The April 2023 issue

This April 2023 issue contains one technical paper and four editorial notes.

The technical paper, Vulnerability Disclosure Considered Stressful, by Giovane C. M. Moura and colleagues, describes the authors’ experience running a Coordinated Vulnerability Disclosure (CVD) for the TSUNAME vulnerability. The process of Coordinated Vulnerability Disclosure (CVD) is widely viewed as the gold standard in the notification process that follows the discovery of a vulnerability, aiming at getting operators to patch their systems before attackers can do much harm. However, the task of setting up a CVD can be daunting because security researchers have too few guidelines and experience reports to rely on when they are faced with setting up their own process. This paper is helpful to our community as it may help anyone who may have to report vulnerabilities during their work.

Then, we have four editorial notes. In the first, Measuring Broadband America: A Retrospective on Origins, Achievements, and Challenges, Eric Burger and colleagues present a retrospective on the “Measuring Broadband America” program, run by the United States Federal Communications Commission (FCC), which continually measures and releases data on the performance of consumer broadband access networks in the US. In the second, Recent Trends on Privacy-Preserving Technologies under Standardization at the IETF, Pratyush Dikshit and colleagues present an overview of the privacy-preserving mechanisms for layer 3 (i.e. IP) and above that are currently under standardization at the IETF. The third editorial note, Report of 2021 DINRG Workshop on Centralization in the Internet, by Christian Huitema and colleagues, reports on the workshop on Centralization in the Internet hosted by the Internet Research Task Force (IRTF) Research Group on Decentralizing the Internet (DINRG), on June 3, 2021. The fourth editorial note, A Retrospective on Campus Network Traffic Monitoring, by Martin Arlitt and colleagues, shares some of the authors’ experiences about monitoring the traffic on their campus Internet link for about two decades.

I hope that you will enjoy reading this new issue and welcome comments and suggestions on CCR Online (https://ccronline.sigcomm.org) or by email at ccr-editor at sigcomm.org.

Who Squats IPv4 Addresses?

Loqman Salamatian, Todd Arnold, Ítalo Cunha, Jiangchen Zhu, Yunfan Zhang, Ethan Katz-Bassett, Matt Calder

Abstract

To mitigate IPv4 exhaustion, IPv6 provides expanded address space, and NAT allows a single public IPv4 address to suffice for many devices assigned private IPv4 address space. Even though NAT has greatly extended the shelf-life of IPv4, some networks need more private IPv4 space than what is officially allocated by IANA due to their size and/or network management practices. Some of these networks resort to using squat space, a term the network operations community uses for large public IPv4 address blocks allocated to organizations but historically never announced to the Internet. While squatting of IP addresses is an open secret, it introduces ethical, legal, and technical problems. In this work we examine billions of traceroutes to identify thousands of organizations squatting. We examine how they are using it and what happened when the US Department of Defense suddenly started announcing what had traditionally been squat space. In addition to shining light on a dirty secret of operational practices, our paper shows that squatting distorts common Internet measurement methodologies, which we argue have to be re-examined to account for squat space.

Download from ACM

The Slow Path Needs an Accelerator Too!

Annus Zulfiqar, Ben Pfaff, William Tu, Gianni Antichi, Muhammad Shahbaz

Abstract

Packet-processing data planes have been continuously enhanced in performance over the last few years to the point that, nowadays, they are increasingly implemented in hardware (i.e., in SmartNICs and programmable switches). However, little attention is given to the slow path residing between the data plane and the control plane, as it is not typically considered performance-critical. In this paper, we show that the slow path is set to become a new key bottleneck in Software-Defined Networks (SDNs). This is due to the growth in physical network bandwidth (200 Gbps is becoming common in data centers) and topological complexity (e.g., virtual switches now span hundreds of physical machines). We present our vision of a new Domain Specific Accelerator (DSA) for the slow path at the end host that sits between the hardware-offloaded data plane and the logically-centralized control plane. We discuss open problems in this domain and call on the networking community to creatively address this emerging issue.

Download from ACM

P4RROT: Generating P4 Code for the Application Layer

Csaba Györgyi, Sándor Laki, Stefan Schmid

Abstract

Throughput and latency critical applications could often benefit of performing computations close to the client. To enable this, distributed computing paradigms such as edge computing have recently emerged. However, with the advent of programmable data planes, computations cannot only be performed by servers but they can be offloaded to network switches. Languages like P4 enable to flexibly reprogram the entire packet processing pipeline. Though these devices promise high throughput and ultra-low response times, implementing application-layer tasks in the data plane programming language P4 is still challenging for an application developer who is not familiar with networking domain. In this paper, we first identify and examine obstacles and pain points one can experience when offloading server-based computations to the network. Then we present P4rrot, a code generator (in form of a library) which allows to overcome these limitations by providing a user-friendly API to describe computations to be offloaded. After discussing the design choices behind P4rrot, we introduce our proof-of-concept implementation for two P4 targets: Netronome SmartNIC and BMv2. To demonstrate the applicability of P4rrot, we investigate case studies in the context of publish-subscribe sensor data processing and real-time data streaming, supporting, in particular, MQTT-SN and MoldUDP packets.

