-
Endpoint-transparent Multipath Transport with Software-defined Networks
Authors:
Dario Banfi,
Olivier Mehani,
Guillaume Jourjon,
Lukas Schwaighofer,
Ralph Holz
Abstract:
Multipath forwarding consists of using multiple paths simultaneously to transport data over the network. While most such techniques require endpoint modifications, we investigate how multipath forwarding can be done inside the network, transparently to endpoint hosts. With such a network-centric approach, packet reordering becomes a critical issue as it may cause critical performance degradation.…
▽ More
Multipath forwarding consists of using multiple paths simultaneously to transport data over the network. While most such techniques require endpoint modifications, we investigate how multipath forwarding can be done inside the network, transparently to endpoint hosts. With such a network-centric approach, packet reordering becomes a critical issue as it may cause critical performance degradation.
We present a Software Defined Network architecture which automatically sets up multipath forwarding, including solutions for reordering and performance improvement, both at the sending side through multipath scheduling algorithms, and the receiver side, by resequencing out-of-order packets in a dedicated in-network buffer.
We implemented a prototype with commonly available technology and evaluated it in both emulated and real networks. Our results show consistent throughput improvements, thanks to the use of aggregated path capacity. We give comparisons to Multipath TCP, where we show our approach can achieve a similar performance while offering the advantage of endpoint transparency.
△ Less
Submitted 16 August, 2016;
originally announced August 2016.
-
TLS in the wild: an Internet-wide analysis of TLS-based protocols for electronic communication
Authors:
Ralph Holz,
Johanna Amann,
Olivier Mehani,
Matthias Wachs,
Mohamed Ali Kaafar
Abstract:
The majority of electronic communication today happens either via email or chat. Thanks to the use of standardised protocols electronic mail (SMTP, IMAP, POP3) and instant chat (XMPP, IRC) servers can be deployed in a decentralised but interoperable fashion. These protocols can be secured by providing encryption with the use of TLS---directly or via the STARTTLS extension---and leverage X.509 PKIs…
▽ More
The majority of electronic communication today happens either via email or chat. Thanks to the use of standardised protocols electronic mail (SMTP, IMAP, POP3) and instant chat (XMPP, IRC) servers can be deployed in a decentralised but interoperable fashion. These protocols can be secured by providing encryption with the use of TLS---directly or via the STARTTLS extension---and leverage X.509 PKIs or ad hoc methods to authenticate communication peers. However, many combination of these mechanisms lead to insecure deployments.
We present the largest study to date that investigates the security of the email and chat infrastructures. We used active Internet-wide scans to determine the amount of secure service deployments, and passive monitoring to investigate if user agents actually use this opportunity to secure their communications. We addressed both the client-to-server interactions as well as server-to-server forwarding mechanisms that these protocols offer, and the use of encryption and authentication methods in the process.
Our findings shed light on an insofar unexplored area of the Internet. The truly frightening result is that most of our communication is poorly secured in transit.
△ Less
Submitted 24 January, 2016; v1 submitted 1 November, 2015;
originally announced November 2015.
-
Can SDN Mitigate Disasters?
Authors:
Vincent Gramoli,
Guillaume Jourjon,
Olivier Mehani
Abstract:
Datacenter networks and services are at risk in the face of disasters. Existing fault-tolerant storage services cannot even achieve a nil recovery point objective (RPO) as client-generated data may get lost before the termination of their migration across geo-replicated datacenters. SDN has proved instrumental in exploiting application-level information to optimise the routing of information. In t…
▽ More
Datacenter networks and services are at risk in the face of disasters. Existing fault-tolerant storage services cannot even achieve a nil recovery point objective (RPO) as client-generated data may get lost before the termination of their migration across geo-replicated datacenters. SDN has proved instrumental in exploiting application-level information to optimise the routing of information. In this paper, we propose Software Defined Edge (SDE) or the implementation of SDN at the network edge to achieve nil RPO. We illustrate our proposal with a fault-tolerant key-value store that experimentally recovers from disaster within 30s. Although SDE is inherently fault-tolerant and scalable, its deployment raises new challenges on the partnership between ISPs and CDN providers. We conclude that failure detection information at the SDN-level can effectively benefit applications to recover from disaster.
△ Less
Submitted 20 October, 2014; v1 submitted 16 October, 2014;
originally announced October 2014.
-
Repeatable Experiments with LabWiki
Authors:
Thierry Rakotoarivelo,
Guillaume Jourjon,
Olivier Mehani,
Maximilian Ott,
Mike Zink
Abstract:
The ability to repeat the experiments from a research study and obtain similar results is a corner stone in experiment-based scientific discovery. This essential feature has been often ignored by the distributed computing and networking community. There are many reasons for that, such as the complexity of provisioning, configuring, and orchestrating the resources used by experiments, their multipl…
▽ More
The ability to repeat the experiments from a research study and obtain similar results is a corner stone in experiment-based scientific discovery. This essential feature has been often ignored by the distributed computing and networking community. There are many reasons for that, such as the complexity of provisioning, configuring, and orchestrating the resources used by experiments, their multiple external dependencies, and the difficulty to seamlessly record these dependencies. This paper describes a methodology based on well-established principles to plan, prepare and execute experiments. We propose and describe a family of tools, the LabWiki workspace, to support an experimenter's workflow based on that methodology. This proposed workspace provides services and mechanisms for each step of an experiment-based study, while automatically capturing the necessary information to allow others to repeat, inspect, validate and modify prior experiments. Our LabWiki workspace builds on existing contributions, and de-facto protocol and model standards, which emerged from recent experimental facility initiatives. We use a real experiment as a thread to guide and illustrate the discussion throughout this paper.
