A Consistency Management Layer for Inter-Domain Routing

Kushman, Nate, Katabi, Dina, Wroclawski, John

27 January 2006

This paper proposes an isolation layer -- a shim -- betweeninter-domain routing and packet forwarding. The job of this layer isto coordinate between Autonomous Systems (AS's) on when and how tomodify the forwarding state to ensure inter-domain routing loops donot cause forwarding loops. The benefits of a consistency layer aretwofold. First, it prevents the creation of transient inter-domainforwarding loops and the resulting packet loss, high latency, andconnection failures.Second, by taking the burden of forwarding consistency off theinter-domain routing protocol, it enables inter-domain routingprotocols with more complex convergence characteristics than BGP, suchas protocols that optimize route selection based on performance. Weoffer two possible designs for the consistency layer. We prove thatboth designs are free of forwarding loops and show they are easy todeploy in the current Internet.

BGP

inter-domain routing

internet

routing

routing loops

forwarding loops

Inter domain negotiation

Gomes, Reinaldo Cézar de Morais

31 January 2010

Made available in DSpace on 2014-06-12T15:52:19Z (GMT). No. of bitstreams: 2 arquivo3230_1.pdf: 3857855 bytes, checksum: 68166824b668991a7746113795017a33 (MD5) license.txt: 1748 bytes, checksum: 8a4605be74aa9ea9d79846c1fba20a33 (MD5) Previous issue date: 2010 / Universidade Federal de Campina Grande / Nos últimos anos diversas tecnologias foram desenvolvidas com o objetivo de facilitar a interação entre os usuários e seus dispositivos e melhorar a comunicação entre eles, necessitando da interoperabilidade entre essas tecnologias e, consequentemente, a necessidade de uma nova infraestrutura de rede que permita uma melhor adaptação aos novos requisitos criados por esta diversidade de tecnologias. O modelo de comunicação entre redes também está sendo modificado, uma vez que é esperado que elas sejam criadas dinamicamente para facilitar a utilização da rede pelos usuários e permitir que diversas operações sejam realizadas automaticamente (endereçamento, descoberta de serviços, etc.). Essas redes devem estar presentes em diversos cenários de comunicação e um dos seus principais desafios é permitir que diversos tipos de tecnologias cooperem em ambientes com alto dinamismo e heterogeneidade. Estas redes têm como objetivo interconectar diferentes tecnologias e domínios oferecendo uma comunicação que aparente ser homogêneo para os seus usuários. Para a criação dessas futuras redes dinâmicas pontos chaves são a interconexão e a cooperação entre as tecnologias envolvidas, o que exige o desenvolvimento de soluções para garantir que novos requisitos sejam suportados. Para permitir que novos requisitos sejam corretamente suportados, um conjunto de mecanismos para controlar a descoberta automática de recursos e realizar a sua configuração é proposto, permitindo que redes sejam criadas e adaptadas de maneira completamente automática. Também é proposto um mecanismo de negociação de políticas inter-domínio responsável por descobrir e negociar novos recursos que dever ser usados pelas redes, o que traz um novo modelo de comunicação baseado na criação oportunista de redes e ao mesmo tempo permite a criação de novos acordos de comunicação entre domínios administrativos de maneira dinâmica e sem a intervenção dos usuários ou dos administradores das redes

Inter-domain communication

Policies

Dynamic networks

Self-configuration

Negotiation

Inter-Domain Identity-Based Key Agreement Schemes

Hsu, Tuan-hung

07 September 2007

Recently, many identity-based two-party and three-party key agreement schemes were proposed based on pairing cryptosystems. Multi-party (including more than three parties) key agreement protocols, which are called conference key schemes, can be applied to distributed systems and wireless environments such as Ad hoc networks. However, it is not easy to extend two or three-party schemes to multi-party ones with the guarantee of efficiency and security. In addition to the above two properties, inter-domain environments should also be considered in identity-based key agreement systems. However, only few identity-based multi-party conference key agreement schemes in single domain were proposed in the literature and they did not satisfy all of the security attributes such as forward secrecy and withstanding impersonation. In this thesis, we will propose a novel efficient single-domain identity-based multi-party conference key scheme and extend it to an inter-domain version. Finally, we will prove that the proposed schemes satisfy the required security attributes via formal methods.