Download from ACM

Comparing User Space and In-Kernel Packet Processing for Edge Data Centers

Federico Parola, Roberto Procopio, Roberto Querio, Fulvio Risso

Abstract

Telecommunication operators are massively moving their network functions in small data centers at the edge of the network, which are becoming increasingly common. However, the high performance provided by commonly used technologies for data plane processing such as DPDK, based on kernel-bypass primitives, comes at the cost of rigid resource partitioning. This is unsuitable for edge data centers, in which efficiency demands both general-purpose applications and data-plane telco workloads to be executed on the same (shared) physical machines. In this respect, eBPF/XDP looks a more appealing solution, thanks to its capability to process packets in the kernel, achieving a higher level of integration with non-data plane applications albeit with lower performance than DPDK. In this paper we leverage the recent introduction of AF_XDP, an XDP-based technology that allows to efficiently steer packets in user space, to provide a thorough comparison of user space vs in-kernel packet processing in typical scenarios of a data center at the edge of the network. Our results provide useful insights on how to select and combine these technologies in order to improve overall throughput and optimize resource usage.

Download from ACM

Fast In-kernel Traffic Sketching in eBPF

Sebastiano Miano, Xiaoqi Chen, Ran Ben Basat, Gianni Antichi

Abstract

The extended Berkeley Packet Filter (eBPF) is an infrastructure that allows to dynamically load and run micro-programs directly in the Linux kernel without recompiling it. In this work, we study how to develop high-performance network measurements in eBPF. We take sketches as case-study, given their ability to support a wide-range of tasks while providing low-memory footprint and accuracy guarantees. We implemented NitroSketch, the state-of-the-art sketch for user-space networking and show that best practices in user-space networking cannot be directly applied to eBPF, because of its different performance characteristics. By applying our lesson learned we improve its performance by 40% compared to a naive implementation.

Download from ACM

The January 2023 issue

This January 2023 issue contains five technical papers.

The first technical paper, Fast In-kernel Traffic Sketching in eBPF, by Sebastiano Miano and colleagues, studies how to develop high-performance network measurements in eBPF. The extended Berkeley Packet Filter (eBPF) allows to dynamically load and run micro-programs in the Linux kernel without the need for recompiling it. The authors use sketches as case-study, given their ability to support a wide-range of tasks while providing low-memory footprint and accuracy guarantees. The authors apply their approach to a state-of-the-art sketch for user-space networking, show that best practices in user-space networking cannot be directly applied to eBPF, and improve its performance by 40% compared to a naive implementation. The lessons learned in this paper are not only applicable to network measurement algorithms but extend to a wide variety of eBPF-based programs.

The second technical paper, Comparing User Space and In-Kernel Packet Processing for Edge Data Centers, by Federico Parola and colleagues, is motivated by the increased availability of small data centers at the edge of the network. Network operators are moving their network functions in these computing facilities. However, commonly used technologies for data plane processing such as DPDK, based on kernel-bypass primitives, provide high performance but at the cost of rigid resource partitioning. This is unsuitable for edge data centers in which efficiency demands both general-purpose applications and data-plane telco workloads to be executed on the same (shared) physical machines. In this respect, eBPF/XDP looks a more appealing solution, thanks to its capability to process packets in the kernel, achieving a higher level of integration with non-data plane applications albeit with lower performance than DPDK. This research addresses the premise that in edge data centers, with limited resources, packet processing and protocol stack workloads are likely to be consolidated within the same servers. As a result, kernel-based XDP may be a more attractive option than DPDK-based data plane processing. This motivates the need for a deeper understanding of kernel-based XDP and its various forms to support different workload types.

The third technical paper, P4RROT: Generating P4 Code for the Application Layer, by Csaba Györgyi and colleagues, proposes a new code generation mechanism to streamline application-level offloads expressed in the P4 programming language. The authors present P4RROT, a new library that allow developers to write application layer logic in Python which is then converted in P4. The authors discuss the pain points and challenges for automatic code generation and show the applicability of P4RROT in two different contexts: a publish-subscribe sensor data processing system and a real-time data streaming engine, supporting MQTT-SN and MoldUDP traffic.

