego,
  California, (July 2002).
• J. Shih, R. H. Katz, Evaluating the Tradeoffs of
  Congestion Pricing for Voice Calls, 2002
  International Symposium on Performance Evaluation
  of Computer and Telecommunication Systems (SPECTS
  2002), San Diego, California, (July 2002).
• B. Raman, R. H. Katz, Emulation-based Evaluation
  of an Architecture for Wide-Area Service
  Composition, 2002 International Symposium on
  Performance Evaluation of Computer and
  Telecommunication Systems (SPECTS 2002), San
  Diego, California, (July 2002).
• Z. Mao, R. Govindan, S. Shenker, R. H. Katz,
  Route Flap Damping Exacerbates Internet Routing
  Convergence. ACM SIGCOMM Conference, Pittsburgh,
  PA, (August 2002).

43
Recent Publications

• B. Raman, S. Agrawal, Y. Chan, M. Caesar, W. Cui,
  P. Johannson, K. Lai, T. Lavian, S, Machiraju, Z.
  Mao, G. Porter, T. Roscoe, M. Seshadri, J. Shih,
  K. Sklower, L. Subramanian, T. Suzuki, S. Zhuang,
  A. D. Joseph, R. H. Katz, I. Stoica, The SAHARA
  Model for Service Composition across Multiple
  Providers, Pervasive Computing 2002, Zurich,
  Switzerland, (August 2002).
• Z. Mao, R. H. Katz, A Framework for Universal
  Service Access using Device Ensembles, CRA Grace
  Murray Hopper Celebration of Women in Computer
  Science Conference, Vancouver, BC, (October
  2002).

44
Our Mascot