Author Archives: Steve Uhlig

Experience-driven research on programmable networks

Hyojoon Kim, Xiaoqi Chen, Jack T Brassil, Jennifer Rexford

Abstract

Many promising networking research ideas in programmable networks never see the light of day. Yet, deploying research prototypes in production networks can help validate research ideas, improve them with faster feedback, uncover new research questions, and also ease the subsequent transition to practice. In this paper, we show how researchers can run and validate their research ideas in their own backyards—on their production campus networks—and we have seen that such a demonstrator can expedite the deployment of a research idea in practice to solve real network operation problems. We present P4Campus, a proof-of-concept that encompasses tools, an infrastructure design, strategies, and best practices—both technical and non-technical—that can help researchers run experiments against their programmable network idea in their own network. We use network tapping devices, packet brokers, and commodity programmable switches to enable running experiments to evaluate research ideas on a production campus network. We present several compelling data-plane applications as use cases that run on our campus and solve production network problems. By sharing our experiences and open-sourcing our P4 apps [28], we hope to encourage similar efforts on other campuses.

Download from ACM

The January 2021 issue

This January 2021 issue contains three technical papers as well as two editorial notes.

The first technical paper, Distrinet: a Mininet Implementation for the Cloud, by Giuseppe Di Lena and his colleagues, proposes Distrinet, a distributed implementation of Mininet over multiple hosts, based on LXD/LXC, Ansible, and VXLAN tunnels. Distrinet is compatible with Mininet programs, generic and can deploy experiments on Linux clusters as well as on the Amazon EC2 cloud platform. Given how popular Mininet is for SDN evaluation, this contribution potentially provides a lot of value to our research community.

The second technical paper, Experience-Driven Research on Programmable Networks, by Hyojoon Kim and colleagues, presents a proof-of-concept to help researchers run experiments against their programmable network idea, in their own network. The authors present several data-plane applications as use cases that run on their campus and solve production network problems. While not fully reproducible, this paper is a good step towards encouraging similar efforts in our community.

Our third paper, The Case for Model-Driven Interpretability of Delay-based Congestion Control Protocols, by Muhammad Khan and his colleagues, presents a study of different delay-based congestion control algorithms for TCP. The proposed framework is flexible and allows to model delay-based protocols, by simplifying a congestion control protocol’s response into a guided random walk over a two-dimensional Markov model. The model is evaluated against actual traces collected in 3G/4G networks, and allows to get the intuition of which regime the congestion control loop is spending most of the time.

Then, we have two editorial notes. The first one, Italian Operators’ Response to the COVID-19 Pandemic, by Massimo Candela and Antonio Prado, reports on the actions undertaken by network operators in Italy in response to COVID-19. The second editorial note, What do Information Centric Networks, Trusted Execution Environments, and Digital Watermarking have to do with Privacy, the Data Economy, and their future?, by Nikolaos Laoutaris and Costas Iordanou, discusses how ICNs combined with trusted execution environments and digital watermarking can be combined to build a personal data overlay inter-network that has a plethora of desirable properties for end-users.

I hope that you will enjoy reading this new issue and welcome comments and suggestions on CCR Online (https://ccronline.sigcomm.org) or by email at ccr-editor at sigcomm.org.

Distrinet: a Mininet Implementation for the Cloud

Giuseppe Di Lena, Andrea Tomassilli, Damien Saucez, Frédéric Giroire, Thierry Turletti, Chidung Lac

Abstract

Networks have become complex systems that combine various concepts, techniques, and technologies. As a consequence, modelling or simulating them now is extremely complicated and researchers massively resort to prototyping techniques. Mininet is the most popular tool when it comes to evaluate SDN propositions. Mininet allows to emulate SDN networks on a single computer but shows its limitations with resource intensive experiments as the emulating host may become overloaded. To tackle this issue, we propose Distrinet, a distributed implementation of Mininet over multiple hosts, based on LXD/LXC, Ansible, and VXLAN tunnels. Distrinet uses the same API than Mininet, meaning that it is compatible with Mininet programs. It is generic and can deploy experiments on Linux clusters (e.g., Grid’5000), as well as on the Amazon EC2 cloud platform.

