Julius‐Maximilians‐Universität Network of Excellence: Euro‐NF Würzburg National Platform for Anticipating the Network of the Future Internet Studies Future – From Theory to Design

Information Technology Society

11th Würzburg Workshop on IP: Joint ITG and Euro‐NF Workshop on “Visions of Future Generation Networks“ (EuroView2011)

Co‐located with Official G‐Lab Status Meeting

August 1st –August 2nd, 2011 Würzburg / Germany

Chair of Communication Networks Institute of Computer Science University of Würzburg

11th Würzburg Workshop on IP: Joint ITG and Euro‐NF Workshop on "Visions of Future Generation Networks" (EuroView2011) Co‐located with Official G‐Lab Status Meeting

August 1st ‐ August 2nd 2011

Workshop Organization Committee Prof. Phuoc Tran‐Gia Dr. Tobias Hoßfeld Dr. Rastin Pries Dr. Dirk Staehle

Demo Session Organization Committee Dr. Rastin Pries

Technical Organization Gisela Förster and David Hock (local organization) Florian Wamser (technical organization and proceedings) Matthias Hirth and Michael Duelli (website) Frank Lehrieder (submissions)

Overview

The workshop's tradition and intention is to foster the communication among researchers from industry, universities, and other research institutes. To that end, keynote speeches by outstanding personalities and technical talks about current research will be presented and room for poster presentations will be offered.

The workshop series originated in 2000 and is supported since then by the German Information Technology Society. Since 2006, the workshop series focuses on "Visions of Future Generation Networks" and is called EuroView which is financially sponsored by the Network of Excellence Euro‐NF (within European Union Framework Programme 7). EuroView2011 is co‐located with the official G‐Lab status meeting.

th

11 Würzburg Workshop on IP:

Joint ITG and Euro‐NF Workshop on

“Visions of Future Generation Networks“ EuroView2011

Co‐located with Official G‐Lab Status Meeting

Chair of Communication Networks Institute of Computer Science University of Würzburg

Focus

The focus of this year's symposium is on "Future Internet Design and Experimental Facilities", and in particular on current efforts towards a future Internet. This comprises overviews of selected testbed expert groups as well as current and future national and international collaborative projects. We would like to stimulate discussions on future Internet applications, future wireline and wireless Internet architectures, and experimental facilities.

Robert Kahn, Internet pioneer who invented the Transmission Control Protocol and the Internet Protocol along with Vinton G. Cerf, will give a keynote talk at EuroView 2011. Furthermore, a keynote talk on "Networking paradigm for Information Universe" will be given by Prof. Dr. Yanghee Choi (Chair of the Future Internet Forum of Korea) and an invited talk on "The Future Internet Research Plan in Korea" by Prof. Dr. Younghee Lee".

The following invited sessions are organized

 German G‐Lab project

 Future Internet Activities in FP7 (organized by Dr. Rüdiger Martin, EC)

 GENI Update: Ramping Up Experiments and Future Plans (organized by Mark Berman, GPO/BBN).

Several international experts comitted to present their visions.

th

11 Würzburg Workshop on IP:

Joint ITG and Euro‐NF Workshop on

“Visions of Future Generation Networks“ EuroView2011

Co‐located with Official G‐Lab Status Meeting

Chair of Communication Networks Institute of Computer Science University of Würzburg

EuroView 2011 Workshop Program

Monday, August 1st, 2011 – Tuesday, August 2nd, 2011 Session 1‐7, Demo Session, Poster Session

th

11 Würzburg Workshop on IP:

Joint ITG and Euro‐NF Workshop on

“Visions of Future Generation Networks“ EuroView2011

Co‐located with Official G‐Lab Status Meeting

Chair of Communication Networks Institute of Computer Science University of Würzburg

Monday, August 1st Program – Keynote & Session 1

Monday, August 1st, 2011, 9:15 AM to 9:45 AM Keynote

Robert Kahn (Corporation for National Research Initiatives, US) A Framework for Managing the Digital Object Architecture 15

Monday, August 1st, 2011, 9:45 AM to 10:45 AM Session 1: Social Networks and QoE

Raimund Schatz, Peter Reichl (Forschungszentrum Telekommunikation Wien (FTW), Vienna, Austria) Quality of Experience ‐ More Than Just Another Buzzword? 19

Phuoc Tran‐Gia, Tobias Hoßfeld, Matthias Hirth (University of Würzburg, Würzburg, Germany), Ingo Scholtes (University of Trier, Trier, Germany) Modelling of Emerging Internet Services: Social Networks and Crowdsourcing 21

Felix Wu (University of California, Davis, USA) Trustworthy Social Informatics, A Relationship‐Centric Networking Paradigm 23

th

11 Würzburg Workshop on IP:

Joint ITG and Euro‐NF Workshop on

“Visions of Future Generation Networks“ EuroView2011

Co‐located with Official G‐Lab Status Meeting

Chair of Communication Networks Institute of Computer Science University of Würzburg

Program – Session 2

Monday, August 1st, 2011, 11:15 AM to 12:30 AM Session 2: GENI (organized by Mark Berman)

Mark Berman (GENI Project Office, Cambridge, Massachusetts) Ramping Up Experiments in GENI 27

Justin Rohrer, Egemen Çetinkaya, James Sterbenz (University of Kansas, Lawrence, Kansas) Resilience Experiments in the GpENI Programmable Future Internet Testbed 29

Rick McGeer (HP Labs, Palo Alto, California) TRANSCLOUD: Design Considerations for a High‐Performance Cloud Architecture Across Multiple Administrative Domains 31

Michael Zink, David Irwin, Emmanuel Cecchet, Prashant Shenoy (University of Massachusetts, Amherst, Massachusetts) NowCasting: UMass/CASA Weather Radar Demonstration 35

Program – Session 3

Monday, August 1st, 2011, 1:45 PM to 3:05 PM Session 3: Future Internet Initiatives

Invited talk Younghee Lee (Future Internet Project Manager, Korea Communications Agency, Seoul, Korea) The Future Internet Research Plan in Korea 39

W. Burakowski, H. Tarasiuk, A. Beben (Warsaw University of Technology, Warsaw, Poland), A. Binczweski, R. Kryzwania, L. Dolata (Supercomputing and Networking Centre, Poznan, Poland), J. Sliwinski, J. Mongay Batalla (National Institute of Telecommunication, Warsaw, Poland) PL‐LAB: Polish Initiative to Develop Laboratory Infrastructure for Testing Future Internet Solutions 41

Kurt Tutschku (University of Vienna, Vienna, Austria), Markus Fiedler (Blekinge Institute of Technology, Karlskrona, Sweden) The Euro‐NF Vision for Future Networks and Contributions from the Specific Joint Projects 43

Juan Felipe Botero, Xavier Hesselbach (University Politecnica de Catalunya, Barcelona, Spain), Michael Duelli, Daniel Schlosser (University of Würzburg, Würzburg, Germany), Andreas Fischer, Hermann de Meer (University of Passau, Passau, Germany) Flexible VNE Algorithms Analysis using ALEVIN 47

Program – Session 4

Monday, August 1st, 2011, 3:35 PM to 5:15 PM Session 4: Network Protocols

Tülin Atmaca, Van T. Nguyen, Dung T. Nguyen, Glenda Gonzalez (Institut Telecom/Telecom SudParis, Evry, France), Joel Rodrigues (University of Beira Interior, Covilha, Portugal) A Solution for Synchronization Problem of Interconnected Metro Access and Metro Core Ring Networks 51

Andreas Mäder, Peter Rost (NEC Laboratories Europe, Heidelberg, Germany), Dirk Staehle (University of Wuerzburg, Wuerzburg, Germany) The Challenges of M2M Communications for the Cellular Radio Access Network 53

Isil Burcu Barla, Dominik A. Schupke (Nokia Siemens Networks, Munich, Germany), Georg Carle (University of Technology, Munich, Germany) Analysis of Resilience in Virtual Networks 55

Jiachen Chen, Mayutan Arumaithurai, Xiaoming Fu (University of Goettingen, Germany), K.K. Ramakrishnan (AT&T Labs‐Research, USA) Gaming with COPS: A Content Centric Communication Infrastructure for Gaming Applications 57

Gerhard Haßlinger (Deutsche Telekom Netzproduktion, Darmstadt, Germany) Internet‐based Content Delivery: Traffic Management in CDN and P2P Overlays 59

th

11 Würzburg Workshop on IP:

Joint ITG and Euro‐NF Workshop on

“Visions of Future Generation Networks“ EuroView2011

Co‐located with Official G‐Lab Status Meeting

Chair of Communication Networks Institute of Computer Science University of Würzburg Tuesday, August 2nd Program – Keynote & Session 5

Tuesday, August 2nd, 2011, 9:00 AM to 9:30 AM Keynote

Yanghee Choi (FIF chair, Seoul, Korea) Networking Paradigm for Information Universe 63

Tuesday, August 2nd, 2011, 9:30 AM to 10:50 AM Session 5: Security and Quality of Service

Dennis Schwerdel, Bernd Reuther, Paul Müller (University of Kaiserslautern, Kaiserslautern, Germany) Maleware Analysis in the ToMaTo Testbed (Demo) 67

Sebastian Meiling, Dominik Charousset, Thomas Schmidt (Hamburg University of Applied Sciences, Hamburg, Germany), Matthias Wählisch (Freie Universität Berlin, Berlin, Germany) HAMcast: Evaluation of a High Throughput Middleware for Universal Multicast 69

Florian Liers (TU Ilmenau, Ilmenau, Germany) as leader of the G‐Lab Special Interest Group Functional Composition GAPI: A G‐Lab Application‐to‐Network Interface 71

Markus Bauer, Stefanie Braun, Peter Domschitz (Alcatel‐Lucent, Stuttgart, Germany) Media Processing in the Future Internet 73

th

11 Würzburg Workshop on IP:

Joint ITG and Euro‐NF Workshop on

“Visions of Future Generation Networks“ EuroView2011

Co‐located with Official G‐Lab Status Meeting

Chair of Communication Networks Institute of Computer Science University of Würzburg

Program – Session 6

Tuesday, August 2nd, 2011, 11:20 AM to 12:50 AM Session 6: Future Internet Activities in FP7 (organized by Rüdiger Martin)

Rüdiger Martin (European Commission, Brussels, Belgium) Overview of the Future EU Funding (abstract not available)

Thomas Bohnert (SAP Research Center, Zurich, Switzerland) FI‐WARE, Core Platform (abstract not available)

Kolja Eger, Johannes Riedl (Siemens AG, Germany), Werner Mohr (Nokia Siemens Networks GmbH & Co. KG, Munich, Germany) With the Future Internet towards a Smart Grid 77

Martin Potts (Martel GmbH, Switzerland) The FI‐PPP INFINITY Project 79

th

11 Würzburg Workshop on IP:

Joint ITG and Euro‐NF Workshop on

“Visions of Future Generation Networks“ EuroView2011

Co‐located with Official G‐Lab Status Meeting

Chair of Communication Networks Institute of Computer Science University of Würzburg

Program – Poster Session

Tuesday, August 2nd, 2011, 2:00 PM to 3:00 PM Poster Session EuroView

Kai Jakobs (RWTH Aachen University, Aachen, Germany) Strengthening the Role of Europe in the Standardization of the Future Internet 83

Jochen Eisl (Nokia Siemens Networks, Munich, Germany), Gerhard Haßlinger (Deutsche Telekom Netzproduktion, Darmstadt, Germany), Björn Erichsen (Telefonica o2), Thomas Bauschert (Technische Universität Chemnitz, Chemnitz, Germany), Adam Wolisz (Technische Universität Berlin, Berlin, Germany) MEVICO ‐ Mobile networks EVolution for Individual COmmunications experience 85

Truong Thu Huong, Pham Ngoc Nam, Nguyen Huu Thanh (Hanoi University of Science and Technology, Hanoi, Vietnam), Daniel Schlosser, Michael Jarschel, Rastin Pries (University of Würzburg, Würzburg, Germany) ECODANE – Reducing Energy Consumption in Data Center Networks based on Traffic Engineering 87

Daniel Manns, Thomas M. Knoll (Technische Universität Chemnitz, Chemnitz, Germany) Transparent TCP to SCTP Translation 89

Raimund Schatz, Sebastian Egger (Forschungszentrum Telekommunikation Wien (FTW), Vienna, Austria), Tobias Hoßfeld (University of Würzburg, Würzburg, Germany) Understanding Ungeduld – Quality of Experience Assessment and Modeling for Internet Applications 91

Peter Fröhlich, Raimund Schatz (Forschungszentrum Telekommunikation Wien (FTW), Vienna, Austria) User‐centered Quality Assessment of HD IPTV Services – Results from the FP7 Project OptiBand 93

th

11 Würzburg Workshop on IP:

Joint ITG and Euro‐NF Workshop on

“Visions of Future Generation Networks“ EuroView2011

Co‐located with Official G‐Lab Status Meeting

Chair of Communication Networks Institute of Computer Science University of Würzburg

Program – Poster Session

Tuesday, August 2nd, 2011, 2:00 PM to 3:00 PM Poster Session G‐Lab

Gergö Lovasz, Florian Niedermeier, Andreas Berl, Hermann de Meer (University of Passau, Passau, Germany) Energy‐Aware Resource Management in G‐Lab and Future Internet Infrastructures 97

André König, Ralf Steinmetz (TU Darmstadt, Darmstadt, Germany) Detecting Migration of Virtual Machines 99

Zdravko Bozakov (Leibniz University of Hannover, Hannover, Germany) Architecture and Algorithms for Virtual Routers as a Service 101

Abbas Siddiqui, Paul Müller (University of Kaiserslautern, Kaiserslautern, Germany), Michael Kleis (Fraunhofer FOKUS, Berlin, Germany), Julius Müller, Thomas Magedanz (Technical University Berlin, Berlin, Germany) Application and Network Services Composition with the Help of Mediation 103

Konrad Campowsky, Fabian Eichhorn (Fraunhofer FOKUS Berlin, Germany), Christian Henke (TU Berlin, Germany) G‐Lab‐ToMaTo‐Teagle Federation 105

th

11 Würzburg Workshop on IP:

Joint ITG and Euro‐NF Workshop on

“Visions of Future Generation Networks“ EuroView2011

Co‐located with Official G‐Lab Status Meeting

Chair of Communication Networks Institute of Computer Science University of Würzburg

Program – Demo Session

Tuesday, August 2nd, 2011, 2:00 PM to 3:00 PM Demo Session

Daniel Schlosser, Michael Duelli, Thomas Zinner (University of Würzburg, Würzburg, Germany), Sebastian Meier, David Wagner, Marc Barisch (University of Stuttgart, Stuttgart, Germany), Marco Hoffmann (Nokia Siemens Networks GmbH & Co. KG, Munich, Germany), Wolfgang Kellerer (DOCOMO Communications Laboratories Europe GmbH, Munich, Germany), Matthias Schmid (Infosim GmbH, Würzburg, Germany) Service Component Mobility Enabled by Network Virtualization 109

Markus Bauer, Stefanie Braun, Peter Domschitz (Alcatel‐Lucent, Stuttgart, Germany) Media Processing in the Future Internet 111

Michael Kleis, Christian Varas (Fraunhofer FOKUS, Berlin, Germany), Abbas Siddiqui, Paul Müller (University of Kaiserslautern, Kaiserslautern, Germany), Irfan Simsek, Martin Becke, Dirk Hoffstadt, Alexander Marold, Erwin Rathgeb (University of Duisburg – Essen, Germany), Christian Henke, Julius Müller, Thomas Magedanz (Technical University Berlin, Berlin, Germany) Cross‐Layer Security and Functional Composition for a Future Internet 113

Sebastian Meiling, Thomas C. Schmidt, Sebastian Zagaria (Hamburg University of Applied Sciences, Hamburg, Germany), Matthias Wählisch (Freie Universität Berlin, Berlin, Germany) A Showcase on Live Video Lecturing Using HAMcast‐Architecture 115

Jörg Schneider, Christian Mannweiler, Andreas Klein, Jeremias Weinreich, Hans Schotten (University of Kaiserslautern, Kaiserslautern, Germany) A Testbed for Efficient Multicasting and Seamless Mobility Support 117

Dennis Schwerdel, Rahamatullah Khondoker, Eric MSP Veith, Bernd Reuther, Paul Müller (University of Kaiserslautern, Kaiserslautern, Germany) Requirements Based Automatic Service Composition: A Demonstration 119

Florian Liers, Thomas Volkert, Andreas Mitschele‐Thiel (Technical University of Ilmenau, Ilmenau, Germany) Scalable Network Support for Application Requirements with Forwarding on Gates 121

Hans Wippel (Karlsruhe Institute of Technology, Karlsruhe, Germany), Oliver Hanka (Technical University of Munich, Munich, Germany) Deployment of Application‐tailored Protocols in Future Networks 123

Program – Session 7

Tuesday, August 2nd, 2011, 3:30 PM to 4:50 PM Session 7: Wireless and Mobile Networks

Barbara Staehle, Florian Wamser, Sebastian Deschner, Andreas Blenk, Dirk Staehle (University of Würzburg, Würzburg, Germany), Oliver Hahm, Nicolai Schmittberger, Mesut Günes (Freie Universität Berlin, Berlin, Germany) Application‐Aware Self‐Optimization of Wireless Mesh Networks with AquareYoum and DES‐SERT (Demo) 127

Amanpreet Singh, Carmelita Görg (University of Bremen, Bremen, Germany), Andreas Timm‐Giel (Hamburg University of Technology, Hamburg, Germany), Michael Scharf, Thomas‐Ralf Banniza (Alcatel‐Lucent, Stuttgart, Germany) Performance Evaluation of Multipath TCP Linux Implementations 129

Jörg Schneider, S. Lorenz, Andreas Klein, Christian Mannweiler, Hans Schotten (University of Kaiserslautern, Kaiserslautern, Germany) A Novel Threshold‐Based Transmission Control Scheme for Wireless Sensor Networks 131

Patrick Stupar, Krishna Pandit, Wolfgang Granzow (Qualcomm CDMA Technologies GmbH, Nürnberg, Germany) System Enhancements for Accessing Broadcast Services in All‐IP Networks 133

th

11 Würzburg Workshop on IP:

Joint ITG and Euro‐NF Workshop on

“Visions of Future Generation Networks“ EuroView2011

Co‐located with Official G‐Lab Status Meeting

Chair of Communication Networks Institute of Computer Science University of Würzburg

Monday, August 1st Program – Keynote

Monday, August 1st, 2011, 9:15 AM to 9:45 AM Keynote

th

11 Würzburg Workshop on IP:

Joint ITG and Euro‐NF Workshop on

“Visions of Future Generation Networks“ EuroView2011

Co‐located with Official G‐Lab Status Meeting

Chair of Communication Networks Institute of Computer Science University of Würzburg

th

11 Würzburg Workshop on IP:

Joint ITG and Euro‐NF Workshop on

“Visions of Future Generation Networks“ EuroView2011

Co‐located with Official G‐Lab Status Meeting

Chair of Communication Networks Institute of Computer Science University of Würzburg A Framework for Managing the Digital Object Architecture

Robert E. Kahn Corporation for National Research Initiatives (CNRI) Reston, Virginia, USA

The Digital Object (DO) Architecture, created by CNRI, has In recent years, the DO Architecture has been customized been adopted by a large number of organizations for managing for use in the motion picture and cable industries. Many other information services and resources. The architecture is based applications are under development or being considered. Some on the use of —digital objects“ each of which consists of of these applications are country specific; and the need for structured data with an associated unique persistent identifier. overall coordination of the deployment and evolution of the CNRI calls these identifiers —handles“, but the more generic DO architecture in the public interest, in particular, the GHR term is —digital object identifiers“. capability, has become an important consideration.

The DO Architecture consists of three primary components, This session will explore the DO architecture and its namely, i) an identifier/resolution system (known as the application and describe a possible framework for managing Handle System) which maps handles into state information the architecture going forward. It will also address a about the DO being indentified, ii) DO Repositories which governance model that may enable various providers to provide a uniform interface to stored DOs and from which coordinate their actions globally while retaining certain local they may be accessed by means of their identifiers, and iii) controls over their own services. This framework could DO Registries that enable users to determine identifiers based provide a useful model for the coordination of similar on search criteria such as keywords. Software capabilities in the future. implementations of the primary components of this technology are available on the Internet on an open source basis. R. E. Kahn June 28, 2011 The Handle System consists of a Global Handle Registry (GHR), which is distributed and scalable and many local handle services run by individual organizations. The GHR tells a user‘s client program which local handle service has the requested state information. Since its introduction in 1994, the Handle System has been administered by Corporation for National Research Initiatives (CNRI), a non-profit organization located in Northern Virginia. The system has grown in scale and utility over the years and is widely used by scientific, technical and medical publishers, digital libraries and many other organizations. Approximately 100 million resolutions per month take place in the GHR, either directly or via a set of proxy servers that mainly serve web users.

15

Monday, August 1st Program – Session 1

Monday, August 1st, 2011, 9:45 AM to 10:45 AM Session 1: Social Networks and QoE

th

11 Würzburg Workshop on IP:

Joint ITG and Euro‐NF Workshop on

“Visions of Future Generation Networks“ EuroView2011

Co‐located with Official G‐Lab Status Meeting

Chair of Communication Networks Institute of Computer Science University of Würzburg

th

11 Würzburg Workshop on IP:

Joint ITG and Euro‐NF Workshop on

“Visions of Future Generation Networks“ EuroView2011

Co‐located with Official G‐Lab Status Meeting

Chair of Communication Networks Institute of Computer Science University of Würzburg Quality of Experience œ More Than Just Another Buzzword?

Raimund Schatz*, Peter Reichl*# *User-centered Interaction and Communication Economics Forschungszentrum Telekommunikation Wien (FTW) A-1220 Vienna, Austria #SISCom International Research Chair ‚Future Telecommunication Ecosystems— Université Européenne de Bretagne F-35000 Rennes, France {schatz, reichl}@ftw.at

I. BACKGROUND AND MOTIVATION II. CONCEPT EVOLUTION AND DEFINITION User satisfaction with communication network and service To clarify the concept of Quality-of-Experience, one needs to performance has attracted increased attention during the recent start with examining the relationship between QoS and QoE as years, mainly as a consequence of increasing competition well as the evolution of both notions since their early days. In amongst market players, the proliferation of resource intensive this context, it is an interesting fact that QoS originally services (such as youtube.com) and the ever-present risk of included a strong aspect of user-centricity (cf. [3]) which customer churn caused by inadequate service quality. At the actually got lost over time œ only to be picked up again as the same time, demand for mobile broadband services (inherently defining element of QoE. Consequently, QoE reaches beyond based on scarce spectrum resources) grows at unprecedented the technical quality of the technical system to include softer rates1, while generated revenues are strongly decreasing. These aspects such as context and even the internal states of the conflicting trends present huge challenges to network operators perceiving end user (see Fig. 1). and service providers: on the one hand, they need to keep investing in sophisticated high-performance infrastructure and services that keep customers happy, while on the other hand, they need to operate on a profitable basis. For these reasons, the concept of Quality-of-Experience (QoE) has gained strong interest, both from an academic research and an industry perspective. Linked very closely to the subjective perception of the end user, QoE is supposed to QoE enable a broader, more holistic understanding of the qualitative performance of communication ecosystems and thus to complement the traditional, more technology-centric Quality- of-Service (QoS) perspective. However, as with any other dynamically evolving notion, QoE tends to convey fairly different meanings to different people, raising fundamental issues not only with respect to the actual scope of the concept, Figure 1. QoE as holistic concept shaped by a hierarchy of hard and soft but also concerning its impact on the real world, eventually factors. boiling down to the key question: are we dealing with just another buzzword, or do we rather experience a veritable Note that the corresponding actor roles are captured best in paradigm change? Kilkki‘s model of the QoE ecosystem [4], while the model In order order to answer to this question, we need to presented in [5] describes QoE as result of a —quality chain“ illuminate Quality of Experience from three perspectives: (1) comprising core and access networks as well as the (mobile) concept evolution and definition, (2) examples from current end device running applications which interact directly with QoE research, (3) practical value and applicability. the end user.

III. RESEARCH ON QOE FOR MOBILE BROADBAND 1 For example, Coda Research and Cisco expect global INTERNET SERVICES Mobile Broadband traffic volume to roughly double every As second perspective, current research challenges and results year, with approx. 418 million users generating 1.8 exabytes by in this field need to be highlighted. To this end, we present 2017 [1][2].

19 selected results from subjective user studies (including work on general network monitoring systems together with performed at FTW [6][7]), which are of specific relevance if it efficient algorithms for mapping network to user comes to investigating the underlying laws of quality parameters. Once validated, these systems may then be perception, like for instance the logarithmic laws discussed in extended towards quality prediction tools which allow [7]. In addition, QoE research faces a number of open reliable forecasting of perceived quality for given fundamental questions regarding subjective quality perception network scenarios. such as the importance of temporal effects and the relationship O QoE-centric network and service management: Finally, end user satisfaction and binary acceptance. Last not least, we the available tools and mechanisms can be applied to the want to point out the existence of close links between QoE and actual management of operational networks and related microeconomics, illustrated with the double role of charging communication services, including charging and as result of a quality evaluation process and at the same time accounting. as part of the user‘s context determining her QoE. V. SUMMARY AND CONCLUSIONS IV. PRACTICAL VALUE AND APPLICABILITY By choosing a strictly interdisciplinary point of view, we Finally, from yet another point of view, we need to reflect want to demonstrate that QoE not only represents a on the practical value and applicability of QoE. In this respect, challenging field of research which brings together various it is important to acknowledge that different domains or stages scientific fields ranging from service provisioning to network of QoE research can be viewed along a chain where the output monitoring, from cognitive psychology to microeconomics, of one stage provides information and input for the next one, from usability research to application design. Indeed, by now as follows: it should have become clear that we strongly argue to regard O Fundamental relationships and laws of quality this novel quality concept as much more than a mere perception: we believe that the user-centricity of QoE not buzzword substitution, but rather as a new paradigm that only inherently demands for performing extensive enriches our understanding of the quality of technical systems subjective tests with human participicants in order to and helps us to successfully improve their performance in generate ground truth data and perceptual thresholds. As ways the end user really needs and appreciates. a discipline, it also builds upon the basic psychological laws of perception and their reformulation and re- VI. REFERENCES evaluation with respect to perceived service quality. [1] Coda Research Consultancy, —Mobile broadband and portable O G computers: Revenue, user and traffic forecasts 2009-2017,“ July 2009. uidelines for system design and network planning: The [Online]. Available: http://www.fiercebroadbandwireless.com/story/ insights gained on the fundamental level already allows report-laptops-netbooks-drive-exponential-mobile-broadband-growth/ to develop conclusive guidelines and recommendations 2009-07-19 for the design and planning of future communication [2] Cisco, —Cisco visual networking index: Global mobile data traffic networks and systems. These guidelines typically consist forecast update,“ February 2010. of acceptance thresholds in conjunction with quantified [3] ITU-T Rec. E.800 (1994) Terms and definitions related to quality of relationships between technical parameters and QoE. service and network performance including dependability. O [4] K. Kilkki: Quality of Experience in Communications Ecosystem. QoE models and metrics: Modeling QoE from different Journal of Universal Computer Science, Special issue on Socio- perspectives allows for a deep and comprehensive Economic Aspects of Next Generation Internet, Spring 2008. understanding of the fundamental relationships within [5] P. Reichl: From ”Quality-of-Service‘ and ”Quality-of-Design‘ to the corresponding ecosystem of actors and technical ”Quality-of-Experience‘: A Holistic View on Future Interactive Telecommunication Services. Invited Paper, SoftCOM‘07, Split, environment, and thus provides a solid basis for Croatia, September 2007. formulating quantifiable metrics which describe QoE in a [6] ACE project homepage, http://ace.ftw.at technically accessible way. [7] P. Reichl, B. Tuffin, R. Schatz: Logarithmic Laws in Service Quality O QoE measurement/prediction systems: Given suitable Perception: Where Microeconomics Meets Psychophysics and Quality metrics, the determination of their numerical value still of Experience. Telecommunication Systems, vol. 55 no. 1, Jan. 2014. requires sophisticated measurement frameworks, based Electronically publ. 18 June 2011, DoI 10.1007/s11235-011-9503-7

Modelling of Emerging Internet Services: Social Networks and Crowdsourcing

Phuoc Tran-Gia, Ingo Scholtes, Tobias Hoßfeld, Matthias Hirth University of Würzburg, Institute of Computer Science, Chair of Communication Networks D-97074 Würzburg, Germany http://www3.informatik.uni-wuerzburg.de/

human cloud, in the form of an open call. This human I. EMERGING PARADIGMS IN THE INTERNET cloud is abstracted by crowdsourcing platforms, which In the last decades, the Internet changed dramatically distribute the work submitted by employers among the in an economic way, but also in a technical way. The human workers and act as mediator between workers Internet evolved from a simple collection of websites and employers. The crowdsourcing paradigm is providing pure information towards a service and changing dramatically the future of work and work application platform by implementing new paradigms. organization in the Internet. The work is organized at a The rise of the Peer-to-Peer paradigm led to new finer granularity and jobs are split into cheap micro-tasks applications and services which allowed Internet users that can be accomplished quickly by the human cloud. sharing files and user generated content among each The various forms of crowdsourcing platforms build a others. Later on, the application of the Web 2.0 further increasingly important class of applications and paradigm empowered Internet users to become business models in the Internet œ in addition to social application and service developers and content providers network networks. themselves. Examples of this new generation of websites are blogs, wikis or media-sharing platforms. Thereby, II. ONGOING RESEARCH IN SOCIAL NETWORKS AND the users are connected to each other by means of social CROWDSOURCING networks creating new path to communicate and share Due to the increasing interest in social networks and information. This is referred to as social networking crowdsourcing, there is a lot of ongoing research in this paradigm. The various online social networks and social area. However, there are a lot of open research issues. media are quickly becoming increasingly popular and The impact of social networks and crowdsourcing ubiquitous. Prominent examples for such social media platforms on future Internet traffic is still unknown. Due networks are Facebook or YouTube. They lastingly to the size of these networks and the human cloud, these change the way how people communicate and how they platforms will significantly change Internet traffic in a exchange, evaluate and retrieve content. In these systems manner that is similar to YouTube, Facebook or other relevant information increasingly diffuses through a social media networks today. Thus, it is an important network of human users rather than users being required telecommunications issue to model and analyze these to navigate through a network of documents. communication platforms and the evolving complex Nowadays, a newly emerging service platform and networks, like the dynamics and the growth of social business model in the Internet is established by the media network and crowdsourcing platforms. crowdsourcing paradigm. In contrast to outsourcing, An example of the current interest in these emerging where a job is performed by a designated worker or Internet services reveals the special issue on —Modelling employee, crowdsourcing means to outsource a job to a of Emerging Internet Services: Social Networks and large, anonymous crowd of workers, the so-called Crowdsourcing" which is currently open for submission

21 until September 30th 2011, see III. THE STATISTICAL PHYSICS OF SOCIO-TECHNICAL http://www3.informatik.uni-wuerzburg.de/cfp/meis2011. INTERNET APPLICATIONS Thereby, the following topics are of interest. A common theme in these emerging classes of Internet A. Measurement, modelling and analysis of social applications is that users play a decisive role for the networks attractiveness and the functioning of the corresponding O Characterisation and evolution of network platforms. In fact, one could argue that the role of social topologies and interaction networks structures and collective user behaviour in these socio- O Detection of user communities and user technical systems is becoming as important as the interactions efficiency and robustness of the technical infrastructures by which they are mediated. O Inference of topology, friend relationships or interactions in social networks An important and challenging question is thus, how O Population models and structural models for the associated convergence of social and technical network dynamics systems needs to be reflected in the engineering, O Measurement methods and approximation modelling and analysis of reliable and efficient techniques, e.g. sampling networked computing systems. How do new O Properties of complex networks, appropriate communication patterns resulting from the widespread complex networks metrics use of social media services affect traffic patterns in the O Information diffusion and epidemic spreading Internet? How do characteristics of crowdsourcing O Opinion formation and consensus, community platforms and online social networks influence the formation, collective decisions collective behaviour of users? How can we model and O Bio-inspired and socio-physical models forecast opinion-formation and spreading processes in online social networks? Can we develop forecasting and B. Measurement, modelling and analysis of early detection mechanisms for such collective crowdsourcing behaviour in order to instrument content distribution O Evolution of crowdsourcing platforms, trends, schemes and thus mitigate flash crowds phenomena? e.g. mobile crowdsourcing How can we use social structures and the processes in O Use cases for crowdsourcing, e.g. for enterprises order to evaluate and reasonably filter increasingly vast or in mobile domains amounts of information? And how are the fast O Modelling the granularity of work, key emergence of trends and the rapid evolution of new components of crowdsourcing applications and usage patterns going to affect the design O Modelling and analysis of the human cloud and of network infrastructures? individual user behaviour In this talk we will summarize a number of challenging O Models from different perspectives: platform problems posed by the fact that social and technical operator, employer, worker structures and processes in Future Internet applications O Quality, cost and completion times of are becoming increasingly intertwined. We particularly crowdsourcing jobs highlight promising aspects of the quantitative study of O Modelling quality assurance mechanisms, complex structures and collective dynamics that incentive mechanisms incorporates models, abstractions and perspectives of O Classification models for jobs and campaigns, computer science, mathematics, statistical physics, skills and experience of workers quantitative sociology and theoretic biology. We argue O Modelling recommendation systems and their that this quickly evolving interdisciplinary field is likely impact to play an increasingly important role in the engineering

of reliable and efficient socio-technical information systems in the Future Internet. Trustworthy Social Informatics, A Relationship- Centric Networking Paradigm

S. Felix Wu Computer Science Department University of California, Davis Davis, CA, USA [email protected]

I. TRUSTWORTHY SOCIAL COMPUTING B. Social Informatics System A. A Social-Centric View of Cyber Security The term “social informatics” here refers to any digitized While the trustworthy computing community has made information related to the online social networks. Social significant progress toward a fundamentally secure system, for informatics includes the social relationships and their related many critical cyber security issues, we are still lacking dynamics. For instance, social relationship might change, provable and yet practical/usable solutions to deal with them. while some of them might be temporary, virtually private, or, For instance, we still don’t have a good solution to mission-oriented. It also includes the communication activities automatically identify zero-day, previous unknown virus or to or interactions over a graph of social relationships, and the efficiently detect cyber vandalisms within the context of blogs, policy, such as privacy, guarding those activities. In practice, Wikipedia, or online social networks. Another example is the the availability of online social informatics is constrained by taint-checking approach, which treats information content the programming interface (open/propriertory). For instance, directly from the network as un-trusted for certain limited Facebook offers Graph/RESTful APIs for an application to contexts. However, many real world applications today require st access user profile, friendship, wall posts, message inboxes, a more flexible/powerful trust model. On April 21 of this live/news feeds, application membership, and others allowed year, McAfee released a virus definition file disabling millions via FQL (Facebook Query Language). On the other hand, of hosts for an extended period of time. Via this unintentional under the DSL-FAITH API, in addition to the regular fault, it was clearly demonstrated that a naïve trust model Facebook API’s, each wall post or message can be associated might lead to a very costly large-scale system/network failure with a potentially multiple-hop social path with trust scores for our society. between 0 and 1 [1]. In other words, the DSL API provides extra social informatics about the quality of a relationship On the other hand, online social network/media services chain being used to deliver a particular content to support the took off really well lately. For instance, Facebook allows additional needs from certain social computing applications. human social relationships among half billions users (and still growing) being captured/stored digitally and, utilized within In this presentation, we will argue/discuss that why social the context of many different online applications. This trend of informatics might play a crucial role for our future computing online social networking has introduced new opportunities for and network architecture. Our existing networking paradigm is social-centric computing paradigms and, at the same time, also mainly about processing information contents neglecting the raised concerns about new unknown vulnerabilities due to this relationship dimension. Given the availability of digitized new paradigm. For instance, personal information being social informatics, we can now possibly process at the same leaked out of Facebook user profiles might be leveraged to time BOTH the content AND the social relationship make scams/phishing attacks much more believable to the information related to either the content or the decision victims. Worms such as Clickjacking/Likejacking or the making process. The critical difference here is that now our earlier MySpace Samy worm have simply utilized social information processing can be now socially aware and relationships to propagate themselves and potentially customized for the exactly same range of information content. established another social Botnet infrastructure along the way However, what types of and how much social informatics can such as the Koobface botnet. Finally, tools like “Snag-bar be associated and utilized for information processing depend under Gamer Unite!” (for Farmville) could be used to spread on the capability and functionalities of the social informatics malicious content to, potentially, millions of accounts in just a system itself. As an example, it is unclear about whether the few seconds without the manual clicking. In a nutshell, online social informatics provided by Facebook has been well social networks like Facebook/Twitter seem to worsen our architected to support our current and future social computing already complicated problem of cyber security and online needs. privacy.

