DOCSLIB.ORG

XORP: an Open Platform for Network Research

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
XORP: an Open Platform for Network Research XORP: An Open Platform for Network Research Mark Handley Orion Hodson Eddie Kohler ICSI Center for Internet Research, Berkeley, California mjh, hodson, kohler @icir.org f g ABSTRACT searchers to experiment with and deploy new work on. Routing Network researchers face a significant problem when deploying toolkits exist, but typically they implement a subset of IP rout- software in routers, either for experimentation or for pilot deploy- ing functionality and are rarely used in production environments— ment. Router platforms are generally not open systems, in either routing and forwarding research requires access to real production the open-source or the open-API sense. In this paper we discuss the traffic and routing information to be validated. Similarly, open- problems this poses, and present an eXtensible Open Router Plat- source-based testbed networks such as CAIRN [1] provide valu- form (XORP) that we are developing to address these issues. Key able tools for the researcher, but they rarely provide a realistic test goals are extensibility, performance and robustness. We show that environment and are usually limited to a small number of sites due different parts of a router need to prioritize these differently, and to cost. A recent spate of research in open, extensible forwarding examine techniques by which we can satisfy these often conflicting paths is moving in the right direction [6, 11], but a truly extensible, goals. We aim for XORP to be both a research tool and a stable production-quality router would need routing daemons, forwarding deployment platform, thus easing the transition of new ideas from information bases, management interfaces, and so on in addition to the lab to the real world. a forwarding path. How then can we enable a pathway that permits research and ex- perimentation to be performed in production environments whilst 1 VALIDATING INTERNET RESEARCH minimally impacting existing network services? In part, this is the A yawning gap exists between research and practice concerning same problem that Active Networks attempted to solve, but we be- Internet routing and forwarding disciplines. The savvy researcher lieve that a much more conservative approach is more likely to see has the tools of theory and simulation at hand, but validating results real-world usage. in the real world is hard. Why should this be so? We envision an integrated open-source software router platform, For network applications research, we have access to languages, running on commodity hardware, that is viable as a research and APIs, and systems that make development and deployment easy. as a production platform. The software architecture should be de- For end-to-end protocol research, we have access to open source signed with extensibility as a primary goal and should permit ex- operating systems, such as Linux and FreeBSD. End-to-end proto- perimental protocol deployment with minimal risk to existing ser- cols can be simulated and implemented in these systems. And since vices using that router. Internet researchers needing access to router these operating systems are used in both research and production software could then share a common platform for experimentation environments, migration from the research to the production envi- deployed in places where real traffic conditions exist. Researchers ronment is feasible. TCP SACK provides an excellent example [8]. working on novel router hardware could also use the mature soft- Unfortunately the same cannot be said of router software. Router ware from this platform to test their hardware in real networks. In vendors do not provide API’s that allow third party applications these ways, the loop between research and realistic real-world ex- to run on their hardware. Thus, even conducting a pilot study in perimentation can be closed, and innovation can take place much a production network requires the router vendor to implement the more freely. protocol. Unless the router vendor perceives a reward in return for the effort, they are unlikely to invest resources in the protocol im- 1.1 Alternatives plementation. Similarly, customers are unlikely to request a feature unless they have faith in existing research results or can experi- Having motivated the need for an open router on which net- ment in their own environment. A catch-22 situation exists of not work research can be deployed, we discuss the alternatives in more being able to prototype and deploy new experimental protocols in detail—simulations and network testbeds. any kind of realistic environment. Even when vendors can be con- First, we note that it has not always been so difficult to deploy vinced to implement, it is not uncommon for initial implementa- experimental work on the Internet. Prior to the advent of the World tions of a protocol to be found wanting, and the path to improving Wide Web, the Net was predominantly non-commercial. Most of its the protocols is often difficult and slow. Finally, network operators users came from universities and other research labs. Whilst there are almost always reluctant to deploy experimental services in pro- was a tension between conducting research and providing a net- duction networks for fear of destabilizing their existing (hopefully working service, researchers could have access to the network to money-making) services. run experiments, develop and test new protocols, and so forth. With Thus, we believe the difficulty in validating Internet research is the advent of the Web, the network grew rapidly and commercial largely attributable to the absence of open Internet routers for re- ISPs emerged. Even the academic parts of the network became re- luctant to perform networking experiments for fear of disrupting regular traffic. In the commercial parts of the network, where inter- First Workshop on Hot Topics in Networks, Princeton, New Jersey, October 28–29, 2002 