Category Archives: 2022

Measuring DNS over TCP in the Era of Increasing DNS Response Sizes: A View from the Edge

Mike Kosek, Trinh Viet Doan, Simon Huber, Vaibhav Bajpai

Abstract

The Domain Name System (DNS) is one of the most crucial parts of the Internet. Although the original standard defined the usage of DNS over UDP (DoUDP) as well as DNS over TCP (DoTCP), UDP has become the predominant protocol used in the DNS. With the introduction of new Resource Records (RRs), the sizes of DNS responses have increased considerably. Since this can lead to truncation or IP fragmentation, the fallback to DoTCP as required by the standard ensures successful DNS responses by overcoming the size limitations of DoUDP. However, the effects of the usage of DoTCP by stub resolvers are not extensively studied to this date. We close this gap by presenting a view at DoTCP from the Edge, issuing 12.1M DNS requests from 2,500 probes toward Public as well as Probe DNS recursive resolvers. In our measurement study, we observe that DoTCP is generally slower than DoUDP, where the relative increase in Response Time is less than 37% for most resolvers. While optimizations to DoTCP can be leveraged to further reduce the response times, we show that support on Public resolvers is still missing, hence leaving room for optimizations in the future. Moreover, we also find that Public resolvers generally have comparable reliability for DoTCP and DoUDP. However, Probe resolvers show a significantly different behavior: DoTCP queries targeting Probe resolvers fail in 3 out of 4 cases, and, therefore, do not comply with the standard. This problem will only aggravate in the future: As DNS response sizes will continue to grow, the need for DoTCP will solidify.

Download from ACM

Programming Socket-Independent Network Functions with Nethuns

Nicola Bonelli, Fabio Del Vigna, Alessandra Fais, Giuseppe Lettieri, Gregorio Procissi

Abstract

Software data planes running on commodity servers are very popular in real deployments. However, to attain top class performance, the software approach requires the adoption of accelerated network I/O frameworks, each of them characterized by its own programming model and API. As a result, network applications are often closely tied to the underlying technology, with obvious issues of portability over different systems. This is especially true in cloud scenarios where different I/O frameworks could be installed depending on the configuration of the physical servers in the infrastructure. The nethuns library proposes a unified programming abstraction to access and manage network operations over different I/O frameworks. The library is freely available to the community under the BSD license and currently supports AF_XDP and netmap for fast packet handling along with the classic AF_PACKET and the pcap library. Network applications based on nethuns need only to be re-compiled to run over a different network API. The experiments prove that the overhead introduced by nethuns is negligible, hence making it a convenient programming platform that eases the coding process while guaranteeing high performance and portability. As proofs of concept, a handy traffic generator as well as the popular Open vSwitch application have been successfully ported and tested over nethuns.

Download from ACM

Hyper-Specific Prefixes: Gotta Enjoy the Little Things in Interdomain Routing

Khwaja Zubair Sediqi, Lars Prehn, Oliver Gasser

Abstract

Autonomous Systems (ASes) exchange reachability information between each other using BGP—the de-facto standard inter-AS routing protocol. While IPv4 (IPv6) routes more specific than /24 (/48) are commonly filtered (and hence not propagated), route collectors still observe many of them. In this work, we take a closer look at those hyper-specific prefixes (HSPs). In particular, we analyze their prevalence, use cases, and whether operators use them intentionally or accidentally. While their total number increases over time, most HSPs can only be seen by route collector peers. Nonetheless, some HSPs can be seen constantly throughout an entire year and propagate widely. We find that most HSPs represent (internal) routes to peering infrastructure or are related to address block relocations or blackholing. While hundreds of operators intentionally add HSPs to well-known routing databases, we observe that many HSPs are possibly accidentally leaked routes.

Download from ACM

One Bad Apple Can Spoil Your IPv6 Privacy

Said Jawad Saidi, Oliver Gasser, Georgios Smaragdakis

Abstract

IPv6 is being more and more adopted, in part to facilitate the millions of smart devices that have already been installed at home. Unfortunately, we find that the privacy of a substantial fraction of end-users is still at risk, despite the efforts by ISPs and electronic vendors to improve end-user security, e.g., by adopting prefix rotation and IPv6 privacy extensions. By analyzing passive data from a large ISP, we find that around 19% of end-users’ privacy can be at risk. When we investigate the root causes, we notice that a single device at home that encodes its MAC address into the IPv6 address can be utilized as a tracking identifier for the entire end-user prefix—even if other devices use IPv6 privacy extensions. Our results show that IoT devices contribute the most to this privacy leakage and, to a lesser extent, personal computers and mobile devices. To our surprise, some of the most popular IoT manufacturers have not yet adopted privacy extensions that could otherwise mitigate this privacy risk. Finally, we show that third-party providers, e.g., hypergiants, can track up to 17% of subscriber lines in our study.

Download from ACM

The April 2022 issue

This April 2022 issue contains five technical papers and two editorial notes.

The first technical paper, Data-Plane Security Applications in Adversarial Settings, by Liang Wang and colleagues, investigates security issues that may arise when creating and running data-plane applications for programmable switches. This work moves security analysis and design forward in this particular area. This paper also calls for a more thorough rethinking of security for data-plane applications for programmable switches.

The second technical paper, One Bad Apple Can Spoil Your IPv6 Privacy, by Said Jawad Saidi and colleagues, leverages IPv6 passive measurements to pinpoint that a non-negligible portion of devices encodes their MAC address in their IPv6 address. This threatens users’ privacy, allowing content providers and CDNs to consistently track users and their devices across multiple sessions and locations. Overall, the paper is an excellent contribution toward privacy-by-design solutions and a nicely executed measurements study that clarifies the problem and provides solid suggestions to mitigate the problem.