23 Under the context of social informatics system, we need to users’ perspective, FAITH is a multi-functional application- consider a number of fundamental security issues for the level proxy. It transforms and logs the social informatics upon social computing paradigm. For instance, leveraging social users’ requests to manage social information more securely informatics in computing immediately implies a potential and transparently. FAITH allows users to specify rules which violation of user privacy. And, different social informatics transform their social informatics used by OSN kernel such designs (e.g., Facebook versus Google+) raise different types that the social router utilizes the transformed social graph of security threats. On the other hand, using Facebook again as instead of the original Facebook social graph. During the an example, the privacy setting between a particular user and process of producing content, applications may send multiple his direct friends might be already too loose in comparing to requests to FAITH to access the social informatics of the application privacy setting for Farmville. Therefore, it is Facebook or the functionalities of web services. In the case of challenging to derive accurately a user’s probable/specified requesting social informatics, FAITH sends requests to intention of privacy settings and to determine the appropriate Facebook and then logs and passes back the transformed amount/types of social informatics that can be leveraged to informatics to applications. In the case of utilizing the support the applications on the behalf of the user. Thus functionality of the web services, FAITH sends other requests privacy preserving methods within social norms is a difficult to services, and also logs and passes back the results to yet important research aim. applications. Currently, FAITH has 15 applications of various kinds with ~100 active users and it’s running on the GENI II. FAITH (FACEBOOK APPLICATIONS: IDENTIFITATION, (Global Environment for Network Innovations) testbed. TRANSFORMATION, & HYPERVISOR) During my presentation, I will discuss and demonstrate how III. SOCIAL-CENTRIC FUTURE INTERNET ARCHITECTURE to architect a trustworthy social informatics system to possibly We believe that the Internet should not merely communicate support the social computing paradigm. We would like to bits and bytes syntactically. The Internet is also about determine the appropriate boundary of social informatics that communicating relationships based on social informatics should be supported by a trustworthy social informatics among users and a graph of related content [2]. While packets system. In order to derive the best possible answer to this are being forwarded at the network layer, relationship status is research challenge, we have been developing experimentally a being updated and, furthermore, leveraged to conduct future set of social computing applications and learn from this communication activities. Using DDoS as an example, from experience to advance our knowledge under this direction.. the traditional network-layer perspective, some resources For instance, we will show how to leverage social informatics (such as bandwidth of a critical link) have been over- to determine the trust toward a piece of information (e.g., consumed syntactically. From the relationship perspective, our software program or information content) from a user, a social relationship status has been anomalously updated and community, or a software agent. This academic study will not consumed in a very short period of time. A critical difference only extend the notion of social trust but also offer potentially here, though, is that, at the core of the network, we need to alternate solutions to important trustworthy computing continuously track the attack signatures, if those do exist, problems such as unknown virus, spam/scam, or DDoS. We while, at the relationship layer, users can more precisely will also discuss the possibilities of future Internet architecture inform the core regarding the expected and desired and operating system kernel design based on the social relationship updates. As human relationships are relatively computing paradigm. more stable than the dynamics of bit/byte patterns, the resolution of DDoS might be much easier in the relationship To realistically support the trustworthy social informatics, domain than in the packet domain. Furthermore, if the attacker we have recently developed the FAITH system [3], like a likes to mimic “natural human relationship” at the relationship social kernel, to monitor and control the social informatics and layer (to evade from being detected), then he is forced to blast activities between social informatics service providers, such as much more traffic within a smaller number of relationship Facebook and Google+ and their associated applications. Our paths. By trying to evade from social profiling, the attacker goal is to detect and control from the user’s perspective will probably be forced to reveal his attack signatures at the whether certain Facebook applications request an anomalous network layer. Thus, the network layer should make routing amount of social informatics for a particular group of users. decisions also based on relationship information, instead of only relationship-insensitive identifiers such as destination IP Applications function as social informatics consumers, addresses or URLs. which leverage social information to provide valuable online [1] M. Spear, X. Lu, N. Matloff, and S. F. Wu, KARMANET: social interactions among users. In contrary, Facebook LEVERAGING TRUSTED SOCIAL PATHS TO CREATE JUDICIOUS FORWARDERS, In Proceedings of the First International functions as a social informatics provider, which offers Conference on Future Information Networks (IFCIN ’09), pp. 218-223, FAITH its social graph and informatics. FAITH functions Beijing, China, 2009. differently depending on different points of view. To [2] Networking: Four ways to reinvent the Internet, by Katharine Gammon, Facebook, FAITH is nothing but an ordinary application Nature 463, 602–604 (03 February 2010) | doi:10.1038/463602a fetching social informatics. To applications, FAITH supplies [3] Design and Implementation of FAITH, An Experimental System to Intercept and Manipulate Online Social Informatics, R. Lee, R. Nia, S. the transformed social informatics upon request. From the Ye, J. Hsu, K. Levitt, J. Rowe and S. F. Wu, ASONAM’2011.

Monday, August 1st Program – Session 2

Monday, August 1st, 2011, 11:15 AM to 12:30 AM Session 2: GENI (organized by Mark Berman)

th

11 Würzburg Workshop on IP:

Joint ITG and Euro‐NF Workshop on

“Visions of Future Generation Networks“ EuroView2011

Co‐located with Official G‐Lab Status Meeting

Chair of Communication Networks Institute of Computer Science University of Würzburg

th

11 Würzburg Workshop on IP:

Joint ITG and Euro‐NF Workshop on

“Visions of Future Generation Networks“ EuroView2011

Co‐located with Official G‐Lab Status Meeting

Chair of Communication Networks Institute of Computer Science University of Würzburg Ramping Up Experiments in GENI

Mark Berman GENI Project Office BBN Technologies Cambridge, MA USA [email protected]

I. INTRODUCTION The Global Environment for Network Innovations œ GENI œ is a suite of research infrastructure rapidly taking shape in prototype form across the United States. It is sponsored by the US National Science Foundation,1 with the goal of becoming the world‘s first laboratory environment for exploring future internets at scale, thereby promoting innovations in network science, security, technologies, services and applications. GENI‘s current development phase, Spiral 3, marks a time of transition from building GENI to using GENI. A hallmark of this phase is an emphasis of the role of experimentation in defining GENI‘s capabilities and guiding the project‘s future Figure 1: GENI Meso-Scale Prototype, November 2010 development. Initial explorations by and reports from GENI experimenters O GENI experimenter demonstrations at the 9th GENI provide strong evidence that the key GENI concepts of 3 sliceability and deep programmability are working in a Engineering Conference (GEC9) O GENI support for NSF‘s Future Internet prototype nationwide deployment and that these capabilities 4 support a wide variety of experiments. These reports also Architecture (FIA) program O 5 identify objectives for future GENI development, which are Joint DFG / NSF doctoral consortium being incorporated into project plans. In addition to these explicit forms of outreach, GENI resources are generally available on an ongoing basis to II. RESULTS ON THE GENI MESO-SCALE PROTOTYPE interested researchers. Much of the GENI development community‘s effort during Experimenter results and feedback are continuously GENI Spiral 2, a one-year period beginning in October 2009, gathered via formal and informal communication mechanisms. O was devoted to the development of a —meso-scale Prototype,“ Telephone and e-mail communication deploying key GENI technologies across the United States. By O Experimenter feedback sessions at GECs November 2010, the meso-scale Prototype was sufficiently O Journal and conference publications stable to support significant experimentation. This prototype Experimenter reports indicate a high level of success in configuration is of significant scale, spanning fifteen using the following key GENI capabilities. campuses, two national backbones networks, and eleven O GENI Slices œ identify the resources needed for an regional networks (Fig. 1). experiment and isolate them from other simultaneous experiments. Simultaneously with the development of the meso-scale O Deep Programmability œ permits experimenters prototype, the GENI development community and the NSF to affect the behavior of components at all points in encouraged active experimentation via several forms of the network. outreach to the networking, distributed computing, and O Distributed, virtualized GENI components. network science research community. O Interoperable, federated, and heterogeneous O GENI —brave pioneer“ shakedown experiments resources. O NSF-sponsored GENI Experimenters workshop2

1 GENI is funded by the National Science Foundation. Any opinions, findings, conclusions or recommendations expressed in this 3 material are the author‘s and do not necessarily reflect the views of http://groups.geni.net/geni/wiki/Gec9PlenaryDemoAbstracts the National Science Foundation. 4 http://www.nets-fia.net/ 2 5 http://www.cs.princeton.edu/~jrex/gew.html http://groups.geni.net/geni/wiki/FirstDfgGeniDoctoralConsortium

27 III. NEXT STEPS FOR GENI CAPABILITIES The GENI meso-scale prototype provides real and immediate capability for network research. However, experimenters have also identified important areas where continued GENI development and expended deployment will substantially enhance GENI‘s ability to realize its key goals. Notably, experimenters have expressed a desire to deploy GENI slices requiring larger network topologies than are available in the current meso-scale prototype. Similarly, they often seek additional in-network computational resources. Finally, the GENI experimenter community would benefit from additional support tools to facilitate experiment design, deployment, and maintenance. The GENI development community is preparing to address several of these needs in the next stage of development. Goals for this upcoming stage include: O Development and deployment of —GENI racks,“ which will place substantial computation and storage capabilities, along with programmable network components, at more key locations in the network. O Deployment of GENI-enabled network switches in regional and national research networks. O Experimenter education, tools, and support. Resilience Experiments in the GpENI Programmable Future Internet Testbed

Justin P. Rohrer, Egemen K. C¸etinkaya, and James P.G. Sterbenz Information and Telecommunication Technology Center, Department of Electrical Engineering and Computer Science The University of Kansas, Lawrence, KS 66045, USA rohrej|ekc|[email protected], http://www.ittc.ku.edu/resilinets, http://www.gpeni.net

I. INTRODUCTION AND MOTIVATION scope needed to emulate area-based challenges such as large- Testbeds play an important role in evaluating new protocols, scale disasters. In our own research efforts, we are using these and GpENI (Great Plains Environment for Network Innova- facilities to enable experiments that cross-verify the analytical tion) [1] is a Future Internet research testbed that provides and simulation-based resilience research currently underway worldwide scalability to researchers to conduct their exper- at The University of Kansas [6], [7], leveraging topology iments. In this extended abstract, we describe experiments and challenge generation tools (KU-LoCGen [8] and KU- for which GpENI will be used, with emphasis on network CSM [9], [10]) developed for this purpose, with emphasis infrastructure resilience [2]. GpENI is part of the GENI and on resilience metrics [11] and multi-path multi-realm diverse FIRE programs. transport [12] developed as part of our NSF FIND research in the PostModern Internet Architecture project. II. GPENI PROGRAMMABLE TESTBED To be useful in performing future-Internet experiments, a III. FUTURE INTERNET EXPERIMENTATION number of features must be present in a testbed. This section gives some examples of the types of research questions we expect to be able to answer through experimen- A. Multi-Layer Programmability tation on the GpENI testbed. To perform experiments in which new network topologies, mechanisms, and protocols are proposed to enhance resilience A. Resilience Research and survivability, it is essential to have programmable con- trol of each layer. At the lowest level, programmability is Designing resilient networks is a multi-layer problem. Our required to control the layer 2 topology, particularly with approach is to examine the end-to-end layer, including mecha- respect to redundancy and geographic diversity, in order to nisms such as diverse multipath [12], error-correcting erasure enable experimentation with network topologies that attempt codes, and retransmission algorithms. We compare the per- to maintain connectivity even when network components fail formance of these mechanisms both with and without cross- or are destroyed. In GpENI this control of layer-2 connectivity layer information passed between the end-to-end and lower is provided by DCN (Dynamic Circuit Network) [3]. At layers. In order to perturb the network and observe the benefits the next higher level, programmable routing functionality is of the end-to-end mechanisms being tested a sophisticated enabled in GpENI using Quagga and XORP integrated into challenge model generator is required. The KU-CSM [9], [10] the GENIwrapper version of VINI running on dedicated nodes challenge model generator simulates various challenges in ns- in each site cluster nodes [4]. At the highest levels, the ability 3, including random software and hardware failures, malicious to deploy novel transport protocols and applications on a attacks, and geographically correlated failures that represent a significant number of end systems is necessary to experiment large-scale natural or human-caused disaster. Figure 1 shows at large scale. This is partially enabled in GpENI itself with an example of how we apply area based challenges to the net- approximately 80 GeniWrapper PlanetLab nodes throughout work. A set of polygons (circles in this case) of increasing size 40 sites in the US, Europe, and Asia, and the ability to tie- are used to simulate a cascading power failure or coronal mass in many more hosts from federated GENI aggregates and G- ejection affecting Europe overlaid on the GpENI topology. As Lab [5] in Germany (which maintains a GpENI node cluster). the challenge increases in size, the overall packet delivery ratio is affected, and we tune our end-to-end resilience mechanisms B. GpENI Deployment to reduce that effect as much as possible. The GpENI infrastructure [1] is in the process of expanding to 40 clusters with 200 nodes worldwide, federated with the B. Methodology and Cross-Verification larger GENI PlanetLab control framework and interconnected The need for cross-verification brings up the question of to several ProtoGENI facilities, as shown in Figure 1. This en- what with? The ns-3 open-source simulator stands out. ns- ables users to perform resilience and survivability experiments 3 is taking a more rigorous and modular approach than its at scale, both in terms of node count and with the geographic predecessors, however it is much less established.

29 Tampere UT Skt. Peterburg Simula Uppsala SICS TKK Helsinki IIRAS KTH Stockholm Karlstads Moscow JANETNET NORDUnet CUC Beijing HEAnet LancasterL ster POSTECH UC Dublin Warszawa CambridgeCamCaambridbridgeri ge GÉANT2GÉÉAÉ IIT Guwahati G-LG-Lab-Labb KaiserslauternKKaiseKaissserslase auterternn ERNET KarlsruheKarlsKarlsrusruuhuheheh PassauPas Internet2 Wien SDSMT U-ZürichUU-ZüricZüricicchh MünchenMünchMü IIT Mumbai DSU Bernernn KonstanzKonKonsK DANTEANTE ETHH APAN USD IIT SWITCHSSWITWIT IISc Bangalore UNL IU Internet2 UMC KSU GMOC UPC KU Bilkent UMKC ISCTE Barcelona Lisboa

Fig. 1. GpENI map

Resilient topologies generated by KU-LoCGen and ana- NSF FIND (Future Internet Design) Program under grant lyzed by KU-CSM are used to generate layer-2 topologies CNS-0626918 (Postmodern Internet Architecture), by NSF that configure the topology of GpENI experiments. We eval- grant CNS-1050226 (Multilayer Network Resilience Analysis uate performance when slice topologies are challenged by and Experimentation on GENI), and by the EU FP7 FIRE correlated failures of nodes and links, measuring connectivity, programme ResumeNet project (grant agreement no. 224619). packet delivery ratio, goodput, and delay, when subject to REFERENCES CBR, bulk data transfer, and transactional (HTTP) traffic. We [1] J. P. G. Sterbenz et al., “The Great Plains Environment for Network also characterize the packet-loss probability of wireless links Innovation (GpENI): A programmable testbed for future internet archi- using federated GENI resources. tecture research,” in TridentCom, (Berlin), pp. 428–44, May 2010. [2] J. P. G. Sterbenz et al., “Resilience and survivability in communication C. Large-Scale Experiments networks: Strategies, principles, and survey of disciplines,” Computer Networks, vol. 54, pp. 1245–1265, June 2010. Large scale resilience experiments are run over intercon- [3] “Dynamic resource allocation via GMPLS optical network.” http:// nected aggregates using DCN [3] (within GpENI) and Open- dragon.maxgigapop.net/, 2009. [4] R. Cherukuri, X. Liu, A. Bavier, J. P. G. Sterbenz, and D. Medhi, “Net- Flow configured paths, with VINI/Planetlab layer-3 topologies, work virtualization in GpENI: Framework, implementation & integration to emulate both existing ISP and synthetic topologies. Over experience,” in IEEE/IFIP ManFI, (Dublin), May 2011. these topologies we run our multipath-aware transport protocol [5] “German lab.” http://www.german-lab.de/, 2010. [6] J. P. G. Sterbenz, E. K. C¸ etinkaya, M. A. Hameed, A. Jabbar, and J. P. ResTP to evaluate its performance under varying application Rohrer, “Modelling and analysis of network resilience (invited paper),” and traffic loads. Based on the output of our challenge gen- in IEEE COMSNETS, (Bangalore), pp. 1–10, Jan. 2011. eration simulations, we selectively disable node slivers and [7] J. P. G. Sterbenz, E. K. C¸ etinkaya, M. A. Hameed, A. Jabbar, S. Qian, and J. P. Rohrer, “Evaluation of Network Resilience, Survivability, and links to emulate correlated network failures and attacks. In Disruption Tolerance: Analysis, Topology Generation, Simulation, and the future we will also use the wireless emulator under the Experimentation (invited paper),” Springer Telecommunication Systems ProtoGENI framework to emulate jamming attacks to wireless Journal, 2011. (to be published). [8] M. A. Hameed, A. Jabbar, E. K. C¸ etinkaya, and J. P. G. Sterbenz, access networks. Each challenge set is classified as a single “Deriving Network Topologies from Real World Constraints,” in IEEE scenario and each scenario is run multiple times to establish CCNet, (Miami, FL), pp. 415–419, Dec. 2010. reasonable confidence in the results. [9] E. C¸ etinkaya, D. Broyles, A. Dandekar, S. Srinivasan, and J. P. G. Sterbenz, “A comprehensive framework to simulate network attacks and challenges,” in IEEE/IFIP RNDM, (Moscow), pp. 538–544, Oct. 2010. IV. CONCLUSIONS [10] E. K. C¸ etinkaya, D. Broyles, A. Dandekar, S. Srinivasan, and J. P. G. Experiments which involve evaluating new protocols and Sterbenz, “Modelling Communication Network Challenges for Fu- ture Internet Resilience, Survivability, and Disruption Tolerance: A the performance of Future Internet architectures require fully Simulation-Based Approach,” Springer Telecommunication Systems programmable testbeds. GpENI is a Future Internet pro- Journal, 2011. (to be published). grammable research testbed that provides worldwide scalabil- [11] A. Jabbar, H. Narra, and J. P. G. Sterbenz, “An Approach to Quantifying Resilience in Mobile Ad hoc Networks,” in IEEE DRCN, (Krakow), Oct. ity to researchers to conduct their experiments. We presented 2011. to appear. an overview of experimentation we are conducting on GpENI. [12] J. P. Rohrer, A. Jabbar, and J. P. G. Sterbenz, “Path diversification: A multipath resilience mechanism,” in IEEE DRCN, (Washington, D.C.), V. ACKNOWLEDGMENTS pp. 343–351, Oct. 2009. [13] J. P. Rohrer, E. K. C¸ etinkaya, and J. P. G. Sterbenz, “Progress and This extended abstract is adapted from a previously pub- Challenges in Large-Scale Future Internet Experimentation using the lished paper [13]. This research was supported in part by GpENI Programmable Testbed,” in ACM CFI, (Seoul), Jun. 2011. TRANSCLOUD: Design Considerations for a High-Performance Cloud Architecture Across Multiple Administrative Domains

Rick McGeer HP Labs Palo Alto, California, USA

themselves when power is cheap and plentiful and turn off air I. INTRODUCTION conditioning when it is dear; smoke alarms that can tell the The dramatic trend of the first decade of the 21st century in the difference between a real fire and a ruined dinner, and call the information technology industry was the emergence of firefighters for the former; intelligent buildings that vector society-scale systems: online services such as Google, eBay, people to a safe escape route in the event of an emergency; iTunes, Yahoo!, Twitter, and Facebook that routinely served fine-grained climate sensors that can predict severe weather millions of simultaneously-connected users. These systems and evacuate people before the storm hits; and many more. gave rise to entirely new programming models and systems The computation cloud is tightly coupled to the Internet of problems: management of the data center as a single, unified, things. The deployed sensors will range in capacity and “warehouse-scale” computer, each of which had more raw bandwidth from a few bytes transmitted every few seconds to computing power than existed on the planet as late as 1990; every few hours. Extracting information from all of that data programming models for loosely-coupled, data-intensive is a formidable computational task, will beyond current parallel operations (“data-intensive supercomputing”), most capabilities. Only a vast new computational infrastructure will concretely realized in the MapReduce architecture from suffice to process all that data. The challenges are vast: Google and its open-source cousin, Hadoop. vast, highly-  Computational infrastructure. Reduction of the data efficient distributed data stores such as PNUTS and requires a flexible, universal programming Cassandra; the re-emergence of virtualization of time, space, interface. Most data will need to be reduced at or and computing, to permit services to migrate instantly around near the point of collection; the sheer volume of data the globe and radically new notions in networking to support and real-time requirements ensure that. Therefore, the new programming and management models. an open, standard, and sufficiently powerful As revolutionary as the last decade has been, the coming computational infrastructure ill need to be proximate decade promises a far more profound transformation: the to any collection of sensors. twin emergence of the Computation Cloud and the Internet of  Data management. The Internet of Things envisions Things. For all of its power and promise, the Cloud today is a widely-distributed set of sensors, data consumers, little more than a massive, well-indexed repository of text, and fusion of information from many disparate, videos, photos, and music, and a vast, universal transaction distributed sources. In-situ reduction of data at the engine. The Cloud has merely automated and made vastly source on a per-query basis, coordination of widely more efficient traditional human communications and distributed queries, and a wide variety of data access commerce. Over the next decade, widespread availability of mechanisms will be required, including new massive computation – the Computation Cloud -- will give to distributed computation mechanisms. Some early everyone the ability not only to look up what someone knows, innovations are already present: MapReduce and but to discover things that no one knows. Hadoop in the data center, and Sector and Sphere in Paired with the Computation Cloud is the Internet of Things the distributed environment. – a world where every object houses a computer, sensor or  Networking. Efficiently connecting the Internet of sensors, and a connection to the network. The applications Things and the Computational Cloud will require range from the trivial to the profound; milk that senses when new networking stacks and protocols, both wired and it’s going bad and tells its owner to drink it up, and buy more; wireless automobiles that drive themselves and automatically (in coordination with other vehicles on the road, and a network of smart highways) avoid traffic jams; homes that pre-cool

31  Networks must be adaptive in the face of changing III. SAFE EXECUTION OF REMOTE JOBS AND QUERIES conditions, using one of a number of radio This general problem: large, heterogeneous data, spread over a frequencies and choosing routing on an adaptive distributed computing infrastructure with varying connectivity basis. and no common administrative interface – is ubiquitous In this paper, we focus on three problems: through the natural, social, and engineering sciences. We are  Ensuring that Computation Cloud users can run designing and implementing a computing infrastructure which computation jobs wherever they have access, as addresses the distributed data management and query problem, simply and transparently as they now download files and deploy it in a live service. from multiple computers across the web The service we will deploy is the State of the Internet  Ensuring that execution of remote queries is done service, deployed over the TransCloud infrastructure. efficiently and safely for both remote user and data The basis of the query engine is a sandboxed environment host which permits the user to run programs safely and efficiently  Designing a simple, efficient, network-aware at remote sites, and is based on two fundamental architectural architecture for queries over geographically- building blocks: distributed heterogeneous data. 1. Restricted Python (Repy), a sandboxed execution environment originally used in the Seattle project 2. Google Native Client (NaCl), a sandboxed native- II. SCALABLE LIGHTWEIGHT FEDERATION code execution environment distributed with the The computation cloud offers individuals, small companies, Firefox and Chrome browsers, with x86 and researchers the ability to develop, test and deploy Internet- implementations. scale services easily and at low cost. However, many of these The two central elements work together to provide a secure, services require the use of multiple facilities, or users wish to efficient execution environment where side effects are tightly transparently move their services across multiple facilities. controlled. NaCl offers an efficient execution environment in This gives rise to the desire to federate facilities. We view a secure sandbox for computation-intensive code; safety is facility federation not as a set of agreements between guaranteed by severely restricting access to system services. federated facilities, but rather as a set of services to developers However, any real job requires more system services than and facilities. This approach scales easily across NaCl provides. In particular, jobs in our context require heterogeneous facilities, operating in different environments. access to network connectivity and resources. NaCl relies on Our goal is to design a system whereby users can manage a trusted service on the client in order to provide these their jobs on facilities to which they have independently services. RePy is the mechanism we choose: it has been obtained access. This involves designing two central widely deployed on a number of platforms, and offers secure components. access to a restricted but adequate set of system 1. An architecture and set of interfaces which permit resources.Optionally, Lind can run inside a virtual machine users to easily and rapidly upload, configure, and run for added isolation and security. Our initial deployment of virtual machines Lind inside the TransCloud environment offers this. 2. A service which manages a user’s access to and use of facilities. The first component is the analogue in our system to a web IV. A WIDE-AREA QUERY INFRASTRUCTURE server (more precisely, to the specification of a webserver); Lind merely offers a safe execution environment. Above that, the second, to a web browser. we require a distributed query/data reduction environment that The architecture we choose is the Slice-Based Facility is network-aware, processes and reduces data optimally with Architecture (SFA). It is an open, standardized set of facilities consideration of latency, bandwidth, and available processing to manage individual VMs and networks of VMs. In order to capacity. Such an environment must support common data demonstrate its utility for this purpose, we have added support types, and must be extensible to new data types on an on- for the SFA into the Eucalyptus cluster management system. demand basis. These efforts have demonstrated that the functionality in the There are two central themes of the data processing SFA is a superset of the functionality supported by environment. The first is a distribution mechanism, and the Eucalyptus; in particular, the SFA offers the ability control second an extensible data extraction and processing slices, or sets of virtual machines, and the topology of the mechanism. For the first, we turn to early attempts to provide network of virtual machines. services of this form, notably Astrolabe, Hadoop, and We also introduce a cloud service which manages cloud Hadoop’s wide-area cousins: Sector and Sphere. Hadoop has services. The user registers with the cloud service, and achieved widespread use and popularity in a cluster registers his public key with the service itself, as well as the environment. However, extension to the wide area is still an URI of the services to which it is delegating permission. The unresolved issue. There are two major issues to be addressed: cloud service then uses the standard SFA calls to instantiate 1. Use of addressable subnets, easy in a data center slices, slivers, initialize and run VMs, allocate resources, and environment but challenging in the wide area control jobs. 2. Restrictions on bandwidth and large latencies in the wide area. Sector, Sphere, and Astrolabe have addressed some of these issues. We will develop a hybrid approach and report on it as a deliverable from this research.

V. AN ARCHITECTURAL STACK We have enumerated a number of issues and our solutions to them. Some (the Slice-based Facility Architecture, delegation,

TCP acceleration over private networks) we have brought into Figure 1: Strawman Architecture. being in our experimental cloud application. The others, including our distributed query architecture and secure, bare- The Strawman Architecture has been instantiated and metal execution environment, are under intense development. demonstrated at GEC-10 in March, 2011. Specifically, the We have largely built our prototype system from existing following elements of the architecture have been deployed components: cluster managers such as Eucalyptus and at a multi-site Cloud cluster spanning TU-Kaiserslautern, PlanetLab, distributed programming environments (Hadoop, Northwestern University, HP Labs, Palo Alto, and the Sector/Sphere) and distributed query interfaces (Pig, University of California, San Diego: Astrolabe). This is deliberate, both for ease of implementation  An SFA-based cloud allocation and management and, far more important, ease of adoption. scheme, using the PlanetLab tools and Eucalyptus The Computation Cloud must be ubiquitous; in order for it as an underlying management infrastructure to be ubiquitous, it must be based on standards, de jure if  A KVM- and Xen-based node virtualization possible, de facto by necessity. Every successful environment infrastructure has grown by standardizing and formalizing  An intracluster programming environment based existing practice. The Web threw a hypertext skin over ftp; on Hadoop PlanetLab canonized virtual machines on Linux; SMTP/POP standardized sendmail. Our stack is no more than codification  An intercluster, diistributed programming of common practice. environment The remaining elements will be deployed over the next Though different in application, this resembles the classic wedding cake of the TCP/IP stack. We show the Strawman few months. Architecture in figure 1. VI. ACKNOLEDGMENTS Though this abstract has a single author for this panel, the work described is the work of the TransCloud team: Marco Yuen and Andy Bavier of PlanetWorks; Jessica Blaine, Eric Weu, Peter Haddad, and Alvin AuYoung of HP Labs; Yvonne

33

NowCasting: UMass/CASA Weather Radar Demonstration

Michael Zink David Irwin, Emmanuel Cecchet, Prashant Shenoy Department of Electrical and Computer Department of Computer Science Engineering University of Massachusetts Amherst University of Massachusetts Amherst Amherst, MA, USA Amherst, MA, USA

I. INTRODUCTION II. DEMONSTRATION OVERVIEW The NSF’s Global Environment for Network The primary purpose of our GENI alpha Innovations (GENI) project’s goal is to create a demonstration was to exploit GENI’s sliceable virtual laboratory for the exploration of future heterogeneous computing and networking Internets at scale. infrastructure to improve weather “nowcasting,” i.e., At presents researchers from all across the United short-term weather forecasts. A key goal of this States are in the process of creating testbeds, and demonstration was to emphasize the benefits of the new network and distributed systems technologies Orca control framework architecture’s support for that build the basis of the virtual GENI laboratory. heterogeneous resources, which includes high- After three years of development users are now bandwidth sensors, network switches, and starting to use this infrastructure for the exploration computational elements, amongst others. of new ideas in the area of computer networking and Nowcasting differs from forecasting in its focus on distributed systems. During GENI Engineering highly-accurate short-term forecasts starting at 1 Conference 9 in November 2010 some examples of minute in the future, and are particularly critical in how the GENI infrastructure can be used for severe weather situations to provide advance research were given through a series of warning as soon as possible. Nowcasting is both demonstrations of a variety of applications. bandwidth- and computationally-intensive, since it In our presentation, we will give an overview on must simulate future storm movements using real- our demonstration of a short-term weather time data feeds from active radars as quickly as forecasting application that runs in the cloud. The possible. For example, for a 1 minute Nowcast to be demonstration is an end-to-end demonstration that useful, the prediction must be available in almost stitches together sensing, networking, and real-time: a 1 minute Nowcast that takes 2 minutes computing resources. Data needed as input for the to compute has little or no value. The hypothesis of short-term forecasts (also called Nowcasts) are our Nowcast experiment is that GENI enables a generated by weather sensors (in this specific case more efficient short-term severe weather forecasting CASA weather radars). The data are then system by triggering the creation of on-demand transmitted over dedicated layer 2 links to remote computational and networking resources to sense, compute resources, and the final Nowcasts are made transmit, and process radar data as severe weather available to end users via a web portal. The approaches. heterogeneous resources required for this application Our demonstration proposal builds on the successful are reserved by using the GENI/Orca control Cluster D plenary demonstration at GEC7, which framework. utilized both networking resources (Orca/BEN/iGENI), as well as sensing and computational resources (ViSE/DiCloud). In that

35 Figure 1 Mapping Nowcast workflows onto GENI demonstration, GENI Cluster D showed the used to allocate the EC2 resources and coordinated allocation and stitching of an isolated monitor the occurring cost caused by the VLAN across multiple points-of-presence, including resource usage. UMass-Amherst, RENCI, and Duke University. • Nowcast Visualization. Nowcast data was However, our use of the VLAN was simply to visualized on a Google Maps overlay, and display a visualization of radar data from a ViSE highlighted both the forecast data as well as radar. In the GEC9 alpha demo we built on this the observational data that matches with the demonstration by integrating computation from real- forecast time, to point out severe weather time Nowcasting of high-bandwidth data fed over events. As a result, viewers should be able to the VLAN. Since severe weather is generally a rare discern the accuracy and speed of the occurrence, GENI’s ability to provide on-demand Nowcasts. network and computing capacity in the event of a CKNOWLEDGEMENTS storm is important: dedicating such expensive III. A resources for relatively rare events is not cost- This demonstration would not have been possible effective. With GENI, as severe weather forms, both without the support from Jim Kurose, Eric Lyons network and computational resources may be shifted and Jorge Trabal (UMass); V.Chandrasekar, Evan from lower-priority tasks to high-priority forecasting Ruzanski, and Yanting Wang (CSU); Ilia Baldine, tasks. Importantly, radar systems require both a mix Jeff Chase, Anirban Mandel (Duke/RENCI); Sandra of high-bandwidth networks and substantial Cruz-Pol, Jose Colom, Gianni Pablos (UPRM); computation. As noted above, the more network Mark Berman (GPO). resources that are available the lower the latency for starting Nowcasting, and the more computational resources that are available the more parallel Nowcasts, e.g., 1, 5, 10, 15-minute Nowcasts, are able to execute. Figure 1 illustrates how we mapped the Nowcast workflow onto GENI. An overview on the network resources used for the demonstration and the geographic locations of each single component are shown in Figure 2. Below we briefly outline a few additional aspects of the demonstration:

• Amazon Resources for Overflow. Amazon EC2 was used to archive the data generated by the radars. The DiCloud software was Figure 2 Networking topology for demonstration

Monday, August 1st Program – Session 3

Monday, August 1st, 2011, 1:45 PM to 3:05 PM Session 3: Future Internet Initiatives

th

11 Würzburg Workshop on IP:

Joint ITG and Euro‐NF Workshop on

“Visions of Future Generation Networks“ EuroView2011

Co‐located with Official G‐Lab Status Meeting

Chair of Communication Networks Institute of Computer Science University of Würzburg

th

11 Würzburg Workshop on IP:

Joint ITG and Euro‐NF Workshop on

“Visions of Future Generation Networks“ EuroView2011

Co‐located with Official G‐Lab Status Meeting

Chair of Communication Networks Institute of Computer Science University of Würzburg The Future Internet Research Plan in Korea

Younghee Lee Future Internet Project Manager Korea Communications Agency Seoul, Korea [email protected]

Abstract — We’re faced with the various Internet problems We believe that future network need to be mingled with some such as traffic explosion, security, mobilty and QoS etc. component functions or services to be more efficient for Especially, traffic explosion problem caused by mobile applications than the solutions based upon end node devices. Internet services and video contents services requires Those component functions can be either software functions or immediate solutions. Besides security attacks by DDOS or even special hardware based components. Those components hacking to national infrastructure such as bank, government should be open to public. We call it “Smart Network”. For administration also threthen the society itself. Korea basically long-term solution, we expect that various new future internet takes two type of approach. One is the approach to ameliorate architectures are suggested, and we will provide required the current Internet and the other is to pursue quantum leap experiment environments to test the concept of those new toward revolutionary future Internet. Current Internet can be architectures. seen as “dumb pipe”. The concept of “smart pipe” can B. Research activities improve the efficiency and security level of the Internet. We call it “Smart Internet”. We have also long term plan for the We have had small-scale future internet research projects on researches on new future internet architectures including architectures, wireless internet and context aware services etc. expereimental environments. The researches on future Internet The models for future networks focused on theoretical models are activated from this year 2011 and International are also under study. ETRI (Electronics and collaborations are strongly encouraged in Korea. Telecommunications Research Institute) which is the government sponsored research center has developed the virtualized programmable testbed platform to test new network architectures. Two forums are actively leading future internet I. INTRODUCTION researches. Many expert groups share their knowledge and A. Internet in Korea information, discussing the ideas on challenging issues at FIF As all the other nations in the world are faced with traffic (Future Internet Forum: http://fif.kr ) forum founded in 2006. explosion problem, Korea has been experiencing the heavy Three government sponsored institutes NIA (National traffic explosion. Average growth rate of Internet traffic Information Agency), ETRI, KISA (Korea Internet and reaches up to 34% exponentially, especially mobile Internet Security Agency) founded FN2020 (Future Network 2020) for traffic surges up to 10 times within one year. Does traffic network technologies, security issues, applications and testbed. explosion leads revenue explosion? The answer is “No”. The WDM-PON technologies are actively being developed for giga revenue of Korea Telecom, which is the biggest ISP of Korea, bps internet access. has been staying almost same since 2005 in spite of exponential traffic growth. This becomes a serious impediment II. RESERCH PLAN to invest higher speed Internet facilities in response to traffic growth. The DDoS attack to major web site, hacking to bank A. Smart Network and even GPS jamming attack has occurred quite frequently in As previously mentioned, smart network concept are major Korea. We need both immediate solutions and long-term target technology to be developed within near future. Smart solution to these problems. network node will contain integrated functional modules such It is reported that required bandwidth for home will reach to as routing, processing, storage and signal processing for smart 1Gbps in 2020. Korea has the plan to speed up the network to applications. First target services will be efficient content Maximum 200Mbps until 2012, 4Gbps until 2020. The various centric services and tele-presence services. Smart nodes will applications based upon high quality video such as HDTV, support also many types of virtualization and programmability UDTV, Multi-view 3DTV and Holography will require those including open flow capability. bandwidths. Then the question will be how future network can be integrated with the various services for Smart energy, Smart B. Revolutionary Future Internet Architecture transport, Smart Health, Smart work and Smart education etc. We’re seeking new internet architecture concept that can be fundamental solution for the current IP internet problems. We

39 expect that these new architecture can be evolved based on III. CONCLUSION smart network architecture at the beginning since smart Internet traffic explosion problem mostly due to video and network will support certain level of virtualization and mobile applications needs immediate and long-term solutions. programmability. The research projects for content centric Security is also one of the focal issues in Korea. It is strongly network, mobility, trustworthy network, highly reliable cloud believed that future applications are based on cloud computing networking are started in this year 2011. Research program and smart pipe kind of internet. We believe that these trends includes the researches on context aware service composition are not limited to Korea but to almost all the nations in the within IoT (Internet of Thing) environment. We expect the world. Global collaboration will be essential for future internet researches on applications which apply semantic web and researches not only to ameliorate the current internet but also linked data technologies. to new internet infrastructure for much better world.

PL-LAB: Polish initiative to develop laboratory infrastructure for testing Future Internet solutions

J. Śliwiński, J. Mongay Batalla W. Burakowski, H. Tarasiuk, A. Bęben National Institute of Telecommunication Institute of Telecommunications Warsaw, Poland Warsaw University of Technology {J.Sliwinski, J.Mongay}@itl.waw.pl Warsaw, Poland {wojtek, halina, abeben}@tele.pw.edu.pl

A. Binczewski, R. Krzywania, Ł. Dolata Poznan Supercomputing and Networking Center Poznan, Poland {artur, radek.krzywania, ldolata}@man.poznan.pl

I. INTRODUCTION A. Architecture The motivation for establishing Polish national project Complete architecture of the IIP System consists of entitled “Future Internet Engineering” (http://www.iip.net.pl) 6 levels. The lower four levels, from 1 to 4, correspond to was to accelerate the research on Future Internet issues. The telecommunication infrastructure while upper levels project collects 19 teams (more than 120 researchers) working correspond to applications/services (Level 5) and users on telecommunication and information systems from 9 leading (Level 6). Moreover, management system is a part of the technical universities and research centers in Poland. The architecture. It is responsible for management at each project is scheduled for years 2010-2012. One of the project architecture level as well as for communication between objectives is to develop national laboratory infrastructure for levels. More about the considered architecture one can find in testing Future Internet solutions. The network of these [1], [2]. laboratories we call as PL-LAB. As the first step, we plan to Level 1. Physical Infrastructure: the physical infrastructure use PL-LAB for testing the IIP System that is currently under of the IIP System consists of nodes enabling virtualization and implementation phase. This system is Polish proposal for links. The topology of the network is fixed and may have Future Internet network infrastructure and it assumes single or multi-domain structure. It has internal addressing virtualization of network resources. scheme and management. The network may contain wired and In this paper we provide a short overview of the IIP System wireless parts as well as access and core networks. and PL-LAB infrastructure. Level 2. Virtualization: this level corresponds to devices enabling virtualization and is responsible for creating and II. THE IIP SYSTEM maintaining virtual nodes and links for Parallel Internets. We design the IIP System to show that we can essentially Furthermore, at this level we need to provision each of Parallel extend the capabilities of network infrastructure in providing Internets. The provisioning should allocate physical resources more effective data transfer comparing to this what is offered for virtual link and nodes. by current TCP/IP-based Internet. New capabilities in our Level 3. Parallel Internets: We use the term Parallel system mainly correspond to possibilities of supporting: Internet for describing the network operating on virtual (i) a number of Parallel Internets that share common physical resources and specific data/control planes. We take into network infrastructure, (ii) specific data and control planes for account three basic Parallel Internets that are: IPv6 QoS and each Parallel Internet, not limited to TCP/IP. two proposals for post-IP networks, that are Content Aware In particular, each of Parallel Internets may serve traffic Network (CAN) and Data Streams Switching (DSS). Each of generated by a specific set of applications/services for which these network operates on different data format, addressing we can assure QoS guarantees for data transfer thanks to scheme, routing, traffic control, traffic engineering and adequate data and control planes. management. Finally, we stress that virtualization is an excellent way to Level 4. Virtual Networks: this level is responsible for implement Parallel Internets concept. Parallel Internets will creating a number of dedicated virtual networks running on operate on virtual nodes and links. For building them, we use given Parallel Internet. devices enabling virtualization, as e.g. EZappliance, NetFPGA, XEN or others.

41 IIP Network Administartors PL-LAB User

PL-LAB Access Portal

... AAA

VPN HUBS

PL-LAB Access Management Service

PL-LAB Access Figure 1. List of partners and locations of PL-LAB laboratories. AAA Service

III. PL-LAB ENVIRONMENT PL-LAB Access Monitoring PL-LAB Service PL-LAB network [3] consists of 9 laboratories in Poland, Resources which are located now at the project partners premises. Fig. 1 lists the name of involved partners and shows locations of the Figure 2. Structure of the PL-LAB access system. laboratories. Few examples: Infrastructure of the PL-LAB network was divided into • Programmable network switches with FPGA cards 3 main parts: (NetFPGA) or network processors (EZapplicance), • Operational part, which assures connectivity between • Virtualization servers, laboratories. Connections are configured for long term • Traffic sources for different applications, e.g., 4K time scale. They use dedicated devices controlled by the streaming. administrators of the PL-LAB. • Research part, which covers remaining devices present in the laboratories. PL-LAB administrators have limited C. Access system control upon them, but for the most of cases they are Access system allows to create virtual networks for able to restore the default state for each of them. particular experiments. For this purpose a portal was created, • Access system allowing the users to perform where users manage their networks. Fig. 2 presents the experiments. structure of the access system in the PL-LAB. Besides the A. Operational part portal, there are management and AAA services for controlling the devices and access to the devices. Moreover, Operational part is realized by using PIONIER, a national the VPN hubs allow users to use Ethernet connections in research network, which allows to transfer data between sites. bridged mode. Finally, the monitoring service measures the Each site is connected to PIONIER node by Gigabit Ethernet quality of the interconnections in the PIONIER network. interface. At the laboratory side, the access link is managed by a dedicated access switch (Juniper EX3200 switch). The IV. CONCLUSIONS PIONIER node (Brocade MLX switch) receives the Ethernet In the paper, we provided a short description of PL-LAB frames and applies them to a dedicated VPLS (Virtual Private environment dedicated for testing solutions proposed for LAN Service) connecting all laboratories. Due to security Future Internet with special focus on network virtualization, reasons, PL-LAB administrators cannot control the service in new architectures, mechanisms and protocols. In PL-LAB we the PIONIER network. Therefore, a monitoring system was use the programmable equipment allowing us for applied in the laboratories to detect connectivity failures. virtualization of network elements as links and nodes. In this In the internal part of the laboratory, the traffic is separated environment we will test the IIP System but we believe that its by using VLAN feature. We distinguish 3 types of VLANs: functionalities will allow us for testing also other proposals for • Management network (with single VLAN tag), which Future Internet. allows to connect to each device in the research part of the laboratory. REFERECES • Network for performing backup operations (with single [1] Burakowski W, et al., The IIP System: Architecture, Parallel Internets, VLAN tag), which is used for transferring device Virtualization and Applications, Future Network and Mobile Summit images. Conference, Warszawa 15-17 June 2011 • Different networks created for user’s experiments. [2] Burakowski W., Tarasiuk H., Beben A., Zwierko P., Future Internet architecture based on virtualization and co-existence of different data B. Research part and control planes, 5th Workshop on Future Internet Cluster, 15 June, Warszawa 2011 This part of PL-LAB provides different types of devices that [3] Sliwinski J, et al., Future Internet Experimentation in Poland, FIRE are connected with Ethernet interfaces to the access switch. research workshop, Budapest, May 2011, available at http://www.ict- fire.eu/events/fire-research-workshop.html

The Euro-NF Vision for Future Networks and Contributions from the Specific Joint Projects Kurt Tutschku Markus Fiedler University of Vienna, Austria Blekinge Institute of Technology, Sweden [email protected] markus.fi[email protected]

I.INTRODUCTION • being holistic (e.g. addressing multiple stake-holders); • use of very different transmission modes even in parallel Users will consider the Networks of the Future (NF), often (yet any mix of intermittent and delay tolerant, multi-hop, termed as the Future Internet (FI), as a network of smart packet- and circuit-switched transmission); applications, services and content [1]. Predicting exactly the • smart provider and connectivity selection (e.g. based on technologies and applications of the NF, however, is debat- economic competition and ecological considerations); able. For example, the success of smartphones platforms has • being agnostic to mobile or wired connections. overwhelmed both, manufacturers [2] and operators [3]. Thus, the quest for providing a detailed vision for the FI is almost Moreover, smart applications have to fulfill long-time de- impossible. However, a vision that suits as a research guideline sired features, such as high reliability and user satisfaction. will be useful if this vision consists of a stable, long-term framework for researching network technologies and design II.ASYSTEMATIC AND HOLISTIC DESIGNFOR SMART methods and of an adaptive, short-term schedule, which allows APPLICATIONS AND THE FUTURE INTERNET for integrating recent achievements. Smart networks and applications require a holistic engi- In this contribution, we outline first the long-term frame- neering. This feature means that the design systematics have work for research in the European FP7 Network-of-Excellence to comprise typical network research tasks (i.e. addressing “Euro-NF” [4] (a more detailed decription of the Euro-NF networking hard- and software) as well as research tasks for vision can be found in [5]). Then, we detail recent advances targeting the needs of users and operators with their socio- from short-term Euro-NF “Specific Joint Research Projects” economical requirements, e.g. personal benefits and experi- (SJRP) and “Specific Joint Development and Experimentation” ences or business requirements (e.g. legal, economical, or (SJDE) projects in view of the vision. Hence, the “S” in ecological constraints). “SJRP” stands also for the “strategic” nature of these projects. The Euro-NF approach for facilitating smart applications They should be perceived as small (even in funding) but and future networks aims at not only providing the foundations striking visionary projects which might develop into full-scale for the research on future networks, but also at the engineering projects which fit into the vision of future networks. Likewise, of systems to become operable in real-worlds. the SJDE represent strategic steps towards the use of new approaches in practice, i.e. for FI applications and services. A. A New Separation of Concerns Future Network Use and Requirements In order to enable a new systematic and holistic design for future smart application, the Dijkstra’s paradigm of the The main usage domains of future networks and their separation of concerns [6] might be re-applied to the design smart applications will be in the everyday life of people. pattern and building blocks of future systems as well as to Examples for such domains are health services, energy usage the design methodologies. We suggest that the usage and and distribution, environmental sensing or logistics [1]. technology areas can be separated in three areas of concern, Smart applications stand out through abilities of combining cf. the rows in Fig. 1: data, content, information and services in ways such that new relationships among data and services are exploited. Thus, • Future smart applications (see above); they enable new benefits for the users and the society. Smart • Future smart mediation techniques (e.g. former routing applications are characterized by: tasks, now enabling mediation for Publish/Subscribe tech- niques, delay-tolerant networking, application-specific • highly autonomous operation; topologies and resource management, etc.); • use of very different types of data (e.g. from very low • Future smart connectivity techniques (e.g. convergence of volume sensor data to interactive video streams with strict optical and wireless transmission and energy efficiency). real-time requirements and very high data volumes); • peer-to-peer or machine-to-machine communication The separation of design methodologies for future networks which requires highly scalable mechanisms (billions of has also to be adapted for a holistic design. The separation devices); might categorize the methods into, cf. the columns in Fig. 1: • use of application-specific networks with own topologies, • Design methods for networking architectures, e.g. which naming, routing and resource management schemes; separation is appropriate (e.g. layering vs. heaps);

43

Future Smart So far, Euro-NF has issued four calls for SJRPs. 19 SJRPs

Applicaon eval- have been executed, and five are currently in progress. The algo- examples below show four examples, one from each call. Future Smart Mediaon A. The ASPECTS Project Future Smart We witness growing interest in more efficient spectrum Connecvity utilisation and availability of on-demand broadband wireless

Usage and Technology Areas access to the NF through Cognitive Radio, which involves

architectures dynamic and opportunistic access to so-called agile spectrum. The “Agile Spectrum Security” (ASPECTS) project [7] iden-

New design methods for networking architecture New methods for comparing and uang New design methods for smart rithms Newdesign methods includingfor socioeconomic needs in futurenets tified security and privacy issues of agile spectrum access, as well as vulnerabilities against misuse and potential counter- Methodologies measures. It further targeted a security and trust framework, Fig. 1. A new separation of building blocks and design methods. enabling the detection and reporting of misbehaving nodes. As the underlying problems related to cooperative usage of the • Methods for comparing and evaluating architectures, e.g. same physical resources are of similar nature, the ASPECTS new metrics for flexibility, adaptivity, expandability, qual- results also extend into the direction of network virtualisation. ity of cooperation, quality of pricing, etc.; • Design methods for smart algorithms (e.g. models for B. The EnergyOPAL Project self-organization, smartness etc.); Research within the project “Energy OPtimal ALgorithms • Design methods for including socio-economic needs in for mobile Internet: stochastic modeling, performance analysis future networks, e.g. resource efficiency, business models and optimal control” (EnergyOPAL) [8] focused on algorithms greenness, security, governance or QoE. which can enable an energy-friendly future mobile Internet. Turning off the electronics of a wireless device is understood B. Weaving a Technological and Methodological Fabric for to be crucial for saving energy over idle periods. On the other the Future Internet and Smart Applications hand, the responsiveness of the wireless network should not The aim of future network design is to build a systematic be compromised. Each node should try to adapt its power network system that enables smart applications to become a consumption profile to the traffic running through it. If each commodity for people. We call this approach the weaving of node is seen as an entity, cooperation among nodes is needed the technological fabric. The metaphors of “weaving” and of a in order to achieve an efficient performance in terms of energy. “fabric” can be transferred to establishing relationships of the Scheduling and power control plays a big role in this context. above outlined new areas of concerns and the corresponding Important tradeoffs were identified, and optimal control was new separation of methods. The weaving of the fabric might proposed as a solution to the above problem. be materialized by enablers, which are physical entities or mechanisms, but also intellectual methods or algorithms, or C. The VDTN Project operational procedures. In particular, the concepts of how The project “Vehicular Delay-Tolerant Networks” (VTDN) to achieve smart combinations of future technologies and [9] proposed a novel architecture for VDTN. Besides posi- methodologies are at the core of the Euro-NF vision. tioning the bundle layer below the network layer, it employs out-of-band signaling and devises the separation of the control III.RECENT CONTRIBUTIONSFROM SJRPS plane and data plane. A laboratory prototype was created to Euro-NF Specific Joint Research Projects (SJRP) aim at demonstrate this approach. The project also developed new improving knowledge in targeted topics considered of main applications, fragmentation mechanisms, content storage and importance, with a significant visionary and innovative po- retrieval mechanisms, dropping and scheduling policies, and tential and not sufficiently covered at present. They shall routing protocols for VDTNs. be sharply focused on disruptive ideas on the networks of the future and orient themselves along the Euro-NF vision. D. The CAVE-NET Project SJRPs shall be designed to explore the need for more research Given the growing population of mobile devices and on- effort, anticipating scientific and technological needs that, board units, the project “Context-aware Information Dissem- for example, could motivate the proposal of FP7 projects in ination in Vehicular Networks” (CAVE-NET) [10] has iden- upcoming calls. Visionary, creative, ground-breaking, strategic tified the need for new approaches to performance modelling and potentially controversial approaches and proposals are in vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) highly welcome. SJRPs shall anticipate tomorrows needs to scenarios. In particular, it investigates how information about research in the domain and explicitly combine technologies the vehicular context can be taken into account in order to with methodologies. In particular, joint strategic publications improve information dissemination performance in vehicu- should be targeted as outcome of the joint work and as ground lar networks. The first contribution addresses the vehicles for new fields of research. through characterisation of vehicular flows – through a new, macroscopic and generic model – and its impact on the and SJDE) materialise that vision on a short-term, yet strate- information dissemination. The second contribution tackles the gic scale by addressing key technology issues by advanced challenge of the deployment of road-side units for a vehicular methodologies. As demonstrated by the examples, their scope communication infrastructure by defining and evaluating a ranges from the identification of open, tangible research issues game-theoretical model. The model has been validated by via theoretical research to implementations, demonstrations simulations. experimentations and validations of new approaches. Thus, they exemplify how the weaving of the technological and IV. RECENT CONTRIBUTIONSFROM SJDEPROJECTS methodological fabric is becoming a reality. Euro-NF Specific Joint Developments and Experiments ACKNOWLEDGMENT (SJDE) are part of the Euro-NF work package IA.2.1 “De- velopment and coordination of software tools and platforms”. The authors like to thank all members of the FP7 Network They aim at promoting and supporting joint developments and of Excellence Euro-NF (contract number 216366) for their joint experiments, in the context of the research work carried input and appreciate especially the contributions and passion out inside Euro-NF. The results of the three projects run so of the participants of the Euro-NF SJRP and SJDE projects far are made available to the research community. Below, two for shaping the future of networks. SJDEs are presented. REFERENCES A. The Multi-Next Project [1] European Commission, “Communication from the Commission to the European Parliament, the Council, the European Economic and Social In FI, federation of resources will be the norm. The plethora Committee and the Committee of the Regions – “A public-private of access and application-specific networks suggests to com- partnership on the Future Internet”,” 2009, COM(2009) 479 final, bine their resources in the form of building blocks in order to Brussels, Oct. 28, 2009. [2] D. Ben-Aaron, “Android Phones Set to Pass Nokia’s Symbian in increase availability, reliability and performance of an end-to- Europe, IDC Says, Bloomberg,” Nov. 2010, Information available at: end network path. On this background, the project “Measur- http://www.bloomberg.com/. ing Concurrent Multipath Transmissions in an Experimental [3] S. Choney, “Is 2010 the year of wireless congestion?,” Jan. 2010, MSNBC. Information available at: http://www.msnbc.msn.com/. Facility” (Multi-Next) [11] validated a performance model [4] The Euro-NF Consortium, “Euro-NF: Anticipating the Network of the for the concurrent use of virtual resources in the context of Future - From Theory to Design,” 2008, Information available at: network federation. Furthermore, a use case within OneLab http://www.euronf.org. [5] K. Tutschku and M. Fiedler, “Second update of the Euro-NF vision was performed, which demonstrated the potential of federa- regarding the network of the future – D.SEA.10.1.2,” Dec. 2010, tion of experimental facilities, made use of the sophisticated Available at: http://www.euronf.org. measurement facilities provided within OneLab, and provided [6] E. W. Dijkstra, Selected writings on Computing: A Personal Perspective, chapter On the role of scientific thought, pp. 60–66, Springer-Verlag valuable feedback to OneLab in form of requirements for the New York, Inc., New York, NY, USA, 1982, ISBN 0-387-90652-5. federation. [7] G. Polyzos, G. Marias, S. Arkoulis, P. Frangoudis, M. Fiedler, A. Popescu, H. de Meer, R. Herkenhoner,¨ A. Fischer, and J. Oberender, B. The VNREAL Project “ASPECTS: Agile Spectrum Security,” in Proceedings of the 7th Euro- NF Conference On Next Generation Internet, 2011. Network virtualization is recognized as an enabling tech- [8] S. Paschos, P. Mannersalo, S. Stanczak, E. Altman, and L. Tassiulas, nology for the Future Internet that overcomes network ossi- “Energy OPtimal ALgorithms for mobile Internet: stochastic modeling, performance analysis and optimal control,” in Proceedings of the 7th fication. However, it introduces a set of challenges. In any Euro-NF Conference On Next Generation Internet, 2011. network virtualization environment, the problem of optimally [9] J. Rodrigues, J. Dias, J. Isento, B. Silva, V. Soares, N. Magaia, mapping virtual resources to physical resources, known as P. Pereira, A. Casaca, C. Cervello-Pastor, and J. Gallego, “The Vehicular Delay-Tolerant Networks (VDTN) Euro-NF Joint Research Project,” virtual network embedding (VNE), is a critical challenge. in Proceedings of the 7th Euro-NF Conference On Next Generation Several algorithms attempting to solve this problem have Internet, 2011. been proposed in literature, so far. However, a comparison of [10] C. Casetti, M. Cesana, I. Filippini, G. Dan, and I. Marsh, “Context-aware Information Dissemination in Vehicular Networks,” in Proceedings of existing and new VNE algorithms is hard, as each algorithm the 7th Euro-NF Conference On Next Generation Internet, 2011. focuses on different criteria. To that end, the project “Virtual [11] T. Zinner, K. Tutschku, and T. Zseby, “MultiNext – Measuring Network Resource Embedding Algorithms” (VNREAL) [12] Concurrent Multipath Transmissions in an Experimental Facility,” in Proceedings of the 7th Euro-NF Conference On Next Generation Inter- project introduced ALEVIN, a framework to compare different net, 2011. algorithms according to a set of metrics, easily incorporate new [12] M. Duelli, D. Schlosser, J. Botero, X. Hesselbach, A. Fischer, and VNE algorithms, and evaluated these algorithms on a given H. de Meer, “VNREAL: Virtual Network Resource Embedding ALgo- rithms in the Framework ALEVIN,” in Proceedings of the 7th Euro-NF scenario for arbitrary parameters. Conference On Next Generation Internet, 2011.

V. CONCLUSIONS The Euro-NF Vision on NF and FI postulates the need for (1) the separation of concerns into technology and methodol- ogy; (2) the weaving of a technological and methodological fabric in order to support NF, FI and future smart applications. It was shown how Euro-NF Specific Joint Projects (SJRP

45

Flexible VNE Algorithms Analysis using ALEVIN

Juan Felipe Botero, Xavier Hesselbach Michael Duelli, Daniel Schlosser Andreas Fischer, Hermann de Meer Universitat Politecnica` de Catalunya, University of Wurzburg,¨ University of Passau, Barcelona, Spain. Wurzburg,¨ Germany. Passau, Germany.

Abstract—Network virtualization is recognized as an enabling technology for the Future Internet that overcomes network ossification. However, it introduces a set of challenges. In any network virtualization environment, the problem of optimally mapping virtual demands to physical resources, known as virtual network embedding (VNE), is a crucial challenge. This paper analyses the behaviour of the main algorithms proposed to solve VNE by means of the ALEVIN framework. The VNE algorithms are evaluated with regard to appropriate metrics such as: cost, revenue, and virtual network acceptance ratio. We also analyse Fig. 1. Cost and revenue in VNE. the impact of the recently introduced hidden hop demand concept in the performance of the VNE algorithms. Moreover, a set of metrics has been implemented to compare I.INTRODUCTION the performance of the algorithms after VNE. Network virtualization is expected to deliver the flexibility For platform independence, ALEVIN is written in Java. needed for service-tailored future networks [1]. One key prob- ALEVIN’s GUI and multi-layer visualization component is lem to network virtualization is the virtual network embedding based on MuLaViTo [4] which enables us to visualize and (VNE) problem. This problem deals with the question how a handle the SN and an arbitrary number of VNs as directed set of virtual networks (VN) can be embedded in a substrate graphs. network (SN) in an optimal way. ALEVIN [2] is a framework enabling researchers to evaluate and compare novel solutions III.VNEMETRICSAND HIDDEN HOPS to the VNE problem according to a wide set of criteria. We Figure 1 presents the two main metrics that have been have implemented the most popular existing VNE algorithm used to evaluate the performance of the VNE algorithms. proposals in ALEVIN. ALEVIN allows researchers to add new The revenue metric can be seen as the economic benefit of algorithms or modify existing algorithms and investigate the accepting VN requests, while the cost metric measures the result of these modifications. This flexibility is expected to resources spent by the substrate network to map a virtual provide novel insights into the VNE problem. network. The combined cost-revenue ratio is a commonly Pre-defined metrics are used to evaluate different VNE used metric to evaluate the performance of a VNE algorithm, algorithms. Several metrics have been proposed and studied with the quality increasing the lower the ratio is. A detailed so far. The cost-revenue factor and the ratio of accepted VNs overview of VNE algorithm metrics is presented in [3]. have been found to be the main indicators on the quality of The hidden hop demand concept is introduced in [5]. It takes the VNE. In this work, a set of VNE algorithms are evaluated into account the additional demand on intermediate nodes using the cost-revenue factor and the VNs acceptance ratio of a directed path in the SN that is used to map a specific metrics. Moreover, the impact of hidden hop demands on the virtual link of a VN. This reflects the fact that, for instance, algorithms is investigated. packet forwarding of traffic on a virtual link requires additional forwarding capacity on intermediate nodes. II.THE ALEVINFRAMEWORK The implementation of the hidden hop demand concept in The focus in the development of ALEVIN [2] was on ALEVIN helps to understand the impact of hidden hops on the modularity and efficient handling of arbitrary parameters for embedding and to devise modifications in current algorithms resources and demands as well as on supporting the integra- to optimally deal with it. tion of new and existing algorithms and evaluation metrics. ALEVIN is fully modular regarding the addition of new IV. ALGORITHMSAND EVALUATIONS parameters to the VNE model. To compare different VNE algorithms, we create scenarios A set of algorithms from existing publications was imple- with different SNs, as well as different VNs, which cause a mented in ALEVIN. They were chosen taking into account certain average resource load. their novelty and the impact generated by their publication. In this work, we consider CPU cycles as a node resource, The complete list of implemented algorithms is given in [3]. denoted by NRCPU, and bandwidth as a link resource, denoted

47 It also shows that algorithms using path splitting (multi-path) solutions to map virtual links, have a better behaviour that those using shortest paths. The evaluated algorithms were challenged by including a hidden hop demand factor of 0.5, i.e. each hidden hop on a substrate path will have a CPU demand equivalent to the 50% of the realized virtual link’s demand. Figure 3 shows the VN acceptance ratio of the evaluated algorithms with the hidden hop factor and the behaviour of the algorithms without considering hidden hops. The decrease of the VNs acceptance ratio is very noticeable (up to 50% in the worst case).

V. CONCLUSIONAND FUTURE WORK This paper presented an evaluation of VNE algorithms using ALEVIN. It has been shown that different algorithms can be Fig. 2. Evaluation of cost-revenue ratio. compared by a common set of metrics. Moreover, it became clear that modification of the algorithms, e.g. with the hidden hop demand, can give significantly different results. Taking into account possible further optimization goals, like security, resilience, or energy-efficiency, it becomes clear that further analysis of these effects is needed. Optimization of energy consumption in the SN will require significant modification of existing algorithms. Likewise, the incorporation of security and resilience goals will have a significant impact on results. We plan to use ALEVIN to investigate these constraints. Moreover, the application to large testbed scenarios (e.g. G-Lab) will be an interesting goal.

ACKNOWLEDGEMENTS This work received funding from the EC’s Seventh Frame- work Programme ([FP7/2007-2013] [FP7/2007-2011]) in the context of the “Euro-NF” Network of Excellence (grant agree- Fig. 3. Evaluation of VNRs acceptance ratio with and without hidden hops. ment no. 216366, SJRP “Virtual Network Resource Embed- ding Algorithms” (VNREAL)) and the ResumeNet project (grant agreement no. 224619). It was further supported by TABLE I EVALUATED ALGORITHMS the Spanish Government, MICINN, under research grant TIN2010-20136-C03, the “Comissionat per a Universitats i Notation Algorithm Description Recerca del DIUE” from the “Generalitat de Catalunya”, the SP Coordinated node and link mapping with k-shortest paths DViNE Social European Budget (“Fons Social Europeu”), and by the PS Coordinated node and link mapping with Path Splitting SP Greedy available resources with k-shortest paths Federal Ministry of Education and Research of the Federal GAR PS Greedy available resources with Path Splitting Republic of Germany (BMBF Forderkennzeichen¨ 01BP0775) in the context of the EUREKA project “100 Gbit/s Carrier- Grade Ethernet Transport Technologies (CELTIC CP4-001)”. by LRBW in the substrate network. We uniformly distribute max REFERENCES the resource values with a maximum of NRCPU = 100 and max LRBW = 100. As a trade-off between runtime of some [1] N. M. M. K. Chowdhury and R. Boutaba, “Network Virtualization: State algorithms and realistic scenarios, we chose the number of of the Art and Research Challenges,” IEEE Communications Magazine, vol. 47, no. 7, pp. 20–26, 2009. substrate nodes to be 50 and the number of virtual nodes [2] VNREAL, “ALEVIN – ALgorithms for Embedding VIrtual Networks,” per virtual network to be 20. To explore the impact of May 2011. [Online]. Available: http://alevin.sf.net consolidation of VNs, we consider 15 VNs to be embedded. [3] A. Fischer, J. F. Botero, M. Duelli, D. Schlosser, X. Hesselbach, and H. de Meer, “ALEVIN - A Framework to Develop, Compare, and Analyze We performed 10 runs for each set of scenario parameters to Virtual Network Embedding Algorithms,” Electronic Communications of reach a confidence level of 95%. Table I lists the evaluated the EASST, Kommunikation in Verteilten Systemen 2011, vol. 37, Mar. VNE algorithms. For details, please refer to [3]. 2011. [4] M. Duelli, J. Ott, and T. Muller,¨ “MuLaViTo – Multi-Layer Visualization Figure 2 shows the simulation results using the cost-revenue Tool,” Apr. 2011. [Online]. Available: http://mulavito.sf.net ratio to compare the different VNE algorithms. It can be seen [5] J. F. Botero, X. Hesselbach, A. Fischer, and H. de Meer, “Optimal that it is better to use algorithms that treat the virtual node mapping of virtual networks with hidden hops,” Telecommunication and link mappings in a coordinated way and not separately. Systems, pp. 1–10, 2011.