esting scaling phenomena started to emerge, it was nearly impos- Permission to make digital or hard copies of all or part of this work for any sible to do any form of experimentation. Growth was so rapid that purpose is granted without fee provided that copies bear this notice and the it was all ISPs could do to keep up with provisioning. These prob- full citation on the first page. lems were recognised, and two main solutions emerged: network Copyright c 2002 International Computer Science Institute testbeds and network simulators. Network testbeds rarely resulted in good network research. One present an integrated router user interface to the network op- notable exception was DARTnet [3], which used programmable erator, which reduces the likelihood of acceptance. routers that network researchers had access to. Among its achieve- Researchers could develop a new open-source router, designed ments, DARTnet demonstrated IP multicast and audio and video • conferencing over IP. It worked well because the network users from the ground up for extensibility, robustness, and perfor- were also the network researchers and so there was less tension mance. It would take time to build such a router, and then to involved in running experiments. convince the network operator community that it met strin- Over recent years, the majority of network research that involved gent robustness standards, but the resulting router would make testing protocols has taken place in network simulators such as ns. a more useful research platform than any of the other choices. Among the desirable properties of simulators is the complete con- We have chosen this last path, which we call the Extensible Open trol they provide over all the parameters of a system, and so a large Router Platform, or XORP. Our design addresses the four major range of scenarios can be examined. Within the research commu- challenges in building an open-source router: traditional router fea- nity the ns simulator has been particularly successful1. Many re- tures, extensibility, performance, and robustness. searchers have contributed to improve ns itself, but an even greater number have used it in their research. Many published results are Features. Real-world routers must support a long feature list, in- supported by publicly available simulation code and scripts. This cluding routing protocols, management interfaces, queue man- has allowed for the direct comparison of contemporary networking agement, and multicast. algorithms and allowed for independent verification of results. It could therefore be argued that ns has increased the rigor of network Extensibility. Every aspect of the router should be extensible, from research. routing protocols down to details of packet forwarding. The Conversely, it could equally well be argued that simulators make router must support multiple simulatenous extensions as long it too easy to run experiments and are responsible for numerous as those extensions don’t conflict. APIs between router com- papers that bear little, or no, relationship to real networks. Accord- ponents should be both open and easy to use. ingly there is understandable doubt about any claims until they’ve been demonstrated in the real world. Performance. XORP isn’t designed for core routers, at least not Even in skilled hands, simulators have limits. When work re- initially. However, forwarding performance is still important: quires access to real traffic patterns, or needs to interact with real that is the purpose of a router. Scalability in the face of rout- routing protocols, or relates to deployed implementations warts- ing table size or number of peers is also critical. and-all, there is no substitute for real-world experimentation. Robustness. Real-world routers must not crash or misroute pack- ets. A fragile router faces an extremely difficult deployment 2 ARCHITECTURE AND REQUIREMENTS path. Extensibility makes robustness even more difficult to We’ve hopefully convinced you that Internet research would be achieve: extensions are inherently experimental, yet their use better off if changes and extensions could be provisionally deployed. should not compromise the router’s robustness (except per- No simulation or testing environment can provide similarly useful haps for a subset of packets intended for the extension).
Load more

Recommended publications
  • Hotspot Feature for Wi-Fi Clients with RADIUS User Authentication on Digi Transport
    Application Note 56 Hotspot feature for Wi-Fi clients with RADIUS User Authentication on Digi TransPort. Digi Support November 2015 1 Contents 1 Introduction ......................................................................................................................................... 4 1.1 Outline ......................................................................................................................................... 4 1.2 Assumptions ................................................................................................................................ 4 1.3 Corrections .................................................................................................................................. 4 2 Version .................................................................................................................................................5 3 Configuration .......................................................................................................................................5 3.1 Mobile Interface Configuration .....................................................................................................5 3.2 Ethernet Interface Configuration ................................................................................................. 6 3.2.1 ETH 0 Configuration ................................................................................................................. 6 3.2.2 ETH 12 Logical Interface Configuration ....................................................................................
