Title: The SAHARA Project: Composition and Cooperation in the New Internet
1The SAHARA ProjectComposition and
Cooperationin the New Internet
- Randy H. Katz, Anthony Joseph, Ion Stoica
- Computer Science Division
- Electrical Engineering and Computer Science
Department - University of California, Berkeley
- Berkeley, CA 94720-1776
2Presentation Outline
- Service Architecture Opportunity
- SAHARA Project Motivation
- SAHARA Reference Architecture
- Mechanisms for Service Composition
- Summary and Conclusions
3Presentation Outline
- Service Architecture Opportunity
- SAHARA Project Motivation
- SAHARA Reference Architecture
- Mechanisms for Service Composition
- Summary and Conclusions
4Traditional View of Networking
- All about protocols and the OSI layers
- Protocol details link-state vs. distance vector,
TCP - Protocol layering
- Multiaccess technology
- Switching and routing
- Naming
- Error control
- Flow control scheduling
- Special topics like multicast and mobility
5The New Opportunity
- New things you can do inside the network
- Connecting end-points to services with
processing embedded in the network fabric - Not protocols but agents, executing in places
in the network - Location-aware, data format aware
- Controlled violation of layering necessary!
- Distributed architecture aware of network
topology - No single technical architecture likely to
dominate think overlays, system of systems
6Distributed Service Architectures for Converged
Networks
- Converged Networks
- Public Switched Telephone Network (PSTN)
- Internet/Public Switched Data Network (PSDN)
- Mobile Internet
- Converged Structure?
- Distributed Service Architecture
- Services
- -Ility connectivity
- Rich call new call features
- Infrastructure services proxies, search,
commerce - Enablers for distributed apps event content
distribution
7Services in Converged Networks
8Services in Converged Networks
9New Kind of Communications-Oriented Service
Architecture
- Emerging, still developing, in a highly
heterogeneous environment - Rapid development/deployment of new services
apps - Delivered to radically different end devices
(phone, computer, info appliance) over diverse
access networks (PSTN, LAN, Wireless, Cellular,
DSL, Cable, Satellite) - Exploiting Internet-based technology core
clients/server, applications level routers,
TCP/IP protocols, Web/XML formats - Beyond traditional call processing model
client-proxy-server plus application-level
partitioning - Built upon a new business model being driven by
the evolution of the Internet traditional
managed networks and services versus emerging
overlay networks and services structured on top
of and outside of the above - Composition via cooperation or brokering to
achieve enhanced performance and reliability
10Presentation Outline
- Service Architecture Opportunity
- SAHARA Project Motivation
- SAHARA Reference Architecture
- Mechanisms for Service Composition
- Summary and Conclusions
11Scenario ServiceComposition
12The Sahara Project
- Service
- Architecture for
- Heterogeneous
- Access,
- Resources, and
- Applications
13Sahara Research Focus
- New mechanisms, techniques for end-to-end
services w/ desirable, predictable, enforceable
properties spanning potentially distrusting
service providers - Tech architecture for service composition
inter-operation across separate admin domains,
supporting peering brokering, and diverse
business, value-exchange, access-control models - Functional elements
- Service discovery
- Service-level agreements
- Service composition under constraints
- Redirection to a service instance
- Performance measurement infrastructure
- Constraints based on performance, access control,
accounting/billing/settlements - Service modeling and verification
14Problems and SolutionsThe Network Effect
- Creating and deploying new services
- Development and deployment expense
- Cost of 3G licenses and networks
- Even if I had 1 billion and set up 1000s of
locations, I could never in my network have a
completely ubiquitous footprint.Sky Dayton,
founder of Boingo - Composition, cooperation, overlays
- Achieving desirable end-to-end properties
- Control of the end-to-end path
- Cooperation, peering, overlays (brokering)
- Evolving network services
- Difficult to change global operational
infrastructure - Overlays, cooperation
15Internet Connectivity and Processing
16Interconnected WorldAgile or Fragile?