Monday, August 1st Program – Session 4

Monday, August 1st, 2011, 3:35 PM to 5:15 PM Session 4: Network Protocols

th

11 Würzburg Workshop on IP:

Joint ITG and Euro‐NF Workshop on

“Visions of Future Generation Networks“ EuroView2011

Co‐located with Official G‐Lab Status Meeting

Chair of Communication Networks Institute of Computer Science University of Würzburg

th

11 Würzburg Workshop on IP:

Joint ITG and Euro‐NF Workshop on

“Visions of Future Generation Networks“ EuroView2011

Co‐located with Official G‐Lab Status Meeting

Chair of Communication Networks Institute of Computer Science University of Würzburg A solution for Synchronization Problem of Interconnected Metro Access and Metro Core Ring Networks

Tülin ATMACA, Van T. NGUYEN, Dung T. Joel RODRIGUES NGUYEN, Glenda GONZALEZ Department of Informatics Lab. CNRS/Samovar University of Beira Interior Institut Telecom/Telecom SudParis Covilhã - Portugal Evry – France

Abstract— This work presents studies of an interconnected Multi- delay and jitter are compared with the opportunistic Ring Network (MRN) architecture in which a Metropolitan Access mechanism. The rest of this study is organized as follows. In (MA) Ring is interconnected by a Metropolitan Core (MC) Ring. The section II, existing optical MAN have been summarized and interconnection of MC and MA networks is made via hub node that is the architecture studied is presented. In section III, our in charge of the synchronization between them. The synchronization proposed mechanism is introduced. In section IV, our of two rings while assuring the traffic routed efficiently from the MA to the MC networks is the major problem in this architecture. To simulation scenario is described and the simulation results are solve this problem, we propose a new mechanism called Common- presented. Finally, we conclude our work. Used Timer Mechanism (CUTM) inspired from CoS-Upgrade Mechanism (CUM) to create optical packets well filled in the hub. II. NETWORKS INTERCONNECTION CUTM is developed and also integrated as a module to the software The studied architecture is composed of two segments: Metro Network Simulator 2 (NS2), to simulate the behavior of the MRN Access (MA) with architecture DBORN and Metro Core (MC) considered. We compare the performance of this mechanism with the with ECOFRAME (Fig. 1). The interconnection is made via opportunistic one. The results have shown that, compared to existing solutions, the CUTM enhances the network throughput, packet filling hub node. We distinguish two traffic flows: 1) the traffic creation ratio and optimizes the use of resources. Also, it solves the flowing from the MA to the MC through the hub 2) the traffic synchronization problem. flow circulating in the MC. In an access node of MA, the electronic packets are encapsulated in optical packets and I. INTRODUCTION transported through the hub. In hub O/E/O conversion is used Metropolitan ring networks are usually used to connect the to build new optical packets well filled coming from different high speed backbone networks with the high speed access nodes and going to same destination, and then the packets are networks. The metro rings can be interconnected transparently stored in the queue. The creation of new optical packets is through single access node (Hub node) or multiple access made using three mechanisms: 1) electronic packets coming nodes. Ring topologies have been widely adopted and studied from different access nodes can be combined together 2) for MAN: Resilient Packet Ring (RPR), DBORN [1] and combined with local electronic packets of the hub 3) two ECOFRAME (French ANR Project). ECOFRAME [2] pays combinations mentioned, totally according to class of service. special attention to the deployment of optical technologies Therefore, it is needed to synchronize packet transmission at "low cost" to ensure good network performance. ECOFRAME hub. Packet creating process introduces the delay which helps ring uses fixed optical packet size and separately data and to synchronize the two rings by using electronic buffers. The control channels. In [3] the end-to-end metropolitan transmission time slots of two rings have different sizes. L1 performance of a multi-ring architecture has been investigated. corresponds to the transmission time of a packet in MA and L2 We consider two interconnected rings (Metro Access (MA) in MC. The correlation of the variables L1 and L2 is a problem and Metro Core (MC)) via hub node that is in charge of the of synchronization. Another problem is the impact of synchronization. In [4] a new architecture to integrate in a synchronization shift t on the network performance. transparently way MA and MC ring networks has been presented. In [5] new devices to interconnect MA and MC III. COMMON-USED TIMER MECHANISM Ring networks have been studied. However, the Some mechanisms have been proposed in literature to decide synchronization problem between the networks has been the time to create optical packets. A well known scheme is the neglected and a major research opportunity exists in this opportunistic mechanism (if a slot in transit is free, the optical sense. In this paper, we present a new mechanism Common- packet will be built and sent to the destination otherwise no Used Timer Mechanism (CUTM) to create optical packets creation). The purpose of this mechanism is to reduce the load well filled which helps to solve the synchronization problem. of the hub and use fewer resources. In [6] the authors propose The results in terms of waiting time, throughput, end-to-end CUM to improve the filling ratio of the packets.

51 analyzing the simulation results, we found that the CUTM can solve this problem. CUTM provides good network utilization. Metro Metro REFERENCES Access Core [1] N. Le Sauze, E. Dotaro, A. Dupas, “DBORN: A shared WDM ethernet bus architecture for optical packet metropolitan network”, Photonic in Switching, July 2002. [2] T. Atmaca, T. Eido, T. D. Nguyen, P.Gravey, A. Gravey, M. Morvan, J. Roberts, S. Oueslati, T. Ronald, D. Barth and D. Chiaroni, “Définition Figure 1. Networks Interconnected. du plan de transport (MAC, Protocoles), livrable D2.1, French ANR. [3] T. Atmaca, T. D. Nguyen, “Interconnection of optical metro ring This mechanism can be used not only for the access nodes but networks: End-to-End performance”, Invited paper, IFIP WCC/NoF also for the hub to create fixed size optical packet, so it uses „2010 conference, Brisbane, Australia, 20-23 September, 2010. static or dynamic timers to decide when the optical packet are [4] T. Orphanoudakis, H. Leligou, E. Kosmatos and A. Stavdas, “Future constructed. By improving the limitations of CUM (it uses Internet infrastructure based on the transparent integration of access and core optical transport network”. In: IEEE/OSA Optical Communications several timers and buffers), we propose CUTM which uses a and Networking, July 2009. single timer and single optical buffer for all classes of service. [5] J. Leuthold, W. Freude, S. Sygletos, P. Vorreau,, R. Bonk, D. Hillerkuss, CUTM has three processes: 1) taking optical packet arrived, I. Tomkos, A. Tzanakaki and C. Kouloumentas, “An all optical open it and convert it into electronic packet. After that, the grooming switch to interconnect access and metro ring networks”. electronic packet will be put to the buffer corresponding to ICTON 2008, Transparent Optical Networks, June 2008. their CoS. If there is a timer running, no new timer is created [6] T. D. Nguyen, “Performance evaluation of optical packet switching: Access control resources allocation and QoS management for until this timer has expired. 2&3), the electronic packets are metropolitan an access networks”, PhD thesis, November 2010. selected one after another from the queue in order of priority TABLE I. SIMULATION SCENARIOS until the optical packet is full or there is not packet in the Scenario 1 Scenario 2 Scenario 3 queue. The service class of optical packet is defined by the Metro Metro Metro Metro Metro Metro core Access Access core Access core higher class of service of electronic packets. Bit rate 10Gb/s 10Gb/s 10Gb/s 40Gb/s 10Gb/s 40Gb/s Optical 10µs – 10µs - 10µs – 5µs – 10µs – 10µs – 12500 packet 12500 12500 12500 25000 50000 octets IV. NUMERICAL RESULTS size octets octets octets octets octets 35% - 70% - 70% - Load 50% - 5Gb 60% - 6Gb 60% - 6Gb The traffic flows are shown in network is shown in the Fig. 3.5Gb 28Gb 28Gb Node 437.5Mb/ 2.5Gb/s 750Mb/s 14Gb/s 750Mb/s 14Gb/s 1. We simulate the network with 3 scenarios (Table 1) and traffic s evaluate the waiting time in the hub, throughput, jitter and delay by simulations using NS2 tool. Firstly, we fix the value of t = 1µs and study the interaction of L1 and L2 depending on the bandwidth and packet size in each network. The results in Fig. 2 show the waiting time in hub with CUTM. It is independent of L1&L2 correlation, and depends on the capacity of the MC. With the “opportunistic” mechanism, the performance of hub does not depend on the capacity of MC.

Fig. 3 shows the throughput obtained by the scenario 3, it a) CUTM Mechanism b) Opportunistic Mechanism means that the mechanism “opportunistic” uses the network Figure 2. Waiting time in hub t = 1µs vs CoS. resources less effectively than mechanism CUTM. Now, we analyze the impact of t in varying from 1µs to 21µs (20µs = 2 x L2) on the performance of network and hub. The Fig. 4 shows that the value of t does not impact on the network performance but a little change of waiting time in the hub (around 0.05ms). The results are the same with the “opportunistic” mechanism. Our results show that the "opportunistic" mechanism is better than CUTM. However, Figure 3. Throughput for scenario 3. the filling ratio of CUTM is better than the mechanism "opportunistic". Also, CUTM mechanism saves more bandwidth than the mechanism "opportunistic”.

V. CONCLUSIONS This work has considered MAN architecture of two ring networks: the synchronous DBORN as the MA and ECOFRAME as MC. We have proposed the CUTM mechanism to solve the problem of synchronization. By a) CUTM Mechanism b) Opportunistic Mechanism Figure 4. Waiting time in hub t = 1µs to 21 µs. The Challenge of M2M Communications for the Cellular Radio Access Network

Andreas Maeder, Peter Rost Dirk Staehle NEC Laboratories Europe University of Wuerzburg Network Research Division Dept. of Distributed Systems Heidelberg, Germany Wuerzburg, Germany Email: {andreas.maeder|peter.rost}@neclab.eu Email: [email protected]

Abstract—Machine-to-machine (M2M) or machine-type com- meters which are solely battery-powered. Communication munication (MTC) is expected to be one of the major drivers between the meter devices and the providers today is of cellular communications in the next decade. The term M2M characterized by long time intervals. However, for future communication covers a wide area of use cases and applications, thus resulting in context of cellular systems in highly diversified smart power grids, much shorter time intervals may be use cases, deployment scenarios and requirements. However, one necessary (several minutes down to seconds), as the common denominator is that today’s mobile cellular systems are abilities to control the energy-network are manifold and primarily designed for human communication. closed-loop control will be implemented. This contribution highlights the challenges which arise from • eHealth denotes the envisioned use of cellular devices the different M2M traffic and deployment characteristics on the radio interface of mobile cellular systems, as well as the to monitor the health state of the user, such as blood current efforts in research and standardization to address the pressure, heart beat rate, etc. While this information is M2M communications requirements. usually aggregated at the device and then transmitted as bulk message, the device could also react on emergency I.INTRODUCTIONTO M2M COMMUNICATIONS events, implying stronger requirements on latency and According to various market research forecasts, the number transmission reliability. of M2M-capable devices, the generated traffic and, most • Intelligent Transport Systems (ITS) describes the use of important for mobile operators, the expected revenue of cel- communication to enhance transport security and effi- lular M2M communications will grow strongly over the next ciency. Recently, cellular communication technologies are decade. The numbers are up to half a billion for cellular M2M one of the candidates for car-to-x communication, which devices [1] in 2014, and expected revenue of $3.8 bln [2] in has strong requirements on latency and mobility. 2015, respectively. • Surveillance is one aspect of the larger use case “public The relatively broad definition of M2M communication, or safety”, where video cameras are transmitting either con- more precisely, the wide range of associated use cases, consti- stantly, or at certain event triggers, a relatively low data tutes a challenge for the design of mobile cellular networks. rate video stream. The requirements on QoS corresponds Although this variety is in principle beneficial in terms of thus to “normal” video streaming. opportunities, it also makes it more difficult to define common characteristics and, accordingly, requirements fundamental for the system design of M2M-optimized cellular systems. In principle, M2M communication is not a new concept. Smart meters eHealth ITS Surveillance mobility none normal high none Already today, many communication systems in the indus- message size low medium medium high trial area (e.g. fleet management, toll collect systems, goods traffic pattern regular random random regular tracking) are operational using today’s mobile cellular infras- device density high medium high low tructure such as SMS over GSM systems. The main driver latency req. low high high medium power eff. high high low medium for the evolution of cellular systems for M2M is therefore the expected increase in data volume and, more important, number TABLE I REQUIREMENTS OF DIFFERENT M2M USESCASESONCOMMUNICATION of connections. NETWORK

II.USE CASESAND REQUIREMENTSFOR CELLULAR SYSTEMS Typical use cases for M2M communications include [3], [4] Table I illustrates the diverse requirements and characteris- • Metering and control of electricity, gas, heat, and water. tics of different M2M use cases on the transport network. The Smart meters are immobile devices with very long main- design of M2M enhancements for cellular RAN focuses on tenance intervals (several years), which is a challenge for areas where a deficit is recognized.

53 III. CHALLENGES FOR MOBILE CELLULAR NETWORKS • Lightweight and low-overhead security mechanisms.

An analysis of the M2M requirements, performed e.g. in [5], IV. STANDARDIZATION EFFORTS [4], reveals that the challenges from M2M communications Various standardization bodies are currently in the process arise mainly from the following requirements: to define specifications for M2M communications, such as • Support for a very high number of devices per cell. 3GPP responsible for UMTS, LTE and LTE-A, and IEEE, • Support for different traffic characteristics of M2M com- covering the 802.16 WirelessMAN (mobile WiMAX) standard munications, such as small message size and regular family. transmission intervals. • Low latency and high reliability. A. 3GPP • Low and ultra-low power consumption. In 3GPP, M2M communications is denoted as Machine- • Support for different mobility profiles Type Communication (MTC). The work items titled Network • Finally, the requirement that human-to-human commu- Improvements for Machine Type Communications (NIMTC) nication (i.e. normal operating network) must not be and System Improvements for MTC (SIMTC) are active since negatively affected by M2M communications. 2008 and 2010, respectively. The focus both work items is As an example, Fig. 1 shows the estimated number of smart mainly on LTE (NIMTC) and LTE-Advanced (SIMTC) [7], meters vs. the cell radius in some typical urban and suburban [8]. scenarios, specifically in New York City, Washington D.C. and B. IEEE London. The data is based on the population density in the respective area, and the number of meters per house hold (in In the IEEE 802 LAN/MAN Standards Committee, several this case assumed to be 1). The black lines indicate typical task groups (TGs) are addressing the impact of M2M commu- cell radii and correspondingly, the number of meters. In the nication on the radio access network. The IEEE 802.16p TG worst case, i.e. in the case of London with 2 km cell radius, aims for enhancing the mobile WiMAX base standards IEEE the expected number of meters exceeds 35, 000, see [6] for 802.16e and IEEE 802.16m for M2M, identifying a number further details of the London scenario. of requirements for mainly MAC-related functions such as network entry, group and device addressing, etc [9].

5 Other working groups addressing M2M communications 10 include IEEE 802.11 and IEEE 802.15.4, which is the base

35,770 standard for the ZigBee standard family.

V. CONCLUSION 12,080 4 10,450 10 8,950 The growing market of M2M communication is one of the 4,600 most active research areas for mobile cellular networks. The 3,020 challenges for the cellular RAN arise mainly from the diverse characteristics of M2M traffic in conjunction with the massive 3 10

Estimated number of meters number of devices, and the wide range of requirements on mobility, latency, reliability, security and power consumption. Urban NY City Both the research community as well as the standardization Suburban (Washington D.C.)

2 Urban London bodies have recognized the potential, and are in the process 10 200 400 600 800 1000 1200 1400 1600 1800 2000 cell radius (m) of addressing the challenges for future network M2M com- munications.

Fig. 1. Expected number of smart meters vs. cell radius REFERENCES [1] Juniper Research, “Embedded Mobile & M2M Strategies,” Tech. Rep., On the cellular RAN, some of the identified research Jan. 2010. challenges include: [2] ABI Research, “Cellular Machine-to-Machine (M2M) Markets,” Tech. Rep., Oct. 2010. • Congestion in the random access channel, both for net- [3] 3GPP, “TR 22.868 V8.0.0 Study on Facilitating Machine to Machine work entry and for contention-based bandwidth request Communication in 3GPP Systems,” 3GPP, Tech. Rep., Mar. 2007. mechanisms. A large number of devices attempting to [4] IEEE, “IEEE 802.16p-10/0005, Machine to Machine (M2M) Communi- cations Technical Report,” IEEE, Tech. Rep., Nov. 2010. access the channel at the same time needs mechanisms [5] 3GPP, “TS 22.368 V11.1.0 Service requirements for Machine-Type for prioritization and isolation between different access Communications (MTC),” 3GPP, Tech. Rep., Mar. 2011. classes and device types. [6] Vodafone, “R2-102296, RACH intensity of Time Controlled Devices,” 3GPP, Tech. Rep., Apr. 2010. • Group management and addressing of devices. [7] Service requirements for Machine-Type Communications (MTC), 3GPP • Very long idle times to reduce power consumption. Std., Mar. 2011. • Efficient, low-overhead handling of small message sizes [8] 3GPP, “TR 23.888 V1.0.0, System Improvements for Machine-Type Communications,” 3GPP, Tech. Rep., Jul. 2010. in conjunction with large transmission intervals. [9] IEEE, “IEEE 802.16’s Machine-to-Machine (M2M) Task Group,” • Mobility management optimized for stationary or very http://wirelessman.org/m2m/index.html, 2011, ”[Online; accessed high mobility scenarios. 05/31/2011]”. Analysis of Resilience in Virtual Networks

Isil Burcu Barla∗†, Dominic A. Schupke∗, Georg Carle† ∗Nokia Siemens Networks, St.-Martin-Str. 76, 80240 Munich, Germany, Email: {isil.barla.ext, dominic.schupke}@nsn.com †University of Technology, Munich, Germany, Email: [email protected]

shutting down a part of the network for energy efficiency or

I. INTRODUCTION maintenance purposes. Network virtualization is seen as a promising concept for B. Virtual Network Operator (VNO) future networks to overcome the Internet ossification problem by enabling the sharing of a common physical infrastructure A VNO can own one or several Virtual Networks (VNets) (also called substrate) and the development and deployment of and operate them. A VNet consists of virtual links and nodes, new network technologies and applications [1]. Resilience has which are mapped to the physical infrastructure of one or always been an important goal for communication networks. more PIPs. Upon a virtual network request by the VNO, the For virtual networks, resilience stands out as an important available virtual resources of the PIPs are advertised to the challenge due to two reasons. Firstly, due to the sharing of the VNO. The VNO may negotiate with various PIPs, for substrate resources, failures may impair the availability of establishing an optimal VNet according to its needs. affecting several services. Secondly, the abstraction of the III. COMPARISON OF RESILIENCE AT DIFFERENT LAYERS network comes with certain limitations on the knowledge about the underlying structure, thereby complicating the Resilience in a virtual network environment can be provided design of resilience mechanisms. At the same time, virtual either at the VNO or PIP level, or at both levels. PIP and VNO networks offer improved flexibility, efficiency and isolation have different resource monitoring and controlling compared to today’s network architectures, which can be used capabilities, which results in certain advantages and to design more efficient and effective resilience mechanisms. disadvantages when providing redundant resources, or In this work, we identify drawbacks and opportunities efficient recovery from failures. The optimal recovery strategy concerning resilience faced by different entities that compose generally depends on the type of failure. a virtual network environment. We analyze the design of We differentiate three kinds of failures in a virtual resilience depending on different failure types, resource environment, namely software failures, which can cause a utilization, service level resilience adaptation and complexity. virtual machine (VM) to either malfunction or completely go To the best of our knowledge, such a comparative study for down, physical failures (physical node/link failures), and virtual network environments has not been conducted yet. We control plane failures. consider the insights of this study to be of high importance for In case of a control plane failure, the data plane may the design of resilience in future networks. continue functioning, possibly influencing the preferred approach for recovery. II. VIRTUALIZATION MODEL Upon an internal failure of a VM, the owner and controller The virtualization model used in this paper consists of two of this VM, the VNO, may be in the best position to recognize types of organizations: the first one, owning the physical the failure and to initiate corrective action. A software failure substrate, is called the Physical Infrastructure Provider (PIP), that causes a whole VM go down, or a physical failure, are and the second one, operating a virtual network on the events of relevance to both PIP and VNO. If a failure is caused physical substrate, is called the Virtual Network Operator by a physical equipment or hypervisor, a PIP can react directly (VNO). Note that a virtual network environment may consist by taking necessary measures. In case of a VM failure, a VNO of various PIPs and VNOs as shown in Fig.1. A short may react by restarting its VM. Depending on the contract description of the two roles is given in the following. between the PIP and VNO, it may be the case that a VNO also A. Physical Infrastructure Provider (PIP) A PIP is the owner of the physical infrastructure, and therefore is in the position to monitor all of its physical and virtual resources. A PIP generally has the knowledge of the usage and physical location of its virtual resources, and is able to optimize the utilization of its network by allocating virtual resources accordingly. A PIP is generally able to shift virtual resources from one physical resource to another one, e.g. for overall optimization of the residing virtual networks, or for Figure 1: (a) Various VNets mapped on a PIP network (b) One VNet expanding over various PIP networks

55 reacts on failures by rerouting of traffic. Typically, failures VNO can adapt the resilience level of its network depending detected by a PIP and recovery action taken by a PIP should on the needs of the running services. Some services may be be signaled to a VNO, as this allows coordinating recovery on business-critical, therefore having stringent resilience both layers, e.g. using hold-off timers, or failure escalation requirement, while other services may not require resilience mechanisms. In cases in which a PIP does not react itself, a mechanisms. VNO may either use already allocated backup resources, or Our virtualization model considers PIPs being limited in the may request new resources from other PIPs. sense that they should not influence service handling of In the remaining of this paper we focus on resilience services offered by VNOs, and therefore are not in a position mechanisms that allow recovery of physical failures and VM to optimize resilience and recovery mechanisms depending on failures. We address scenarios in which both VNO and PIP are the actual services. able to react, and we identify their strong and weak points in C. Network setup and operation complexity terms of resource utilization, service level resilience adaptation and complexity. As stated before, in this paper our focus lies on certain failures such as failures of complete VMs, or physical failures,

A. Resource utilization which require fast recovery. As a PIP is close to the origins of In terms of providing resilience, the most important these failure types, a PIP can be regarded as having the advantage of a PIP is that it is the one that is in the best knowledge required to identify the failure quickly, and also to position of having a full knowledge of all its physical and be able to react quickly. In scenarios in which VNOs want to virtual resources, such as the mapping of the virtual resources react on these failures themselves, the issue of coordinated to both their physical locations and operating VNets. reaction by PIP and VNO arises. One possible approach to Moreover, it can migrate virtual resources from one physical ensure desirable coordination by PIP and VNO would be a location to another without affecting the virtual network coordination system capable to signal failure information to topologies and disrupting the traffic [2]. All of these properties the affected VNOs. give the ability to a PIP to optimize its network utilization In case VNO wants to protect its network itself by allocating regarding all VNets residing on its network as shown in back-up resources and calculating alternative paths, it benefits Fig.1(a). A PIP can create back-up resource pools and share from physical disjointness of these resources. Hence, it is them efficiently among the VNets by creating special rules desirable for a VNO to receive information about physical depending on the reliability requirements of the VNets and the disjointness. risk groups they share. Finally, an important aspect of network virtualization is that VNOs, however, generally have only a limited view on the several VNets can share the same physical substrate, like in available virtual resources, i.e. they only have access to the the example given in Fig.1(a), in which the three VNets share advertised resources of a PIP, and they have no further the physical nodes A, B and the link between them. Hence, in knowledge about the rest of the network. Therefore, regarding case of a failure in this shared substrate all three VNets will be a single PIP domain, a PIP may have more knowledge, more affected. If the VNOs provide resilience for their networks, freedom and better optimization opportunities by providing each VNO has to react separately for the same physical redundant resources. failure. If the failure is handled within the PIP layer, resilience Even though a VNO has only a restricted view for each PIP, and recovery handling may be significantly simpler. it generally has the advantage of being able to see available resources of all PIPs, as shown in Fig.1(b). Hence, a VNO IV. CONCLUSION may choose backup resources not visible to a single PIP. A In this paper, we have presented the challenges and VNO can combine resources of different PIPs according to its opportunities in terms of resource utilization, service level needs, thereby achieving resilience of its network. resilience adaptation and complexity that the VNO and PIP In both cases, optimization is done in each layer and domain will face when they want to offer resilience for their networks. separately, which may lead to suboptimal results for the Designing efficient and effective resilience mechanisms for overall system. More favorable for optimization are scenarios virtual network environments is a challenging issue. We will with a single PIP, or with a single VNO, or with a central unit continue our research by further investigating the observed that coordinates resource allocation of multiple PIPs and effects, and by designing suitable resilience mechanisms for VNOs. different requirements.

B. Service level resilience adaptation V. REFERENCES Concerning service level resilience, an advantage of a VNO [1] J. Carapinha, J. Jimnez, “Network Virtualization a View from the is its favorable position of having comprehensive knowledge Bottom,” inProc. ACM VISA, 2009, pp. 73-80. about traffic characteristics in its network. This knowledge can [2] Y. Wang, E. Keller, B. Biskeborn, J. van der Merwe, and J. Rexford. be used to optimize the choice of backup resources and Virtual Routers on the Move: Live Router Migration as a Network- Management Primitive. SIGCOMM CCR, 38(4):231–242, 2008. recovery actions of virtual networks accordingly. Moreover, a

Gaming with COPS: A Content Centric Communication Infrastructure for Gaming Applications

Jiachen Chen†, Mayutan Arumaithurai†, Xiaoming Fu†, K.K.Ramakrishnan‡ †University of Goettingen, Germany, ‡AT&T Labs-Research, U.S.A.

I.INTRODUCTION a provider responds with a Data packet and the Data packet Massively Multiplayer Online Role Playing Games consumes this Interest packet. Data ‘satisfies’ an Interest if (MMORPG) 1 are quite popular due to the their well structured the ContentName in the Interest packet is a prefix of the and creative scenarios and the realization of real-world human ContentName in the Data packet. Consumer is decoupled from interactions such as communities, war, family, ally, merchan- providers since they only ask for the content rather than query dizing. World of Warcraft and Counter-Strike are examples from a specific host. of such games and are characterized by the need for a short NDN requires a new forwarding engine to perform the basic latency since every action a player performs needs to be operations. The forwarding engine contains FIB (Forwarding broadcasted to all the other players that are viewing the same Information Base), Content Store and PIT (Pending Interest sub-world. These games involve a large number of players and Table). FIB is used to forward Interest packets toward potential require a persistent world that is usually hosted by the game’s source(s) of matching Data. Content Store is the same as the publisher thereby incurring a heavy load on the servers for buffer memory of an IP router but tries to remember the Data player management and data transfer. Deploying such a game packets as long as possible, which works like a cache in the in a decentralized/P2P environment is not a straight forward network. PIT keeps track of ‘bread crumbs’ of Interest so that task since it is difficult to obtain knowledge about the other Data packets follow to reach back the original requester(s). players in the same sub-world and to efficiently disseminate B. Content-Oriented Publish/Subscribe System the information to them. To achieve more efficiency in transmission, COPS en- Content Centric Networking (NDN) [1], [2] is a novel hances NDN with push-based dissemination. This also relieves networking paradigm centered around content distribution the consumers in NDN from knowing the name of every rather than host-to-host connectivity. This change from host piece of data beforehand. Instead, they express interests to centric to content centric decouples the action receivers from Content Descriptors (CDs), e.g., /sports/soccer. Data the performers. In this work, we attempt to build a content providers (publishers) send announcements to a CD when centric communication infrastructure for a decentralized gam- they have a new piece of data. The CDs are grouped in ing environment wherein the players can directly push the hierarchical structure so that subscribers of higher level CDs content to the other players in the same sub-world in an can also receive announcements of lower level CDs, e.g., a efficient manner. The role of the server is reduced to that of subscriber of /sports can also receive announcements of maintaining an update of the world and providing the snapshot /sports/soccer, /sports/swimming, etc. to the players who enter a sub-world. To achieve this, we COPS aware routers are equipped with a subscription table make use of a content Content-Oriented Publish/Subscribe (ST) that maintains CD-based subscription information down- System (COPS) [3], which enhances NDN [2] with push-based stream of them in a distributed, aggregated manner, as in IP dissemination, as the communication layer of MMORGs. multicast. And COPS was proved to be more efficient than IP II.COPS:ACONTENT CENTRIC COMMUNICATION multicast because of the hierarchical CD management. INFRASTRUCTURE COPS also provides subscriber offline support which allows ‘asynchronous’ data dissemination. It enables the user to We first give a brief introduction to NDN and COPS. receive messages that were missed while being offline. COPS A. Content-Centric Networking supports this by having a dedicated broker that acts as a store for all COPS multicast messages. NDN uses hierarchical human-readable ContentNames to address content items, e.g., /conf/papers/COPS.pdf. III.GOCOPS: A P2P GAMEOVER COPS There are two NDN packet types, Interest and Data.A A. GoCOPS Overview consumer queries for content by sending an Interest packet and The basic assumption we make is that all the players share a 1http://en.wikipedia.org/wiki/Massively multiplayer online role-playing same map downloaded beforehand. For practical reasons such game as efficient broadcast of updates, the world-map is divided into

57 However, there are differences in requirements between - You are here gaming and publish/subscribe system. We modify the broker for user offline described in [3] to solve two major problems 1 2 3 4 in gaming: snapshot managing and conflict resolution. Snapshot Managing : It is natural for a player to move from one sub-world to another. At the time he enters (or 1/1 1/2 1/3 1/4 approaches) a new sub-world, he should be able to see the

Visible Notify Visible & Notify Uninterested current status of the sub-world, which we call a snapshot. Here, we use the broker to manage the snapshot of the sub- (a) Map division. (b) Logical hierarchy. world. When a player performs an action, he sends a packet to Fig. 1: Sub-world hierarchy. the broker instead of doing the multicast himself. The broker various zones and each of these zones can be divided further then modifies its snapshot and multicasts the action. When a into areas and smaller areas thereby forming a hierarchy. We player enters the sub-world, he will query for the latest version use the term sub-world to represent these smaller zones and of the snapshot from the broker. Caching in NDN can reduce ares. Such kind of a mechanism is used to ensure that the the load on broker and network if multiple players wish to players receive update pertaining to the sub-world they belong download a same version of the snapshot. to, e.g., a player in a room gets to see all the other players Conflict Resolution : In online gaming, players tend to in the same room, whereas a player flying over the room make conflict actions like collision or modify a same object at gets to see those players as well as others in the vicinity. the same time. A common practice to resolve such kind of con- Furthermore, the sub-world is composed of objects that form flicts is to discard the action arrives server later. In our solution, the smallest unit. This ensures that only the changes on the we use the broker to check for conflicts when it is modifying objects need to be broadcasted instead of the whole sub-world. the snapshot. When a player performs an action, he will send Fig. 1a shows a world map which is first divided into 4 the action to the broker but not change his local view. On zones (marked 1 − 4) and each zone is further divided into 4 receiving the action, the broker checks for conflicts and mul- areas (marked 1/1 − 4/4). Fig. 1b shows the logical hierarchy ticasts the action (we call it a result) if no conflict exists. The (areas belonging to zone 2, 3 and 4 are omitted). When a player action performer will modify the local view only when he re- is flying over area 1/2 on the zone layer, he can see players ceives the result resulting in the natural discarding of conflicts. in 1/1 − 1/4 (standing on the area layer or flying on the zone GoCOPS Broker 6= Server : The functionality of GoCOP- layer). In Fig. 1b , the visible sub-worlds are in double-circle. S brokers is different from that of the normal game servers When he modifies some object in 1/2, the update will be mul- mainly because of the following 2 reasons: ticasted to all the players standing on 1/2, flying in 1, and on • Brokers do not manage players in the sub-world. The player the top. The gray circles are the notified sub-worlds in Fig. 1b . (his gaming client) is responsible for managing the CDs he Below, we describe how to use COPS in gaming. should subscribe to and the CDs he should multicast to. Bro- kers only manage the snapshot of the sub-worlds (and at the B. Sub-world = Hierarchical CD same time check for conflicts). This relieves the brokers from In GoCOPS, sub-world is managed in a hierarchical struc- the burden of player management and event dissemination, ture. So it is easy to map sub-world to hierarchical CDs thereby reducing the computation cost and network traffic. directly. A player can be publisher when he performs some • Due to the hierarchical map formation, brokers can be de- action while at the same time a subscriber since he is in some centralized and off-loaded naturally. As the load on the broker sub-world and needs to receive updates. The one-step commu- increases, it can offload some CDs (sub-worlds) to a new nication model in COPS is used to disseminate such actions. broker. Since the architecture is built on COPS and players 1 2 E.g., if a player flying over area / at zone layer, he send Interest s to the ContentName of a CD (rather than will subscribe to CD /map/1 . According to the hierarchical broker address); they will not be affected by the introduction 1 1 1 4 definition of COPS, any message belonging to / − / will of new brokers. The new broker only need to express that be disseminated to him. But when he modifies some object in he serves the new CDs. The COPS network will accordingly 1 3 area / , the action will be multicasted to CD /map/1/3 , so modify the FIB and ST. The packets of the users will be that the subscribers of CD /map , /map/1 and /map/1/3 redirected automatically to the new broker and a new multicast will receive the action. This conforms to the definition of tree can be formed at the 1st hop router of the broker. ‘share a sub-world’. Note that the player only sends one packet and all three groups will receive it. But in IP multicast the REFERENCES player will have to send out three different packets and in a [1] V. Jacobson, D. K. Smetters, J. D. Thornton, M. F. Plass, N. H. Briggs, server-based communication the player will have to send a and R. L. Braynard, “Networking named content,” in CoNEXT , 2009. packet to every player that can see the action. [2] L. Zhang, D. Estrin, J. Burke, V. Jacobson, and J. Thornton, “Named data networking (ndn) project,” PARC, Tech. Report NDN-0001, 2010. C. Conflict Elimination & Snapshot Managing → Broker [3] J. Chen, M. Arumaithurai, L. Jiao, X. Fu, and K. K. Ramakrishnan, “Cops: An efficient content oriented publish/subscribe system,” University of Goettingen, Tech. Rep., 2011.