△ Less
Submitted 7 October, 2014;
originally announced October 2014.
-
Rate Control Adaptation for Heterogeneous Handovers
Authors:
Olivier Mehani,
Roksana Boreli,
Guillaume Jourjon,
Thierry Ernst
Abstract:
We present enhancements to the TCP-Friendly Rate Control mechanism (TFRC) designed to better handle the intermittent connectivity occurring in mobility situations. Our aim is to quickly adapt to new network conditions and better support real-time applications for which the user-perceived quality depends on the immediate transmission rate. We propose to suspend the transmission before disconnection…
▽ More
We present enhancements to the TCP-Friendly Rate Control mechanism (TFRC) designed to better handle the intermittent connectivity occurring in mobility situations. Our aim is to quickly adapt to new network conditions and better support real-time applications for which the user-perceived quality depends on the immediate transmission rate. We propose to suspend the transmission before disconnections occur, in a way inspired by Freeze-TCP, and extend the solution by probing the network after reconnecting to enable full use of the newly available capacity.
We first introduce a numerical model of TFRC's performance after a network handover and use it to evaluate the potential performance gains for realistic network parameters. We then describe a set of additions to TFRC to achieve these gains. Implementations within the Datagram Congestion Control Protocol (DCCP) for ns -2 and Linux have been adapted to support these enhancements. Comparisons of experimental results for the original and modified DCCP are presented for a number of example mobility scenarios.
We thus show how the proposed modifications enable faster recovery after disconnected periods as well as significantly improved adjustments to the newly available network conditions and an improvement in the quality of experience (QoE) for video-streaming applications.
△ Less
Submitted 21 October, 2013;
originally announced October 2013.
-
Physical Channel Access (PCA): Time and Frequency Access Methods Emulation in NS-2
Authors:
Nicolas Kuhn,
Olivier Mehani,
Huyen-Chi Bui,
Jerome Lacan,
Jose Radzik,
Emmanuel Lochin
Abstract:
We present an NS-2 module, Physical Channel Access (PCA), to simulate different access methods on a link shared with Multi-Frequency Time Division Multiple Access (MF-TDMA). This tech- nique is widely used in various network technologies, such as satellite communication. In this context, different access methods at the gateway induce different queuing delays and available capacities, which strongl…
▽ More
We present an NS-2 module, Physical Channel Access (PCA), to simulate different access methods on a link shared with Multi-Frequency Time Division Multiple Access (MF-TDMA). This tech- nique is widely used in various network technologies, such as satellite communication. In this context, different access methods at the gateway induce different queuing delays and available capacities, which strongly impact transport layer performance. Depending on QoS requirements, design of new congestion and flow control mechanisms and/or access methods requires evaluation through simulations.
PCA module emulates the delays that packets will experience using the shared link, based on descriptive parameters of lower layers characteris- tics. Though PCA has been developed with DVB-RCS2 considerations in mind (for which we present a use case), other MF-TDMA-based appli- cations can easily be simulated by adapting input parameters. Moreover, the presented implementation details highlight the main methods that might need modifications to implement more specific functionality or emulate other similar access methods (e.g., OFDMA).
△ Less
Submitted 19 March, 2013; v1 submitted 20 January, 2013;
originally announced January 2013.
-
A Method for the Characterisation of Observer Effects and its Application to OML
Authors:
Olivier Mehani,
Guillaume Jourjon,
Thierry Rakotoarivelo
Abstract:
In all measurement campaigns, one needs to assert that the instrumentation tools do not significantly impact the system being monitored. This is critical to future claims based on the collected data and is sometimes overseen in experimental studies. We propose a method to evaluate the potential "observer effect" of an instrumentation system, and apply it to the OMF Measurement Library (OML). OML a…
▽ More
In all measurement campaigns, one needs to assert that the instrumentation tools do not significantly impact the system being monitored. This is critical to future claims based on the collected data and is sometimes overseen in experimental studies. We propose a method to evaluate the potential "observer effect" of an instrumentation system, and apply it to the OMF Measurement Library (OML). OML allows the instrumentation of almost any software to collect any type of measurements. As it is increasingly being used in networking research, it is important to characterise possible biases it may introduce in the collected metrics. Thus, we study its effect on multiple types of reports from various applications commonly used in wireless research. To this end, we designed experiments comparing OML-instrumented software with their original flavours. Our analyses of the results from these experiments show that, with an appropriate reporting setup, OML has no significant impact on the instrumented applications, and may even improve some of their performances in specifics cases. We discuss our methodology and the implication of using OML, and provide guidelines on instrumenting off-the-shelf software.
△ Less
Submitted 17 May, 2012;
originally announced May 2012.