The fourth technical paper, The Slow Path Needs an Accelerator Too!, by Annus Zulfiqar and colleagues, shows that the slow path is set to become a new key bottleneck in Software-Defined Networks (SDNs). The authors present their vision of a new Domain Specific Accelerator (DSA) for the slow path at the end host that sits between the hardware-offloaded data plane and the logically-centralized control plane. They also discuss open problems and call on the networking community to creatively address this emerging issue.

The fifth technical paper, Who squats IPv4 Addresses?, by Loqman Salamatian and colleagues, analyzes the phenomenon of squatted IP space: IPv4 addresses that operators use although they have not been allocated to them. This is possible because larger IPv4 blocks exist that have been allocated to organizations which never announced them in the global routing system. The authors draw on a very large data set of traceroutes and develop a heuristic to identify how squat space is used, by whom, and what the implications for Internet routing and the operator communities are. This paper is a significant contribution of interest to everyone with an interest in the operation of Internet routing and larger networks.

I hope that you will enjoy reading this new issue and welcome comments and suggestions on CCR Online (https://ccronline.sigcomm.org) or by email at ccr-editor at sigcomm.org.

Rethinking SIGCOMM’s Conferences: Making Form Follow Function

Scott Shenker

Abstract

In this short essay, I ask whether our current practice of highly selective conferences is helping us achieve SIGCOMM’s research goals.1 This requires first articulating what those goals are, and then evaluating our practices in relation to those goals. To no one’s surprise, this essay contends that there is a significant mismatch between what I believe SIGCOMM’s goals should be and what our current practices achieve. I then propose a radical restructuring of our conferences that would provide better alignment and, as an additional benefit, a stronger sense of community. However, I wrote this essay not to promote the specifics of a particular proposal, but to encourage our community to (i) engage in a thorough reexamination of how we organize SIGCOMM-sponsored conferences and (ii) seriously entertain the possibility of radical changes in our practices.

Download from ACM

Topology and Geometry of the Third-Party Domains Ecosystem: Measurement and Applications

Costas Iordanou, Fragkiskos Papadopoulos

Abstract

Over the years, web content has evolved from simple text and static images hosted on a single server to a complex, interactive and multimedia-rich content hosted on different servers. As a result, a modern website during its loading time fetches content not only from its owner’s domain but also from a range of third-party domains providing additional functionalities and services. Here, we infer the network of the third-party domains by observing the domains’ interactions within users’ browsers from all over the globe. We find that this network possesses structural properties commonly found in complex networks, such as power-law degree distribution, strong clustering, and small-world property. These properties imply that a hyperbolic geometry underlies the ecosystem’s topology. We use statistical inference methods to find the domains’ coordinates in this geometry, which abstract how popular and similar the domains are. The hyperbolic map we obtain is meaningful, revealing the large-scale organization of the ecosystem. Furthermore, we show that it possesses predictive power, providing us the likelihood that third-party domains are co-hosted; belong to the same legal entity; or merge under the same entity in the future in terms of company acquisition. We also find that complementarity instead of similarity is the dominant force driving future domains’ merging. These results provide a new perspective on understanding the ecosystem’s organization and performing related inferences and predictions.

Download from ACM

The October 2022 issue

This October 2022 issue contains two technical papers and one editorial note.

The first technical paper, LGC-ShQ: Datacenter Congestion Control with Queueless Load-based ECN Marking, by Kristjon Ciko and colleagues, provides a thorough performance evaluation of LGC-ShQ, a novel congestion control (CC)mechanism for data-centers. LGC-ShQ’s performance are compared (over Linux) against HULL, the closest solution in the state-of-the-art.

The second technical paper, Topology and Geometry of the Third-Party Domains Ecosystem: Measurement and Applications, by Costas Iordanou and colleagues, studies the network of the third-party domains by observing the domains’ interactions within users’ browsers from all over the globe. The authors then discuss the structural properties of the corresponding network. The results provide a new perspective on understanding the ecosystem’s organization.

We have one editorial note. In Rethinking SIGCOMM’s Conferences: Making Form Follow Function, Scott Shenker asks whether our current practice of highly selective conferences is helping us achieve SIGCOMM’s research goals. This essay contends that there is a significant mismatch between what SIGCOMM’s goals should be and what our current practices achieve, and proposes a radical restructuring of our conferences that would provide better alignment and, as an additional benefit, a stronger sense of community.

I hope that you will enjoy reading this new issue and welcome comments and suggestions on CCR Online (https://ccronline.sigcomm.org) or by email at ccr-editor at sigcomm.org.