Path Switching in Content Centric and Named Data Networks Ilya - - PowerPoint PPT Presentation

path switching in content centric and named data networks
SMART_READER_LITE
LIVE PREVIEW

Path Switching in Content Centric and Named Data Networks Ilya - - PowerPoint PPT Presentation

Nov 18, 2023 287 likes •570 views

Path Switching in Content Centric and Named Data Networks Ilya Moiseenko Dave Oran Network Systems Cisco Systems Research and Design Outline I. Introduction II. Design Path Discovery & Steering in regular ICN data plane Path

slide-1
SLIDE 1

Path Switching in Content Centric and Named Data Networks

Ilya Moiseenko Cisco Systems Dave Oran Network Systems Research and Design

slide-2
SLIDE 2

Outline

I. Introduction

  • II. Design

– Path Discovery & Steering in regular ICN data plane – Path Switching ICN data plane

  • III. Evaluation
  • IV. Security considerations

2

slide-3
SLIDE 3

3

  • I. Introduction
slide-4
SLIDE 4

Motivation

  • ICN communication is inherently multi-path

and potentially multi-destination.

  • No mechanism for consumers to direct traffic
  • nto a specific path.

4

slide-5
SLIDE 5

ICN challenges

  • 1. Ability to discover, monitor and troubleshoot

multipath network connectivity based on names and name prefixes:

– Ping – Traceroute

  • 2. Ability to accurately measure a performance of

a specific network path.

5

slide-6
SLIDE 6

ICN challenges

  • 3. Ability to control multipath congestion:

– Count number of available paths – Uniquely identify a path – Allocate traffic to each path

  • 4. Ability for Traffic Engineering and SDN

– Externally programmable end-to-end paths are highly desirable in Data Center and Service Provider networks

6

slide-7
SLIDE 7

ICN challenges

  • 5. Per-packet Longest Name Prefix Match (LNPM)

FIB lookup seems to be a first-order bottleneck

– Not clear if hardware acceleration is cost-effective – Energy consumption using conventional multi-core CPUs is not competitive with IPv4/IPv6, MPLS, Segment Routing data planes.

7

slide-8
SLIDE 8
  • II. Design

8

slide-9
SLIDE 9

How to label paths?

9

What is a path label? One or more nexthop IDs Encoding options:

  • Bloom filter
  • Pairing function
  • Fixed size labels
  • Label Stack (similar to MPLS label stack)
slide-10
SLIDE 10

Path discovery and steering

10

Interest1 has no path label and is forwarded with LPM FIB

F2 F3 F4 P

Producer (Content Store)

Nexthop1 Nexthop4 Nexthop2 Nexthop5 Nexthop3 F1 C

Consumer

Interest1

Control plane Interest & Content (Data) network path

slide-11
SLIDE 11

Path discovery and steering

11

Content1 carries a path label modified on each hop

F2 F3 F4 P

Producer (Content Store)

Nexthop1 Nexthop4 Nexthop2 Nexthop5 Nexthop3 F1 C

Consumer

Content1 Interest1

Control plane Interest & Content (Data) network path

slide-12
SLIDE 12

Path discovery and steering

12

Interest2 has a path label and is forwarded with LPM FIB + nexthop selection

F2 F3 F4 P

Producer (Content Store)

Nexthop1 Nexthop4 Nexthop2 Nexthop5 Nexthop3 F1 C

Consumer

Interest2 Content1 Interest1

Control plane Interest & Content (Data) network path

slide-13
SLIDE 13

Advantages

  • ICN Ping application can reliably measure path RTT
  • ICN Traceroute application can iteratively discover

multiple network paths

  • Consumer multipath-aware congestion control can

discover and distribute load across paths

  • Consumer can mitigate content poisoning attacks
  • Traffic engineering (TE) and SDN solutions can be built
  • Can serve as a foundation for overlay networks

13

slide-14
SLIDE 14

Route updates

  • With path steering, LNPM FIB lookup is not

bypassed.

  • If nexthop selection fails:

– Interest-Return (NACK) carrying a new “Invalid path label” error code – or silently forward an Interest through any available nexthop

14

slide-15
SLIDE 15

Path Switching

  • Bypass LNPM FIB lookup.
  • Content (Data) messages are forwarded based on PIT

lookup as in regular CCN / NDN.