Conference key agreement

Bilinear pairing

Inter-domain key agreement

Identity-based cryptosystems

Cross-Domain and Cross-Layer Coarse Grained Quality of Service Support in IP-based Networks

Knoll, Thomas Martin

17 November 2009

Mit der zunehmenden Popularität des Internets steigt die Anzahl der Nutzer und vor allem die Anzahl zeit- und verlustkritische Dienste – wie zum Beispiel „Voice over IP“, Videoübertragungen und netzbasierte Spiele. Das Internet ist dabei der Zusammenschluss von ca. 30.000 Betreibernetzen, die mit Hilfe des „Internet Protocol (IP)“ derzeit ohne jede Dienstgüteunterstützung den Datenverkehraustausch realisieren. Massive Überdimensionierung der Netzkapazitäten führen zu einer Netzauslastung von nur ca. 10% und entsprechend guter Übertragungsqualität. Mit steigendem Verkehrsaufkommen wird in dieser Dissertation erwartet, das die Netzbetreiber infolge des Kostendrucks nicht schritthaltend den überhöhten Netzausbau aufrechterhalten können und somit Qualitätseinbußen zu erwarten sind. Innerhalb der Betreiber wird bereits jetzt Verkehrstrennung betrieben, jedoch am Übergabepunkt verworfen und im besten Fall im Nachbarnetz durch aufwendige Analyse erneut vorgenommen. Im Rahmen dieser Arbeit wurde deshalb ein domänen- und schichtenübergreifendes Konzept zur Realisierung grob-granularer Dienstgüte in IP-Netzen entworfen, zur Standardisierung bei der „Internet Engineering Task Force (IETF)“ vorgeschlagen, implementiert und in Auszügen simuliert und getestet. Dabei werden die Verkehrsklasseninformationen mehrere Netzschichten in transitiven Nachrichtenelementen des „Border Gateway Protocol (BGP)“ signalisiert und schichtenübergreifend assoziiert. Die vorliegende Dissertation beinhaltet im wesentlichen drei Teile: 1. Eine umfassende Zusammenstellung von vorhandenen Dienstgütekonzepten einschließlich der bereits existierenden QoS-Funktionselemente in verfügbaren Netzelementen, 2. Die detaillierte Spezifikation des neuen Konzeptes und 3. den Ergebnissen der Simulations- und Implementierungsaktivitäten zum Nachweis der Funktion und Skalierbarkeit des Entwurfes. Zwei wesentliche Erkenntnisse und Forderungen sind durch die Bearbeitung des Themas erwachsen. Die Einfachheit der Konzeptstruktur und die Einfachheit der angestrebten Dienstgüteunterstützung. Die angestrebte Dienstgüte beschränkt sich deshalb auf die primitive Verkehrstrennung in mehrere Klassen, die in den Weiterleitungsknoten getrennt abgelegt und mit verschiedenem Vorrang behandelt werden.

CoS

class of service

inter-domain

ddc:000

Border Gateway Protocol 4

Dienstgüte

Data-Driven Network Analysis and Applications

Tao, Narisu

14 September 2015

No description available.

510

Informatik (PPN619939052)

Quantificação da complexidade de processos de TI interdomínios / Quantifying the completity of inter-domain IT processes

Santos, Jose Rafael Xavier dos

January 2012

Serviços distribuídos exigem esforços cooperativos entre provedores de serviços distintos, com comunicação e troca de informações. Isto, entretanto, aumenta a complexidade associada aos processos de TI, e a entrega de serviços competitivos e com custos predizíveis depende do conhecimento e do controle desta complexidade. No presente trabalho, é proposta uma metodologia capaz de endereçar este cenário, no qual provedores de serviços distintos trabalham em conjunto, trocam informações, entretanto, por vezes omitem informações confidenciais entre si. Para isto, aplica um conjunto de métricas, quantifica a complexidade dos processos, define como os provedores trocarão entre si informações de seus procedimentos internos e como estas informações serão ajustadas para garantir a todos o mesmo resultado apesar de informações confidenciais serem, porventura, omitidas. A avaliação – cíclica – começa com o processo sendo projetado por todos os provedores, chamados de domínios de autoridade. Após finalizados os processos locais de cada um, estes são enviados a todos os domínios integrantes do processo, seguida da aplicação de ajustes de complexidade, o que garante que cada um terá uma visão completa e de complexidade coerente do processo. A aplicação das métricas é efetuada pela ferramenta complexity analyzer, que analisa gramaticalmente processos representados em XML até alcançar valores aceitáveis de complexidade. Um protótipo da ferramenta foi implementado e utilizado para avaliar um processo de TI mapeado de um caso real, validando a metodologia proposta. / Distributed services requires cooperative efforts among partner service providers, like communication and information exchange. This, however, increases the complexity associated to IT processes, and the delivery of services with predictable and competitive costs also depends on the knowledge and control of process complexity along service provider federations. Our proposed methodology is capable to address this scenario, that different service providers work together, exchanging information, however, sometimes hidding confidential information from one another. To reach these goals its applied a set of complexity metrics that quantifies the process complexity. It is also defined how all service providers will exchange and adjust process informations aiming to give to each one the same results even when confidential informations are ommited. The cyclic evaluation starts with the process design by each autonomous provider, called authority domain. When all parts of the processes are done, they are sent to all domains, followed by complexity adjustments, what guarantees that each domain will have a complete and trustable version of the entire process. The complexity analyzer is the tool used to collect the metrics. This tool analyzes grammaticaly XML represented processes until reached an aceptable complexity value. To validate the proposed methodology, a prototype of the complexity analyzer was developed and applied against a real case IT process.