Internet-based Content Delivery: Traffic Management with CDN and P2P Overlays Gerhard Haßlinger, Deutsche Telekom, H.-Hertz-Str. 3-7, 64295 Darmstadt, Germany Email: [email protected]

I. ABSTRACT AND INTRODUCTION  their flexibility and scalability for supporting established ONTENT delivery (CDN) and peer-to-peer (P2P) net- and new services (HTTP file transfer and downloads, Cworks are carrying most of today’s Internet traffic with streaming, IP-TV, gaming, VoIP), different effect on delay and throughput as main quality-of-  their performance in terms of main QoS criteria service characteristics. We compare current techniques for (throughput, delay) as well as resource utilization and content distribution over the Internet via server-based and costs, peer-to-peer overlays regarding their effect on the traffic  their cross-layer (in-)efficiency due to the (mis-)match of flows and profiles. P2P overlays are fully scalable and adap- application and network transport infrastructure, regard- tive to flash crowds focusing on temporary popular content ing traffic management and efficient delivery paths. even without own network layer infrastructure [7][8] whereas CDNs are currently more efficient in shortening transport In addition, hybrid CDN-P2P solutions are promising for cost paths to the users [1][3][4]. Nonetheless, different administra- efficient throughput optimization. Different perspectives are tive domains of content and network providers impede opti- relevant from the view of the content and network providers mized IP transport on a global scale [9]. as well as the users. Improved service quality and economic aspects are crucial for all parties to enable new trends towards Many current activities in research, industry and standardi- IP-TV integration and increasing VoD traffic. Future Internet zation are addressing localized delivery of large content vo- activities explore new concepts for naming and locating dis- lumes from the network edge and between peers. Short end- tributed content independent of IP addresses to avoid ineffi- to-end paths and delays are beneficial for the user experience ciencies in host-to-host communication [2], which face the as well as for network providers to reduce the load in the challenge to set up new and more efficient search methods. backbone and on expensive interconnection links, and last not least, also to reduce energy consumption. Our main focus is on cross layer traffic management on IP and overlay level. III. NETWORK MANAGEMENT PERFORMED BY OPERATORS Keywords—Internet traffic, content delivery, overlays, P2P, Network providers have management and planning processes CDN, caches, traffic engineering, path optimization. running on their broadband access platforms including short and long term monitoring and adaptation procedures to chang- II. CONTENT DISTRIBUTION OVERLAYS ON BROADBAND ing traffic conditions and demands [3][5]. This includes a ACCESS NETWORKS continuous process of link upgrades to adapt to fast traffic Figure 1 illustrates the relationship between broadband access growth. Redundant resources for failure resilience mechan- networks as well as CDN and P2P overlay structures on top of isms have to be provided in the core and aggregation network, them. Both overlay types are compared with regard to [3][4] where single link failures can affect a large user population.

P2P P2P Long paths for P2P data exchange CDN

Short CDN paths

Users Users Other ISPs ISP Global Access Backbone Internet Network PoPs Peering

Points of Presence Access Control Figure 1: CDN and P2P overlays on top of broadband access networks

59

Locality Coordinate Caching Information Server Systems

Network Application Applications Provider Layer Approach Approach Request/Response Permanent Local downloads e.g. Peer selection measurement of from backbone or delay between peers aggregation nodes Server supported by caches  Information Estimate on distances on distances and clustering Cache Network Providers

Figure 2: Approaches for traffic path optimization in content delivery

Overprovisioning can be reduced by traffic engineering tools the BGP routing protocol, from Prefix WhoIs which balance the load for optimized network wide through- servers and/or from cooperative network put. Therefore the flexibility in redirecting traffic flows is providers. The gathered information has to be made available crucial in order to react to shifts in demands and to failure to applications in a standardized way. cases. Traffic engineering within an administrative domain Large overlays, e.g. BitTorrent, can perform delay mea- also depends on peering with external content providers who surement and collect routing information to estimate distances offer content from many popular sources. In addition, network between sources and destinations and to map them in coordi- providers can introduce caches and CDN servers within their nate systems, such that application layer source selection and own network platform [1][4]. The relevance of Zipf laws in routing can establish its own traffic management independent user access behaviour, i.e. a high preference in access to small of the network provider. The cross-layer aspects of such ap- fraction of the most popular items [6] makes small caches proaches are addressed including possible inefficiency arising efficient. due to limited mutual awareness and non-cooperative admin- On the other hand, a lack of cooperation between content istration on the application overlay versus network infrastruc- and network providers beyond their administrative boundaries ture layers. detracts from the efficiency of global content distribution. This implicates demands for standardization which are partly REFERENCES addressed in current IETF activity in a working group on [1] R.Buyya, M. Pathan and A. Vakali (Eds.), Content nelivery networks, CDN interconnection [9]. Lecture Notes in Electrical Engineering 9, Springer (2008) [2] J. Choi et al., A survey on content-oriented networking for efficient content delivery, IEEE Comm. Magazine (March 2011) 121-127 IV. APPROACHES FOR SHORT TRAFFIC PATHS AND [3] G. Haßlinger, Traffic management on broadband access networks with ENHANCED PERFORMANCE IN CONTENT DISTRIBUTION regard to content delivery (CDN) and peer-to-peer (P2P) overlays, Tu- There are further standardization and research approaches to torial on the IEEE Sarnoff Symposium, Princeton, New Jersey (May 2011) shorten transport paths by preferring local instead of globally [4] G. Haßlinger and F. Hartleb: Content delivery and caching from a distributed sources. Suggestions for locality awareness can be network provider’s perspective, submitted in revised state, Computer classified according to figure 2 as Networks, Special Issue on Internet-based Content Delivery (2011) [5] G. Haßlinger, G. Nunzi, C. Meirosu, C. Fan and F.-U. Andersen, Traf-  cooperative cross-layers solutions aided by information fic engineering supported by inherent network mgnt.: Resource effi- servers [8], ciency and cost saving potential, Internat. Journal on Network Mgnt.  coordinate systems on the overlay as application layer (IJNM) 21, Special Issue on Economic Traffic Mgnt. (2011) 45-64 solutions and [6] G. Haßlinger and O. Hohlfeld, Efficiency of caches for content distri- bution, Proc. 22. Internat. Teletraffic Congress, Amsterdam (2010)  network layer approaches through traffic engineering and [7] SmoothIt project of the European Commission, Simple economic caching. management approaches of overlay traffic in heterogeneous Internet topologies, (2010) The cooperative approach is currently driven by the Applica- [8] Internet Engineering Task Force (IETF), working group on Application tion Layer Traffic Optimization (ALTO) working group with- Layer Traffic Optimization (ALTO), in the IETF together with work in research and in the industry [9] Internet Engineering Task Force (IETF), working group on CDN inter- [7][8]. Therefore locality information is collected e.g. from connection (CDNI)

Tuesday, August 2nd Program – Keynote

Tuesday, August 2nd, 2011, 9:00 AM to 9:30 AM Keynote

th

11 Würzburg Workshop on IP:

Joint ITG and Euro‐NF Workshop on

“Visions of Future Generation Networks“ EuroView2011

Co‐located with Official G‐Lab Status Meeting

Chair of Communication Networks Institute of Computer Science University of Würzburg

th

11 Würzburg Workshop on IP:

Joint ITG and Euro‐NF Workshop on

“Visions of Future Generation Networks“ EuroView2011

Co‐located with Official G‐Lab Status Meeting

Chair of Communication Networks Institute of Computer Science University of Würzburg Networking Paradigm for Information Universe

Yanghee Choi Seoul National University Seoul, Korea [email protected]

I. MEGATRENDS II. INTERNET IN 2030 Internet is used by more than two billion people. In ten years, Internet in the year 2030 will and should be very different hundreds of billion devices and sensors will be on the Internet, form today‘s Internet. What will be the keywords describing together with four billion human users. They will use the the Internet in 2030 ? We have heard many keywords so far ; Internet in a very different way than today. The Internet in its secure Internet, video Internet, content-centric network. They present form may not be adequate to support them in efficient are closely related to the network architecture. However, the and satisfactory way. Consequently researchers on Future technical keywords can be chosen easily, once we identify the Internet around the world work hard on new network keywords for the fundamental features of the Future Internet architecture, new systems and new business models. However, that are in good harmony with the megatrends. goals and missions of the Future Internet are understood Three keywords are proposed in this talk ; realtime Internet, differently at different research groups, countries, and business quality Internet, and knowledge Internet. These are basic sectors, and most of the solutions proposed so far are highly features required for the Future Internet, and various concrete technical, lacking in big pictures for the Future Internet. architectures, algorithms, and implementations can be devised In this talk, more fundamental visions for the Future Internet to realize the fundamental features. derived from the predictions of the megatrends to the future IT Realtime is a feature hardly achieved in today‘s Internet. will be discussed. Three megatrends that will impact the However, to support tight collaboration among machines, design of the Future Internet are 1) everything goes smart, 2) humans, and contents, it is needed to provide impressions that the interaction between people, machine, data will explode, the collaborating partners are nearby physically so that the and 3) the rate of information creation goes exponential. communication can be carried out without any interrupting —Smart“ usually means intelligent, fast, and personalized, in delays. IT world. However, —smart“ in the future IT will be more Quality has not been the number one priority in the present about innovations invoking drastic societal changes. Examples Internet. Best-effort packet delivery is one good example. But are smart work, smart education, smart city etc. Social in order to support smartness, collaborations, and IU, reliable network services are changing the way we use the Internet. and secure Internet is indispensable. Good quality also needs New modes of interactions between people, between human overall supervision and control of the individual Internet and machines, between machines, and between contents will sessions, devices, as well as the content quality. emerge in the future. How to accommodate them will become It is reported that people spend more than twenty % of their a big challenge for the network designers. office hour to search for right and good information. This The total volume of information on the globe will increase happens because Internet itself has been regarded as a dumb exponentially reaching 44 ZB in 2020, according to a recent pipe for sending and receiving bits. If the main use of the forecast. This overwhelming pool of information is called Internet is to extract knowledge from IU, then the way we —Information Universe (IU)“. As Internet is basically a design Internet, and the way we treat information in IU should medium for collaboration which is achieved by handling change. information (access, exchange, process, and store), the ever- expanding IU is an opportunity as well as a threat for Future Internet stayed in its original form for too long. It is time to Internet designers. come up with a better one, but the new Internet should be able Korea has been at the forefront of experimenting and using to stay long without causing troubles to the world. various new Internet technologies. The three megatrends are highly apparent in Korea, and several examples (traffic (note) This work was prepared as a guideline for the Korean explosion, video broadcasting, social network) will be national R&D program for the Future Internet. discussed in the presentation.

63

Tuesday, August 2nd Program – Session 5

Tuesday, August 2nd, 2011, 9:30 AM to 10:50 AM Session 5: Security and Quality of Service

th

11 Würzburg Workshop on IP:

Joint ITG and Euro‐NF Workshop on

“Visions of Future Generation Networks“ EuroView2011

Co‐located with Official G‐Lab Status Meeting

Chair of Communication Networks Institute of Computer Science University of Würzburg

th

11 Würzburg Workshop on IP:

Joint ITG and Euro‐NF Workshop on

“Visions of Future Generation Networks“ EuroView2011

Co‐located with Official G‐Lab Status Meeting

Chair of Communication Networks Institute of Computer Science University of Würzburg Malware Analysis in the ToMaTo Testbed

Dennis Schwerdel, Bernd Reuther, Paul Mueller Integrated Communication Systems Lab, University of Kaiserslautern, Germany {schwerdel, reuther, pmueller}@informatik.uni-kl.de

I.INTRODUCTION allows the attacker to control the computer remotely and use In the last years a lot of holistic research efforts investigate it to launch other attacks and send spam mails. This way concepts and technologies for future networks. All of these malware is currently responsible for most attacks and spam research projects need ways to evaluate their ideas and results. mails in the Internet. Experimental facilities aim to provide a realistic environment An analysis of the communication protocol between the for experiments using emulation techniques. malware on the victims computer and the attacker can lead Distributed research projects often result in distributed re- to methods to detect infected computers and quarantine them. search hardware like in the German-Lab project. Experimental Flaws in the communication protocol might offer a way to facility software must be able to handle the restrictions and destroy the overlay network of the infected computers and thus features of distributed resources. break the control of the attacker. Although only a disinfection Networking experiments often need increased control over of the infected computer can completely remove the malware the network environments. This includes configurable link containment and attacks on the communication infrastructure characteristics and network topologies. of the malware network can prevent the disclosure of private In the German-Lab project, the Topology Management Tool user data as well of attacks and spam mails sent by the infected [1] (ToMaTo) has been developed as an experimental facility computer. software to run networking experiments on. Handling malware and more so executing it raises some security considerations. After a computer has been infected II.TOMATO with the malware it cannot be trusted anymore. That means ToMaTo allows users to build networking topologies con- that any protocol analysis must be independent of the infected taining devices and connectors. Devices are active components computer. Also the computer must be reliably contained so like computers that run the software of the experiment and are the malware is not able to launch attacks or send spam mails the only sources and sinks of data. Connectors are network or infect other computers. components that connect devices and transport their data IV. MALWARE ANALYSIS WITH TOMATO exhibiting certain configurable characteristics. ToMaTo has some unique features that are very useful is this Different types of virtual machines can be selected as de- scenario. ToMaTo supports multiple types of virtual machines vices each exposing other features and resource consumption. and one of them can run Windows which is needed to run This diversity allows both lightweight virtual machines for malware. running Linux, and full-featured machines for running any The fact that virtual machines can only use configured operating system including Linux and Windows. connections to communicate can be used to build a contained Four types of connectors allow the users to select hubs, environment for an infected computer and to prevent the switches, routers and to connect the topology to external malware from spreading across the network. Since ToMaTo network adapters. Topologies that do not use external networks allows changes to running topologies, connections can be are completely isolated. added and removed at runtime. ToMaTo features an easy-to-use graphical user interface for In ToMaTo, images of virtual machines can be downloaded creating and configuring topologies as well as for accessing and uploaded thus enabling to snapshot them. This allows to the devices. The user interface is web-based and thus is save the state before the infection and replay the infection cross-platform and can be used without software installation. without having to reinstall the operating system and setup the ToMaTo also allows to capture network traffic on connections machine from scratch. and analyze them using well-known tools like Wireshark. ToMaTo allows to capture networking traffic on the virtual III.SCENARIO connections without the help of the operating system. This especially helps when the operating system is infected with To demonstrate the usage and benefits of ToMaTo in malware and cannot be trusted anymore. protocol analysis the scenario of malware analysis has been selected. Malware poses a huge security thread on Internet V. DEMONSTRATION users as it has access to all data on the computer, can record The demonstration will show the analysis of malware using user actions without the knowledge of the user and send this the ToMaTo testbed. For this analysis the topology in figure data over the Internet. The most common kind of malware 1 is used.

67 REFERENCES [1] Dennis Schwerdel, David Hock, Daniel Günther, Bernd Reuther, Paul Müller, and Phuoc Tran-Gia. ToMaTo - a network experimentation tool. In 7th International ICST Conference on Testbeds and Research Infras- tructures for the Development of Networks and Communities (TridentCom 2011), Shanghai, China, April 2011.

Figure 1. Protocol analysis topology

The topology consists of two devices, controller and victim and two connectors, internet and switch. The victim is a ma- chine running Window that will be infected with the malware. The controller is a secured machine running Linux and thus cannot be affected by the malware. The controller will be used to emulate a counterpart for the malware to communicate with. The Internet is used by the victim machine to download the malware and by the experimentator to access the controller. The switch connects the victim with the controller and allows to capture the traffic between them. In the first step of the analysis the topology is created and all devices are configured. Then the victim and the Internet are started and the malware is downloaded to the victim without executing it. Before the malware is executed, the connection between the Internet and the victim is removed so that the victim is completely contained. The controller runs a DNS server that is able resolve any name to its own IP address. After the malware is started it will try to contact its malware server. Using the capture feature of ToMaTo the network data can be downloaded and analyzed with Wireshark. This way the host and the port of the malware server can be determined. Using this information the controller can programmed to run a simple application on that port so the malware can start its communication. Stepwise the protocol can now be reconstructed by capturing the data that the malware sends, sending a copy to the real malware server, and receiving the proper reply. Since the analysis of malware is only a scenario to show the capabilities of the ToMaTo testbed for protocol analysis no complete analysis of the malware protocol will be done.

VI.FUTURE WORK

The tools used for protocol analysis will be bundled as a template for future usage in the ToMaTo testbed.

VII.ACKNOWLEDGEMENTS

This work has been done as part of the German Lab research project, funded by the German Federal Ministry of Education and Research (BMBF). H∀Mcast: Evaluation of a High Throughput Middleware for Universal Multicast

Sebastian Meiling, Dominik Charousset, Thomas C. Schmidt Matthias Wahlisch¨ {sebastian.meiling,dominik.charousset}@haw-hamburg.de, [email protected] [email protected] Internet Technologies Research Group – Department Informatik Institut fur¨ Informatik Hamburg University of Applied Sciences Freie Universitat¨ Berlin Berliner Tor 7, 20099 Hamburg, Germany Takustr. 9, 14195 Berlin, Germany

Abstract—The H∀Mcast-architecture provides a universal group-communication, the concept combines an abstract naming Group Application join/leave Socket scheme for multicast groups, a common multicast API and a HAMcast Stub send/receive service-middleware for endsystems. In this work we present API-Library the implementation and evaluation of the H∀Mcast-middleware prototype. Besides an overview on our software-prototype and C P its components, we focus on the results of the performance Middleware I Sockets evaluation. HAMcast Socket

I.INTRODUCTION Service Selection Today, many Internet applications and services, such as IPTV, MMORGs, and social networks, are grounded on the principle of group communication. Data distribution within a group of multiple senders and receivers is most efficiently Group- Scribe Mapping IPv4 IPv6 done using multicast. Nevertheless, despite the variety of IPv4 IPv4 ... IPAvL4M IPv4 IPv4 IPv4 Service- existing multicast technologies, these application often rely Discovery on proprietary techniques based on IP-unicast, such as proxies Pluggable Technology Modules or cache-servers. The two key problems are: (a) incompatible application interfaces between different multicast technologies (e.g. IPv4/ IPv6 and ASM/SSM), and (b) divergent deploy- Underlay ment states of multicast services. This forces developers and programmers of group applications to choose a multicast- Fig. 1. System-architecture of the H∀Mcast-prototype. Showing the technology at compile-time, unaware of the availability at run- multicast-API, service-middleware and pluggable technology modules. time. Often the result is, that multicast is not used at all. To overcome these obstacles we proposed the H∀Mcast- architecture [1] for a universal multicast-service. Its concept The system-architecture of H∀Mcast (see fig. 1) consists combines an abstract naming scheme (based on URIs), a com- of three core components: mon multicast-API and a service-middleware on endsystems, as well as gateways to cross technological and administrative • a technology-transparent API [3] network borders. The focus of this paper lies on the perfor- • a middleware abstraction layer mance evaluation of the H∀Mcast-prototype. • multicast technology modules We implemented a prototype of the H∀Mcast-middleware II.THE H∀Mcast-MIDDLEWARE PROTOTYPE in C++ (using the Boost library) as a user-space process, running once on an endsystem. The multicast-API was im- H∀Mcast aims to provide a universal group communication plemented as a library in C++, but is also available as a service based on a hybrid approach. The concept is indepen- Java package. At the moment, there are two multicast tech- dent of the availability of a certain multicast technology, such nology modules available for H∀Mcast, a module for IP- as IP-multicast [2] or overlay-multicast, and does not rely multicast (H∀Mcast-IP) and one for overlay-multicast based on a complete deployment of the H∀Mcast-architecture on on Scribe [4] (H∀Mcast-OM). To connect the H∀Mcast- every endsystem. On the contrary it allows for an incremental middleware process with a client application, we developed deployment within networks and attached nodes. an IPC-protocol, that uses localhost sockets.

69 800000 400 IP−Stack IP−Stack HAMcast−IP 350 HAMcast−IP HAMcast−OM HAMcast−OM 600000 MAX 300 250

400000 200

150

200000 CPU utilization [%] 100 Packet throughput [#/s] 50

0 0 200 400 600 800 1000 1200 1400 200 400 600 800 1000 1200 1400 Payload [Bytes] Payload [Bytes]

(a) Packet throughput of receiver. (b) CPU utilization of receiver Fig. 2. Performance results of the H∀Mcast-middleware.

III.EVALUATION REFERENCES To analyze the system performance of our middleware pro- [1] S. Meiling, D. Charousset, T. C. Schmidt, and M. Wahlisch,¨ “System- assisted Service Evolution for a Future Internet – The HAMcast Approach totype on endsystems we compared different multicast tech- to Pervasive Multicast,” in Proc. of IEEE GLOBECOM 2010, Workshop 1 nologies (IP and OM ) using H∀Mcast against IP-multicast MCS 2010. Piscataway, NJ, USA: IEEE Press, Dec. 2010. using the Linux IP-Stack. For the evaluation we setup two [2] S. E. Deering and D. R. Cheriton, “Multicast Routing in Datagram Internetworks and Extended LANs,” ACM Trans. Comput. Syst., vol. 8, nodes in a sender-receiver scenario, they were equipped with no. 2, pp. 85–110, 1990. a quad-core CPU and 8 Gb of RAM, connected over 1 GBit/s [3] M. Waehlisch, T. Schmidt, and S. Venaas, “A Common API for Transpar- network link. For each test we run 25 iterations with a duration ent Hybrid Multicast,” IETF, Internet-Draft – work in progress 01, March 2011. of 40 seconds. Using a measurement interval of 1s we recorded [4] M. Castro, P. Druschel, A.-M. Kermarrec, and A. Rowstron, “SCRIBE: throughput, packet loss and CPU utilization for packets with A large-scale and decentralized application-level multicast infrastructure,” a payload between 100 to 1400 Bytes. IEEE Journal on Selected Areas in Communications, vol. 20, no. 8, pp. 100–110, 2002. Fig. 2 presents an excerpt of the promising results of [5] T. Santos, C. Henke, C. Schmoll, and T. Zseby, “Multi-hop our performance evaluation for the H∀Mcast-middleware. It Packet Tracking for Experimental Facilities,” in Proc. of the ACM shows the packet throughput (fig. 2a) and CPU utilization SIGCOMM 2010 conference (SIGCOMM’10), ser. SIGCOMM ’10. New York, NY, USA: ACM, 2010, pp. 447–448. [Online]. Available: (fig. 2b) at the receiver. Though CPU-utilization is higher com- http://doi.acm.org/10.1145/1851182.1851256 pared to the IP-stack, our middleware-prototype can achieve similar throughput for payloads > 500 Bytes (H∀Mcast-IP). The overall performance of H∀Mcast is correlated with the IPC throughput, but also depends on the implementation of multicast technologies. For instance, throughput of H∀Mcast- OM is influenced by its underlying P2P network protocol. Currently we are conducting further experiments in the G- Lab testbed to evaluate the performance of our H∀Mcast- prototype in hybrid multicast scenarios measuring additional metrics such as RTT and delay. Therefore we apply the packet tracking framework [5] developed by the Fraunhofer FOKUS group, a partner within the G-Lab initiative.

ACKNOWLEDGMENT The authors would like to thank Fabian Holler, Sebastian Wolke¨ and Sebastian Zagaria for their supporting work. This work is funded by the Federal Ministry of Education and Research (BMBF) of Germany within the project H∀Mcast and the G-Lab initiative, see http://hamcast.realmv6.org.

1Overlay Multicast, here Scribe. GAPI: A G-Lab Application-to-Network Interface

G-Lab Special Interest Group Functional Composition Group leader: Florian Liers (fl[email protected])

I.INTRODUCTION methods for announcing services, which should be avail- Future Internet research yields an increasing number able for others (PUBLISH). On the other hand, others of frameworks for new protocol stacks. Each of them can use the interface to connect to these announced defines its own API in order to reduce the networking services (SUBSCRIBE). In both cases, the methods are know-how an application needs for communicating with used to get references to instances supporting one of the others. Thus, networking functionality, today done by the following interfaces. applications themselves, is pushed down below the API. The second interface IRegistration is used to change This comprises in particular name-to-address resolution requirements for the announced service and to cancel and the selection of protocols. Within the G-Lab project1, it. In addition, it provides information about incoming we aim at developing a common API for demo applica- subscriptions. tions suitable for the frameworks emerging from [1]–[3]. The third interface ISubscription is used to communi- Our interface outlined in the next section aims at cate with the service and the peer using it, respectively. achieving the following goals: (1) separating application It allows sending and receiving of data either in stream and networking concerns, and (2) being suitable for any or datagram mode. current and future networking technology. The proposed In the following, the focus will be on the ISetup API will be implemented for the aforementioned frame- interface, since it is the most important one for the works, and its functionality will be shown in common interaction between network stacks and applications. demo applications. A. Methods II.APPLICATION INTERFACE As mentioned before, the ISetup interface provides Our Future Internet provides three different interfaces methods, which are used by an application to start to applications. interaction with a network stack. An overview of them is given in Figure 1. This interface provides the following two methods: Application • IRegistration PUBLISH(Name, RequirementDe- scription): announces an application service to a

Parameters: network stack, by specifying a name and require- n: Name ments of the service for the network. The network r: Requirements stack is made aware of the service and should ISetup provide other members of the network access to

PUBLISH(n,r) this service. The name is basically treated as a IRegistration ISubscription SUBSCRIBE(n,r) label. Its role will be discussed in more details in Name-to-address resolution, Section II-C. The announcement is represented by Protocol selection, an instance supporting IRegistration (or a handle in Network Stack Protocol parametrization, Protocols, a procedural programming language). The require- Network, ... ments have to be satisfied by the network for each Figure 1. Overview of our G-Lab Interface ISetup peer, willing to use the service. Requirements are discussed in detail in Section II-D. The first interface ISetup is used to start the interaction • ISubscription SUBSCRIBE(Name, Requirement- with a network stack. On the one hand, it provides Description): establishes a communication associ- ation to a service, which was published before. The 1http://www.german-lab.de/ name parameter defines the service to talk with.

71 The name must match with the name handed over D. Requirements to the PUBLISH method before. The requirements An application states its requirements explicitly in defines the characteristics of the communication order to specify the characteristics of a communication relationship the network has to provide. In contrast association. A requirement consists of an Effect linked to the requirements in the PUBLISH method, they by an Operator to an Attribute. are only valid for a single connection. Effects describe the visible outcome of an operation of a building block or the network. Effect is a neutral B. Call Sequence term: Encryption is an effect as well as delay. Through further specification it becomes clear whether something A sequence of method calls for a typical client server is being provided or wished to be avoided. For example, scenario starts with the announcement of the service. an application can request a Packet Loss of 0, whereas a The server application calls PUBLISH in order to make certain network connection could provide a Packet Loss its service available under a name chosen by itself. This of 5% average. step is somehow comparable to BIND calls in today’s IP Attributes quantify or qualify effects and can be di- networks, but binds a service to a name not an address vided into two distinct parts: Inherent and qualitative. and port. An association is started by a client application For inherent attributes, it must be clear to decide whether with SUBSCRIBE. The client has to use the same name a certain property can fulfill a requirement or not (e.g., as the server application. This step is comparable to 200ms). An inherent attribute will normally be expressed today’s CONNECT calls with a different name semantic by a number, however, functional requirements via and additional requirements the network has to fulfill. boolean values are also possible, e.g. VirusScan == true. As a result, SUBSCRIBE will return a reference to a Qualitative attributes can be used for optimization or to ISubscription object. At the server side, the network will describe attributes that cannot be objectively quantified, inform the server about the new communication asso- but where optimization can be applied by expressing the ciation. The server will get an ISubscription reference quality the effect provided by one algorithm in relation for the communication association via its IRegistration to the same effect provided by another. For example, the interface as well. Now, both sides have references to encryption quality of Rot-13 is inferior to the El Gamal the communication association and can start to transfer Public Key algorithm. data. On the client side, the reference can be used to Operators link Effects to Attributes. They are used for send its request to the server, which uses its reference comparisons. Typical operators are equal, lower, etc. to receive it. The server will answer by sending data by ACKNOWLEDGMENT using its ISubscription reference and the client will use its reference to receive it. Finally, either the client or This work was carried out within the research project the server can cancel its ISubscription. The cancellation G-Lab (funded by the German Ministry of Education will be propagated to its communication partner and and Research, BMBF) in the context of the SIG Func- invalidate its communication association, too. tional Composition. It contains contributions from Flo- rian Liers, Thomas Volkert (TU Ilmenau), Denis Martin, Helge Backhaus, Hans Wippel (KIT), Eric MSP Veith, C. Naming Abbas Ali Siddiqui, and Rahamatullah Khondoker (Uni- The most important goal of the API is to hide network versity of Kaiserslautern). In addition, we would like to and network stack specific issues from the applications. thank Christian Henke (TU Berlin) and Markus Bauer In particular, that refers to the mapping from names to (Alcatel-Lucent) for valuable discussions and feedback. addresses and the selection of an address space (like REFERENCES using IPv4 or IPv6 addresses). Both parts should not be [1] B. Reuther and D. Henrici, “A model for service-oriented anticipated by applications. Consequently, applications communication systems”, Journal of Systems Architecture, must specify names in their own domain and based on vol. 54, no. 6, pp. 594–606, 2008. their own name space. We propose a globally unique [2] F. Liers, T. Volkert, and A. Mitschele-Thiel, “Forwarding on Uniform Resource Identifiers Gates: A clean-slate Future Internet Approach within the G-Lab naming scheme based on project”, in EuroView2009, WÃrzburg, Jul. 2009. (URIs). In order to allow different name spaces, we will [3] D. Martin, L. Völker, and M. Zitterbart, “A Flexible Framework use the scheme given in URIs to distinguish between for Future Internet Design, Assessment, and Operation”, Com- them (like mailto:// or file://). puter Networks, vol. 55, no. 4, pp. 910–918, Mar. 2011. Media Processing in the Future Internet

Markus Bauer, Stefanie Braun, Peter Domschitz Bell Laboratories, Service Infrastructure Research Domain Alcatel-Lucent, Stuttgart, Germany { Markus.Bauer, Stefanie.Braun, Peter.Domschitz } @ alcatel-lucent.com

placed to the media streams and the more the network can be I. INTRODUCTION offloaded from avoidable traffic. But beneficial utilization of Handling the predicted growth of video and media traffic [1] distributed processing resources requires a new approach how is one of the key challenges future generation networks need resources are selected. Today, placement of processing func- to address. Basically this is not a new challenge, as in the past tions is an administrative task and the decision is performed the Internet has already seen and handled enormous growth of prior to service runtime. Later, at service runtime any to be traffic. And to a large extend this growth was driven by video processed media stream is sent, independent from origin and centric services. One example for such a service is YouTube, destination, to the location where the processing functions which daily streams out 2 Billion videos to its customers, have been placed prior to service runtime. generating an overall traffic of about 25 PB per day. As a NETCOMP overcomes such inefficient utilization of trans- consequence, efficient video distribution is of big importance port resources by introducing the idea of late binding of in today‘s networks. Up to now cache-assisted delivery processing resources. The location where media processing is schemes [2] enabled the networks to scale with the data traffic executed is no longer decided prior to service runtime. Instead, imposed by video centric services. this placement decision is delayed until educated selection of But there is more to video‘s future than efficient bulk distri- processing resources can be performed. Such informed selec- bution. Future video centric media services will be different. tion is possible, when a media flows‘ minimal footprint (refers More and more people will not only consume, but also active- to the most efficient path) in the network is known. This is ly produce content. A lot of these services will be used by possible only at service runtime, when source and destination mobile users and personalization of content will be the com- of the media flow are known. Having this knowledge, we can mon case. Such services ask for intermediate processing of derive best fitting close by processing resources for perform- media streams in the network. Interactive/real-time require- ing required media processing on the media stream. ments must be met to achieve satisfying QoE for the users of To implement this approach two main challenges need to be such services. addressed: First, algorithms are needed, which derive best Today‘s successful cache-assisted delivery schemes fail to fitting processing resources for executing media processing serve personalized services which show such production, functions that belong to a specific media stream. Second, as processing and individual delivery characteristics. In conse- processing resources are dynamically selected at service quence, it is no longer possible to offload networks by simply runtime, instantiation of required media processing functions caching content at appropriate locations in the network. needs to be performed in way, which preserves satisfying QoE Instead, there is a need to acquire computing resources in for the user of the service. In the following the second chal- the network to perform the required processing on the media lenges will be discussed in more detail. streams. An approach, which places all required media processing functions in one or a limited number of centralized III. DYNAMIC INSTANTIATION OF MEDIA FUNCTIONS locations will not scale, as the networks will not be able to Utilizing Cloud Technologies: MediaCloud sustain all the media traffic that needs to be processed. [3] The concept of virtualization and its realization by means of The G-Lab project NETCOMP gives an answer to that chal- virtual machines is the basis how today dynamic allocation of lenge by offloading the (core) networks by means of localizing processing resources for execution of user defined processing traffic. This is achieved by jointly optimizing networking and functionalities is achieved. This section investigates what processing resources. performance virtual machines can provide for dynamic instan- tiation of media processing functions on processing resources II. LATE BINDING OF PROCESSING RESOURCES in the network. These investigations were performed by im- Future (immersive) media services require processing in the plementing and evaluating a personalized media centric use networks to build a personalized user experience from the case on the MediaCloud framework utilizing the G-Lab expe- media streams which compose the basis for the service. To rimental facilities. keep traffic in the network local, media processing functions Use Case: Personal View Generation need to be placed on processing resources, which are located close to the media streams, crossing the network from media Interactive personalized services are composed of multiple source or sink to the service consumer‘s point of attachment. media processing components and pose new challenges to In principle, the more processing resources are distributed today‘s virtualization technologies and media frameworks. across the network, the closer processing functions can be Each media processing step requires decoding and encoding of

73 the media content to guarantee efficient channel utilization. case shows that today‘s VMs impose huge overhead on media Successive de- and encoding steps impose additional applications. Each VM contains a complete operating system processing overhead and delay on the media processing. And with many processes and other functions, e.g. printer support, each additional coding step decreases the quality of the media not relevant for media processing. So it takes several minutes content. An exemplary interactive media use case is built on to startup a VM. This is not acceptable for real-time services. the G-Lab platform to evaluate if today‘s virtualization tech- Optimization nologies and media frameworks are ready for the challenges Tests in the evaluation environment show that the VM star- imposed by distributed media processing. tup time is influenced by two factors: copying the disk image The personal view service provides a 360 degree live video, to the selected processing resource and the boot time of the e.g., of a conference room. Each user gets his personal view operation system (OS). A fast startup approach for VMs was into the conference. The user can change his view by rotating developed and tested that brings down the VM startup time to his mobile device. When the viewing angle of the mobile several seconds instead of minutes. To ensure fast access to device changes the user‘s view into the conference room is the disk images these are distributed to each MediaCloud adapted synchronously. location by means of a NFS server. Instead of creating a new disk image per VM, MediaCloud takes advantage of template images that are shared between identical components in one location. Only read access is allowed on the disk image to avoid corrupted data in case of concurrent VMs sharing the same disk image. Instead, permanent changes to the image are stored in temporary files local on the physical host on which the VM runs. Hence, disk image copy processes can be com- pletely avoided. Furthermore, the OS boot time is reduced by suspending a VM prior to its distribution. This results in a fast VM start that requires only 4 to 5 seconds until the wake up process is completed and the VM has received a new network address. But real-time interactive media applications require startup times within milliseconds. Even with the optimizations introduced here, this cannot be achieved by means of today‘s Figure 1. Personal View Generation cloud virtualization technologies.