- Baltimore Tunnel Fire, 18 July 2001
- The fire also damaged fiber optic cables,
slowing Internet service across the country, - Keynote Systems says the July 19 Internet
slowdown was not caused by the spreading of Code
Red. Rather, a train wreck in a Baltimore tunnel
that knocked out a major UUNet cable caused it. - PSINet, Verizon, WorldCom and AboveNet were some
of the bigger communications companies reporting
service problems related to peering, methods
used by Internet service providers to hand
traffic off to others in the Web's
infrastructure. Traffic slowdowns were also seen
in Seattle, Los Angeles and Atlanta, possibly
resulting from re-routing around the affected
backbones. - The fire severed two OC-192 links between
Vienna, VA and New York, NY as well as an OC-48
link from, D.C. to Chicago. Metromedia routed
traffic around the fiber break, relying heavily
on switching centers in Chicago, Dallas, and
D.C.
17Internet Service Composition
18Competition vs. Cooperation
- Internet Service Providers Competition
- Peering for packet transport BGP protocol
- Charging based on traffic volumes
ISP A
Hot Potato Routing
ISP B
19Composition and CooperationMobile Virtual
Network Operator
- MVNO has everything but its own physical network
20Mobile Virtual Network OperatorComposition and
Cooperation
21GPRS Transit Peering, Cooperation, Composition
Per Johannson, Ericsson Research
22PeeringPolicy-Based Routing
- Multi-homing
- Reliability of network connectivity
- Traffic discrimination
Primary Transit Network
End Network
Berkeley Campus
Dorm Traffic
Alternative Transit Network
Research Traffic
Fail-over
Peer Network
Peer Network
Peer Network
Peer Networks
CalREN
23OverlaysCreating New Interdomain Services
- Deploy new services above the routing layer
- E.g., interdomain multicast management and
peering - E.g., alternative connectivity for performance,
resilience
Isolated Intra-cloud service
Traditional unicast peering
Steve McCanne
24OverlaysBrokered Resources for Applications
- Examples
- Multicast management and peering at application
level - Implement performance qualities at overlay level
Steve McCanne
25CompositionWireless ISPs (wISPs)
- T-Mobile Wireless Broadband (MobileStar), WayPort
- Traditional network ISP, subscription-based
services in public places - Hotels (Wayport), airports (Wayport _at_ SJ
airport), airport clubs (T-Mobile _at_ AA Admirals
Club), and cafes (T-Mobile _at_ Starbucks) - Diverse billing models e.g., 24-hour
subscription at a hotel - Boingo, Joltage, hereUare, NetNearU
- Aggregator of access, e.g., Boingo aggregates
Wayport, hereUare - Client s/w including network sniffer/location
finder, back-end authentication/secure
VPN/settlement services - Revenue sharing with micro ISPs/single local
network (SLN) - Diverse billing models subscriptions as well as
pay per use - Sputnik
- Cooperative wireless neighbor-to-neighbor
networks - Ipass, GRIC
- Secure remote access for mobile employees
- Simplify connection establishment and login,
wireless VPN support
26Composition of Wireless Infrastructure Services
Billing, ECommerce Authentication Inter-site
Mobility
Full Service Network Operator
Premises-based Access
27Presentation Outline
- Service Architecture Opportunity
- SAHARA Project Motivation
- SAHARA Reference Architecture
- Mechanisms for Service Composition
- Summary and Conclusions
28Technical Challenges
- Trust management and behavior verification
- Meet promised functionality, performance,
availability - Adapting to network dynamics
- Actively respond to shifting server-side
workloads and network congestion, based on
pervasive monitoring measurement - Awareness of network topology to drive service
selection - Adapting to user dynamics
- Resource allocation responsive to client-side
workload variations - Resource provisioning and management
- Service allocation and service placement
- Interoperability across multiple service
providers - Interworking across similar services deployed by
different providers
29Service Composition Models
- Cooperative
- Individual component service providers interact
in distributed fashion, with distributed
responsibility, to provide an end-to-end composed
service - Brokered
- Single provider, the Broker, uses functionalities
provided by underlying service providers,
encapsulates these to compose an end-to-end
service - Examples
- Cooperative roaming among separate mobile
networks - Brokered JAL restaurant guide
30Service Composition Models