Comunicacao : Dados

Tecnologia : Informacao

Configuration procedures

Inter-domain IT processes

Process complexity

IT processes

Quantificação da complexidade de processos de TI interdomínios / Quantifying the completity of inter-domain IT processes

Santos, Jose Rafael Xavier dos

January 2012

Serviços distribuídos exigem esforços cooperativos entre provedores de serviços distintos, com comunicação e troca de informações. Isto, entretanto, aumenta a complexidade associada aos processos de TI, e a entrega de serviços competitivos e com custos predizíveis depende do conhecimento e do controle desta complexidade. No presente trabalho, é proposta uma metodologia capaz de endereçar este cenário, no qual provedores de serviços distintos trabalham em conjunto, trocam informações, entretanto, por vezes omitem informações confidenciais entre si. Para isto, aplica um conjunto de métricas, quantifica a complexidade dos processos, define como os provedores trocarão entre si informações de seus procedimentos internos e como estas informações serão ajustadas para garantir a todos o mesmo resultado apesar de informações confidenciais serem, porventura, omitidas. A avaliação – cíclica – começa com o processo sendo projetado por todos os provedores, chamados de domínios de autoridade. Após finalizados os processos locais de cada um, estes são enviados a todos os domínios integrantes do processo, seguida da aplicação de ajustes de complexidade, o que garante que cada um terá uma visão completa e de complexidade coerente do processo. A aplicação das métricas é efetuada pela ferramenta complexity analyzer, que analisa gramaticalmente processos representados em XML até alcançar valores aceitáveis de complexidade. Um protótipo da ferramenta foi implementado e utilizado para avaliar um processo de TI mapeado de um caso real, validando a metodologia proposta. / Distributed services requires cooperative efforts among partner service providers, like communication and information exchange. This, however, increases the complexity associated to IT processes, and the delivery of services with predictable and competitive costs also depends on the knowledge and control of process complexity along service provider federations. Our proposed methodology is capable to address this scenario, that different service providers work together, exchanging information, however, sometimes hidding confidential information from one another. To reach these goals its applied a set of complexity metrics that quantifies the process complexity. It is also defined how all service providers will exchange and adjust process informations aiming to give to each one the same results even when confidential informations are ommited. The cyclic evaluation starts with the process design by each autonomous provider, called authority domain. When all parts of the processes are done, they are sent to all domains, followed by complexity adjustments, what guarantees that each domain will have a complete and trustable version of the entire process. The complexity analyzer is the tool used to collect the metrics. This tool analyzes grammaticaly XML represented processes until reached an aceptable complexity value. To validate the proposed methodology, a prototype of the complexity analyzer was developed and applied against a real case IT process.