    [Show full text]
  • "Mutually Controlled Routing with Independent Isps"
    Mutually Controlled Routing with Independent ISPs Ratul Mahajan David Wetherall Thomas Anderson Microsoft Research University of Washington University of Washington and Intel Research Abstract – We present , an Internet routing pro- Our intent is to develop an interdomain routing proto- Wiser tocol that enables ISPs to jointly control routing in a way col that addresses these problems at a more basic level. that produces efficient end-to-end paths even when they We aim to allow all ISPs to exert control over all routes act in their own interests. is a simple extension to as large a degree as possible, while still selecting end- Wiser of BGP, uses only existing peering contracts for mone- to-end paths that are of high quality. This is a difficult tary exchange, and can be incrementally deployed. Each problem and there are very few examples of effective me- ISP selects paths in a way that presents a compromise diation in networks, despite competitive interests having between its own considerations and those of other ISPs. long been identified as an important factor [8]. Done over many routes, this allows each ISP to improve While it is not a priori obvious that it is possible to its situation by its own optimization criteria compared to succeed at this goal, our earlier work on Nexit [28] sug- the use of BGP today. We evaluate using a router- gests that efficient paths are, in fact, a feasible outcome of Wiser level prototype and simulation on measured ISP topolo- routing across independent ISPs in realistic network set- gies. We find that, unlike Internet routing today, tings.
    [Show full text]
  • Multiple Internet Connections by Balancing Traffic and Managing Failover with Zeroshell
    Multiple Internet Connections by Balancing Traffic and Managing Failover With Zeroshell The purpose of this document is to describe the creation of a router to access a network that uses multiple Internet connections in order to balance the outgoing LAN demand and to obtain network access redundancy, managing fault situations for one or multiple lines. To reach our objective, we shall use the Net Balancer module by Zeroshell. Lastly, we shall examine the possibility of aggregation (Bonding) of VPN aimed at increasing the bandwidth for point-to-point connection between remote locations via the Internet. Is it really possible to increase the Internet connection bandwidth? The answer to this question is not, "yes, absolutely." It depends on what you mean by increasing the Internet connection bandwidth. In essence, the Net Balancer distributes requests originating from the LAN by round-robin (weighed) policy over multiple Internet gateways. In other words, if at a given point in time there is only one LAN user making only one TCP connection (e.g. he executes only one download from the web), his traffic will flow from a single gateway, thus it would not benefit from balanced connections. Instead, if the LAN is crowded with users, each executing multiple requests at the same time, as a whole, their connections will have access to a higher bandwidth, equal to the sum of the single-access bandwidths. We then conclude that a single connection may never have more bandwidth than what offered by a single link, while multiple simultaneous connections will, on average, altogether have access to a greater bandwidth, which will stretch to the sum of the bandwidths of all the Internet links being balanced.
    [Show full text]
  • Linksys E800 Router User Guide
    User Guide Linksys E800 Linksys E800 Contents Contents Product overview How to find your network on the Internet 14 How to clone a MAC address 15 Package contents 1 How to connect to your corporate office using a VPN 15 Features 1 Back view 2 How to optimize your router for gaming and voice 16 Bottom view 2 How to remotely change your router settings 17 How to enable Voice over IP on your network 18 Setting Up: Basics How to configure UPnP 19 How to create a home network 3 How to use a router as an access point 19 What is a network? 3 How to put your new router behind an existing router 21 How to set up a home network 3 To add your router to an existing router or gateway 21 Where to find more help 3 To share an Internet connection 21 To extend your network 23 How to set up your router 3 How to start Cisco Connect 4 How to expose a device to the Internet 23 How to improve your wireless connection speed 5 How to test your Internet connection speed 5 Improving Security How to connect devices to your network 6 How do I know if my network is secure? 25 How to connect a computer to your network 6 How to connect a printer 8 Network security following a manual setup 25 How to connect other devices 8 How to set up wireless security using Wi-Fi Protected Setup 26 How to change your router’s name and password 10 Wi-Fi Protected Setup activity light 26 Connecting a device using the Wi-Fi Protected Setup button 26 How to connect a device using its Wi-Fi Protected Setup PIN 27 How to connect a device using the router’s Wi-Fi Protected Setup PIN 27
