anycast for any service
play

Anycast for Any Service Michael J. Freedman Karthik - PowerPoint PPT Presentation

Feb 15, 2023 •236 likes •798 views

Anycast for Any Service Michael J. Freedman Karthik Lakshminarayanan David Mazires http://oasis.coralcdn.org/ Whats the replica-selection problem? mycdn ? Client needs to choose a good replica server Performance and cost

  1. Anycast for Any Service Michael J. Freedman Karthik Lakshminarayanan David Mazières http://oasis.coralcdn.org/

  2. What’s the replica-selection problem? mycdn ? � Client needs to choose a “good” replica server � Performance and cost dependent on replica selection

  3. What do we currently do?

  4. How bad can it get?

  5. Anycast is the solution mycdn ? � Anycast = automated “good” replica selection � OASIS is a flexible anycast system for multiple services

  6. The need for anycast � Internet systems rely on replicated content and services � Distributed mirrors: Web servers, FTP servers, … � Content Distribution Networks: Akamai, CoralCDN, … � Internet Naming Systems: DNS, SFR, DOA, … � Distributed File Systems: CFS, Shark, …. � Routing Overlays: RON, Detour, i3, … � Distributed Hash Storage Systems: OpenDHT, … � All could benefit from anycast service

  7. How should one implement anycast?

  8. Strawman: probe & find nearest mycdn C D I A B E ICMP

  9. Strawman: probe & find nearest mycdn C , , E I D D I A B E ICMP � Result highly accurate � � � � Lots of probing � � � � Slow to compute � � �

  10. Strawman: probe & find nearest mycdn C , , E I D D I A B E ICMP � Result highly accurate � � � � Lots of probing � � � � Slow to compute � � �

  11. Avoid probing on-demand mycdn C , , E I D D I A B E ICMP � Result highly accurate � � � � Lots of probing � � � � Slow to compute � � �

  12. Avoid probing on-demand mycdn [IMC05] shows IP prefixes often preserve locality C , , E I D ( 99% of /24s by stub AS at the same location ) D I A B E ICMP � Result highly accurate � � � 18.0.0.0/8 � Lots of probing � � � This is the problem � Slow to compute � � � Akamai must solve

  13. What about yourcdn ? mycdn yourcdn E I D M N O 18.0.0.0/8 � Result highly accurate � � � � Lots of probing � � � � Slow to compute � � �

  14. Idea: Use geographic coordinates mycdn yourcdn (42N,71W) (42N,71W) 18.0.0.0/8 � Amortize costs � � � � Stable across services, time, and failures � � � � Result highly accurate � � � � Lots of probing � � � Assume all replicas � Slow to compute � � � know geo-coords

  15. OASIS provides… � Amortize costs � � � � Stable across time, services, and failures � � � � Result highly accurate � � � � Fast response time � � � � Supports flexible anycast policies � � � � Balances tension between: � Performance: finding nearest replica � Cost: minimizing 95% bandwidth usage

  16. Outline � Architecture and design decisions � Detailed design � Evaluation � Deployment and integration lessons � OASIS deployed since November 2005 � Currently in use by 10 services

  17. Two-tier architecture mycdn OASIS core mycdn DNS replica OASIS = = proxy node RPC Large set of replicas that assist in measurement Reliable core of hosts that implement anycast

  18. Using OASIS via DNS mycdn OASIS core 2 1 Resolver Client Client issues DNS request for mycdn .nyuld.net 1. 2. OASIS redirects client to nearby application replica

  19. Using OASIS via HTTP mycdn OASIS core 3 2 1 Client 1. Client issues HTTP request 2. Web cgi-bin issues RPC to OASIS core 3. Client redirected to nearby application replica

  20. How does core answer anycast? Using OASIS via HTTP request IP addr name bucketing service IP prefix policy coords proximity replicas response

  21. How does core answer anycast? request IP addr name 18.71.0.3 mycdn.nyuld.net bucketing service IP prefix policy 18.0.0.0/8 mycdn coords 18.26.4.9 proximity replicas 171.66.3.181 216.165.109.81 18.26.4.9 response

  22. How to map IP prefix to coords? proximity IP prefix ( Lat, Lng, RTT distance ) location accuracy

  23. How to map IP prefix to coords? proximity IP prefix ( Lat, Lng, RTT distance ) location accuracy (42N,71W) (42N,71W) 18.0.0.0/8 : � Two-pronged approach � Find closest replica proxy