31Layered Reference Model for Service Composition
End-User Applications
Applications Services
Application Plane
Middleware Services
End-to-End Network With Desirable Properties
Enhanced Paths
Connectivity Plane
Enhanced Links
IP Network
32Layered Reference Modelfor Service Composition
Composed Service at Layer i
33Layered Reference Modelfor Service Composition
- Connectivity Plane
- End-to-end network with desirable properties
composed on top of commodity IP network - Enhanced Links Paths QoS and protocol
verification within and between connectivity
service providers - Applications Plane
- Services strategically placed and actively
managed within the network topology - Applications and Middleware Services end-client
oriented vs. infrastructure oriented
34Presentation Outline
- Service Architecture Opportunity
- SAHARA Project Motivation
- SAHARA Reference Architecture
- Mechanisms for Service Composition
- Summary and Conclusions
35Mechanisms for Service Composition
- Measurement-based Adaptation
- Examples
- General-purpose third party end-to-end Internet
host distance monitoring and estimation service - Universal In-box Application-specific middleware
measurement layer to exchange network and server
load using link-state algorithm - Content Distribution Networks measurement-based
DNS-based server selection to redirect client to
closest service instance
36Mechanisms for Service Composition
- Utility-based Resource Allocation Mechanisms
- Examples
- Auctions to dynamically allocate resources
applied for spectrum/bandwidth resource
assignments to MVNO from underlying competiting
MNOs - Congestion pricing influence user behavior to
better utilize scarce resources applied in - Voice port allocation to user-initiated calls in
H.323 gateway/Voice over IP service management - Wireless LAN bandwidth allocation and management
- H.323 gateway selection, redirection, and load
balancing for Voice over IP services
37Mechanisms for Service Composition
- Trust Mgmt/Verification of Service Usage
- Authentication, Authorization, Accounting
Services - Authorization control scheme w/ credential
transformations to enable cross-domain service
invocation - Federated admin domains with credential
transformation rules based on established peering
agreements - AAA server makes authorization decisions,
liberating providers from preparing rules for
each affiliated domain - Service Level Agreement Verification
- Verification and usage monitoring to ensure
properties specified in SLA are being honored - Border routers monitoring control traffic from
different providers to detect malicious route
advertisements
38Mechanisms for Service Composition
- Policy Management
- Visibility into local policies to better
coordinate global policies among (cooperating)
service providers - Developing inter-AS architecture for load
balancing, performance and failure mode policies
to be applied throughout the network - Internet topology discovery through AS
relationship map of the Internet plus measurement
infrastructure - Policy agent framework for inter-AS negotiation
to manage incoming traffic
39Mechanisms for Service Composition
- Interoperability through Transformation
- Interoperability of data, protocols, policies
among composed service providers - Example
- Broadcast federation global multicast service
composed from multicast implementations in
different provider domains - Protocol transformation gateways between admin
domains employing non-interoperable multicast
protocol implementations
40Presentation Outline
- Service Architecture Opportunity
- SAHARA Project Motivation
- SAHARA Reference Architecture
- Mechanisms for Service Composition
- Summary and Conclusions
41Summary and Conclusions
- Goal Evolve (mobile) Internet architecture to
better support multi-network/multi-service
provider model - Dynamic environment, location-based implies
larger numbers of service providers service
instances - Status architectural specification driven by
selected applications and underlying wide-area
services - Focus
- Composition across confederated vs. independent
service providers peer-to-peer vs. brokering - Explore new techniques/technologies
- Market-based mechanisms
- Trust management, SLA verification, perf.
monitoring
42Recent Publications
- C. Chuah, L. Subramanian, A. D. Joseph, R. H.
Katz, QoS Provisioning Using A Clearing House
Architecture, 8th International Workshop on
Quality of Service (IWQOS 2000), Pittsburgh, PA,
(June 2000). - S. Zhuang, B. Zhao, A. Joseph, R. H. Katz, J.