    [Show full text]
  • Internet Protocol Suite
    InternetInternet ProtocolProtocol SuiteSuite Srinidhi Varadarajan InternetInternet ProtocolProtocol Suite:Suite: TransportTransport • TCP: Transmission Control Protocol • Byte stream transfer • Reliable, connection-oriented service • Point-to-point (one-to-one) service only • UDP: User Datagram Protocol • Unreliable (“best effort”) datagram service • Point-to-point, multicast (one-to-many), and • broadcast (one-to-all) InternetInternet ProtocolProtocol Suite:Suite: NetworkNetwork z IP: Internet Protocol – Unreliable service – Performs routing – Supported by routing protocols, • e.g. RIP, IS-IS, • OSPF, IGP, and BGP z ICMP: Internet Control Message Protocol – Used by IP (primarily) to exchange error and control messages with other nodes z IGMP: Internet Group Management Protocol – Used for controlling multicast (one-to-many transmission) for UDP datagrams InternetInternet ProtocolProtocol Suite:Suite: DataData LinkLink z ARP: Address Resolution Protocol – Translates from an IP (network) address to a network interface (hardware) address, e.g. IP address-to-Ethernet address or IP address-to- FDDI address z RARP: Reverse Address Resolution Protocol – Translates from a network interface (hardware) address to an IP (network) address AddressAddress ResolutionResolution ProtocolProtocol (ARP)(ARP) ARP Query What is the Ethernet Address of 130.245.20.2 Ethernet ARP Response IP Source 0A:03:23:65:09:FB IP Destination IP: 130.245.20.1 IP: 130.245.20.2 Ethernet: 0A:03:21:60:09:FA Ethernet: 0A:03:23:65:09:FB z Maps IP addresses to Ethernet Addresses
    [Show full text]
  • Openflow: Enabling Innovation in Campus Networks
    OpenFlow: Enabling Innovation in Campus Networks Nick McKeown Tom Anderson Hari Balakrishnan Stanford University University of Washington MIT Guru Parulkar Larry Peterson Jennifer Rexford Stanford University Princeton University Princeton University Scott Shenker Jonathan Turner University of California, Washington University in Berkeley St. Louis This article is an editorial note submitted to CCR. It has NOT been peer reviewed. Authors take full responsibility for this article’s technical content. Comments can be posted through CCR Online. ABSTRACT to experiment with production traffic, which have created an This whitepaper proposes OpenFlow: a way for researchers exceedingly high barrier to entry for new ideas. Today, there to run experimental protocols in the networks they use ev- is almost no practical way to experiment with new network ery day. OpenFlow is based on an Ethernet switch, with protocols (e.g., new routing protocols, or alternatives to IP) an internal flow-table, and a standardized interface to add in sufficiently realistic settings (e.g., at scale carrying real and remove flow entries. Our goal is to encourage network- traffic) to gain the confidence needed for their widespread ing vendors to add OpenFlow to their switch products for deployment. The result is that most new ideas from the net- deployment in college campus backbones and wiring closets. working research community go untried and untested; hence We believe that OpenFlow is a pragmatic compromise: on the commonly held belief that the network infrastructure has one hand, it allows researchers to run experiments on hetero- “ossified”. geneous switches in a uniform way at line-rate and with high Having recognized the problem, the networking commu- port-density; while on the other hand, vendors do not need nity is hard at work developing programmable networks, to expose the internal workings of their switches.
    [Show full text]
  • Using the Cisco IOS Web Browser User Interface
    Using the Cisco IOS Web Browser User Interface The Cisco IOS software includes a Web browser user interface (UI) from which you can issue Cisco IOS commands. The Cisco IOS Web browser UI is accessed from the router home page, and can be customized for your business environment. For example, you can view pages in different languages and save them in Flash memory for easy retrieval. For a complete description of the Cisco Web browser UI configuration commands in this chapter, refer to the “Cisco IOS Web Browser User Interface Commands”chapter of the Configuration Fundamentals Command Reference. To locate documentation of other commands that appear in this chapter, use the Cisco IOS Command Reference Master Index or search online. • Finding Feature Information, on page 1 • Prerequisites for Cisco IOS Web Browser User Interface, on page 1 • Restrictions for Cisco IOS Web Browser User Interface, on page 2 • Information About Cisco IOS Web Browser User Interface, on page 2 • How to Configure and Use the Cisco IOS Web Browser User Interface, on page 7 • Configuration Examples for the Cisco IOS Web Browser User Interface, on page 12 Finding Feature Information Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table at the end of this module. Use Cisco Feature Navigator to find information about platform support and Cisco software image support.