  24. How to map IP prefix to coords? proximity IP prefix ( Lat, Lng, RTT distance ) location accuracy (42N,71W) (42N,71W) 18.0.0.0/8 : , 6.0 ms � Two-pronged approach � Find closest replica proxy � Use closest replica’s geo-coords + error RTT as location

  25. Find replica nearest prefix efficiently “Probe 18.0.0.0/8” 18.168.0.23 18.0.0.0/8 � Two-pronged approach � Find closest replica proxy with less probing � Use closest replica’s geo-coords + error RTT as location

  26. Find replica nearest prefix efficiently 18.168.0.23 [ Meridian 05 ] � Two-pronged approach � Find closest replica proxy with less probing � Use closest replica’s geo-coords + error RTT as location

  27. Find replica nearest prefix efficiently 18.168.0.23 [ Meridian 05 ] 18.0.0.0/8 : (42N,71W) , 6.0 ms � Two-pronged approach � Find closest replica proxy with less probing � Use closest replica’s geo-coords + error RTT as location

  28. Geographic distance vs. RTT � Strong correlation b/w geographical distance and RTT

  29. Geographic distance vs. RTT � Strong correlation b/w geographical distance and RTT � RTT accuracy has real-world meaning � Check if new coordinates improve accuracy vs. old coords

  30. Geographic distance vs. RTT � Strong correlation b/w geographical distance and RTT [ Meridian 05 ] 18.0.0.0/8 18.0.0.0/8 18.0.0.0/8 : : : (42N,72W) (42N,71W) (42N,72W) , 3.0 ms , 6.0 ms , 3.0 ms � RTT accuracy has real-world meaning � Check if new coordinates improve accuracy vs. old coords

  31. Geographic distance vs. RTT 18.0.0.0/8 : (42N,72W) , 3.0 ms � Strong correlation b/w geographical distance and RTT [ Meridian 05 ] 18.0.0.0/8 18.0.0.0/8 : : (42N,72W) (42N,71W) , 6.0 ms , 3.0 ms � RTT accuracy has real-world meaning � Check if new coordinates improve accuracy vs. old coords

  32. Geographic distance vs. RTT � Strong correlation b/w geographical distance and RTT � RTT accuracy has real-world meaning � Check if new coordinates improve accuracy vs. old coords � Useful for sanity check for network peculiarities � Do multiple results satisfy constraints (e.g., speed of light) ?

  33. Outline � Architecture and design decisions � Detailed design � Evaluation � Deployment and integration lessons � OASIS deployed since November 2005 � Currently in use by 10 services

  34. mycdn opendht OASIS core � OASIS core � Service replicas � Global membership view � Heartbeats to OASIS node � Epidemic gossiping � Form global Meridian • Scalable failure detection overlay for probing • Spread policies, prefix coords � Consistent hashing • Divide up responsibility for prefixes

  35. How to find “nearby” nodes? request IP addr name 18.26.4.9 mycdn.nyuld.net bucketing service IP prefix policy 18.0.0.0/8 mycdn coords 18.26.4.9 proximity replicas 171.66.3.181 216.165.109.81 Local info from gossiping 18.26.4.9 (stale data okay) response

  36. How to find “nearby” nodes? request IP addr name 18.26.4.9 mycdn.nyuld.net bucketing service IP prefix policy 18.0.0.0/8 mycdn coords 18.26.4.9 proximity replicas 171.66.3.181 216.165.109.81 Local info from gossiping Clients react poorly 18.26.4.9 (stale data okay) to stale data response

  37. Aggregate replica information H(srv) OASIS OASIS mycdn � Define service’s rendezvous node via consistent hashing � Service replicas send keepalives to nearby OASIS nodes � Update rendezvous when replicas join, leave, large load change

  38. Aggregate replica information Bottleneck? H(srv) OASIS OASIS mycdn � Define service’s rendezvous node via consistent hashing � Service replicas send keepalives to nearby OASIS nodes � Update rendezvous when replicas join, leave, large load change

  39. Aggregate replica information H(srv) OASIS OASIS mycdn � Aggregate over k nodes for scalability � Rendezvous gossip liveness state for loose consistency � k can be dynamic for better scalability