Kubiatowicz, Bayeux An Architecture for
Wide-Area, Fault-Tolerant Data Dissemination
Protocol, ACM NOSSDAV 2001, New York, (June
2001). - Z. Mao, W. So, R. H. Katz, Network Support for
Mobile Multimedia Using a Self-Adaptive
Distributed Proxy, ACM NOSSDAV 2001, New York,
(June 2001). - Y. Chen, A. Bargteil, R. H. Katz, Quantifying
Network Denial of Service A Location Service
Case Study, Third International Conference on
Information and Communication Security
(ICICS2001), Xian, China, (November 2001).
43Recent Publications
- J. Shih, R. H. Katz, Pricing Experiments for a
Computer-Telephony-Service Usage Allocation,
IEEE Globecom 2001, San Antonio, TX, (November
2001). - Y. Chen, R. H. Katz, J. Kubiatowicz, Replica
Placement for Scalable Content Delivery,
Proceedings First International Conference on
Peer-to-Peer Systems (IPTPS02), Cambridge, MA,
(March 2002). - T. Suzuki, R. H. Katz, An Authorization Control
Framework to Enable Service Composition Across
Domains, Proceedings Eleventh World Wide Web
Conference (WWW2002), Honolulu, HI, (May 2002). - M. Caesar, D. Ghosal, R. H. Katz, Resource
Management for IP Telephony Networks,
Proceedings 10th International Workshop on
Quality of Service (IWQoS), Miami Beach, FL, (May
2002). - S. Machiraju, M. Seshadri, I. Stoica, A Scalable
and Robust Solution for Bandwidth Allocation,
Proceedings 10th International Workshop on
Quality of Service (IWQoS), Miami Beach, FL, (May
2002).
44Recent Publications
- Y. Chawathe, M. Seshadri, Broadcast Federation
An Application-layer Broadcast Internet,
Proceedings Network and Operating System Support
for Digital Audio and Video (NOSSDAV02), Miami
Beach, FL, (May 2002). - L. Subramanian, V. Padmanabhan, R. H. Katz,
Geographic Properties of Internet Routing,
USENIX Conference, Monterey, California, (June
2002). - Z, Mao, C. Cranor, F. Douglis, M. Rabinovich, O.
Spatscheck, J. Wang, A Precise and Efficient
Evaluation of the Proximity between Web Clients
and their Local DNS Servers, USENIX Conference,
Monterey, California, (June 2002). - L. Subramanian, S. Agarwal, J. Rexford, R. H.
Katz, Characterizing the Internet Hierarchy from
Multiple Vantage Points, IEEE Infocomm
Conference, New York, NY, (June 2002).
45Recent Publications
- J. Shih, R. H. Katz, Evaluating Tradeoffs of
Congestion Pricing for Voice Calls, Extended
Abstract, ACM Sigmetrics Conference, San Diego,
California, (July 2002). - J. Shih, R. H. Katz, Evaluating the Tradeoffs of
Congestion Pricing for Voice Calls, 2002
International Symposium on Performance Evaluation
of Computer and Telecommunication Systems (SPECTS
2002), San Diego, California, (July 2002). - B. Raman, R. H. Katz, Emulation-based Evaluation
of an Architecture for Wide-Area Service
Composition, 2002 International Symposium on
Performance Evaluation of Computer and
Telecommunication Systems (SPECTS 2002), San
Diego, California, (July 2002). - Z. Mao, R. Govindan, S. Shenker, R. H. Katz,
Route Flap Damping Exacerbates Internet Routing
Convergence. ACM SIGCOMM Conference, Pittsburgh,
PA, (August 2002).
46Recent Publications
- B. Raman, S. Agrawal, Y. Chan, M. Caesar, W. Cui,
P. Johannson, K. Lai, T. Lavian, S, Machiraju, Z.
Mao, G. Porter, T. Roscoe, M. Seshadri, J. Shih,
K. Sklower, L. Subramanian, T. Suzuki, S. Zhuang,
A. D. Joseph, R. H. Katz, I. Stoica, The SAHARA
Model for Service Composition across Multiple
Providers, Pervasive Computing 2002, Zurich,
Switzerland, (August 2002). - Z. Mao, R. H. Katz, A Framework for Universal
Service Access using Device Ensembles, CRA Grace
Murray Hopper Celebration of Women in Computer
Science Conference, Vancouver, BC, (October
2002).