  • Interest messages undergo the same Content Store

and PIT lookup as in regular CCN / NDN.

– Note: this wins over LNPM since the match is exact against full name

  • Inherits the advantages of Path Steering alone.

15

slide-16
SLIDE 16

Handling Route updates

  • New nexthop label(s) assigned every time FIB

entry changes

  • On reverse path, Data and NACK is dropped
  • On forward path, Interest is NACK’ed

16

slide-17
SLIDE 17

Path switching data plane

17

slide-18
SLIDE 18

18

  • III. Evaluation
slide-19
SLIDE 19

Single prefix route update

  • Regular NDN data plane

– Forwarding strategy selects random ECMP nexthop

  • Path switching NDN data plane

– Consumer has basic path switching capabilities: a) discovers network paths, b) keeps track of unique paths, c) selects random path

19

C 2 3 4 5 6 P 1

slide-20
SLIDE 20

Single name prefix route update

20

Route update on Node 2 removes the adjacency with Node 3 and Node 4 after 20 seconds of simulation.

  • C

1 2 3 4 5 6 P 20 40 60 0 20 40 60 0 20 40 60 0 20 40 60 0 20 40 60 0 20 40 60 0 20 40 60 0 20 40 60 2000 4000 6000

Time FIB−forwarded Interests

  • C

1 2 3 4 5 6 P 20 40 60 0 20 40 60 0 20 40 60 0 20 40 60 0 20 40 60 0 20 40 60 0 20 40 60 0 20 40 60 2000 4000 6000

Time Path Switched Interests

  • C

1 2 3 4 5 6 P 20 40 60 0 20 40 60 0 20 40 60 0 20 40 60 0 20 40 60 0 20 40 60 0 20 40 60 0 20 40 60 5 10 15 20

Time FIB−forwarded Interests

slide-21
SLIDE 21

Multiple prefix route update

  • Path switching CCN/NDN data plane

– Nexthop relabeling impacts other ongoing flows with unrelated name prefix if nexthops are shared between FIB entries

21 C1 2 3 P2 P1 1 C2 /edu/ucla /com/cisco

slide-22
SLIDE 22

Multiple name prefix route update.

22

Route update on Node 2 removes C1 – P1 FIB entry after 30 seconds of simulation.

  • C1

C2 1 2 3 P1 P2 20 40 60 0 20 40 60 0 20 40 60 0 20 40 60 0 20 40 60 0 20 40 60 0 20 40 60 3000 6000 9000 12000

Time FIB−forwarded Interests

  • C1

C2 1 2 3 P1 P2 20 40 60 0 20 40 60 0 20 40 60 0 20 40 60 0 20 40 60 0 20 40 60 0 20 40 60 3000 6000 9000 12000

Time Path Switched Interests

  • C1

C2 1 2 3 P1 P2 20 40 60 0 20 40 60 0 20 40 60 0 20 40 60 0 20 40 60 0 20 40 60 0 20 40 60 3000 6000 9000 12000

Time FIB−forwarded Interests

slide-23
SLIDE 23

23

  • IV. Security considerations
slide-24
SLIDE 24

Malicious mis-steering

Consumer can use probing with Interests to discover path labels and then steer packets over wrong paths or to wrong destinations to mount a DoS attack.

  • 32-bit nexthop label requires on average 231 Interests to discover by

malicious consumer

  • Mitigation: periodically update nexthop labels to limit the maximum

lifetime of paths

  • To foil divide-and-conquer, use a void Hop Count field in “Invalid path

label” Interest-Return (NACK) message

  • Path label can be encrypted hop-by-hop on the reverse path

24

slide-25
SLIDE 25

Cache pollution

Malicious consumer & producer can inject an off-path and potentially bogus object in on-path caches.

  • Mitigation: Cache entries must be annotated with the

corresponding path label and only used to satisfy Interests with a matching path label.

  • Mitigation: Cache entries must not evict entries for the same object

with no path label, or a different path label.

25

slide-26
SLIDE 26

Conclusion

  • Enables Traffic Engineering, SDN, multipath congestion control, ping

and traceroute applications.

  • The speed of nexthop label lookup does not depend on the size and the

contents of FIB.

  • Simpler than MPLS because it does not require a separate label

distribution protocol.

26

slide-27
SLIDE 27

Q/A

27