-
Faster Control Plane Experimentation with Horse
Authors:
Eder Leao Fernandes,
Gianni Antichi,
Timm Boettger,
Ignacio Castro,
Steve Uhlig
Abstract:
Simulation and emulation are popular approaches for experimentation in Computer Networks. However, due to their respective inherent drawbacks, existing solutions cannot perform both fast and realistic control plane experiments. To close this gap, we introduce Horse. Horse is a hybrid solution with an emulated control plane, for realism, and simulated data plane, for speed. Our decoupling of the co…
▽ More
Simulation and emulation are popular approaches for experimentation in Computer Networks. However, due to their respective inherent drawbacks, existing solutions cannot perform both fast and realistic control plane experiments. To close this gap, we introduce Horse. Horse is a hybrid solution with an emulated control plane, for realism, and simulated data plane, for speed. Our decoupling of the control and data plane allows us to speed up the experiments without sacrificing control plane realism.
△ Less
Submitted 12 July, 2023;
originally announced July 2023.
-
An Empirical Study of the Cost of DNS-over-HTTPS
Authors:
Timm Boettger,
Felix Cuadrado,
Gianni Antichi,
Eder Leao Fernandes,
Gareth Tyson,
Ignacio Castro,
Steve Uhlig
Abstract:
DNS is a vital component for almost every networked application. Originally it was designed as an unencrypted protocol, making user security a concern. DNS-over-HTTPS (DoH) is the latest proposal to make name resolution more secure. In this paper we study the current DNS-over-HTTPS ecosystem, especially the cost of the additional security. We start by surveying the current DoH landscape by assessi…
▽ More
DNS is a vital component for almost every networked application. Originally it was designed as an unencrypted protocol, making user security a concern. DNS-over-HTTPS (DoH) is the latest proposal to make name resolution more secure. In this paper we study the current DNS-over-HTTPS ecosystem, especially the cost of the additional security. We start by surveying the current DoH landscape by assessing standard compliance and supported features of public DoH servers. We then compare different transports for secure DNS, to highlight the improvements DoH makes over its predecessor, DNS-over-TLS (DoT). These improvements explain in part the significantly larger take-up of DoH in comparison to DoT. Finally, we quantify the overhead incurred by the additional layers of the DoH transport and their impact on web page load times. We find that these overheads only have limited impact on page load times, suggesting that it is possible to obtain the improved security of DoH with only marginal performance impact.
△ Less
Submitted 13 September, 2019;
originally announced September 2019.
-
The Road to BOFUSS: The Basic OpenFlow User-space Software Switch
Authors:
Eder Leao Fernandes,
Elisa Rojas,
Joaquin Alvarez-Horcajo,
Zoltan Lajos Kis,
Davide Sanvito,
Nicola Bonelli,
Carmelo Cascone,
Christian Esteve Rothenberg
Abstract:
Software switches are pivotal in the Software-Defined Networking (SDN) paradigm, particularly in the early phases of development, deployment and testing. Currently, the most popular one is Open vSwitch (OVS), leveraged in many production-based environments. However, due to its kernel-based nature, OVS is typically complex to modify when additional features or adaptation is required. To this regard…
▽ More
Software switches are pivotal in the Software-Defined Networking (SDN) paradigm, particularly in the early phases of development, deployment and testing. Currently, the most popular one is Open vSwitch (OVS), leveraged in many production-based environments. However, due to its kernel-based nature, OVS is typically complex to modify when additional features or adaptation is required. To this regard, a simpler user-space is key to perform these modifications.
In this article, we present a rich overview of BOFUSS, the basic OpenFlow user-space software switch. BOFUSS has been widely used in the research community for diverse reasons, but it lacked a proper reference document. For this purpose, we describe the switch, its history, architecture, uses cases and evaluation, together with a survey of works that leverage this switch. The main goal is to provide a comprehensive overview of the switch and its characteristics. Although the original BOFUSS is not expected to surpass the high performance of OVS, it is a useful complementary artifact that provides some OpenFlow features missing in OVS and it can be easily modified for extended functionality. Moreover, enhancements provided by the BEBA project brought the performance from BOFUSS close to OVS. In any case, this paper sheds light to researchers looking for the trade-offs between performance and customization of BOFUSS.
△ Less
Submitted 20 January, 2019;
originally announced January 2019.
-
Sha** the Internet: 10 Years of IXP Growth
Authors:
Timm Böttger,
Gianni Antichi,
Eder L. Fernandes,
Roberto di Lallo,
Marc Bruyere,
Steve Uhlig,
Gareth Tyson,
Ignacio Castro
Abstract:
Over the past decade, IXPs have been playing a key role in enabling interdomain connectivity. Their traffic volumes have grown dramatically and their physical presence has spread throughout the world. While the relevance of IXPs is undeniable, their long-term contribution to the sha** of the current Internet is not fully understood yet.
In this paper, we look into the impact on Internet routes…
▽ More
Over the past decade, IXPs have been playing a key role in enabling interdomain connectivity. Their traffic volumes have grown dramatically and their physical presence has spread throughout the world. While the relevance of IXPs is undeniable, their long-term contribution to the sha** of the current Internet is not fully understood yet.
In this paper, we look into the impact on Internet routes of the intense IXP growth over the last decade. We observe that while in general IXPs only have a small effect in path shortening, very large networks do enjoy a clear IXP-enabled path reduction. We also observe a diversion of the routes, away from the central Tier-1 ASes supported by IXPs. Interestingly, we also find that whereas IXP membership has grown, large and central ASes have steadily moved away from public IXP peerings, whereas smaller ones have embraced them. Despite all this changes, we find though that a clear hierarchy remains, with a small group of highly central networks
△ Less
Submitted 8 July, 2019; v1 submitted 25 October, 2018;
originally announced October 2018.