47SAHARA A Revolutionary Service Architecture for
Future Telecommunications Systems
- Randy H. Katz, Anthony Joseph, Ion Stoica
- Computer Science Division
- Electrical Engineering and Computer Science
Department - University of California, Berkeley
- Berkeley, CA 94720-1776
48Work in Progress
- Enhanced Links
- Enhanced Paths
- Middleware Services
- Applications Services
49Work in Progress
- Enhanced Links
- Congestion Pricing for Access Links
- Auction-based Resource (Bandwidth) Allocation
- Traffic Policing/Verification of Bandwidth
Allocation
50Congestion Pricing at Access Links
- Setup
- 10 users
- 3 QoS (Slow-going, Moderate, Responsive)differ
on degree of traffic smoothing - 24 tokens/day, 15 minutes of usage per charge
- Acceptable
- Users make purchasing decision at most once every
15 minutes - Feasible
- Changing prices cause users to select different
QoS - Effective
- If entice half of users to choose lower QoS
during congestion, then reduce burstiness at
access links by 25
51Auction-based Resource Allocation
- Problem
- Efficiently and effectively allocate resources
according to applications dynamic requirements - Approach
- Leveraging auction schemes and work-load
predictions
- Features
- Bidders can place bids based on application
requirements and contention level. - Bidders can place bids for near future resource
requirements based on recent history. - Bidders can express both utility and priority to
auctioneer. - Auctioneer can dynamically change applications
priority by changing the token allocation rate. - Status
- On-going work
- First application bandwidth allocation in ad hoc
wireless networks
52Bandwidth Allocation
R1 attaches new certificate to the refresh message
- Problem scalable (stateless) and robust
bandwidth allocation - Control Plane
- Soft state
- Per-router per-period certificates for robustness
without per-flow state - Random sampling to prevent duplicate refreshes
- Data Plane
- Monitor aggregate flows
- Recursively split misbehaving aggregates
misbehaving aggregate split it
53Work in Progress
- Enhanced Paths
- BGP Route Flap Dampening
- BGP Policy Agents
- Backup Path Allocation in Overlay Networks
- Host Mobility
- Multicast Interoperation
54BGP Stability vs. Convergence
- Problem
- Stability achieved through flap dampingRFC2439
- Unexpectedflap damping delays convergence!
- Topology clique of routers
- Solution selective flap damping sigcomm02
- Duplicate suppression
- Ignore flaps caused by transient convergence
instability - Still contains stability
- Eliminates undesired interaction!
55Policy Management for BGP
- 3-15 minute failover time
- Slow response to congestion
- Unacceptable for Internet service composition
- Lack of distributed route control
- Need distributed policy management
- Explicit route policy negotiation
- Identified current routing behavior
- Inferred AS relationships, topology
- Next gather traffic data, finish code, emulate
56Backup Path Allocation in Overlay Networks
- Challenge
- Disjoint primary and backup path in the overlay
network may share underlying links because the
overlay network cannot control underlying links
used by a path - Problem
- Find a primary and backup path pair with minimal
failure probability based on correlated overlay
link failures - Approach
- Decouple backup path routing from primary path
routing - Route backup paths based on failure probability
cost which measures the incremental path failure
probability caused by using a link in the path - Status
- Finished work, submitted to ICNP02
57Host Mobility Using an Internet Indirection
Infrastructure
- The Problem
- Internet hosts increasingly mobileneed to
remain reachable - Flows should not be interrupted
- IP address represents unique host ID net
location - ROAM (Robust Overlay Architecture for Mobility)
- Leverages i3 overlay network triggers forward
packets - Efficiency, robustness, location privacy,
simultaneous mobility - No changes to end-host kernel or applications
- Cost i3 infrastructure, and proxies on
end-hosts - Simulation Experimental Results
- Stretch lower than MIP-bi ? able to choose nearby
triggers - 50-66 of MIP-tri when 5-28 domains deploy i3
servers - Even 4 handoffs in 10 seconds have little impact
on TCP performance
(ID, data)
(ID, R)
Sender (S)
(ID, data)
(ID, R)
Receiver (R)
58Multicast Broadcast Federation
- Goal compose different non-interoperable
multicast domains to provide an end-to-end
multicast service. - Should work for both IP and App-layer protocols.