In the use case multiple cameras are placed in the centre of IV. CONCLUSION AND OUTLOOK the conference room and provide live video content. The stitching component mixes these videos to a 360° video. In a Future real-time media services demand distributed execu- monolithic design implementing that functionality in a single tion at disperse cloud processing locations to meet mission virtual machine the resulting coding delay of the complete critical QoE expectations and limit bandwidth requirements. 360° video would take a couple of seconds which is not ac- Media frameworks for executing flow oriented media ser- ceptable for this kind of interactive service. That‘s why mul- vices are available today. But those lack support for distri- tiple stitching components are used to create smaller parts of buted service deployments and fail to provide required execu- the 360° video that can be encoded with an acceptable encod- tion performance, efficiency and scalability. To overcome ing delay. These are sent to the media distribution component. those limitations we have to challenge fundamental pillars of For each connected user a personal view renderer is started today‘s (cloud) technologies by inventing systems software which computes the personal view for the user depending on specifically designed for extreme efficient execution of inter- the rotation angle of his mobile device. active media services on network distributed computing re- The service control triggers the dynamic start of the required sources. Furthermore, we are working on algorithms for the on components by the MediaCloud service nexus and intercon- the fly (re-)placement of fine-grained processing tasks to nects them. The service nexus places the components local to satisfy expected QoE and offload networks by selecting re- the media streams. E.g., the personalized view renderer is sources at appropriate locations. placed on a processing resource that is close to the user. The [1] —Cisco Visual Networking Index (VN): Forecast and Methodology, 360° video is multicasted to the access where the user specific 2010-2015“. renderer components are placed. This offloads the network [2] —Content Networking: Architecture, Protocols, and Practice“, by Markus and the short feedback loop between rendering function and Hofmann and Leland Beaumont, Morgan Kaufmann, February 2005, mobile viewer guarantees a fast service response time. ISBN 1-55860-834-6 Performance Evaluation [3] Peter Domschitz, Markus Bauer, Jürgen Sienel and Marcus Kessler: —Move Apps not Data œ A new Paradigm for the Future Internet“ Proc. For the evaluation of the use case the MediaCloud was built of the 10th Wuerzburg Workshop on IP: 'Visions of Future Generation upon KVM virtualization technology which is part of the Networks' (EuroView 2010). Linux kernel. Each media component is started in an own This work is co-funded by the German Federal Ministry of Education and virtual machine (VM) on the experimental facility. The use Research (BMBF) within the G-Lab project NETCOMP (FKZ 01BK0940).

Tuesday, August 2nd Program – Session 6

Tuesday, August 2nd, 2011, 11:30 AM to 12:00 PM Session 6: Future Internet Activities in FP7 (organized by Rüdiger Martin)

th

11 Würzburg Workshop on IP:

Joint ITG and Euro‐NF Workshop on

“Visions of Future Generation Networks“ EuroView2011

Co‐located with Official G‐Lab Status Meeting

Chair of Communication Networks Institute of Computer Science University of Würzburg

th

11 Würzburg Workshop on IP:

Joint ITG and Euro‐NF Workshop on

“Visions of Future Generation Networks“ EuroView2011

Co‐located with Official G‐Lab Status Meeting

Chair of Communication Networks Institute of Computer Science University of Würzburg With the Future Internet towards a Smart Grid

Kolja Eger, Johannes Riedl Werner Mohr Siemens AG Nokia Siemens Networks GmbH & Co. KG Corporate Technology CEF CTO IE Research Alliances Munich, Germany Munich, Germany {kolja.eger, johannes.riedl}@siemens.com [email protected]

I. INTRODUCTION The energy sector has entered a period of major change which will continue for many years to come. The increasing proportion of electricity from renewable sources means that the architecture of the energy grid will have to support the distributed, in addition to the centralised, generation of energy and to adapt to a highly volatile supply e.g. from wind and solar generators. In addition, from the consumption perspective, electric vehicles will demand new load management patterns in the grids and provide energy storage. At the same time, private and commercial consumers are being encouraged to reduce their energy use and electronics manufacturers are striving to reduce the energy use of their products.

As depicted in Figure 1 optimum trade-offs need to be found between sustainability, reliability and costs. The energy supply Figure 2: FINSENY consortium will need to evolve into a dynamic system to provide the smart energy infrastructure needed to support the society in 2020 This will lead to the definition of new solutions, and beyond. Future Internet technologies will play a critical architectures and standards, verified in a large scale pan- role in the development of Smart Energy infrastructures, European Smart Energy trial. Project results will contribute to enabling new functionality while reducing costs. the emergence of a sustainable Smart Energy infrastructure, based on new products and services, to the benefit of all In the Future Internet Public-Private-Partnership (FI-PPP) European citizens and the environment. project FINSENY, Future INternet for Smart ENergY, key actors from the ICT and energy sectors team-up to identify the ICT requirements of Smart Energy Systems. An overview of II. SCENARIOS IN FINSENY the consortium is depicted in Figure 22. FINSENY will use scenario techniques to identify the prominent ICT challenges. The term ‘scenario’ refers to an application domain in the evolving Smart Energy landscape, expected to be of significant importance, and requiring advanced ICT technologies.

To focus work on each individual scenario, FINSENY will assume that energy transport and energy distribution takes place solely as electricity. A large number of roles and players have to be considered when analysing these scenarios in detail. The fundamental understanding of these scenarios today and in future will enable FINSENY to identify the required Future Internet ICT enablers.

Figure 1: Energy Supply Triangle

77 The selected scenarios are: III. SMART GRID STAKEHOLDER GROUP Due to the large scope of Smart Energy, one project • Distribution network partnership alone cannot host all relevant stakeholders. Advanced automation, control and management of Therefore intensive cooperation is required far beyond the distribution networks are needed in order to meet the FINSENY consortium. Therefore, the Smart Grid Stakeholder anticipated increased use of distributed energy Group (SGSG) has been established in June 2010 to foster the generation and to tackle new challenges such as the information exchange between ICT and energy industry and charging of electrical vehicles. Interfaces with the relevant stakeholders will play an important role. thus to better understand each others views. The organization of the SGSG is a task in FINSENY. At • Microgrid least three workshops are planned to present and discuss The large scale introduction of distributed project findings and to identify further cooperation generation supports the establishment of microgrids opportunities. This group is open for all industrial aggregating and largely autonomously controlling organizations which are interested in Smart Grid / Smart their own supply- and demand-side resources. Energy topics. In case of interest to join that group, please Interaction with the surrounding distribution network contact the authors of this article. and with the connected prosumers is the key to the efficient control of such grids. IV. OUTLOOK • Smart Buildings As part of the FI-PPP programme [1],[2], FINSENY will Efficient energy management in buildings requires intensively analyse energy-specific ICT requirements. In total extensive use of communication network the FI-PPP comprises 11 projects: Seven other FI-PPP projects infrastructure to and in buildings as well as the will investigate further usage areas like transport, mobility or provision of the necessary interfaces to local public safety. Finally all FI-PPP projects work together to appliances, local distributed generation and energy develop solutions addressing these ICT requirements, and to and service providers. prepare for large-scale trials in the later phases of the programme. These projects are cooperating with the Core • Electric Mobility Platform projects for a holistic platform-based ICT approach The large scale introduction of electrical vehicles and two coordination actions on potential trial sites and the will have an impact on the energy infrastructure by overall programme coordination. providing the necessary charging points, but also requires interaction between the energy infrastructure, the transport infrastructure, the vehicle information V. ACKNOWLEDGMENT systems and the communication network The authors gratefully acknowledge the contributions of all infrastructure, in order to collect, process and deliver FINSENY project partners. The FINSENY project is partly the needed information. funded by the European Commission within the FI-PPP which is part of the Framework Program FP7 ICT. • Electronic market place for energy The introduction of Smart Energy Grids and deregulation is resulting in a transformation of the VI. REFERENCES European energy market. New players are appearing [1] Future Internet Public Private Partnership. Available online: and the roles of incumbent players are changing. An http://ec.europa.eu/information_society/activities/foi/lead/fippp/index_e n.htm electronic market place for energy must support all [2] Future Internet PPP – The future now. Available online: http://www.fi- these players and roles by providing business models ppp.eu/ and market rules for a more transparent energy exchange, and the corresponding interfaces and tools. It should also be open to support new applications, players and roles.

For each of these scenarios, the most important building blocks will be identified and analysed in detail during the project runtime.

The FI-PPP INFINITY Project

Martin Potts Martel GmbH Bern, Switzerland [email protected]

Phase 2 of the FI-PPP process œ extending and sharing the I. OBJECTIVE OF THE PRESENTATION most appropriate infrastructures. This exercise should also This presentation will explain the goals, working lead to more sustainable infrastructures (being infrastructures methodology and current status of the FI-PPP INFINITY that the Use Case projects want to use) project (INfrastructures for the Future Internet commuNITY).

II. PROJECT GOALS A. Bringing together Users and Infrastructures

The INFINITY project is a Coordination and Support

Action within the FI-PPP. Its purpose is to: O Leverage existing investments in advanced infrastructures in Europe for testing and experimentation of novel Future Internet technologies O Support the Core Platform by consolidating detail about existing and emerging advanced infrastructures, and help define the required

Generic Enablers for seamless integration and enable new and innovative experimentation. Figure 2. The INFINITY project lifecycle model O Stimulate infrastructure owners to effectively —bridge the gap“ between their current capabilities III. METHODOLOGY and Use Case requirements, thereby encouraging investment in upgrades and standards to realise The systematic approach to address the challenge follows these opportunities, and leading to greater the ”spiral‘ lifecycle model shown in Figure 2. This allows a sustainability. ”bottom-up‘ infrastructure analysis to be combined with ”top- down‘ FI-PPP project requirements capture, to facilitate dialogue between infrastructure stakeholders and FI-PPP projects. The iterative nature of the model allows communication channels to be established quickly, methods and the repository to be refined and initial results to be delivered for FI-PPP Phase 2 preparation - and for these results to be refined during the early part of FI-PPP Phase 2. The number of infrastructures engaged will increase over time, and a higher level of participation from the stakeholders will be achieved through access to high quality information in the repository. One of the first tasks is therefore to identify and categorise the many test infrastructures available in (mainly) Europe, but including some of the key Future Internet test infrastructures elsewhere in the world. Figure 1. Some of the available European infrastructures A. Input Categorisation B. Recommendations for FI-PPP Phase 2 The input data categorisation will be performed in accordance with characteristics that will allow FI-PPP Use A —Concertation Board“ of key representatives of the Case projects (and other interested parties) to discover the important public and private infrastructure stakeholders and facilities that are most appropriate for their trials at the time. external experts will make recommendations on how to The information that needs to be collected about the optimise investments in European infrastructure through - in

79 infrastructures is being specified in close collaboration with available infrastructures "as a living organism" and have the the FI-PPP Use Case projects. capability to follow the dynamic evolution of the testbed infrastructures. Even live data can be represented if the testbeds allow this level of access to their information from B. Output Visualisation the INFINITY project. Users of the service will be able to search the data repository using standard criteria, or customize the search criteria themselves in order to obtain the most appropriate results for their needs.

IV. STATUS The project started in April 2011 and has a duration of 3 years. The initial work has focused on identifying potentially attractive infrastructures (already more than 300!) and defining the methodology for cataloguing their component parts in a way that will make it feasible for users to select the one(s) that is(are) the most suitable for their particular trials. Figure 3. Visualisation of the infrastructures A first —mock-up“ of the repository has also been built to assess users‘ reactions. The repository is based on a set of community-driven Web tools. It will be realized to promote the evolving vision of

Tuesday, August 2nd Program – Poster Session

Tuesday, August 2nd, 2011, 2:00 PM to 3:00 PM Poster Session EuroView

th

11 Würzburg Workshop on IP:

Joint ITG and Euro‐NF Workshop on

“Visions of Future Generation Networks“ EuroView2011

Co‐located with Official G‐Lab Status Meeting

Chair of Communication Networks Institute of Computer Science University of Würzburg

th

11 Würzburg Workshop on IP:

Joint ITG and Euro‐NF Workshop on

“Visions of Future Generation Networks“ EuroView2011

Co‐located with Official G‐Lab Status Meeting

Chair of Communication Networks Institute of Computer Science University of Würzburg Strengthening the Role of Europe in the Standardisation of the Future Internet

Kai Jakobs Comsys RWTH Aachen University Aachen, Germany [email protected]

I. INTRODUCTION The individual US-SDOs are accredited by ANSI, which The Future Internet (FI) will be shaped by its underlying also co-ordinates their activities. ANSI is also the only US standards. Those who lead the standardisation initiatives representative to international bodies (such as ISO and IEC). today are thus likely to also be in the driving seat when it The European approach is much more centralised. Also, comes to the actual technology development, and the the European Commission (EC) does have an influence over implementation of the Future Internet. the ESOs. This may primarily be attributed to the fact that a Many private standards consortia have established significant percentage of the ESOs’ funding comes from the themselves as credible sources of important ICT standards. EC. But even beyond that the EC influences standardisation Moreover, some Asian countries, most notably China, are “The Commission takes a role both in initiating and becoming increasingly active and important in ICT facilitating the development of standards ….” [EC, 2008]. standards setting. As a result, the European Standardisation Well established rules for the co-operation between the Organisations (ESOs) face the risk of being marginalised. individual ESOs and between ESOs and national bodies On the other hand, ESOs are leading the way in some ICT make sure that neither are European standards in conflict sectors, most notably in mobile communication. This with each other, nor national standards with European ones. suggests that a re-thinking of the European standardisation China has established a very centralised standardisation approach is overdue; better ways to exploit the European system. The ultimate power in standardisation rests with the strengths and to overcome her weaknesses need to be State Council that supervises SAC, which is a government identified. The paper discusses these issues and makes some agency “… in charge of the unified administration of suggestions how Europe could keep playing an important standardization throughout the country …” [PRC, 1989]. role in the international ICT standardisation arena. Today, China is taking an increasingly active role in international standardisation. This holds for participation in II. KNOW THY COMPETITORS existing processes (e.g. China’s contributions to the ITU increased six-fold between 2006 and 2010), as well as for the The US and the EU continue to be the powerhouses in ICT capability to initiate own standardisation processes and standardisation. This may soon change, though, with the promote alternative technical developments (TD-SCDMA is increasing influence of Asian countries, most notably China. a case in point). This paper will briefly discuss the differences of these three The European approach to standards-related innovation national/regional standardisation systems in the ICT sector. has been promoted as an alternative to the ‘US way’ in terms There are over 250 ANSI-accredited national SDOs in the of organisation and policy. China may well become an US, three European Standards Organisations plus 30 National Bodies, and basically one central entity in China – additional hub (and perhaps a third model) of standards- the Standardization Administration of China (SAC). related innovation. Due to the sheer size of China’s domestic market, this would likely have a global impact [EU-China, These numbers are perhaps best suited to highlight the 2010]. Europe must recognise this as both a challenge and an different approaches. The US system is highly decentralised opportunity, and work with China to further her policy aims. and comprises organisations each typically serving one specific industry sector. The US administration does not III. A BRIEF SWOT ANALYSIS intervene in the process, nor does it mandate any standards. In such a distributed environment, with largely autonomous In addition to the above, a set of criteria may be used as the actors, maintenance of a coherent set of standards, with no basis for a brief SWOT analysis of the European conflicting specifications, is next to impossible. Accordingly, Standardisation System (ESS). Criteria deployed include the United States Standards Strategy only requires that “The [Jakobs, 2009]: standards emergence; types of standards; process encourages coherence to avoid overlapping and stakeholder representation; integration of standards conflicting standards” [ANSI, 2005]. consortia; links between public R&D funding and standardisation; and regional coverage

83 A. Strengths • Mandatory ex-ante declaration of maximum royalties. • Close and long-standing co-operation with international • Integration of fora and consortia in ICT standardisation. counterparts (CEN, CENELEC). Here, the Commission made two almost mutually • A comparably simple standards landscape (providing exclusive proposals. One foresees the referencing of contradiction-free standards). specific consortium standards (subject to a positive • Well-established, consistent system with close links to evaluation of the standard and the consortium European policy makers. processes). The other one would require the ESOs to • Well respected internationally (due to the development approve standards submitted by consortia. of several hugely important standards; primarily ETSI). There are good reasons to reject both suggestions. • Pioneers in innovative approaches (i.e., Partnership Direct referencing carries the risk of jeopardising the Projects, such as 3GPP; ETSI). coherent and contradiction-free European standards • Flexible approach to standardisation (primarily ETSI). system. Also, it will be hard to convince international • Representation of at least part of the ‘Third Estate’ in consortia to take into account specific European standards setting (notably SMEs and consumers). requirements. Moreover, one might wonder if many consortia are actually interested to have their standards B. Weaknesses referenced by EU policy documents. • (Financially) dependent on policy makers. Asking the ESOs to approve standards developed by • Slow-moving process, not 100% suitable for fast- consortia would significantly increase their workload. moving technologies (CEN, CENELEC). Moreover, consortia are global, and so is the coverage • Sub-optimal type of representation (through national of their standards. That is, regional standards bodies delegations; CEN, CENELEC). would be the wrong partners almost by definition in the • ‘New Deliverables’ lack necessary level of consensus. first place, unless specific ‘European’ version of • Policy largely ignore standards consortia. consortium standards were to be developed (which is • Limited links between R&D and standardisation. highly unlikely). • Overly European focus (CEN, CENELEC). The latest document, a Communication from the Commission entitled ‘A strategic vision for European C. Opportunities standards’ [EC, 2011] was published in June 2011. This • Good links to international bodies can be used to document doesn’t make mention anymore of any mandatory strengthen the EU position in the global arena. ex-ante declaration of maximum royalties (which is a good • High reputation can attract both European and thing; it means that the voluntary such declaration will international know-how, contributions, and members. remain the norm). Rather, those parts that relate to ICT • Flexibility will be helpful when newly emerging topics standardisation largely focus on the use of consortium will have to be addressed. standards for public procurement. These standards and the • Wide participation increases democratic legitimacy. underlying processes will need to meet the quality criteria D. Threats defined by the World Trade Organisation [WTO, 2000]. In addition to the use of consortium standards in public • Financial dependency may reduced global importance. procurement, the Commission state that they will • Slow processes, EU focus, and national representation increasingly use selected ICT standards in support of may lead to international marginalisation. European policies, given they comply with the same set of • Limited level of consensus may render ‘New WTO quality criteria. Somewhat disappointingly, the Deliverables’ irrelevant. document stays clear of any answer to the question how • Continuing to ignore consortia may leave Europe exactly these standards will be integrated into the European stranded with possibly irrelevant European standards. standards system. A fast-track procedure is mentioned in • Poor links between R&D and standards setting may passing; this is at least a step forward from the White Paper make it difficult for ESOs to exploit state-of-the-art that completely failed to make any sensible suggestions in technical knowledge, render European standards this context; see above. inadequate, and hinder ESOs from addressing crucial future topics. V. WHAT SHOULD BE DONE

IV. WHAT ‘S GOING ON NOW? Eventually, a modified version of the suggestions laid out in the Communication will need to be implemented efficiently Probably aware of the above, the Commission has realised and effectively. Specifically, the question how to that “It is indeed imperative to modernise the EU ICT incorporate consortium standards into the European standardisation policy and to fully exploit the potential of standards system will need to be addressed, most likely by standard setting”. To this end, the White Paper the ESOs. ‘Modernising ICT Standardisation in the EU – The Way Forward’ [EC, 2009] has been published. It makes a number References are available upon request. of ‘suggestions’ on how to move forward. The most important – and controversial – ones deal with the MEVICO - Mobile networks EVolution for Individual COmmunications experience

Jochen Eisl Nokia Siemens Networks Gerhard Hasslinger Deutsche Telekom Björn Erichsen Telefonica o2 Thomas Bauschert TU Chemnitz Adam Wolisz TU Berlin



A significant increase of mobile data traffic had been • realization of an extended and differentiated user and observed in the last years. This trend is expected to continue service specific quality of service due to new bandwidth consuming Internet applications [1], [2]. The stepwise introduction of LTE will gradually offer From user viewpoint, the new mechanisms provide best more bandwidth to mobile users. However, such new possible quality of experience (with graceful degradation) in deployments may not completely avoid temporary resource particular in high load and congestion situations. bottlenecks on the air interface and might temporarily cause congestion in the radio access network (mobile backhaul) as The tasks carried out in the project can be categorized into well as in the core network and the underlying transport the following three main categories: network. This is due to the fact, that capacity extensions will be accomplished in a more restrictive way than in the past 1. Traffic modelling: The main objective is to get a „close- because of economical reasons. Moreover, the exact to-reality“ model about the traffic characteristics and adaptive requirements for additional capacity will be harder to define behaviour of selected Internet applications. Moreover the due to unpredictable and dynamic traffic characteristics and minimum requirements for sufficient QoE as well as the user behaviour. Therefore, fast reaction to traffic fluctuations corresponding network QoS will be evaluated. and avoidance or reduction of congestion is a key objective for economic traffic management in future mobile networks. 2. Development of new traffic management mechanisms: The emphasis of the project is on development and evaluation Focus of CELTIC project MEVICO is the investigation, of innovative traffic management concepts for LTE. These development and evaluation of mechanisms and concepts concepts are considered both on microscopic and macroscopic especially for the core and transport network part of next level. While microscopic traffic management (MicTM) generation mobile networks (LTE, LTE advanced) that will be influences the rate of individual traffic streams only, deployed beyond the year 2014. The German part of the macroscopic traffic management (MacTM) controls the traffic project concentrates primarily on scalable mechanisms for flow paths. For example, MacTM deals with mechanisms for “Smart Traffic Management” to enable the optimum usage of selecting the access network, the gateways (towards external network resources while providing a best possible quality of networks) and the paths in the EPC. Another level of experience for end users especially for delay and loss sensitive investigation addresses mechanisms for caching and Internet applications (e.g. multimedia applications). intelligent resource selection. These are fundamental components for efficient multimedia content delivery in From operator viewpoint the newly developed mechanisms mobile access networks. A big challenge arises in integrating offer the following advantages: the different traffic mechanisms in order to enable a well coordinated operation and avoid inconsistent actions. • cost reduction (CAPEX/OPEX): deployment of Smart Traffic Management enables capacity savings in network 3. Techno-economical analysis: This work is performed to dimensioning and optimal resource usage (according to the verify the economical feasibility of the technical solutions operator policies) developed by the project consortium. In this context models are developed for evaluating the overall network costs including both the cost of the network infrastructure (CAPEX)

85 as well as the operational cost (OPEX). Based on these cost models a study is carried out to evaluate selected network migration scenarios and a business case analysis is performed.

REFERENCES [1] "MINTS: The Minnesota Internet traffic studies", http://www.dtc.umn.edu/mints/references.html

[2] "Cisco Visual Networking Index: Forecast and Methodology, 2008-2013", 2009http://www.cisco.com/en/US/solutions/collateral/ns341/ns525/ns537/ns7 05/ns827/white_paper_c11- 481360_ns827_Networking_Solutions_White_Paper.html ECODANE - Reducing Energy Consumption in Data Center Networks based on Traffic Engineering

Truong Thu Huong∗, Daniel Schlosser†, Pham Ngoc Nam∗, Michael Jarschel†, Nguyen Huu Thanh∗, Rastin Pries† ∗Hanoi University of Science and Technology, School of Electronics and Telecommunications, Hanoi, Vietnam. Email: {huong.truong,pnnam-fet,thanhnh}@mail.hut.edu.vn †University of Wurzburg,¨ Institute of Computer Science, Wurzburg,¨ Germany. Email: {schlosser,michael.jarschel,pries}@informatik.uni-wuerzburg.de

I.INTRODUCTION The switches in the edge layer are connected to k/2 servers Nowadays, global data centers are growing rapidly to satisfy and the remaining ports of the edge switches are connected the tremendous traffic demand driven by the exponential to the aggregation layer, cf. Fig. 1. The core layer consists of 2 development and popularity of the Internet. Consequently, (k/2) k-port core switches where each of them is connected data centers consume a huge amount of energy and emit to each of the k PODs [3]. A Fat-Tree data center architecture 3 a lot of greenhouse gases that turns to be a big concern built with k-port switches support k /4 servers. Thus, when for data center owners and managers as well as for policy- using 48-port switches, up to 27,648 server can be supported. makers. Thus, the focus is on building green data centers. In our emulation to build the Elastic-Tree system, we Therefore, many researches addressed this issue including developed some logical modules which are described in the designing smart cooling systems, migrating virtual machines following and are shown in Fig. 2. across physical machines, optimizing power consumption of (1) Data center network: The network is emulated with the servers, optimizing power consumption of network compo- Fat-Tree topology. In our implementation, the number of ports nents, etc. Our ECODANE project focuses on optimizing of each switch are k=4 or 6, corresponding to the number of power consumption of network components by designing an servers (16 or 54). Mininet [5] is used as the emulation tool intelligent network control system that dynamically adapts the which is able to emulate a real network with switches, servers, set of active network components corresponding to the total links. Mininet enables to turn links, switches, and servers on traffic going through the data center. The optimizer module is and off. accompanied by a load balancing routing module to guarantee (2) Optimizer: The Optimizer’s role is to find the mini- the availability of a data center. The proposed system has been mum power network subset (minimum numbers of switches estimated by a virtual testbed built on Mininet environment and links) that satisfies current traffic conditions, while still with OpenFlow [1] switches and NOX controller, and will offering good Quality of Service (QoS). The module is de- be tested on the hardware testbed using NetFPGA based veloped using the NOX controller [6], being able to provide OpenFlow switches. For the ECODANE project, OpenFlow network traffic statistics via OpenFlow messages. Its needed helps us to evaluate our green networking ideas both on our inputs are the network topology, traffic matrix, a power model real data center testbed and in emulation. for each switch, and the desired fault tolerance properties. Traffic statistics are gathered with the port-counter field of II.DATA CENTER MANAGEMENT the OpenFlow switch. Fault tolerance is handled with defining For our data center management, we use the Elastic-Tree spare switches or spare capacity for a link. In our testcase, network [2] which is based on the Fat-Tree topology as shown in Figure 1. The fat-tree architecture [3], [4] was developed to reduce the oversubscription ratio and to remove the single point of failures of the hierarchical architecture. The Elastic- Core layer Tree was proposed for dynamically adapting the energy con- sumption of a data center network, i.e., its network topology Aggregation adjusts to the traffic requirements. As similar switches are layer used on all layers of the architecture, the costs for setting up a fat-tree data center can be kept low. The architecture is not achieving complete 1:1 oversubscription in reality, but Edge layer offers rearrangeable non-blocking paths with full bandwidth.

The figure shows a 4-ary fat-tree which is build up of k = 4 POD 0POD 1POD 2POD 3 Performance Optimized Data Centers (PODs), each containing two layers of k/2 switches. Fig. 1. Fat-tree data center architecture.

87 Fig. 2. The ECODANE modules. Fig. 3. Demonstration of Energy Reduction by turning off uneeded switches in a data center network. a bandwidth threshold of traffic transmitted in a link is set 70% in order to spare 30% capacity of the link. Topology- switches have shown that when the switch is working at full aware heuristics [2] are developed for the Optimizer module speed, the power consumption increases only slightly as the to compute a set of active components (switches, ports, and network traffic increases. However, by reducing the working links). Every 500ms, the Optimizer outputs a subset to the clock frequency of the switch, the power consumption of the Power Control and Forwarding modules. switch can be reduced significantly. Based on our proposed power model of each commercial III.CONCLUSION switch, port and link, the energy reduction in the whole network is estimated as numbers of switches, ports, and links In this paper, we demonstrated the ECODANE project in can be turn off or be put into sleep mode. For testing the which we successfully studied and implemented the Elastic- proposed optimizer on the hardware testbed, we run a number Tree idea of Heller et al. [2] in an emulation framework. More- of experiments and proposed a power model for NetFPGA over, we implemented a Load Balancing Routing Heuristic to based switches. see its impact on the network performance. Our first emulation (3) Power Control: The module toggles the power states results have shown that between 10% and 35% energy can be of ports, linecards, and entire switches through OpenFlow saved by dynamically adjusting the number of active switches, messages and Python APIs of Mininet to ”tell” switches ports, and linecards. In future work, we will also adjust the ”off or on” or change to an appropriate power saving mode. link rates of the switches as well as migrate virtual machines In order to support the power controller at switch level, to be able to switch off servers. we propose a hardware power management module for the ACKNOWLEDGMENTS NetFPGA platform. The module is also implemented in the The authors would gratefully thank the Vietnamese Ministry NOX controller. of Science and Technology as well as the International Bureau (4) Forwarding: The module is in charge of optimiz- of the BMBF for their support on this paper. ing the routes in the data center. It is implemented in the NOX controller as a NOX module. In our implementation, REFERENCES a hierarchical load-Balancing routing algorithm is selected [1] “Openflow switch specification, version 1.1.0,” February 2011. to guarantee the QoS requirements. The Forwarding module [2] B. Heller, S. Seetharaman, P. Mahadevan, Y. Yiakoumis, P. Sharma, is implemented separately from the Optimizer. It fetches the S. Banerjee, and N. McKeown, “Elastic tree: Saving energy in data center networks,” in 7th USENIX Symposium on Networked System Design and Optimizer’s outputs for its own routing calculation. However, Implementation (NSDI), San Jose, CA, USA, April 2010, pp. 249–264. if the Optimizer is, by accident, out of order, all network [3] M. Al-Fares, A. Loukissas, and A. Vahdat, “A scalable, commodity data components are toggled On to the operating mode. center network architecture,” in SIGCOMM ’08: Proceedings of the ACM SIGCOMM 2008 conference on Data communication, Seattle, WA, USA, (5) Traffic Generator: The module is developed in August 2008, pp. 63–74. D-ITG [7] to generate network traffic from servers within [4] R. N. Mysore, A. Pamboris, N. Farrington, N. Huang, P. Miri, S. Radhakr- a data center network. The traffic pattern is gathered from ishnan, V. Subramanya, and A. Vahdat, “Portland: a scalable fault-tolerant layer 2 data center network fabric,” SIGCOMM Comput. Commun. Rev., Bensons et al. [8] with a lognormal distributed flow interarrival vol. 39, no. 4, pp. 39–50, 2009. time. [5] Stanford. (2011) Mininet. [Online]. Available: http://yuba.stanford.edu/ The ECODANE tool using the Fat-Tree topology (k=4) is foswiki/bin/view/OpenFlow/Mininet [6] (2011, 5). [Online]. Available: http://www.noxrepo.org/ shown in Fig. 3. First results gathered with ECODANE show [7] [Online]. Available: http://www.grid.unina.it/software/ITG/ energy savings between 10% and 35%, depending whether [8] T. Benson, A. Akella, and D. Maltz, “Network traffic characteristics of most of the traffic is transmitted locally within a rack, within data centers in the wild,” in Internet Measurement Conference (IMC), Melbourne, Australia, November 2010. a POD, or globally transmitted within the whole data center. Furthermore, experimental results on NetFPGA OpenFlow Transparent TCP to SCTP translation shim layer

Daniel Manns Thomas M. Knoll TU Chemnitz TU Chemnitz Chair for Communication Networks Chair for Communication Networks Chemnitz, Germany Chemnitz, Germany [email protected] [email protected]

I. INTRODUCTION A. Motivation The multi-path communication “Stream Control Transmission Protocol (SCTP)” [1] gains huge attention in the research community, as it has the potential to supplement or even replace the TCP protocol. However, there are currently only a few applications with integrated SCTP support available. The reason for this is that every application would need to be rewritten in order to take advantage of the features Figure 1. Architecture of SCTP. In this contribution we outline a method for transparent TCP to SCTP translation, which enables unmodified TCP-based applications to fully exploit the benefits of SCTP. aware of the translation process by the shim-layer. In case a As outlined in [2], the goal of a transparent TCP-to-SCTP- SCTP connection is not possible, a fall-back standard TCP translation shim consists of an augmentation of TCP-based connection is provided. applications to make use of multipath transport capabilities B. Current State and other features of an underlying transparent SCTP association. Transparent in this scope means, the TCP-based At present, only an implementation for the outdated applications will not notice the SCTP wrap-up at all. FreeBSD 4.0 is available. As it is not suitable for on-going As a result, the following scenarios using SCTP translation research to work with 4.0, a migration to the latest stable will be supported: FreeBSD version (8.2) has been performed. The verification • TCP client and TCP server, of the functionality was done through different application • TCP client and SCTP server, scenarios – namely web browsing and content-streaming • SCTP client and TCP server. applications. This functionality could foster adoption of SCTP as new C. Use Cases standard communication protocol. Furthermore, the broad SCTP augmented TCP can be applied to a broad range of usage on fixed and mobile devices (i.e. Android based) use cases. All communication scenarios, which increase becomes possible. throughput and/or stability by means of SCTP transport across B. SCTP Features multiple interfaces, will gain from this shim layer technology. Upon the design of SCTP, some shortcomings of TCP have This is in particular true for mobile devices with several been eradicated. The biggest advantage is an enhanced communication interfaces. The breakdown of one connection resilience against resource-based attacks (i.e. DoS) as well as could automatically be repaired by means of the SCTP path the support for multi-homed clients. Other advantages include failover mechanism. Thus, TCP applications will not even multi-streaming within a SCTP association, as well as notice the swap between communication paths. optimized ACK processing. D. Future Work

II. CURRENT STATE & FUTURE WORK Once the functionality is verified, the mechanism will be ported to a current Linux-Kernel and afterwards tested on A. Aproach various Android based devices. To achieve the desired behaviour, a SCTP socket will be generated and hid inside a newly instantiated TCP socket. III. REFERENCES The hidden SCTP socket is passed down to the transport- [1] R. Stewart: Stream Control Protocol (SCTP). RFC 4960. IETF. layer to establish the communication. However, a reference to September 2007. URL: http://tools.ietf.org/html/rfc4960 [2] R. Bickhart, P. Amer, R. Stewart. TCP-to-SCTP translation shim layer the initial TCP socket will be held, as applications are not in the FreeBSD kernel, Euro BSD Con 2007, Copenhagen, May 2007

89

Understanding Ungeduld Quality of Experience Assessment and Modeling for Internet Applications

Raimund Schatz1, Tobias Hossfeld1,2, Sebastian Egger1 1) Telecommunications Research Center Vienna (FTW) 2) University of Würzburg, Institute of Computer Science, Donau-City Strasse 1, A-1220 Vienna, Austria Am Hubland, D-97074 Würzburg, Germany

QoE – A SHIFT TOWARDS USER-CENTRICITY HOT TOPICS AND KEY RESULTS

Starting point: Quality of Service (QoS) as established networking concept Topic 1: Universal QoE Principles However: research focus often more on QoS parameters than quality itself Frequent observation: logarithmic dependency between technical quality Consequence: recent countermovement = “Quality of Experience” (QoE) (bandwidth, waiting time) and perceived quality (MOS ratings) Web Browsing (Photo Album) File Download (2.5 MB)

QoE = a+b*log2(page_load_time) QoE = a+b*log2(time)+c*sqrt(filesize) Analogy from psychophysics: Weber-Fechner Law  General logarithmic structure of stimulus-based human sensory system (valid for vision, hearing, tasting, smelling, touching, …) Standard definition of QoE (ITU-T SG12): “Overall acceptability of an  QoE of Internet services can be described and explained by universal laws application or service as perceived subjectively by the end-user… includes See also: Reichl et al. (2010) the complete end-to-end system effects… may be influenced by user expectations and context.” Natural relationships between QoE and disturbances: IQX Hypothesis  Quantification of influence of network disturbances described by QoS Essential: integrated QoE assessment and modeling across all layers parameter, e.g. packet loss on QoE  Requires interdisciplinary approach towards R&D  Interdependency between QoS and QoE follows exponential relationship See also: Fiedler et al. (2010) Data QoE Acquisition Measurement

Extensive Output: Estimated Topic 2: Temporal Dynamics and Memory Effects QoE per User User Studies Observation: quality perception changes over time i.e. equivalent QoS levels do not automatically result in equivalent QoE levels Web QoE for Increasing Downlink Bandwidths 5 4 Application User Quality 3 Log Analysis Perception Model 2 1 MOS Bandwidth [kbit/s] Web QoE for Decreasing Downlink Bandwidths 5 Traffic Analysis Network Traffic 4 Measurements 3 & Metrics 2 1 MOS Bandwidth [kbit/s] QoE FOR INTERNET SERVICES  Experience is temporal, with past quality levels shaping user expectations Motivation  Waiting times are relevant QoE factor for Internet applications • Exponential growth of global Internet traffic volume  Temporal dynamics need to be taken into account in QoE modeling • Proliferation of mobile broadband subscriptions and smart devices See also: Hoßfeld et al. (2011) • HTTP traffic carrying majority of traffic in the residential broadband Internet  Web-related application scenarios (web browsing, video streaming like CONCLUSIONS YouTube, downloads, email, etc.) and Cloud applications (remote desktop, office in the cloud) beyond pure audio-visual media quality of high relevance • QoE – a hot topic for industry (operators, service providers) and academia  Investigation of temporal QoE phenomena and impairments (waiting • User-perspective requires holistic, interdisciplinary approach times, latencies, outages, memory effects, etc.) as well as their • For perceived quality of internet services, temporal phenomena are key relationshippp( with user impatience (i.e. “Ungeduld“) becomes essential! REFERENCES Main QoE Assessment Method P. Reichl, S. Egger, R. Schatz, A. D’Alconzo: The Logarithmic Nature of Controlled subjective user experiments under defined technical conditions: QoE and the Role of the Weber-Fechner Law in QoE Assessment. Proc. IEEE ICC, Cape Town, South Africa, May 2010 Local Test Content M. Fiedler, T. Hoßfeld, P. Tran-Gia: A Generic Quantitative Relationship between Quality of Experience and Quality of Service. IEEE Network Special Issue on Improving QoE for Network Services, Vol. 24 Issue 2, March-April 2010 T. Hoßfeld, R. Schatz, S. Biedermann, A. Platzer, S. Egger, M. Fiedler: The Memory Effect and Its Implications on Web QoE Modeling.Proc. ITC 2011, San Francisco, USA, September 2011

Contact: Dr. Raimund Schatz, mail: [email protected], phone: +43/1/5052830-35

http://ace.ftw.at http://www.german-lab.de http://www.tma-portal.eu http://euronf.enst.fr

User-centered Quality Assessment of HD IPTV Services Results from the FP7 Project OptiBand

Peter Fröhlich, Raimund Schatz Telecommunications Research Center Vienna (FTW) Donau-City Strasse 1, A-1220 Vienna, Austria

THE OPTIBAND CHALLENGE OPTIBAND AT FTW: TASK AND FIRST RESULTS

The Problem Tasks Currently, the ADSL access network creates a bandwidth bottleneck • Investigation of the Quality-of-Experience (QoE) of this new technology which does not allow for adequate provision of personalized High • Development of scientific QoE criteria and measurement methods Definition (HD) video content to the subscriber. • Evaluation of QoE impact of data dropping by a series of user studies • Guide for algorithm development towards optimal user-perceived quality The Solution Significant bandwidth savings by data dropping algorithms based on the Comparison: MOS vs. Acceptance Ratings nature of the video content (so-called “Content aware data dropping algorithms”). These algorithms will be implemented in two units: The “OptiBand Head End Unit” and the “OptiBand Network Unit”.