  40. A client’s view: Finding a nameserver H(dns) OASIS OASIS Client � Core lookup: Contacts 1 of 13 nameservers for .nyuld.net � OASIS “uses itself” to discover replica for service dns

  41. A client’s view: Finding a nameserver H(dns) OASIS OASIS Client � Core lookup: Contacts 1 of 13 nameservers for .nyuld.net � OASIS “uses itself” to discover replica for service dns � Returns nearby nameservers for subsequent requests

  42. A client’s view: Finding a replica H(dns) OASIS OASIS H(mycdn) R Client � Replica lookup: Client contacts nearby nameserver � OASIS discover replica for service mycdn � Returns nearby replicas for application

  43. Evaluation � Deployed on PlanetLab since November 2005 � How much end-to-end benefit from OASIS? � How accurate is OASIS? � Effective for load balancing? � What are OASIS’s bandwidth costs?

  44. E2E download of web page 290% faster than Meridian 500% faster than RR Cached virtual coords highly inaccurate

  45. Client RTT to chosen replica Outperforms Meridian 60% of time

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Anycast Routing in OLSR MANETs (A sample deployment) Justin Dean 4 th OLSR Interop Ottawa, CA

Anycast Routing in OLSR MANETs (A sample deployment) Justin Dean 4 th OLSR Interop Ottawa, CA

Anycast Routing in OLSR MANETs (A sample deployment) Justin Dean 4 th OLSR Interop Ottawa, CA 10/14/08 Anycast definitions Anycast addressing assigning a common IP address to multiple instance of the same service.. 1 Anycast

794 views • 19 slides
Towards a global IP Anycast service Hitesh Ballani, Paul Francis Cornell University ACM SIGCOMM

Towards a global IP Anycast service Hitesh Ballani, Paul Francis Cornell University ACM SIGCOMM

Towards a global IP Anycast service Hitesh Ballani, Paul Francis Cornell University ACM SIGCOMM 2005 What is IP Anycast? One-to-Any communication with no changes to Internet routing IP Address IP Address 2.1.1.1 2.1.1.1 Robust and

1.25k views • 65 slides
Tier-1s break Anycast DNS Zhihao Li, Neil Spring D-Root: 199.7.91.13 111 Anycast

Tier-1s break Anycast DNS Zhihao Li, Neil Spring D-Root: 199.7.91.13 111 Anycast

Tier-1s break Anycast DNS Zhihao Li, Neil Spring D-Root: 199.7.91.13 111 Anycast replicas: 19 global (red): advertised without restriction 92 local (black): advertised one hop in BGP Anycast Mental model: Packets sent to

646 views • 29 slides
Anycast as a Load Balancing Feature Fernanda Weiden Peter Frost Introduction Service

Anycast as a Load Balancing Feature Fernanda Weiden Peter Frost Introduction Service

Anycast as a Load Balancing Feature Fernanda Weiden Peter Frost Introduction Service availability is critical to business function Large scale failures often require slow, manual restoration Maintenance of next-nearest fallback configuration

442 views • 13 slides
Best Practices in DNS Service-Provision Architecture Version 1.0 February 2006 Bill Woodcock

Best Practices in DNS Service-Provision Architecture Version 1.0 February 2006 Bill Woodcock

Best Practices in DNS Service-Provision Architecture Version 1.0 February 2006 Bill Woodcock Packet Clearing House Its all Anycast Large ISPs have been running production anycast DNS for more than a decade. Which is a very long time, in

416 views • 41 slides
Anycast census and geolocation AIMS: Workshop on Active Internet Measurements 31 March - 2 April

Anycast census and geolocation AIMS: Workshop on Active Internet Measurements 31 March - 2 April

Anycast census and geolocation AIMS: Workshop on Active Internet Measurements 31 March - 2 April 2015 Cicalese Danilo Jordan Auge Diana Joumblatt Dario Rossi Timur Friedman Here is where the anycast instances are Demo: goo.gl/Ff8gdQ 12

338 views • 19 slides
Characterizing IPv4 Anycast Adoptjon and Deployment Dario Rossi Professor