- Approach overlay of Broadcast Gateways (BGs)
- BGs establish peering between domains.
- Inside a domain, local multicast capability is
used. - Clustered gateways for scalability.
- Independent data flows and control flow.
Source
Broadcast Domains
CDN
IP Mul
SSM
Clients
BG
Peering
Data
- Implementation
- Linux/C event-driven program
- Easily customizable interface to local multicast
capability (700 lines) - Upto 1 Gbps BG thruput with 6 nodes.
- Upto 2500 sessions with 6 nodes.
59Work in Progress
- Middleware Services
- Measurement and Monitoring Infrastructure
- Robust Service Composition
- Authorization Interworking
60Internet Distance Monitoring Infrastructure
- Problem N end hosts in different administrative
domains, how to select a subset to be probes, and
build an overlay distance monitoring service
without knowing the underlying topology?
- Solution Internet Iso-bar
- Clustering of hosts perceiving similar
performance - Good scalability
- Good accuracy stability
- Tested with NLANR
- AMP Keynote data
- Small overhead
- Incrementally deployable
- SIGMETRICS PAPA 02
- CMG journal 02
Cluster C
Cluster B
Cluster A
Monitor
Distance from monitor to its hosts
Distance measurements among monitors
End Host
61Availability in Wide-AreaService Composition
Text to audio
- Issue Multi-provider ? WA composition
- Poor availability of Internet path ? Poor service
availability for client
Text to audio
- gt15sec outage
- Note BGP recovery could take several minutes
Labovitz00
- Fix detect and recover from failures using
service replicas - Highlight of results
- Quick detection (2sec) possible
- Scalable messaging for recovery (can handle
simultaneous failure recovery of 1000s of
clients) - See SPECTS02 paper
- More recent results on load balancing across
service replicas
- End-to-end recovery in about 3.6sec 2sec
detection, 600ms signaling, 1sec state
restoration
WA setup UCB, Berk. (Cable), SF (DSL), Stan.,
CMU, UCSD, UNSW (Aus), TU-Berlin (Germany)
62Authorization Control Across Administrative
Domains
Trusted third party
Domain 1
Should grant access?
Authorization Authority
Service
Decision
Request - certificates - credentials
Verification
Policy compliance check
Certificates Credentials
Credential transformation
Domain 2
User
Trust peering agreement - credential
transformation rule
- Authorization authority
- Provides authorization decision service.
- Manages different verification methods and
credentials. - Trust peering agreement
- Credential transformation rule
- Acceptable verification method
63Work in Progress
- Applications Services
- Voice Over IP
- Adaptive Content Distribution
- (Universal In-Box)
64IP Telephony Gateway Selection
LS
ITG
LS
ITG
LS
ITG
- Results
- Congestion sensitive pricing decreases
unnecessary call blocking, increases revenue, and
improves economic efficiency - Hybrid redirection achieves good QoS and low
blocking probability
- Goal High quality, economically efficient
telephony over the Internet - Questions How to
- Perform call admission control?
- Route calls thru converged net?
65SCAN Scalable Content Access Network
- Problem Provide content distribution to clients
with small latency, small of replicas and
efficient update dissemination - Solution SCAN
- Leverage P2P location services to improve
scalability and locality - Simultaneous dynamic replica placement
app-level multicast tree construction
data plane
data source
- Close to optimal of replicas wrt latency
guarantee - Small latency bandwidth for sending updates
- IPTPS 02
- Pervasive 02
Web server
SCAN server
network plane