Comunicacao : Dados

Tecnologia : Informacao

Configuration procedures

Inter-domain IT processes

Process complexity

IT processes

Protocole de routage externe type BGP dans un environnement réseaux tactiques adhoc mobiles : faisabilité et performances / Inter-domain routing for tactical mobile ad hoc networks : feasability and performances

Grandhomme, Florian

23 November 2017

Les théâtres d’opérations militaires s’organisent aujourd’hui sous la forme de coalitions. Les forces armées qui sont déployées possèdent des moyens technologiques (communication, routage) et créent des réseaux sans fil. Le mouvement de ces forces sur le terrain donne au réseau une topologie fortement dynamique. Il se caractérise comme un réseau sans fil mobile, plus communément appelé MANET (Mobile Ad hoc NETwork). Pour l’efficacité de la mission et des communications, il est intéressant d’interconnecter facilement les différents groupes participant à la coalition. Cependant, chaque membre de la coalition possède sa propre architecture et souhaite rester autonome, sans s’adapter aux autres. Comme les opérateurs ont pu le faire lors de la création de l’Internet avec le protocole BGP (Border Gateway Protocol), il est nécessaire de créer un protocole qui connecte tous ces groupes participant à la coalition. Ce protocole doit permettre de créer des connexions inter-groupes, supporter facilement les changements de topologies et appliquer des politiques de routage qui permettent d’indiquer des préférences de groupes à emprunter, par exemple. Dans cette thèse, nous allons dans un premier temps étudier la non-adaptabilité de BGP sur les réseaux MANET. Puis, nous étudierons les différentes propositions de la littérature. Ensuite, nous présenterons notre solution ITMAN (Inter Tactical Mobile Ad hoc Network) dans sa première version et les améliorations que nous avons pu y apporter. Enfin, nous terminerons ce manuscrit par les perspectives qui peuvent être menées suite à cette thèse. / Nowadays, military operations are organized as coalitions. The armed forces that are deployed have technological features (communication, routing) that create wireless networks. The mobility of these forces on the ground means that the network has a highly dynamic topology. This is a mobile wireless network, more commonly called MANET (Mobile Ad hoc NETwork). For mission and communication efficencies, interconnection between the various groups participating in the coalition is necessary. However, each member of the coalition has its own architecture and wants to keep independancy from the other groups technologies. This situation is similar as the Internet construction, where operators were able to interconnect their infrastructures with BGP (Border Gateway Protocol). It is important to create a protocol that can connect all the groups involved in the coalition. This protocol should allow inter-group connections, easily support topology changes and apply routing policies that specifies groups on the route preferences, for example. In this thesis, we first study the adaptability issues of BGP on MANET. Then, we study the proposals that have been made in the literature. Next, we present ITMAN (Inter Tactical Mobile Ad Hoc Network) in its first version and the improvements that have been made. Finally, we will conclude this manuscript with the perspectives that can be highlighted following this thesis.

Réseaux ad hoc mobiles

Routage

Inter-Domaine

Ad hoc networks

Mobile

Inter-domain

Routing

Quantificação da complexidade de processos de TI interdomínios / Quantifying the completity of inter-domain IT processes

Santos, Jose Rafael Xavier dos

January 2012

Serviços distribuídos exigem esforços cooperativos entre provedores de serviços distintos, com comunicação e troca de informações. Isto, entretanto, aumenta a complexidade associada aos processos de TI, e a entrega de serviços competitivos e com custos predizíveis depende do conhecimento e do controle desta complexidade. No presente trabalho, é proposta uma metodologia capaz de endereçar este cenário, no qual provedores de serviços distintos trabalham em conjunto, trocam informações, entretanto, por vezes omitem informações confidenciais entre si. Para isto, aplica um conjunto de métricas, quantifica a complexidade dos processos, define como os provedores trocarão entre si informações de seus procedimentos internos e como estas informações serão ajustadas para garantir a todos o mesmo resultado apesar de informações confidenciais serem, porventura, omitidas. A avaliação – cíclica – começa com o processo sendo projetado por todos os provedores, chamados de domínios de autoridade. Após finalizados os processos locais de cada um, estes são enviados a todos os domínios integrantes do processo, seguida da aplicação de ajustes de complexidade, o que garante que cada um terá uma visão completa e de complexidade coerente do processo. A aplicação das métricas é efetuada pela ferramenta complexity analyzer, que analisa gramaticalmente processos representados em XML até alcançar valores aceitáveis de complexidade. Um protótipo da ferramenta foi implementado e utilizado para avaliar um processo de TI mapeado de um caso real, validando a metodologia proposta. / Distributed services requires cooperative efforts among partner service providers, like communication and information exchange. This, however, increases the complexity associated to IT processes, and the delivery of services with predictable and competitive costs also depends on the knowledge and control of process complexity along service provider federations. Our proposed methodology is capable to address this scenario, that different service providers work together, exchanging information, however, sometimes hidding confidential information from one another. To reach these goals its applied a set of complexity metrics that quantifies the process complexity. It is also defined how all service providers will exchange and adjust process informations aiming to give to each one the same results even when confidential informations are ommited. The cyclic evaluation starts with the process design by each autonomous provider, called authority domain. When all parts of the processes are done, they are sent to all domains, followed by complexity adjustments, what guarantees that each domain will have a complete and trustable version of the entire process. The complexity analyzer is the tool used to collect the metrics. This tool analyzes grammaticaly XML represented processes until reached an aceptable complexity value. To validate the proposed methodology, a prototype of the complexity analyzer was developed and applied against a real case IT process.