The third technical paper, Hyper-Specific Prefixes: Gotta Enjoy the Little Things in Interdomain Routing, by Khwaja Zubair Sediqi and colleagues, investigates the presence of high-specific prefixes (HSP) on the BGP Internet routing during the last decade. These prefixes are more-specific than /24 (/48) for IPv4 (IPv6) and are commonly filtered by Autonomous Systems operators. Overall this paper offers a nice contribution to the understanding of the BGP universe, with a clear message and a nice quantification of the phenomenon. The authors clearly present and motivate the work, offering also to not experts a nice view of the routing complexity of the internet nowadays.

The fourth technical paper, Programming Socket-Independent Network Functions with Nethuns, by Nicola Bonelli and colleagues, proposes a new solution to transparently develop packet-processing programs on top of different network I/O frameworks. The authors design and develop an open-source library, nethuns, serving as a unified programming abstraction for network functions that natively supports multi-core programming. Not only is this work very relevant to our community, but also the code is released open-source through a BSD license, which can be used to foster more research in the area, towards unifying programming mechanisms of end-host networking.

The fifth technical paper, Measuring DNS over TCP in the Era of Increasing DNS Response Sizes: A View from the Edge, by Mike Kosek and colleagues, studies one of the foundations of today’s Internet: the Domain Name Service (DNS). The original RFC document of DNS instructs to send queries either over UDP (DoUDP) or TCP (DoTCP). This paper presents a measurement study on DoTCP focusing on two perspectives: failure rates and response times.

Finally, we have two editorial notes. A Case for an Open Customizable Cloud Network, by Dean H. Lorenz and his colleagues, argues for the desirability of the new ecosystem of managed network solutions to connect to the Cloud, outlines the main requirements and sketches possible solutions. Recommendations for Designing Hybrid Conferences, by Vaibhav Bajpai and colleagues, presents guidelines and considerations–spanning technology, organization and social factors–for organizing successful hybrid conferences.

I hope that you will enjoy reading this new issue and welcome comments and suggestions on CCR Online (https://ccronline.sigcomm.org) or by email at ccr-editor at sigcomm.org.

Data-Plane Security Applications in Adversarial Settings

Liang Wang, Prateek Mittal, Jennifer Rexford

Abstract

High-speed programmable switches have emerged as a promising building block for developing performant data-plane applications. In this paper, we argue that the resource constraints and programming model in hardware switches have led to developers adopting problematic design patterns, whose security implications are not widely understood. We bridge the gap by identifying the major challenges and common design pitfalls in switch-based applications in adversarial settings. Examining five recently-proposed switch-based security applications, we find that adversaries can exploit these design pitfalls to completely bypass the protection these applications were designed to provide, or disrupt system operations by introducing collateral damage.

Download from ACM

Answering three questions about networking research

Jennifer Rexford, Scott Shenker

Abstract

Researchers often talk about specific technical trends or research topics. But we rarely talk about how and why we do the research that we do. The process of submitting and reviewing papers puts our ideas through a particular kind of filter that may make all of the research seem like it follows some standard rubric, a SIGCOMM Normal Form if you will. During a panel at HotNets’21, five researchers—Hari Balakrishnan, Jon Crowcroft, Jennifer Rexford, Scott Shenker, and David Tennenhouse—each answered three questions about how they pick their own research topics, what areas they would like to see more research on, and how they evaluate conference papers. Due to the unexpectedly positive response to that panel, CCR will be publishing a series of answers to these three questions, starting with two participants from the panel but reaching out to others to provide answers from a broader cross-section of the SIGCOMM community.

Download from ACM

Important concepts in data communications

Craig Partridge

Abstract

The data communications field recently marked the 50th anniversary of the start of the ARPANET, which was one of the first and certainly the most influential of the early data communications networks. The anniversary provoked discussions about which concepts or ideas in data communications have proven to be enduring in the evolution of data communications. This paper presents one perspective.

Download from ACM

M-Lab: user initiated internet data for the research community

Phillipa Gill, Christophe Diot, Lai Yi Ohlsen, Matt Mathis, Stephen Soltesz

Abstract

Measurement Lab (M-Lab) is an open, distributed server platform on which researchers have deployed measurement tools. Its mission is to measure the Internet, save the data and make it universally accessible and useful. This paper serves as an update on the MLab platform 10+ years after its initial introduction to the research community [5]. Here, we detail the current state of the M-Lab distributed platform, highlight existing measurements/data available on the platform, and describe opportunities for further engagement between the networking research community and the platform.

Download from ACM

Roadmap for edge AI: a Dagstuhl perspective

Aaron Yi Ding, Ella Peltonen, Tobias Meuser, Atakan Aral, Christian Becker, Schahram Dustdar, Thomas Hiessl, Dieter Kranzlmüller, Madhusanka Liyanage, Setareh Maghsudi, Nitinder Mohan, Jörg Ott, Jan S. Rellermeyer, Stefan Schulte, Henning Schulzrinne, Gürkan Solmaz, Sasu Tarkoma, Blesson Varghese, Lars Wolf

Abstract

Based on the collective input of Dagstuhl Seminar (21342), this paper presents a comprehensive discussion on AI methods and capabilities in the context of edge computing, referred as Edge AI. In a nutshell, we envision Edge AI to provide adaptation for data-driven applications, enhance network and radio access, and allow the creation, optimisation, and deployment of distributed AI/ML pipelines with given quality of experience, trust, security and privacy targets. The Edge AI community investigates novel ML methods for the edge computing environment, spanning multiple sub-fields of computer science, engineering and ICT. The goal is to share an envisioned roadmap that can bring together key actors and enablers to further advance the domain of Edge AI.

Download from ACM