    [Show full text]
  • Voice Over IP Digital Phone Concerns with Security and Fire Alarm Communications Systems
    Voice Over IP Digital Phone Concerns with Security and Fire Alarm Communications Systems OMNI Fire and Security Systems LP, 9811 North Freeway #A101, Houston, TX, 77037, (281) 591-1944 Disclaimer: The term “digital phone” as used within this document refers to the generic VOIP phone infrastructure and layout. The term does NOT refer to the Digital Phone service offered by Time Warner Cable or Time Warner. The Digital Phone service is a trademark of Time Warner Communications and for more information on their service, please visit http://www.twcdigitalphone.com. This article outlines the new weaknesses concerned with Voice Over IP (VOIP) Digital Phone Service and how it can affect security and fire alarm system communication. VOIP service is much different than classic POTS telephone lines in that it routes all phone traffic through a digital converter, then over the internet. When compared with a POTS line, new concerns are introduced that could affect the stability and dependability of burglar or fire alarm system communication. Plain old telephone service, or POTS, is the service available from analogue telephones prior to the introduction of electronic telephone exchanges into the public switched telephone network. These services had been available almost since the introduction of the telephone system in the late 19th century. VOIP is a very new technology and this list will help reduce the possibilities of failure wherever possible by educating the end user and presenting possible solutions. 1 Power Supply Problem The VOIP modem can come as a stand-alone network device, or a combination broadband modem/router/and VOIP converter.
    [Show full text]
  • Brocade Vyatta Network OS LAN Interfaces Configuration Guide, 5.2R1
    CONFIGURATION GUIDE Brocade Vyatta Network OS LAN Interfaces Configuration Guide, 5.2R1 Supporting Brocade 5600 vRouter, VNF Platform, and Distributed Services Platform 53-1004724-01 24 October 2016 © 2016, Brocade Communications Systems, Inc. All Rights Reserved. Brocade, the B-wing symbol, and MyBrocade are registered trademarks of Brocade Communications Systems, Inc., in the United States and in other countries. Other brands, product names, or service names mentioned of Brocade Communications Systems, Inc. are listed at www.brocade.com/en/legal/ brocade-Legal-intellectual-property/brocade-legal-trademarks.html. Other marks may belong to third parties. Notice: This document is for informational purposes only and does not set forth any warranty, expressed or implied, concerning any equipment, equipment feature, or service offered or to be offered by Brocade. Brocade reserves the right to make changes to this document at any time, without notice, and assumes no responsibility for its use. This informational document describes features that may not be currently available. Contact a Brocade sales office for information on feature and product availability. Export of technical data contained in this document may require an export license from the United States government. The authors and Brocade Communications Systems, Inc. assume no liability or responsibility to any person or entity with respect to the accuracy of this document or any loss, cost, liability, or damages arising from the information contained herein or the computer programs that accompany it. The product described by this document may contain open source software covered by the GNU General Public License or other open source license agreements. To find out which open source software is included in Brocade products, view the licensing terms applicable to the open source software, and obtain a copy of the programming source code, please visit http://www.brocade.com/support/oscd.