Comunicacao : Dados

Tecnologia : Informacao

Configuration procedures

Inter-domain IT processes

Process complexity

IT processes

Diversifying The Internet

Liao, Yong

01 May 2010

Diversity is a widely existing and much desired property in many networking systems. This dissertation studies diversity problems in Internet, which is the largest computer networking system in the world. The motivations of diversifying the Internet are two-fold. First, diversifying the Internet improves the Internet routing robustness and reliability. Most problems we have encountered in our daily use of Internet, such as service interruptions and service quality degradation, are rooted in the inter-domain routing system of Internet. Inter-domain routing is policy-based routing, where policies are often based on commercial agreements between ASes. Although people know how to safely accommodate a few commercial agreements in inter-domain routing, for a large set of diverse commercial agreements, it is not clear yet what policy guidelines can accommodate them and guarantee convergence. Accommodating diverse commercial agreements not only is needed for ASes in Internet to achieve their business goals, it also provides more path diversity in inter-domain routing, which potentially benefits the inter-domain routing system. However, more reliable and robust routing cannot be achieve unless the routing system exploits the path diversity well. However, that is not the case for the current inter-domain routing system. There exist many paths in the underlying network, but the routing system cannot find those paths promptly. Although many schemes have been proposed to address the routing reliability problem, they often add significant more complexity into the system. The need for a more reliable inter-domain routing system without adding too much complexity calls for designing practical schemes to better exploit Internet path diversity and provide more reliable routing service. The increasing demands of providing value-added services in Internet also motivates the research work in this dissertation. Recently, network virtualization substrates and data centers are becoming important infrastructures. Network virtualization provides the ability to run multiple concurrent virtual networks in the same shared substrate. To better facilitate building application-specific networks so as to test and deploy network innovations for future Internet, a network virtualization platform must provide both high-degree of flexibility and high-speed packet forwarding in virtual networks. However, flexibility and forwarding performance are often tightly coupled issues in system design. Usually we have to sacrifice one in order to improve the other one. The lack of a platform that has both flexibility and good forwarding performance motivates the research in this dissertation to design network virtualization platforms to better support virtual networks with diverse functionalities in future Internet. The popularity of data centers in Internet also motivates this dissertation to studying scalable and cost-efficient data center networks. Data centers with a cluster of servers are already common places in Internet to host large scale networking applications, which require huge amount of computation and storage resources. To keep up with the performance requirements of those applications, a data center has to accommodate a large number of servers. As Internet evolves and more diverse applications emerge, the computation and storage requirements for data centers grow quickly. However, using the conventional interconnection structure is hard to scale the number of servers in data centers. Hence, it is of importance to design new interconnection structures for future data centers in Internet. Four interesting topics are explored in this dissertation: (i) accommodating diverse commercial agreements in inter-domain routing, (ii) exploiting the Internet AS-level path diversity, (iii) supporting diverse network data planes, and (iv) diverse interconnection networks for data centers. The first part of this dissertation explores accommodating diverse commercial agreements in inter-domain routing while guaranteeing global routing convergence, so as to provide more path diversity in Internet. The second part of this dissertation studies exploiting the path diversity in Internet by running multiple routing processes in parallel, which compute multiple paths and those paths can complement each other in case one path has problems when dynamics present in the routing system. The third part of this dissertation studies supporting concurrent networks with heterogeneous data plane functions via network virtualization. Two virtual network platforms are presented, which achieve both high-speed packet forwarding in each virtual network and high degree of flexibility for each virtual network to customize its data plane functions. The last part of this dissertation presents a new scalable interconnection structure for data center networks. The salient feature of this new interconnection structure is that it expands to any number of servers without requiring to physically upgrading the existing servers.

Data center networks

Inter-domain routing

Internet

Network virtualization

Electrical and Computer Engineering