Download from ACM

Using Deep Programmability to Put Network Owners in Control

Nate Foster, Nick McKeown, Jennifer Rexford, Guru Parulkar, Larry Peterson, Oguz Sunay

Abstract

Controlling an opaque system by reading some “dials” and setting some “knobs,” without really knowing what they do, is a hazardous and fruitless endeavor, particularly at scale. What we need are transparent networks, that start at the top with a high-level intent and map all the way down, through the control plane to the data plane. If we can specify the behavior we want in software, then we can check that the system behaves as we expect. This is impossible if the implementation is opaque. We therefore need to use open-source software or write it ourselves (or both), and have mechanisms for checking actual behavior against the specified intent. With fine-grain checking (e.g., every packet, every state variable), we can build networks that are more reliable, secure, and performant. In the limit, we can build networks that run autonomously under verifiable, closed-loop control. We believe this vision, while ambitious, is finally within our reach, due to deep programmability across the stack, both vertically (control and data plane) and horizontally (end to end). It will emerge naturally in some networks, as network owners take control of their software and engage in open-source efforts; whereas in enterprise networks it may take longer. In 5G access networks, there is a pressing need for our community to engage, so these networks, too, can operate autonomously under verifiable, closed-loop control.

Download the full article (from ACM)

Digital Contact Tracing: Technologies, Shortcomings, and the Path Forward

Amee Trivedi and Deepak Vasisht

Abstract

Since the start of the COVID-19 pandemic, technology enthusiasts have pushed for digital contact tracing as a critical tool for breaking the COVID-19 transmission chains. Motivated by this push, many countries and companies have created apps that enable digital contact tracing with the goal to identify the chain of transmission from an infected individual to others and enable early quarantine. Digital contact tracing applications like AarogyaSetu in India, TraceTogether in Singapore, SwissCovid in Switzerland, and others have been downloaded hundreds of millions of times. Yet, this technology hasn’t seen the impact that we envisioned at the start of the pandemic. Some countries have rolled back their apps, while others have seen low adoption.

Therefore, it is prudent to ask what the technology landscape of contact-tracing looks like and what are the missing pieces. We attempt to undertake this task in this paper. We present a high-level review of technologies underlying digital contact tracing, a set of metrics that are important while evaluating different contact tracing technologies, and evaluate where the different technologies stand today on this set of metrics. Our hope is two-fold: (a) Future designers of contact tracing applications can use this review paper to understand the technology landscape, and (b) Researchers can identify and solve the missing pieces of this puzzle, so that we are ready to face the rest of the COVID-19 pandemic and any future pandemics. A majority of this discussion is focused on the ability to identify contact between individuals. The questions of ethics, privacy, and security of such contact tracing are briefly mentioned but not discussed in detail.

Download the full article (from ACM)

Coronavirus Contact Tracing: Evaluating The Potential Of Using Bluetooth Received Signal Strength For Proximity Detection

Douglas J. Leith and Stephen Farrell

Abstract

Many countries are deploying Covid-19 contact tracing apps that use Bluetooth Low Energy (LE) to detect proximity within 2m for 15 minutes. However, Bluetooth LE is an unproven technology for this application, raising concerns about the efficacy of these apps. Indeed, measurements indicate that the Bluetooth LE received signal strength can be strongly affected by factors including (i) the model of handset used, (ii) the relative orientation of handsets, (iii) absorption by human bodies, bags etc. and (iv) radio wave reflection from walls, floors, furniture. The impact on received signal strength is comparable with that caused by moving 2m, and so has the potential to seriously affect the reliability of proximity detection. These effects are due the physics of radio propagation and suggest that the development of accurate methods for proximity detection based on Bluetooth LE received signal strength is likely to be challenging. We call for action in three areas. Firstly, measurements are needed that allow the added value of deployed apps within the overall contact tracing system to be evaluated, e.g. data on how many of the people notified by the app would not have been found by manual contact tracing and what fraction of people notified by an app actually test positive for Covid-19. Secondly, the 2m/15 minute proximity limit is only a rough guideline. The real requirement is to use handset sensing to evaluate infection risk and this requires a campaign to collect measurements of both handset sensor data and infection outcomes. Thirdly, a concerted effort is needed to collect controlled Bluetooth LE measurements in a wide range of real-world environments, the data reported here being only a first step in that direction.