Characterizing IPv4 Anycast Adoptjon and Deployment Dario Rossi Professor

Characterizing IPv4 Anycast Adoptjon and Deployment Dario Rossi Professor dario.rossi@telecom-paristech.fr htup://www.enst.fr/~drossi/anycast Joint work with D.Cicalese, J. Auge, D. Joumblatu and T. Friedman Talk Teaser A seminal work [4] at

748 views • 50 slides
.CL anycast switching experiment Sebastian Castro secastro@caida.org secastro@nic.cl CAIDA

.CL anycast switching experiment Sebastian Castro secastro@caida.org secastro@nic.cl CAIDA

.CL anycast switching experiment Sebastian Castro secastro@caida.org secastro@nic.cl CAIDA NIC Chile 8 th CAIDA/WIDE workshop July, 2007 Introduction The anycast technology has been widely deployed in various DNS services around the

291 views • 17 slides
CloudFlare DNS Anycast Services lafur Gu mundsson | olafur@cloudflare.com Network Over 80

CloudFlare DNS Anycast Services lafur Gu mundsson | olafur@cloudflare.com Network Over 80

CloudFlare DNS Anycast Services lafur Gu mundsson | olafur@cloudflare.com Network Over 80 locations soon All services over Anycast 2 CloudFlare DNS expertise Deliver DNS answers in fast and reliable manner worldwide

545 views • 7 slides
F root anycast: What, why and how Joo Damas ISC Overview What is a root server? What is

F root anycast: What, why and how Joo Damas ISC Overview What is a root server? What is

F root anycast: What, why and how Joo Damas ISC Overview What is a root server? What is F? What is anycast? F root anycast. Why? How does ISC do it? What is f.root-servers.net? One the Internets official DNS root servers

456 views • 24 slides
Anycast in The Cloud 22.10.18 Brett Carr Agenda Introduction Short history of our

Anycast in The Cloud 22.10.18 Brett Carr Agenda Introduction Short history of our

Anycast in The Cloud 22.10.18 Brett Carr Agenda Introduction Short history of our DNS Infrastructure Expansion and Cloud choices Anycast in the cloud, simple/cost effective Problems dont give me no problems

251 views • 14 slides
Two days in The Life of The DNS Anycast Root Servers Ziqian Liu Beijing Jiaotong Univeristy

Two days in The Life of The DNS Anycast Root Servers Ziqian Liu Beijing Jiaotong Univeristy

Two days in The Life of The DNS Anycast Root Servers Ziqian Liu Beijing Jiaotong Univeristy Bradley Huffaker, Marina Fomenkov Nevil Brownlee, and kc claffy CAIDA PAM2007 Outline DNS root servers DNS anycast in root servers Data

289 views • 26 slides
SAND Project Self-managing Anycast Networks for the DNS ICANN 55 TechDay 7 March, 2016 Ricardo

SAND Project Self-managing Anycast Networks for the DNS ICANN 55 TechDay 7 March, 2016 Ricardo

SAND Project Self-managing Anycast Networks for the DNS ICANN 55 TechDay 7 March, 2016 Ricardo de O. Schmidt SAND Project Bring autonomous management to anycast DNS M onitoring: system health, reachability, performance, resilience... A

308 views • 14 slides
Internet Anycast: Performance, Problems and Potential Zhihao Li , Dave Levin, Neil Spring, Bobby

Internet Anycast: Performance, Problems and Potential Zhihao Li , Dave Levin, Neil Spring, Bobby

Internet Anycast: Performance, Problems and Potential Zhihao Li , Dave Levin, Neil Spring, Bobby Bhattacharjee University of Maryland 1 Anycast is increasingly used DNS root servers: All 13 DNS root servers Open DNS resolvers:

672 views • 33 slides
On the Use of Anycast in DNS Sa nde e p Sa ra t Jo hns Ho pkins Unive rsity Va sile io s Pa ppa

On the Use of Anycast in DNS Sa nde e p Sa ra t Jo hns Ho pkins Unive rsity Va sile io s Pa ppa

On the Use of Anycast in DNS Sa nde e p Sa ra t Jo hns Ho pkins Unive rsity Va sile io s Pa ppa s UCL A Andre a s T e rzis Jo hns Ho pkins Unive rsity http:/ / hinrg .c s.jhu.e du/ Background Wha t is Anyc a st? Clie nt tra nspa