 Enable consumption of multiple HD channels per household over a single ADSL line.

THE i:lab AT FTW

The i:lab (interfaces and interaction lab) contributes to a variety of research projects in regional, national or European funding schemes. Companies can benefit from up to 50% public funding within Austria’s COMET program, if they decide to conduct collaborative research at the i:lab of the FTW.

• Absolute user-based assessment results: mixed The targeted 33% data reduction (bandwidth level 4) without falling below 3.7 MOS is hard to achieve via packet dropping. Targeted bandwidth level 4 only acceptable in 60-70% of the cases

• Relative comparison of user-based assessment results: Very strong data reduction with mostly affordable relative quality losses (e.g. 1080i, action: -45% with only a loss of 0.7 MOS). Sharp decline in acceptability at bandwidth level 2 (>50% reduction) The i:lab optimally supports a wide array of user-centered research and development activities. Thanks to its modular design, various application  Rethink validity of absolute QoE acceptance thresholds, develop flexible areas can be investigated by combining various facilities and features: QoE thresholds aligned to content type and duration • Two large test rooms directly controlled from a central observation room • A custom-made observation and test managgyement system that enables to control test conditions and automatically capture user feedback and behavior • Acoustic properties that allow for unbiased conversational speech quality tests as well as for high quality sound recordings

OptiBand is partially funded under the Contact: European Community's Seventh Framework Programme (FP7/2007-2013), Grant Dr. Peter Fröhlich Agreement n° 248495 [email protected]

Tuesday, August 2nd Program – Poster Session

Tuesday, August 2nd, 2011, 2:00 PM to 3:00 PM Poster Session G‐Lab

th

11 Würzburg Workshop on IP:

Joint ITG and Euro‐NF Workshop on

“Visions of Future Generation Networks“ EuroView2011

Co‐located with Official G‐Lab Status Meeting

Chair of Communication Networks Institute of Computer Science University of Würzburg

th

11 Würzburg Workshop on IP:

Joint ITG and Euro‐NF Workshop on

“Visions of Future Generation Networks“ EuroView2011

Co‐located with Official G‐Lab Status Meeting

Chair of Communication Networks Institute of Computer Science University of Würzburg Energy- and Performance-Aware Resource Management in G-Lab and Future Internet Infrastructures

Gergö Lovász, Florian Niedermeier, Andreas Berl, and Hermann de Meer Chair for Computer Networks and Computer Communications University of Passau {lovasz|niederme|berl|demeer}@fim.uni-passau.de

management, as resource virtualization allows a flexible and I. INTRODUCTION transparent allocation of physical resources to virtualized The G-Lab infrastructure currently consists of about 170 services. System virtualization is used within G-Lab to create nodes. Similar to other ICT infrastructures G-Lab is over- virtual machines that are able to encapsulate services as, e.g., provisioned to deal with spontaneously occurring peak loads PlanetLab software. This virtualization allows the seamless and future demands [1]. Therefore, the average utilization of a migration of virtualized services and, therefore, enables the G-Lab node is about 10% – 20% [2] with regard to CPU and consolidation of several services on a single node. When network load, which means that G-Lab is underutilized most services are consolidated on a small number of nodes, other of the time. Unfortunately, underutilized or idle (only the nodes can be turned off to save energy. The main question operating system is running) servers consume up to 70% of that arises in this procedure is, on which host a certain their maximum possible power consumption [3]. In the case of virtualized service needs to be processed to achieve the the Sun Fire X4150 [5], which is the standard node in the G- minimum possible energy consumption within the supervised Lab infrastructure, the power consumption in idle state is infrastructure (e.g., within a G-Lab data center). The approximately 250W whereas the power consumption at full infrastructure’s energy consumption includes the energy load is 363W, which calculates to 69% of the maximum power consumption of servers and network equipment as well as the consumption. This indicates a high energy-saving potential, energy consumed by air-conditioning that is required to cool within the G-Lab infrastructure as well as in Future Internet the utilized hardware. At the same time it has to be ensured infrastructures in general. This abstract presents an energy- that resource requirements of services are fully met. Such and performance-aware resource management that aims at the requirements are e.g. CPU time, RAM, I/O rate and network dynamic allocation of services to physical resources that goes bandwidth. beyond currently applied non-energy-aware, utilization-based consolidation approaches. The suggested resource II. ENERGY-AWARE RESOURCE MANAGEMENT management computes a resource allocation that is based on Apart from the virtualization approach that is required to service requirement models on one hand and on the power enable the seamless migration and the consolidation of consumption models of the physical resources on the other services within the managed ICT infrastructure, the suggested hand. This way, the overall power consumption of G-Lab (and energy- and performance-aware resource management consists other Future Internet infrastructures) will be minimized while of three modules: 1. A monitoring/controlling module is needed that service requirements are fully met. It is important to see that enables the monitoring of the energy-relevant ICT infrastructures tend to consist of heterogeneous devices in parameters of virtualized services and physical terms of performance and energy consumption. This hardware within the supervised ICT infrastructure. It heterogeneity leads to a challenging situation with regard to provides mechanisms to initiate migrations of the resource management which needs to solve a variant of the virtualized services, to shut down/hibernate hardware, variable-sized multidimensional bin-packing problem. In and to wake up the hardware again, if needed. 2. The analyzer module interprets the current state of the contrast to this heterogeneity of ICT infrastructures, the nodes ICT infrastructure and its virtualized services. If the in the G-Lab infrastructure are largely homogeneous. changes exceed a specified threshold, the analyzer Therefore G-Lab represents a simplified environment which module reports the change to the optimizer module to facilitates the resource allocation. The virtualization of initialize a change of the current resource allocation. services is a key enabler of an energy-efficient resource Additionally, the analyzer module stores relevant

97 monitoring information and state changes within a virtual counterpart of the physical infrastructure. The users of dedicated data base. This data is used to build profiles the infrastructure interact only with virtualized nodes and are of resource usage and dynamic device characteristics not aware of the virtualization or the presence of an (e.g., heat or fan speed) that are based on historical underlying physical infrastructure layer. The energy-aware and current states of the virtualized services and the management interacts with both, the physical and the virtual physical infrastructure. layer. 3. The optimizer module calculates energy-optimal allocations of physical resources to virtualized Particularly the optimizer component is in the focus of this services that do not violate the resource requirements work. Based on the power consumption models and the of the services. The resource allocation is modeled as resource requirement models it has to be able to 1) estimate a variant of the variable-sized multi-dimensional bin- the power consumption of all possible resource mappings packing problem. Services are represented as within the ICT infrastructure and 2) to choose an energy- hypercubes and servers as hyperbins. Each edge of a optimal (or nearly energy-optimal) mapping of physical hypercube represents a resource requirement of the resources to virtualized services. To estimate the power service. The length of the edge indicates how much of consumption of different mappings, power consumption the resource is required. Similarly, edges of the bins models and resource requirement models are used that model represent the server’s resources, e.g, CPU cycles or the physical and virtual layers of the ICT infrastructure. As an RAM. The length of a bin’s edge corresponds to the example, the optimizer has to decide whether it is more energy total amount of the physical resource it represents. To efficient to process 20 virtualized services on three highly each bin a cost function is assigned that computes the energy efficient servers with moderate performance or on two current power consumption of the represented server. less efficient servers with higher performance. The goal of the packing problem is is to pack the To find an energy-optimal mapping, heuristics are needed that hypercubes in the hyperbins so that the sum of all cost solve a variant of the NP-hard variable-sized multi- functions is minimized. On one hand, service dimensional bin-packing problem. It is important to see that requirement models are needed to define the the migration of virtualized services is costly: On the one hand hypercubes. Based on the resource usage profile of a it consumes performance in terms of CPU cycles and network service and current monitoring data, the service load and on the other hand it costs additional energy. requirement model estimates the future load Therefore, it is necessary to achieve an energy-optimal generation of the service and determines the size of mapping while producing the least possible amount of the representing hypercube. On the other hand, power migrations within the system. consumption functions for the different server components are used as cost functions for the bins. III. EXPECTED RESULTS They estimate the power that is consumed by the The expected result of the implementation of the Ener-G represented server based on its hardware management framework is a significant energy consumption characteristics and the hypercubes that are inside the reduction of the supervised ICT infrastructure. The energy bin. The size of the bin is determined by the consumption is reduced in two steps: First, a straight forward represented server. consolidation is applied that consolidates services by using a first fit bin-packing approach. This kind of consolidation will already significantly reduce the energy consumption within G- Lab as a part of the servers can be turned off. In a second step, a full featured energy- and performance-aware management will be applied that considers service utilization as well as the energy consumption of the hardware. In this step, a further reduction of energy consumption is expected. Especially in heterogeneous infrastructures (as Future Internet infrastructures may be), a reduction of energy consumption is expected that significantly exceeds the energy consumption reduction that can be achieved by the first fit bin-packing approach.

[1] Bundesverband Informationswirtschaft, Telekommunikation und neue Medien e.V., Energieeffizienz im Rechenzentrum Band 2, 2008, p. 10 [2] Paul Müller, Dennis Schwerdel and Robert Henjes, G-Lab Experimental Facility. G-Lab Status Meeting, February 2011, https://fileserver.german-lab.de/files/templates/Passau/ASP7.pdf [3] David Meisner, Brian T.Gold, and Thomas F. Wenisch. PowerNap: Figure 1: Ener-G management framework eliminating server idle power. In Soffa and Irwin [4], pages 205-216. [4] Mary Lou Soffa and Mary Jane Irwin, editors. Proceedings of the 14th All of the described components are illustrated in Figure 1 in International Conference on Architectural Support for Programming the context of the G-Lab infrastructure. The physical layer Languages and Operating Systems, ASPLOS 2009, Washington, DC, USA, March 7-11, 2009. ACM, 2009. represents the physical hardware of the G-Lab infrastructure [5] http://www.sun.com/servers/x64/x4150/datasheet.pdf, 31.05.2011 without virtualization and indicates the different energy-states [6] Bundesverband Informationswirtschaft, Telekommunikation und neue of the server hardware. The virtual layer plays the role of a Medien e.V., Energieeffizienz im Rechenzentrum Band 2, 2008

Detecting Migration of Virtual Machines

André König, Ralf Steinmetz Multimedia Communications Lab (KOM), TU Darmstadt, Germany {andre.koenig, ralf.steinmetz}@kom.tu-darmstadt.de

MOTIVATION hypervisors’, control access of a hypervisor to the physical hardware. Hardware virtualization, i.e., introducing an additional layer Approaches for determining whether a system is running of abstraction (Hypervisor) between hardware and software is on a virtual machine, such as the one described by Quist the basis for current applications such as cloud computing, et al. in [11], are, in general, based on analyzing interrupt energy efficient operation of communication networks, and or memory tables. These differ depending on whether an high performance computing. Hypervisors like Proxmox [1] operating system is running on a virtual machine or directly enable running multiple virtual machines in parallel, on the on the physical hardware. This way, detecting a migration of same physical machine. By decoupling hardware and software, a system to a virtual machine is possible ex-post, if it was virtual machines may be migrated online (during operation) running directly on physical hardware before. A migration of between physical machines. From a security perspective, vir- an already virtualized machine can not be detected. tualization and migration of virtual machines offer new ways Regarding the security of migration processes, Oberheide for realizing security mechanisms but also new attack vectors et al. categorize possible attacks and demonstrate the vulner- [2]–[4]. Besides attacks on the level of the hypervisor, in ability at the example of a man-in-the-middle attack in [12]. particular in the context of migration of virtual machines, To the best of our knowledge, directly related work on the attacks on the level of the communication network must be remote of ongoing migration processes outside the migrating taken into consideration. Here, a precondition for both attacks hypervisor does not exist. and security mechanisms is detecting migration processes. Attack mechanisms may use this information to, e.g., launch DETECTING MIGRATION PROCESSES denial of service attacks. Security mechanisms can decide We conducted our experiments in the German-Lab testbed. whether an ongoing migration process is legitimate or, e.g., We set up a Proxmox 1.8 cluster on 4 identically configured whether an unauthorized image of a virtual machine is created. SUN Fire X4150 servers. The servers are connected by a Cisco For both, in addition to the detection of migration processes by 4500 L3 series switch at a bandwidth of 1 Gb/s. On Server the (possibly compromised) migrating hypervisor, a detection 1, a 32-bit Ubuntu 11.04 virtual machine was installed as performed outside the migrating hypervisor is helpful. NFS server. During the experiments, a second virtual machine The focus of our work is set on the foundations of de- running Ubuntu was migrated between Servers 2 and 3. The tecting migration processes of virtual machines, outside the virtual machine was configured with 1 CPU core, 512 MB migrating hypervisor. We present first selected experiments main memory, 8 GB hard disk located on the NFS server, performed with the German-Lab testbed [5]. Results from and an rtl8139-based network interface with direct (TAP) different scenarios of an online migration of a Linux machine access to the network. The migration process was initiated by the Proxmox Hypervisor show that the roundtrip time of manually via the Proxmox web interface. Before, during, ICMP packets is a promising metric for detecting migration and after the migration process, the roundtrip time of ICMP processes. In future steps, we will validate the results in real- packets between the migrated virtual machine and a third, world cloud-based systems. identically configured virtual machine installed on Server 4 was measured. For this, ICMP packets with a size of 64 byte RELATED WORK were sent at an interval of 0.1 seconds. Related work on security in virtualized computing environ- For now, we focus on examining whether ICMP packets ments dates back to 1976. In [6], Attanasio et al. present a should be sent from or to the machine that is being migrated, security analysis of the IBM VM/370 hypervisor. Gold et al. i.e., on whether the detection should be performed locally, by develop extensions for securing VM/370 in [7]. A survey on the machine being migrated itself, or remotely. We further attack vectors for contemporary hypervisors is presented by evaluate the effects of CPU load on the detectability of a Ferrie in [8]. migration process. Hypervisor-based malware (virtual machine-based root kits) a) Remote detection, low CPU load: Figure 1a shows such as SubVirt [9] uses virtualization techniques to insert a the results for the experiment in which we sent ICMP packets malicious hypervisor between hardware and operating system, from the virtual machine on Server 4 to the virtual machine e.g., to prepare further attacks. Opposed to this are approaches being migrated between Servers 1 and 2. The CPU load on the such as GuardHype [10], that, acting as ’hypervisor for machine being migrated was not increased artificially. In this

99 (a) Remote detection, low CPU load (b) Local detection, low CPU load

(c) Remote detection, high CPU load (d) Local detection, high CPU load Fig. 1. ICMP roundtrip times during online migration processes of a Ubuntu 11.04 virtual machine in Proxmox setup, we observe an increased roundtrip time for the whole future work. duration of the migration process. Additionally, we observe a d) Local detection, high CPU load: The roundtrip time peak roundtrip time at the beginning and packet loss at the of ICMP packets sent from the machine being migrated, i.e., end of the migration process. For reasons of presentation, the for a locally monitored migration process in combination peak is not represented fully and packet loss is represented as a with an artificially increased CPU load of the machine being negative roundtrip time in Figure 1a. The packet loss at the end migrated is shown in Figure 1d. Although we still observe of the migration phase is caused by the virtual machine’s CPU an increased roundtrip time during the migration process, we being stopped while its registers are transferred to the target neither observe the peak at the beginning, nor the packet loss at machine. Explaining the peak roundtrip time at the beginning the end of the migration process. From this, we conclude that of the migration process is part of our future work. the effects of both local vs. remote monitoring of the migration b) Local detection, low CPU load: The results for the process and CPU load are characteristic and reproducible. experiment in which we sent ICMP packets from the virtual Altogether, monitoring the roundtrip time seems to be a machine being migrated between Servers 1 and 2 to the virtual promising approach towards detecting migration processes of machine on Server 4 are shown in Figure 1b. Again, the virtual machines. In our future work, we will identify further CPU load on the machine being migrated was not increased factors that affect the detectability of migration processes and artificially. As for the previous setup, we observe an increased validate our results in real-world cloud-based systems. roundtrip time during the whole migration process with a peak REFERENCES at the beginning. In contrast to the previous setup, we did not [1] Proxmox Wiki, http://pve.proxmox.com/wiki/Main_Page, 2011. observe packet loss at the end of the migration process. This [2] T. Garfinkel et al., “When Virtual is Harder than Real: Security Chal- is because the CPU operation of the machine being migrated lenges in Virtual Machine Based Computing Environments,” Proc. of and, thus, sending ICMP packets is stopped while the CPU HotOS ’05. [3] M. Price, “The Paradox of Security in Virtual Environments,” IEEE operation is transferred to the target machine. Therefore, the Computer Magazine, vol. 41, pp. 22 – 28, 2008. packet loss that is characteristic for the end of the migration [4] D. Hyde, “A Survey on the Security of Virtual Machines,” Dept. of process when monitored remotely does not occur. Comp. Science, Washington Univ. in St. Louis, Tech. Rep., 2009. [5] G-Lab Project Homepage, http://www.german-lab.de, 2011. c) Remote detection, high CPU load: Figure 1d shows [6] C. R. Attanasio et al., “Penetrating an operating system: a study of the effect of a high CPU load on the roundtrip time of ICMP VM/370 integrity,” IBM Systems Journal, vol. 15, pp. 102 – 116, 1976. packets sent to the machine being migrated, i.e., on a remotely [7] B. D. Gold et al., “A security retrofit of VM/370,” Proc. of National Computer Conference, 1979. monitored migration process. The CPU load was increased by [8] P. Ferrie, “Attacks on Virtual Machine Emulators,” Proc. of AVAR ’06. piping /dev/urandom to an MD5 message digest generator. [9] S. T. King et al., “SubVirt: Implementing malware with virtual ma- Again, we observe an increased roundtrip time during the chines,” Proc. of S&P ’06). [10] M. Carbone et al., “Taming Virtualization,” IEEE Journal on Security migration process and the characteristic packet loss at the end and Privacy, vol. 6, pp. 65 – 67, 2008. of the migration process. However, the increased CPU load [11] D. Quist et al., “Further Down the VM Spiral - Detection affects the peak of the roundtrip time that we observed in the of full and partial emulation for IA-32 virtual machines,” http://www.offensivecomputing.net/dc14/furthur_down_the_vm_spiral.pdf. previous experiments without artificially increased CPU load. [12] J. Oberheide et al., “Empirical Exploitation of Live Virtual Machine Scrutinizing the particular reason for this effect is part of our Migration,” Proc. of Black Hat DC, 2008. Architecture and Algorithms for Virtual Routers as a Service

Zdravko Bozakov Institute of Communications Technology Leibniz Universitat¨ Hannover Email: [email protected]

Abstract —The deployment of virtualized network resources     has the potential to spur new business models and increase   flexibility for network customers as well as infrastructure op-

erators. It is worthwhile to re-evaluate how to effectively express  traditional network elements in the virtualization domain. In     this paper we consider network routers and argue that the       

    representation of routing functionality as a service, rather than                    

           

   an isolated virtual resource is better suited in the virtualization                                     context.                                   We present an architecture enabling physical infrastructure                     

                      operators to provide routing as a service by combining distributed            forwarding elements to appear a single virtual router instance              which routes traffic between a set of customer points of presence. (a) A virtual router service connecting five customer locations We provide embedding algorithms for virtual router topologies with a specific capacity demand over a provider substrate. with minimum allocation cost. We consider the customer’s geographical attachment to the network, bandwidth demands as   well as capacity constraints in the core substrate.    Parts of this work have been published at the International       

Workshop on Quality of Service 2011 (IWQoS’11).             I. INTRODUCTION        To date, a substantial amount of research in the network virtualization domain has focused on the embedding of pre- (b) Fully connected (c) Star topology defined virtual network topologies onto a physical substrate, topology a problem known to be NP-hard. A number of heuristics for Fig. 1. Equivalent VRS embedding: allocation cost S=17 (b) and S=8 (c). the general substrate embedding problem approximating the optimal solution have been proposed e.g. [1], [2], [3]. In this paper we advocate the concept of virtual routers as a router abstraction as a means for facilitating network man- service - a collection of virtual network resources functioning agement are discussed in the position paper [4]. as a single router instance as illustrated in Fig.1a. We believe that routing functionality in virtual networks is more suitably II. EMBEDDING VIRTUAL ROUTER SERVICES defined in terms of connectivity between end points rather than Our architecture is based on the assumption that customers topologies mimicking physical networks. Traditional design expect the functionality of a virtual router service to be goals such as resilience are likely to remain a responsibility of indistinguishable from that of a physical device, i.e. the the physical infrastructure provider, addressed independently traffic flow between any two nodes attached to the router is of the virtual domain instantiation. An inherent advantage limited only by the capacity of their interfaces and routing of this simplified viewpoint is that the substrate embedding tables are calculated by a single routing process. Geographical problem becomes tractable. We discuss algorithms for the op- attachment of customer PoPs, corresponding capacity demands timal allocation of resources in capacity constrained substrate as well as the available bandwidth in the substrate are the networks. In addition, we develop a flexible architecture for primary constraints for VRS. virtual router services (VRS). In the following we consider bandwidth allocation costs for VRS can be deployed to consolidate physical provider a VRS connecting a set of customer PoPs N with capacity resources and adapt substrate allocation to changing network demands bu for u ∈ N. We define the VRS allocation cost S conditions without disrupting running services. At the same as the sum of reserved substrate bandwidths b, weighted by the time, customers can reduce the number of physically hosted respective link costs c. Without loss of generality, we analyze a devices while seamlessly integrating their router instance into fully connected substrate topology spanned between n = |N| an existing infrastructure. Additional aspects of the single edges. In terms of capacity the VRS instances depicted in

101 Figures 1b and 1c offer equivalent connectivity. In Fig.1b, Algorithm 1 VRS embedding min(bu,bv) units of bandwidth are reserved between each 1: prune nodes with insufficient resources S ←∞ pair of nodes (u, v) ∈ N. Hence, the allocation cost Sfull 2: ∞ // initialize array of lower bound costs n−1 n e ∈ E is given by i=1 j=i+1 min(bi,bj)cij. Setting the capacity 3: for do // iterate through all edge nodes demands and link costs to one, it becomes evident that the cost 4: get shortest path distances d(n) from e to all n ∈ G∞ 1 S (n) ← S (n)+d(n)b(e) increase is quadratic: Sfull = n(n − 1)/2. Hence the use of a 5: ∞ ∞ point to point VRS allocation scheme is problematic even for 6: end for relatively small numbers of PoPs. 7: sort S∞ by ascending cost On the other hand, if we select any node k ⊂ N and route 8: smin ←∞, rmin ←∅ (n, s) ← (S ) traffic from all remaining edges over it, as depicted in Fig.1c, 9: pop0 ∞ // remove least cost node/cost tuple n−1 s>s the allocation cost becomes Sstar = i=1 min(bi,bk)cik and 10: while min do grows linearly with the number of customer edge nodes and 11: smin ← SSP(n,G), rmin ← n Sstar

III. VIRTUAL ROUTER SERVICE ARCHITECTURE Core Node Selection: The choice of the core node location Based on the cost considerations above we propose a star is vital to ensure a minimum cost VRS allocation. To avoid architecture comprised of a single core node, responsible for checking every feasible core node candidate for optimality us- all Layer 3 routing decisions, connected to a set of customer ing the SSP algorithm, we consider the uncapacitated instance edge gateways (CEG) over a series of intermediate nodes (IN). of the substrate graph G∞. We then calculate the allocation Each VRS is associated with a unique control plane instance costs S∞(n) for all n ∈ G∞ using Dijkstra’s algorithm and running in a virtual machine (VM) hosted at a suitable network use these as a lower bound for the capacity constrained case as site. Each VM controls its associated network elements over outlined in Alg. 1. Our simulations confirm that this approach a dedicated link. The architecture relies on a programmable substantially reduces the number of required iterations. network substrate which allows a VRS controller to modify V. C ONCLUSION the L2 and L3 flow tables of all associated forwarding engines We outlined an architecture for virtual router services which (e.g. [5]). We extend the architecture proposed in [6] to include transparently manipulates the forwarding tables of a set of the setup and management of paths connecting the VR core distributed devices allowing them to be operated as a single to customer PoPs at the network edge. The selection of least entity. The VRS takes advantage of the programmability cost paths and the installation of the corresponding forwarding offered by state-of-the-art network components. By defining entries is performed by a path management controller (PMC). the VRS in terms of customer edge capacity demands, the IV. ALGORITHMS FOR VIRTUAL ROUTER SERVICE calculation of optimal substrate mappings is made possible. EMBEDDING We presented algorithms for a minimum cost VRS embedding in capacity constrained substrate networks. The ability to Embedding a VRS involves two independent operations: the efficiently allocate VRS instances and migrate resources on selection of an optimal core node location and the allocation the fly paves the way for attractive new business models while of optimal forwarding paths to the CEGs. ensuring a simplified deployment and operation. Path Selection: The goal of the operation is the identifica- tion of least cost paths connecting the core node r to a set REFERENCES E of CEGs while providing sufficient capacity. In substrate [1] Y. Zhu and M. Ammar, “Algorithms for assigning substrate network network with limited capacity, a basic shortest path approach resources to virtual network components,” in Proc. IEEE INFOCOM is not guaranteed to minimize the allocation cost. 2006, Apr. 2006, pp. 1 –12. [2] M. Yu, Y. Yi, J. Rexford, and M. Chiang, “Rethinking virtual network em- We formulate the VRS path allocation task as a flow bedding: substrate support for path splitting and migration,” SIGCOMM network problem, which can be solved using a minimum cost CCR, vol. 38, pp. 17–29, March 2008. flow (MCF) algorithm. We interpret the substrate graph G as a [3] N. Chowdhury, M. Rahman, and R. Boutaba, “Virtual network embedding with coordinated node and link mapping,” in Proc. IEEE INFOCOM flow network and define the CEGs as traffic sinks with a flow 2009, Apr. 2009, pp. 783 –791. demand of be and the core node r as a traffic source with a [4] E. Keller and J. Rexford, “The ”platform as a service” model for flow supply of br = − E be.Anoptimal set of paths w.r.t. networking,” in Proc. INM/WREN ’10, April 2010. r [5] N. McKeown et. al., “Openflow: enabling innovation in campus net- to any given core can be calculated using the successive works,” SIGCOMM CCR, vol. 38, no. 2, pp. 69–74, 2008. shortest paths (SSP) [7] algorithm, among others. The SSP [6] Z. Bozakov, “An open router virtualization framework using a pro- algorithm has the advantage that it can efficiently handle edge grammable forwarding plane,” in Proc. ACM SIGCOMM, 2010, pp. 439– 440. demand changes or attachment of new CEGs. Note that the [7] R. K. Ahuja, T. L. Magnati, and J. B. Orlin, Network Flows: Theory, optimal flow may be split along multiple paths as proposed in Algorithms, and Applications. Prentice Hall, 1993, pp. 320–324. [2] if demands bi = bj for (i, j) ∈ E. Application and Network Services Composition with the Help of Mediation

Abbas Siddiqui∗, Michael Kleis†, Julius Mueller‡, Paul Muller¨ ∗, Thomas Magedanz‡ ∗ University of Kaiserslautern, Postbox 3049 67653 Kaiserslautern, Germany Email: {siddiqui,pmueller}@informatik.uni-kl.de †Fraunhofer FOKUS, Kaiserin-Augusta-Allee 31, 10589 Berlin, Germany Email: {michael.kleis}@fokus.fraunhofer.de.de ‡Technical University Berlin, Straße des 17. Juni 135, 10623 Berlin, Germany Email: {julius.mueller, thomas.magedanz}@tu-berlin.de

I. INTRODUCTION this paper a cross layer mediator that negotiates and exchange information between the two layers. We will explain the main In todays Internet the network stack is divided into distinct concept of the mediator in the following sections. layers which can be implemented by different protocols. Each layer offers a service to directly adjacent layers. Although II. CROSS-LAYER MEDIATION this crisp and robust design has proved its advantages (e.g. In the G-Lab DEEP project [11], we consider FC on functionality scoping, stability) there are also disadvantages Application and Network Level. The reason for this is based of this architecture. Protocols on different layers implement on the fact that e.g. functional blocks for real-time media the same functionality (e.g. IP and TCP Checksum), the processing may not be instantiated as network components physical layer is not aware of the application and cannot adapt because of their comparable high computing demands. error correction or coding (e.g. for multimedia over wireless). Besides this, there are also issues like cyberspace tussles [8], the increasing mobility of the end-hosts and the ossification of the Internet due to the increasing complexity of the pro- tocol interdependencies that lead to some new architecture proposals for a Future Internet. One proposal is Functional Composition (FC) which decomposes the functionalities of the network stack in different functional blocks. These functional blocks are loosely coupled and provide means to exchange information between functionalities of different levels. Many projects (e.g. ANA [3], RBA [2], 4WARD [1], Net-Silo [5], RNA [6], Network Service Architecture [4], and SONATE [9]) have addressed this approach from different perspective to find a best solution for a flexible future Internet architecture which can cope with the requirements of futuristic trends. The G-Lab DEEP [11] cross-layer FC architecture leads to a two-layer functional composition architecture. Services (e.g. Fig. 1. Mediator and Interfaces web services, encoding service) are composed at service layer and network services at network layer. Scope of services at To be able to instantiate such functional blocks on appli- network and service layer is not limited as any kind of service cation level a Broker component is used. In case a client could be implemented at any of both layers but it is important demands a service, which cannot be resolved by a single to take in to consideration where specific service would be service instance, the Broker is capable to combine several most optimized and efficient. This separation is still valuable service blocks into a workflow. Additionally the broker derives because an application designer should not know and compose the different service block requirements and signals them to the network functional blocks by himself but explicitly state the mediator. the abstract requirements of an application, e.g. encryption The Mediator component ,we propose, is comparable to an and QoS (maximum delay, maximum loss). Nevertheless, there intelligent middle ware allowing the application to abstract should be a feedback of the network if requirements can be met from the used FC framework or more general transport net- or not, thus service level can react by realizing e.g. encryption work. In fig. 1, the conceptional placement of components is on service level, using another media encoding, or by selecting shown such as mediator, functional composition frameworks a different content source. For this purpose we propose in and relative position of APIs. The actual mediation is not about