Download the full article (from ACM)

COSMOS educational toolkit: using experimental wireless networking to enhance middle/high school STEM education

P. Skrimponis, N. Makris, S. Rajguru, K. Cheng, J. Ostrometzky, E. Ford, Z. Kostic, G. Zussman, T. Korakis

Abstract

This paper focuses on the educational activities of COSMOS – __C__loud enhanced __O__pen __S__oftware defined __MO__bile wireless testbed for city __S__cale deployment. The COSMOS wireless research testbed is being deployed in West Harlem (New York City) as part of the NSF Platforms for Advanced Wireless Research (PAWR) program. COSMOS’ approach for K–12 education is twofold: (i) create an innovative and concrete set of methods/tools that allow teaching STEM subjects using live experiments related to wireless networks/IoT/cloud, and (ii) enhance the professional development (PD) of K–12 teachers and collaborate with them to create hands-on educational material for the students. The COSMOS team has already conducted successful pilot summer programs for middle and high school STEM teachers, where the team worked with the teachers and jointly developed innovative real-world experiments that were organized as automated and repeatable math, science, and computer science labs to be used in the classroom. The labs run on the COSMOS Educational Toolkit, a hardware and software system that offers a large variety of pre-orchestrated K–12 educational labs. The software executes and manages the experiments in the same operational philosophy as the COSMOS testbed. Specifically, since it is designed for use by non-technical middle and high school teachers/students, it adds easy-to-use enhancements to the experiments’ execution and the results visualization. The labs are also supported by Next Generation Science Standards (NGSS)-compliant teacher/student material. This paper describes the teachers’ PD program, the NGSS lessons created and the hardware and software system developed to support the initiative. Additionally, it provides an evaluation of the PD approach as well as the expected impact on K–12 STEM education. Current limitations and future work are also included as part of the discussion section.

Download the full article (from ACM)

Retrofitting Post-Quantum Cryptography in Internet Protocols: A Case Study of DNSSEC

M. Mueller, J. de Jong, M. van Heesch, B. Overeinder, R. van Rijswijk-Deij

Abstract

Quantum computing is threatening current cryptography, especially the asymmetric algorithms used in many Internet protocols. More secure algorithms, colloquially referred to as Post-Quantum Cryptography (PQC), are under active development. These new algorithms differ significantly from current ones. They can have larger signatures or keys, and often require more computational power. This means we cannot just replace existing algorithms by PQC alternatives, but need to evaluate if they meet the requirements of the Internet protocols that rely on them.

In this paper we provide a case study, analyzing the impact of PQC on the Domain Name System (DNS) and its Security Extensions (DNSSEC). In its main role, DNS translates human-readable domain names to IP addresses and DNSSEC guarantees message integrity and authenticity. DNSSEC is particularly challenging to transition to PQC, since DNSSEC and its underlying transport protocols require small signatures and keys and efficient validation. We evaluate current candidate PQC signature algorithms in the third round of the NIST competition on their suitability for use in DNSSEC. We show that three algorithms, partially, meet DNSSEC’s requirements but also show where and how we would still need to adapt DNSSEC. Thus, our research lays the foundation for making DNSSEC, and protocols with similar constraints ready for PQC.

Download the full article (from ACM)

Mobile Web Browsing Under Memory Pressure

I. Qazi, Z. Qazi, T. Benson, E. Latif, A. Manan, G. Murtaza, M. Tariq

Abstract

Mobile devices have become the primary mode of Internet access. Yet, differences in mobile hardware resources, such as device memory, coupled with the rising complexity of Web pages can lead to widely different quality of experience for users. In this work, we analyze how device memory usage affects Web browsing performance. We quantify the memory footprint of popular Web pages over different mobile devices, mobile browsers, and Android versions, analyze the induced memory distribution across different browser components (e.g., JavaScript engine and compositor), investigate how performance gets impacted under memory pressure and propose optimizations to reduce the memory footprint of Web browsing. We show that these optimizations can improve performance and reduce chances of browser crashes in low memory scenarios.

Download the full article (from ACM)

A first look at the IP eXchange ecosystem

A. Lutu, B. Jun, F. Bustamante, D. Perino, M. Braun, C. Bontje

Abstract

The IPX Network interconnects about 800 Mobile Network Operators (MNOs) worldwide and a range of other service providers (such as cloud and content providers). It forms the core that enables global data roaming while supporting emerging applications, from VoLTE and video streaming to IoT verticals. This paper presents the first characterization of this, so-far opaque, IPX ecosystem and a first-of-its-kind in-depth analysis of an IPX Provider (IPX-P). The IPX Network is a private network formed by a small set of tightly interconnected IPX-Ps. We analyze an operational dataset from a large IPX-P that includes BGP data as well as statistics from signaling. We shed light on the structure of the IPX Network as well as on the temporal, structural and geographic features of the IPX traffic. Our results are a first step in understanding the IPX Network at its core, key to fully understand the global mobile Internet.

Download the full article (from ACM)