770 views • 12 slides
Tunnel Broker Using IPv4 Anycast Xin LIU lx@ns.6test.edu.cn August 2003 Outline Transition

Tunnel Broker Using IPv4 Anycast Xin LIU lx@ns.6test.edu.cn August 2003 Outline Transition

Tunnel Broker Using IPv4 Anycast Xin LIU lx@ns.6test.edu.cn August 2003 Outline Transition from IPv4 to IPv6 Typical Tunnel Broker Tunnel Broker Utilizing IPv4 Anycast From IPv4 to IPv6 IPv6 = Internet Protocol Version 6

722 views • 14 slides
Block Cipher Cryptanalysis: An Overview Subhabrata Samajder Indian Statistical Institute, Kolkata

Block Cipher Cryptanalysis: An Overview Subhabrata Samajder Indian Statistical Institute, Kolkata

Block Cipher Cryptanalysis: An Overview Subhabrata Samajder Indian Statistical Institute, Kolkata 17 th May, 2017 0/52 Iterated Block Cipher Outline Iterated Block Cipher 1 S-Boxes 2 A Basic Substitution Permutation Network 3 Linear

1.58k views • 113 slides
10 years of Rijndael Vincent Rijmen Overview The AES process (participants perspective)

10 years of Rijndael Vincent Rijmen Overview The AES process (participants perspective)

10 years of Rijndael Vincent Rijmen Overview The AES process (participants perspective) Rijndael Security of Rijndael/AES Spreading of AES Stream ciphers: competitors? Conclusions The early years (1997)

939 views • 70 slides
Risk-based Testing with Jira and Jubula Daniele Gagliardi @dangagliar Creative Commons

Risk-based Testing with Jira and Jubula Daniele Gagliardi @dangagliar Creative Commons

Risk-based Testing with Jira and Jubula Daniele Gagliardi @dangagliar Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported. 1 66 / Agenda The Theory What is it ? Why should I care ? The Practice The

974 views • 66 slides
Hacking Appliances: Ironic exploits in security products Ben Williams 9:22 AM Proposition

Hacking Appliances: Ironic exploits in security products Ben Williams 9:22 AM Proposition

9:22 AM Hacking Appliances: Ironic exploits in security products Ben Williams 9:22 AM Proposition There is a temptation to think of Security Appliances as impregnable fortresses, this is definitely a mistake. Security Appliance (noun) -

1.1k views • 63 slides
Adaptive Application Security Testing Model Ashish Khandelwal Gunankar Tyagi Agendum

Adaptive Application Security Testing Model Ashish Khandelwal Gunankar Tyagi Agendum

Adaptive Application Security Testing Model Ashish Khandelwal Gunankar Tyagi Agendum Confidential McAfee Internal Use Only Security Testing Confidential McAfee Internal Use Only Cost Impact m suffered a heavy The TJX Company breach, which m

429 views • 20 slides
Analyse de primitives sym etriques Pierre Karpman a lInria Saclay & Rennes, l Th`

Analyse de primitives sym etriques Pierre Karpman a lInria Saclay & Rennes, l Th`

Analyse de primitives sym etriques Pierre Karpman a lInria Saclay & Rennes, l Th` ese pr epar ee ` Ecole polytechnique, et la Nanyang Technological University Sous la direction de Daniel Augot, Pierre-Alain Fouque et

906 views • 58 slides
Block Ciphers Chester Rebeiro IIT Madras CR STINSON : chapters 3 Block Cipher K D K E

Block Ciphers Chester Rebeiro IIT Madras CR STINSON : chapters 3 Block Cipher K D K E

Block Ciphers Chester Rebeiro IIT Madras CR STINSON : chapters 3 Block Cipher K D K E untrusted communication link Alice Bob E D #%AR3Xf34^$ Attack at Dawn!! decryption encryption (ciphertext) message message Attack at

1.56k views • 143 slides
Making Sense at Scale with Algorithms, Machines & People PI: Michael Franklin

Making Sense at Scale with Algorithms, Machines & People PI: Michael Franklin

UC BERKELEY Making Sense at Scale with Algorithms, Machines & People PI: Michael Franklin University of California, Berkeley Expeditions in Computing PI Meeting May 15, 2013 The Berkeley AMPLab 2 Sources

800 views • 23 slides

More recommend