    [Show full text]
  • Function of Tcp Ip Protocol Suite
    Function Of Tcp Ip Protocol Suite politically?Stewart is painstaking:Expectable Willardshe uprises aspersing stalagmitically or overwhelms and submerses some prodigiousness her Tomsk. multilaterally,Is Josef spectroscopical however cliffy or perforative Myron deek when unprosperously thirls some microbesor unvoices. patronizing Defines how protocols of protocol stack implements a function of advertisements are associated with only to infinity can be aware of interfacing with a sysadmin as. The unsuspecting hapless user may cause his application to crash or otherwise fail. But obscure protocol suite and ip makes sure that. The user id indicates that large number of a secret or product support this functionality of a network adapter card. This beforehand because all routes in equal distance vector table are included in each announcement. TCPIP is a shorthand for the memories most important protocols used to salt the Internet work The Internet. Therefore, MBGP can create routes for both unicast and multicast traffic. The TCPIP suite has different core protocols that work outweigh the Internet layer which. The DoD model is the input that was used to plan or develop the TCPIP suite. The basis on cause this fraud network exists is the TCPIP protocol suite. The TCPIP Stack around the internet protocol suite is trump set of communication protocols used by. Ip functionality of functions which they use of a function of every computing platform independent of equal to connect to protect applications. When tcp protocol suite and function at each level. Connections are made to the first host in the anycast address group to respond. What is OSI Model 7 Layers Explained Imperva.
    [Show full text]
  • Virtually Eliminating Router Bugs
    Virtually Eliminating Router Bugs Eric Keller∗ Minlan Yu∗ Matthew Caesar† Jennifer Rexford∗ ∗ Princeton University, Princeton, NJ, USA † UIUC, Urbana, IL, USA [email protected] {minlanyu, jrex}@cs.princeton.edu [email protected] ABSTRACT 1. INTRODUCTION Software bugs in routers lead to network outages, security The Internet is an extremely large and complicated dis- vulnerabilities, and other unexpected behavior. Rather than tributed system. Selecting routes involves computations across simply crashing the router, bugs can violate protocol se- millions of routers spread over vast distances, multiple rout- mantics, rendering traditional failure detection and recovery ing protocols, and highly customizable routing policies. Most techniques ineffective. Handling router bugs is an increas- of the complexity in Internet routing exists in protocols im- ingly important problem as new applications demand higher plemented as software running on routers. These routers availability, and networks become better at dealing with tra- typically run an operating system, and a collection of proto- ditional failures. In this paper, we tailor software and data col daemons which implement the various tasks associated diversity (SDD) to the unique properties of routing proto- with protocol operation. Like any complex software, routing cols, so as to avoid buggy behavior at run time. Our bug- software is prone to implementation errors, or bugs. tolerant router executes multiple diverse instances of routing software, and uses voting to determine the output to publish 1.1 Challenges in dealing with router bugs to the forwarding table, or to advertise to neighbors. We de- sign and implement a router hypervisor that makes this par- The fact that bugs can produce incorrect and unpredictable allelism transparent to other routers, handles fault detection behavior, coupled with the mission-critical nature of Inter- and booting of new router instances, and performs voting in net routers, can produce disastrous results.
    [Show full text]
  • Rebooting a Router
    Rebooting a Router This chapter describes the basic procedure a router follows when it reboots, how to alter the procedure, and how to use the ROM Monitor. For a complete description of the booting commands mentioned in this chapter, refer to the “Booting Commands” chapter in the Cisco IOS Configuration Fundamentals Command Reference. To locate documentation of other commands that appear in this chapter, use the command reference master index or search online. Rebooting a Router Task List You can perform the tasks related to rebooting discussed in the following sections: • Displaying Booting Information • Rebooting Procedures • Modifying the Configuration Register Boot Field • Setting Environment Variables • Scheduling a Reload of the System Image • Entering ROM Monitor Mode • Manually Loading a System Image from ROM Monitor • Configuring High System Availability on the Cisco 7500 Series Cisco IOS Configuration Fundamentals Configuration Guide FC-207 Rebooting a Router Displaying Booting Information Displaying Booting Information Use the following commands in EXEC mode to display information about system software, system image files, and configuration files: Command Purpose show bootvar Lists the contents of the BOOT environment variable, the name of the configuration file pointed to by the CONFIG_FILE environment variable, and the contents of the BOOTLDR environment variable. more nvram:startup-config Lists the startup configuration information. On all platforms except the Class A Flash file systems, the startup configuration is usually in NVRAM. On Class A Flash file systems, the CONFIG_FILE environment variable points to the startup configuration, defaulting to NVRAM. show version Lists the system software release version, system image name, configuration register setting, and other information.
    [Show full text]