103 selection of a FC framework but services presented at service layer and if possible then check network constraints (e.g. level and network level which may be provided by different bandwidth, wireless or wired network, etc). Policies play one FC frameworks. Nevertheless in G-Lab DEEP context, we are of the major roles in the mediation process. Policies are simple focus on the SONATE FC framework [9]. For the mediation rules which are related to a particular domain (e.g. telephony, process Policies are used to resolve the conflicts and to derive file transfer). The mediator component uses given policies a mediation decision. The used policies are considered to be to infer the cross-layer composition. Possible workflows are domain (e.g. telephony, multimedia, file transfer) specific. The also part of policies but those workflows are not filled up interfaces provided by the Mediator are: with any particular implementation (i.e building blocks) of a 1) Legacy Interface (LI): The LI interface is based on BSD service . After selecting a suitable workflow with respect to Sockets and can be used by legacy applications to access QoS parameters, mediator will delegate the task of execution a FC based network. The Mediator performs all required of services to service and network layer. An FI API call is tasks to establish network connectivity for the legacy triggered to set-up a connection. The resulting connection application. instance will be given back from the network architecture, 2) Management Interface (MI): The MI Interface is used in case of a successful execution of a workflow, which will for mediator to mediator communication or can be be further forwarded to the application via broker so that a utilized by network operators to inject policies to be connection will be established. used for the actual mediation process. III. CONCLUSION FI 3) Functional Composition Interface ( ): The FI interface In this paper a mediation process has been proposed which is based on the abstraction library developed by the provides more flexibility in a cross-layer FC architecture. Special Interest Group on FC [10]. Based on calls to the Instead of only following a top down approach where the FI library Network connectivity and network FC based application tells the network its requirements, the network and on specified requirements can be triggered for all FC application can interact to find a suitable solution. In a FC frameworks developed inside G-Lab Projects. The FI approach, certain application level services are likely to move API offers an URI based communication paradigm com- down to the network level. Mediation helps to determine where parable to current content based addressing schemes. Rx functionalties should be executed in an optimal manner. In the 4) EPC conform Interface: This interface can be used poster presentation related to this abstract we provide a more to interact with the 3GPP EPC framework. technical description of the described use case. A. How Mediation Works IV. ACKNOWLEDGMENT To perform a mediation, it requires input from different This work is funded by the German Federal Ministry of resources as shown in fig. 2 e.g. application requirements, Education and Research within the scope of the G-LAB DEEP services from network and service layer, policies. project [11] as part of the G-Lab project. REFERENCES [1] 4WARD EU Project. http://www.4ward-project.eu/ [2] Robert Braden, Ted Faber, and Mark Handley. From protocol stack to protocol heap: Role-based architecture (2003). [3] Autonomic Network Architecture (ANA). http://www.ana-project.org [4] Sivakumar Ganapathy and Tilman Wolf. Design of a network service architecture, in Proc. of Sixteenth IEEE International Conference on Computer Communications and Networks (ICCCN), Honolulu, HI, (Aug. 2007). [5] R. Dutta, G.N. Rouskas, I. Baldine, A. Bragg, and D. Stevenson. The Silo architecture for services integration, control, and optimization for the future internet Communications, 2007. ICC ’07. IEEE International Conference, (June 2007). [6] Venkata Pingali, Joseph D. Touch, Yu-Shun Wang. A recursive network architecture (2006). [7] Howard Foster, Arun Mukhija, David S. Rosenblum and Sebatian Uchitel. A Model-Driven Approach to Dynamic and Adaptive Service Brokering using Modes. [8] David D. Clark, Karen R. Sollins, John Wroclawski, Robert Braden. Tussle in Cyberspace: Defining Tomorrowds Internet, In Proc. ACM Fig. 2. Required input for mediation SIGCOMM (2002) [9] Paul Mueller, Bernd Reuther. Future Internet Architecture - A Service Oriented Approach, it - Information Technology, Jahrgang 50 (2008) An application will send requirements to the broker, it [10] G-Lab Special Interest Group Functional Composition. GAP: A G-Lab is a task of the broker to look for existing services at the Application-to-Network Interface, Euroview2011, Wurzbug,¨ Germany service layer with respect to the application requirements and [11] BMBF Funded Project, G-Lab DEEP, http://www.g-lab-deep.de/ [12] 3GPP TS 36.300, Evolved Universal Terrestrial Radio Access (E-UTRA) inform the mediator about existing services and the application and Evolved Universal Terrestrial Radio Access Network (E-UTRAN). requirements. As soon as the mediator received a request from [13] 3GPP TS 23.203, V10.0.0 (2010-06), Policy and charging control the broker, it will look for possible services from the network architecture (Release 10). G-Lab-ToMaTo-Teagle Federation

Konrad Campowsky, Fabian Eichhorn Christian Henke Next Generation Network Infrastructures Architektur der Vermittlungsknoten Fraunhofer FOKUS Technische Universität Berlin Berlin, Germany Berlin, Germany {konrad.campowsky,fabian.eichhorn}@fokus.fraunhofer.de [email protected]

specific semantics. An abstraction layer is made up of so- I. INTRODUCTION called resource adapters (RA) to which the PTM delegates the . The broad field of Future Internet research requires task of addressing resource specific types of communication. diverse infrastructures that serve different needs across These resource adapters can be viewed as device drivers in the domains and layers. Federation between different sense that they possess detailed knowledge about semantics of experimental facilities is foreseen to address those the resources instances they are responsible for. At its core requirements as single testbeds cannot offer the full range of level, a PTM itself is completely unaware of this nature and technologies that are required by the Future Internet acknowledges resource instances merely as fundamental community. This abstract outlines an approach for integrating entities. the G-Lab experimental facility with the Teagle federation B. The G-Lab Testbed Facility framework by using the Topology Management tool (ToMaTo). The G-Lab testbed facility [4] is based on the PlanetLab infrastructure [5] and provides a clustered environment A. The Teagle Federation Framework distributed all over Germany to different customers from the Teagle is a resource federation framework that has been academic world. This environment allows researchers to book developed in the context of the Panlab II project [1]. An slices of infrastructure in order to experiment their concepts. important conceptual feature of the Teagle approach is that it The infrastructure which can be booked consists of virtual aims at being a truly generic design that is able to deploy, server with specific processing power, storage and manage and subsequently offer arbitrary resources and interconnection capabilities in terms of throughput and services [2]. bandwidth. According to specific requirements regarding The fundamental technical management authority of a processing power, storage and connectivity slices are allocated Teagle domain is a Panlab Testbed Manager (PTM) which has to a specific project. PlanetLab is one of the platforms been described in detail in [3]. A PTM’s main functionality is working under the umbrella of the GENI [6]. It is a global the execution of generic provisioning operations on resources research network in the form of a distributed computing under its control. These resources are distinctly typed, platform, designed to support the development of new network uniquely named, and can expose further specific operations in services. The actual control framework software used by G- addition to PTM’s generic operations. Resources follow a Lab is called PlanetLab Central (PLC). Its primary focus lies dynamic lifecycle; resource types can be instantiated, these on multiplexing the computing resources of nodes (servers) instances can be worked with, (re-)configured, and finally de- through distributed virtualization. Nodes run a minimal provisioned from the system. A high level overview of a PTM version of a Unix operating system and are divided into virtual domain and its architecture is given in Fig. 1Figure 1. containers. The resources (reserved CPU percentage, memory and bandwidth allocations, etc.) bundled by such a virtual container are called a sliver. PLC then groups these slivers into slices which are owned and subsequently administered by the party requesting the instantiation of a slice. Note that a sliver always belongs to exactly one distinct slice. C. Topology Management Tool The Topology Management Tool (ToMaTo) allows researchers to define complex network topologies and deploy them on the G-Lab facility. These topologies can include components like virtual machines (both KVM [8] and Figure 1: Structural overview of a PTM domain OpenVZ [9] based), switches, hubs and routers. It further more enables the user to specify network link parameters like Given the high heterogeneity of resource types a PTM has to bandwidth, delay and jitter. support, it obviously cannot be directly aware of all resource

105 Even though ToMaTo offers its users a convenient The user can create a number of Virtual machines and form a graphical user interface, its full functionality is also exposed network by interconnecting the machines with switches. through an XML-RPC API that accepts a description of a Optionally, the user can choose to deploy a Link resource to topology in a defined XML format. define this interconnection. This allows the user to specify The Topology management tool and its capabilities are advanced configuration parameters like bandwidth and loss described in more detail in [10]. rate. Fig. 2 shows a ToMaTo topology created in Teagle.

II. RESOURCE MANAGEMENT AND FEDERATION A. Design Considerations Our architectural design for integrating the G-Lab facility with the Teagle framework takes into consideration that ideally resources acquired from G-Lab should be seamlessly usable with other Teagle resources and furthermore support the same capabilities. This means that the PTM must also be enabled to make use of slivers offered by G-Lab in the same way it would utilize resources under its direct control. Although G-Lab does not directly support the PTM’s notion of a resource hierarchy, this requires little efforts. After Figure 2:A ToMaTo topology created in Teagle’ VCT Tool acquiring resources from G-Lab, the PTM must merely setup After creating the specified topology on G-Lab, the appropriate RAs for further configuration. For example, for ToMaTo Adapter will deploy additional RAs to facilitate virtual machines this implies programmatically accessing the provisioning on the created G-Lab nodes. Thus, the user can machine through SSH and deploying a RA that allows use the G-Lab nodes like any other VMs created in Teagle. installing further software packages on the machine. While ToMaTo offers virtual machines based on either the III. CONCLUSION AND OUTLOOK KVM or OpenVZ virtualization technologies, only the KVM In this article we have shown how the G-Lab facility can be variety is fully suitable for seamless usage in a Teagle testbed. enabled for federation with other experimental facilities by In contrast to KVM - which is a hypervisor based integrating it with the Teagle federation framework. virtualization solution - OpenVZ is a container based solution However, many things are left to be done at the PTM side. and is unable to support all features that other VMs in Teagle The process of selecting resources is not yet completely offer. Consequently, our implementation will only create transparent for a TEAGLE user. In the future, the placement KVM virtual machines. of virtual nodes will have to be decided by the PTM itself. B. Prototype Implementation Also, currently the user still needs to create a topology The obvious choice for integrating any type of resource into resource to contain other resources from G-Lab. This is a Teagle is by writing an appropriate RA for a PTM. limitation that does not exist with other VMs in Teagle and Consequently, this is what we did. The ToMaTo Adapter which we plan to remove in the future. translates the generic CRUD operations it receives from the [1] Website of Panlab and PII European projects: http://www.panlab.net PTM into appropriate XML-RPC requests that are dispatched [2] Konrad Campowsky, Thomas Magedanz, and Sebastian Wahle. towards the ToMaTo API. The adapter itself is a wrapper Interoperability in Heterogeneous Resource Federations. In around the ToMaTo interfaces. It stores no information about International Conference on Testbeds and Research Infrastructures for created resources or their configuration itself. It rather relies the Development of Networks and Communities (TRIDENTCOM 2010). ICST/Springer, 2010. on the ToMaTo API which it queries each time information [3] Campowsky, K., A. Gavras, B. Harjoc, T. Magedanz, and S. Wahle. about resources offered by ToMaTo is required, thus avoiding "Pan-European Testbed and Experimental Facility Federation – a split-brain problem. Architecture Refinement and Implementation." Inderscience The following list shows the resource types exposed by the International Journal of Communication Networks and Distributed Systems(IJCNDS), Special Issue: Recent Advances in Test-bed Driven RA towards Teagle and their mapping on ToMaTo resources: Networking Research, 2010 - Topology: A virtual resource that serves as a grouping [4] Website of the G-Lab experimental facility: http://www.german-lab.de/ of resources. It represents a testbed created in ToMaTo. [5] Website of the PlanetLab experimental facility: - VNode: A virtual machine. This type maps to a Node http://www.planet-lab.org/ [6] National Science Foundation, GENI website: http://www.geni.net in a ToMaTo topology. [7] Website of the Topology Management Tool: - Switch: Representation of a ToMaTo switch. http://tomato.german-lab.de/ - Router: Representation of a ToMaTo router. [8] Website of the Kernel Based Virtual Machine (KVM) project: - Link: Represents the connection of a VM and a switch. http://www.linux-kvm.org/page/Main_Page [9] Website of the OpenVZ project: http://wiki.openvz.org/Main_Page - Network: Representation of an IP based network [10] Dennis Schwerdel. ToMaTo - a network experimentation tool. In Any other ToMaTo related aspects are handled International Conference on Testbeds and Research Infrastructures for transparently to the user. The Teagle user can design the Development of Networks and Communities (TRIDENTCOM topologies from these types using the Teagle frontend tools. 2011). ICST/Springer, 2011

Tuesday, August 2nd Program – Demo Session

Tuesday, August 2nd, 2011, 2:00 PM to 3:00 PM Demo Session

th

11 Würzburg Workshop on IP:

Joint ITG and Euro‐NF Workshop on

“Visions of Future Generation Networks“ EuroView2011

Co‐located with Official G‐Lab Status Meeting

Chair of Communication Networks Institute of Computer Science University of Würzburg

th

11 Würzburg Workshop on IP:

Joint ITG and Euro‐NF Workshop on

“Visions of Future Generation Networks“ EuroView2011

Co‐located with Official G‐Lab Status Meeting

Chair of Communication Networks Institute of Computer Science University of Würzburg Service Component Mobility Enabled by Network Virtualization

Daniel Schlosser∗, Michael Duelli∗, Thomas Zinner∗, Sebastian Meier‡, David Wagner‡, Marc Barisch‡, Marco Hoffmann†, Wolfgang Kellerer§, Matthias Schmid¶ ∗ University of Wurzburg,¨ Chair of Communication Networks, Wurzburg,Germany¨ † Nokia Siemens Networks GmbH & Co. KG, Munich, Germany ‡ Institute of Communication Networks and Computer Engineering (IKR), Universitat¨ Stuttgart, Stuttgart, Germany § DOCOMO Communications Laboratories Europe GmbH, Munich, Germany ¶ Infosim GmbH & Co. KG, Wurzburg,¨ Germany

I. INTRODUCTION II. ARCHITECTURE

Today’s Internet provides access to many services like Network virtualization techniques are considered to change email, web, and file transfers, but its structure is inflexible. the classic ISP model and comprise new functional roles. Further, it is hard to introduce new network services with The roles in such an architecture are illustrated in Figure 1. individual quality of service (QoS) requirements. The future Basically, we distinguish the following functional roles: Internet will be faced with additional challenges like a rising • The physical infrastructure provider (PIP) owns and op- number of mobile users connected via wireless links or real- erates the hardware and offers virtualized resources. time services with high bandwidth demands. Therein, transport • The virtual network provider (VNP) gathers these virtual of information underlies several hard constraints, regardless resources and constructs virtual networks. of the type of information or its data volume. However, the • The virtual network operator (VNO) requests networks Internet architecture is still bound to its best effort basis and with special requirements and brings them to life, i.e. it thus is not able to satisfy these demands. installs the hosts, defines the protocols, and controls the Network virtualization (NV) is the key technology to keep network. up with this development by reducing the time and overhead • At the edges of the network, the end customer (EC) and required to introduce new services, change the reach of ex- the application service provider (ASP) request and offer isting networks, or support new applications like cloud com- services, which are delivered in high quality by the virtual puting services. NV can be used to consolidate networks on network. a functional level and differentiate them on a service level. In such a future Internet, a multitude of virtual networks (VNet) Figure 1 provides an overview of the stacking of the functional will coexist and complement each other. These coexisting roles. A more detailed summary of these roles can be found networks allow specialization but require isolation of func- in [1]. tionalities to provide dependable and predictable networks. The objective of the Control and Management of Coexisting Networks (COMCON) project is to design novel control and management mechanisms that support the provisioning, oper- ation, and teardown of VNets in a future networking scenario and to illustrate their economic advantages. To that end, COMCON addresses a couple of challenges that have not been sufficiently considered by existing approaches. This includes network operation issues, the support of arbitrary network technologies, technology migration and reuse considerations, and traffic management with respect to the perceived service quality. In this demonstration, we show the interaction between the different involved parties in our reference architecture for NV. It details the operation, control, and monitoring of VNets considering different functional roles and their information exchange. The reminder of this paper is structured as follows. In Section II we discuss our proposed reference architecture. Section III details control and monitoring patterns and Section Fig. 1. Functional roles within the COMCON architecture IV describes the set up of our demonstration.

109 to the DC of the upper layer. The control loop is not neces- sarily closed. For instance, a VNP might decide to replace a

DC2 misbehaving PIP by another PIP. The main aspects of our architecture and operation model have been implemented for the demonstrator. In the following section, we describe the demonstration in more detail.

IV. DEMONSTRATION SCENARIO In the demonstration, we focus on a small network scenario with three edge nodes and five intermediate virtualized net- DC1 work nodes, cf. Figure 2. We consider a video-on-demand ASP delivering its content to the end customers from a data center providing cloud platform-as-a-service infrastructure. The ASP Fig. 2. Considered Demo Scenario contracts a data delivery service with a VNO, which therefore requests and reserves a virtual network between the data center III. CONTROL AND MONITORING PATTERNS and the customers. Due to an increase in the customer base, During the operation phase of a VNet, the VNet needs the virtual network extends its resources on the same links to be monitored, controlled, and adapted to changing re- and later on also acquires virtual resources on other links to quirements and changing environments. To that end, each meet the demand of the service. At the point, the customer functional role comprises measurement agents within its com- base in the target location exceeds a certain threshold, it is ponents. These measurement agents gather information about economically reasonable to move the service closer to the the component state and accumulate this knowledge into a customers and save virtual network resources. monitoring database. A decision component (DC) decides Please note, that all changes of the virtual network are on that information whether the quality of the service is automatically triggered by the control plane based on the acceptable or not. Hence, further action may be triggered, like monitoring data. This differs from nowadays network manage- ordering additional resources, changing the network operation ment which requires a high degree of human interaction. The or claiming SLA violations. In previous work [2] we discussed provisioning of the links is performed via GMPLS signaling. three different control and monitoring patterns that can be QoS monitoring data and QoE measurements are generated hierarchically combined: by the network nodes and end systems. This information is Horizontal Control Loops: In the operation phase, each collected via the agent system of StableNet[3], and processed functional role (PIP, VNP, VNO, ASP) has at least a control to provide meaningful network status updates to the control component, a DC and a monitoring component. With these plane. For the video transmission we deploy scalable video components the role is able to manage its resources and codec streaming between the cloud service and the customer. fulfill the agreed SLAs. Based on obtained monitoring data, Based on the conducted measurements, the control plane the DC can instruct the control component to trigger certain automatically decides to perform flow migration. In order to actions. The result of the actions is perceived by the moni- optimize the network and satisfy the user needs this can also toring component. For example, if the monitoring component lead to a concurrent multipath transmission over links with measures high packet delays, the DC can decide to increase different QoS parameters. the bandwidth on one link, which is performed by the control V. ACKNOWLEDGMENTS component. This results in reduced packet delays confirmed This work was funded by the Federal Ministry of Ed- by the monitoring component. ucation and Research of the Federal Republic of Ger- Vertical Control Loops: Vertical control loops show the inter- many (Forderkennzeichen¨ 01BK0917, Forderkennzeichen¨ working between two adjacent roles. In case one role is not 01BK0918, GLab). The authors alone are responsible for the able to solve the detected issue alone it has to cooperate with content of the paper. an adjacent role. Vertical Control Loops triggered by upper layer: The REFERENCES monitoring of the upper layer detects a problem and informs its [1] D. Schlosser, M. Jarschel, M. Duelli, T. Hoßfeld, K. Hoffmann, M. Hoff- DC. The DC cannot solve the problem by means of horizontal mann, H. J. Morper, D. Jurca, and A. Khan, “A Use Case Driven control and informs the DC of the lower layer, which triggers Approach to Network Virtualization,” in accepted at IEEE Kaleidoscope 2010, published via OPUS Wrzburg under OpenAccess, Wrzburg, Dec. appropriate control actions. The result of the control actions 2010. is perceived by the monitoring component of the lower layer [2] S. Meier, M. Barisch, A. Kirstadter,¨ D. Schlosser, M. Duelli, M. Jarschel, as well as by the monitoring layer of the upper layer. T. Hoßfeld, K. Hoffmann, M. Hoffmann, W. Kellerer, A. Khan, D. Ju- rca, and K. Kozu, “Provisioning and Operation of Virtual Networks,” Vertical Control Loops triggered by lower layer: In contrast Electronic Communications of the EASST, Kommunikation in Verteilten to the previous case, the monitoring of the lower layer detects Systemen 2011, vol. 37, Mar. 2011. a problem and informs its DC which escalates the problem [3] Infosim GmbH & Co. KG, “Stablenet,” http://www.infosim.net, 2011. Media Processing in the Future Internet

Markus Bauer, Stefanie Braun, Peter Domschitz Bell Laboratories, Service Infrastructure Research Domain Alcatel-Lucent, Stuttgart, Germany { Markus.Bauer, Stefanie.Braun, Peter.Domschitz } @ alcatel-lucent.com

placed to the media streams and the more the network can be I. INTRODUCTION offloaded from avoidable traffic. But beneficial utilization of Handling the predicted growth of video and media traffic [1] distributed processing resources requires a new approach how is one of the key challenges future generation networks need resources are selected. Today, placement of processing func- to address. Basically this is not a new challenge, as in the past tions is an administrative task and the decision is performed the Internet has already seen and handled enormous growth of prior to service runtime. Later, at service runtime any to be traffic. And to a large extend this growth was driven by video processed media stream is sent, independent from origin and centric services. One example for such a service is YouTube, destination, to the location where the processing functions which daily streams out 2 Billion videos to its customers, have been placed prior to service runtime. generating an overall traffic of about 25 PB per day. As a NETCOMP overcomes such inefficient utilization of trans- consequence, efficient video distribution is of big importance port resources by introducing the idea of late binding of in today‘s networks. Up to now cache-assisted delivery processing resources. The location where media processing is schemes [2] enabled the networks to scale with the data traffic executed is no longer decided prior to service runtime. Instead, imposed by video centric services. this placement decision is delayed until educated selection of But there is more to video‘s future than efficient bulk distri- processing resources can be performed. Such informed selec- bution. Future video centric media services will be different. tion is possible, when a media flows‘ minimal footprint (refers More and more people will not only consume, but also active- to the most efficient path) in the network is known. This is ly produce content. A lot of these services will be used by possible only at service runtime, when source and destination mobile users and personalization of content will be the com- of the media flow are known. Having this knowledge, we can mon case. Such services ask for intermediate processing of derive best fitting close by processing resources for perform- media streams in the network. Interactive/real-time require- ing required media processing on the media stream. ments must be met to achieve satisfying QoE for the users of To implement this approach two main challenges need to be such services. addressed: First, algorithms are needed, which derive best Today‘s successful cache-assisted delivery schemes fail to fitting processing resources for executing media processing serve personalized services which show such production, functions that belong to a specific media stream. Second, as processing and individual delivery characteristics. In conse- processing resources are dynamically selected at service quence, it is no longer possible to offload networks by simply runtime, instantiation of required media processing functions caching content at appropriate locations in the network. needs to be performed in way, which preserves satisfying QoE Instead, there is a need to acquire computing resources in for the user of the service. In the following the second chal- the network to perform the required processing on the media lenges will be discussed in more detail. streams. An approach, which places all required media processing functions in one or a limited number of centralized III. DYNAMIC INSTANTIATION OF MEDIA FUNCTIONS locations will not scale, as the networks will not be able to Utilizing Cloud Technologies: MediaCloud sustain all the media traffic that needs to be processed. [3] The concept of virtualization and its realization by means of The G-Lab project NETCOMP gives an answer to that chal- virtual machines is the basis how today dynamic allocation of lenge by offloading the (core) networks by means of localizing processing resources for execution of user defined processing traffic. This is achieved by jointly optimizing networking and functionalities is achieved. This section investigates what processing resources. performance virtual machines can provide for dynamic instan- tiation of media processing functions on processing resources II. LATE BINDING OF PROCESSING RESOURCES in the network. These investigations were performed by im- Future (immersive) media services require processing in the plementing and evaluating a personalized media centric use networks to build a personalized user experience from the case on the MediaCloud framework utilizing the G-Lab expe- media streams which compose the basis for the service. To rimental facilities. keep traffic in the network local, media processing functions Use Case: Personal View Generation need to be placed on processing resources, which are located close to the media streams, crossing the network from media Interactive personalized services are composed of multiple source or sink to the service consumer‘s point of attachment. media processing components and pose new challenges to In principle, the more processing resources are distributed today‘s virtualization technologies and media frameworks. across the network, the closer processing functions can be Each media processing step requires decoding and encoding of

111 the media content to guarantee efficient channel utilization. case shows that today‘s VMs impose huge overhead on media Successive de- and encoding steps impose additional applications. Each VM contains a complete operating system processing overhead and delay on the media processing. And with many processes and other functions, e.g. printer support, each additional coding step decreases the quality of the media not relevant for media processing. So it takes several minutes content. An exemplary interactive media use case is built on to startup a VM. This is not acceptable for real-time services. the G-Lab platform to evaluate if today‘s virtualization tech- Optimization nologies and media frameworks are ready for the challenges Tests in the evaluation environment show that the VM star- imposed by distributed media processing. tup time is influenced by two factors: copying the disk image The personal view service provides a 360 degree live video, to the selected processing resource and the boot time of the e.g., of a conference room. Each user gets his personal view operation system (OS). A fast startup approach for VMs was into the conference. The user can change his view by rotating developed and tested that brings down the VM startup time to his mobile device. When the viewing angle of the mobile several seconds instead of minutes. To ensure fast access to device changes the user‘s view into the conference room is the disk images these are distributed to each MediaCloud adapted synchronously. location by means of a NFS server. Instead of creating a new disk image per VM, MediaCloud takes advantage of template images that are shared between identical components in one location. Only read access is allowed on the disk image to avoid corrupted data in case of concurrent VMs sharing the same disk image. Instead, permanent changes to the image are stored in temporary files local on the physical host on which the VM runs. Hence, disk image copy processes can be com- pletely avoided. Furthermore, the OS boot time is reduced by suspending a VM prior to its distribution. This results in a fast VM start that requires only 4 to 5 seconds until the wake up process is completed and the VM has received a new network address. But real-time interactive media applications require startup times within milliseconds. Even with the optimizations introduced here, this cannot be achieved by means of today‘s Figure 1. Personal View Generation cloud virtualization technologies.

In the use case multiple cameras are placed in the centre of IV. CONCLUSION AND OUTLOOK the conference room and provide live video content. The stitching component mixes these videos to a 360° video. In a Future real-time media services demand distributed execu- monolithic design implementing that functionality in a single tion at disperse cloud processing locations to meet mission virtual machine the resulting coding delay of the complete critical QoE expectations and limit bandwidth requirements. 360° video would take a couple of seconds which is not ac- Media frameworks for executing flow oriented media ser- ceptable for this kind of interactive service. That‘s why mul- vices are available today. But those lack support for distri- tiple stitching components are used to create smaller parts of buted service deployments and fail to provide required execu- the 360° video that can be encoded with an acceptable encod- tion performance, efficiency and scalability. To overcome ing delay. These are sent to the media distribution component. those limitations we have to challenge fundamental pillars of For each connected user a personal view renderer is started today‘s (cloud) technologies by inventing systems software which computes the personal view for the user depending on specifically designed for extreme efficient execution of inter- the rotation angle of his mobile device. active media services on network distributed computing re- The service control triggers the dynamic start of the required sources. Furthermore, we are working on algorithms for the on components by the MediaCloud service nexus and intercon- the fly (re-)placement of fine-grained processing tasks to nects them. The service nexus places the components local to satisfy expected QoE and offload networks by selecting re- the media streams. E.g., the personalized view renderer is sources at appropriate locations. placed on a processing resource that is close to the user. The [1] —Cisco Visual Networking Index (VN): Forecast and Methodology, 360° video is multicasted to the access where the user specific 2010-2015“. renderer components are placed. This offloads the network [2] —Content Networking: Architecture, Protocols, and Practice“, by Markus and the short feedback loop between rendering function and Hofmann and Leland Beaumont, Morgan Kaufmann, February 2005, mobile viewer guarantees a fast service response time. ISBN 1-55860-834-6 Performance Evaluation [3] Peter Domschitz, Markus Bauer, Jürgen Sienel and Marcus Kessler: —Move Apps not Data œ A new Paradigm for the Future Internet“ Proc. For the evaluation of the use case the MediaCloud was built of the 10th Wuerzburg Workshop on IP: 'Visions of Future Generation upon KVM virtualization technology which is part of the Networks' (EuroView 2010). Linux kernel. Each media component is started in an own This work is co-funded by the German Federal Ministry of Education and virtual machine (VM) on the experimental facility. The use Research (BMBF) within the G-Lab project NETCOMP (FKZ 01BK0940). Cross-Layer Security and Functional Composition for a Future Internet

Michael Kleis∗, Abbas Siddiqui†, Irfan Simsek‡, Martin Becke‡, Dirk Hoffstadt‡, Alexander Marold‡, Christian Henke§, Julius Muller¨ §, Cristian Varas∗, Thomas Magedanz §, Paul Muller¨ †, Erwin Rathgeb ‡ ∗ Fraunhofer FOKUS, Germany Email: {michael.kleis, cristian.varas}@fokus.fraunhofer.de † University of Kaiserslautern, Germany Email: {siddiqui, pmueller}@informatik.uni-kl.de ‡University Duisburg - Essen, Germany Email: {martin.becke, irfan.simsek, dirk.hoffstadt, alexander.marold, erwin.rathgeb}@iem.uni-due.de §Technical University Berlin, Germany Email: {christian.henke, julius.mueller, thomas.magedanz}@tu-berlin.de

I.INTRODUCTION Broker VoIP Provider 1 VoIP Provider 2 Today’s Internet can be characterised as a global scale packet based network offering best effort transport. The results of intensive network research and standard development in Router the areas of security, IPv6, Quality-of-Service (QoS) and 1 Router 4 reliability are most of the time not available for the common Legend Security end user. In fact security sensitive services becoming more Components and more popular leading to several security related problems Router Router Multimedia 2 3 Service to be addressed for a Future Internet. One example for such a Measurement Functional block service is Voice-over-IP (VoIP) based on the Session Initiation Filtering functional block Protocol (SIP). Among many SIP attack types, Registration Sensor functional Hijacking aiming for a toll fraud is one attractive attack. In block FC enabled router a raid in december 2010, people were arrested who caused a Attacker Visualisation Client damage of about 11 million Euro with such an attack [4]. To address aforementioned issues, the G-Lab DEEP Project [1] Testbed Topology, Demonstrator Components and Functional Blocks investigates in Functional Composition (FC) [3] which allows Fig. 1. to introduce and combine network and security functionalities on demand, to establish a data path between communicating developed on a G-Lab Testbed. devices optimised for their needs. The additional integration of Cross-Layer principles allows services to state requirements II.TOLL FRAUD SCENARIOAND G-LAB DEEP to the network and at the same time the network can provide COMPONENTS feedback using e.g. a subscription/notification mechanisms for individual connections. In a typically toll fraud attack, the attacker begins to scan In this paper we describe a demonstrator developed within a VoIP domain to discover the SIP Servers and available the G-Lab DEEP project [2] combining Cross-Layer Security user accounts. In the next step, the attacker attempts to and FC principles. The use case we address is the protection hack discovered user accounts. To detect and mitigate such of VoIP domains against Registration Hijacking attacks. In the attacks we adopt a network level FC framework with security demonstration is shown how Cross-Layer Security combined Functional Blocks and Cross-Layer interaction with service with Network and Application Level FC principles can be level components. As a result we are able to keep the impact used in a flexible way to detect, trace back and mitigate such of toll fraud attacks within limits (as practically, it cannot be attacks. The combination of Cross-Layer and FC principles completely avoided). The core components of our demonstra- allows to assign the resources of network components in a fine- tion scenario are: grained and controlled way. Measurement probes for detection • VoIP Providers: For the demonstrator we use two and trace back as well as filter modules can be instantiated on provider instances. One based on the IP Multimedia demand for selected flows. The whole process is controlled Subsystem (IMS), the other one based on an Asterisk based on predefined FC templates. The prototype has been Server.

113 • Client: Based on the MyMONSTER client, a Softphone for voice and video over IP. • Attacker: Based on the commonly used SIPVicious tool to start the attacks in the demonstration scenario. • SONATE: The G-Lab DEEP FC Framework [3] used 00000 to manage, execute and deliver the requested network 3 functions. 7 4 • Cross-layer Mediator: The Mediator [6] coordinates 6 Mediator

cross-layer composition based on policies, application 7 requirements, constraints and available FC functional 2 4 4 blocks. 4

• Broker: The Broker selects and composes the required 5 5 5 1 application level services necessary to satisfy the user 7 request. The corresponding network related requirements are signalled to the Mediator. • Intrusion alert Correlation and Aggregation Center Fig. 2. Attack Mitigation on Real-Time Display (ICAC): To correlate and aggregate intrusion alerts. • Packet Tracking Collector: To correlate and aggregate network measurements. 6) The Packet Tracking Collector informs the Broker about The FC functional blocks developed to be used in the the G-Lab node close to the source of the attack. demonstration with SONATE are: 7) The Broker triggers SONATE to activate the filtering • Packet Tracking Probes: Measurement probes for the functional block at the reported G-Lab node via the traceback of attacks. Cross-Layer Mediator. • Filtering: A functional block for filtering of attack flows. To be able to illustrate these steps, the demonstrator has two • SIP Intrusion Detection Sensor System: Distributed network related visualisation displays. The first one is based sensors for the detection of SIP intrusions. on netview [7] to visualise the actual network flows in the The G-Lab network setup with the described components demonstrator testbed, as well as the trace back for attack is shown in Fig.1. To show also the possible damage of mitigation. The second one is a real-time display, showing registration Hijacking attacks, the demonstration is based on the components, activated functional blocks and the high level the following steps: message flows between components. In Fig.2 the current 1) Registration Hijacking Attack to an unprotected SIP version of the real-time display is shown while displaying the domain. interactions of demonstrator components in defence condition. 2) Hacked user account is used at a VoIP Server to establish In the actual demonstration the interaction between compo- a video call to a premium number. The legitimate user nents is visualised sequentially. would have to pay the call. IV. ACKNOWLEDGEMENTS 3) Network is set to defence condition: Sensors are acti- This work is funded by the German Federal Ministry of vated to detect Registration Hijacking attacks. Network Education and Research within the scope of the G-LAB DEEP level FC templates contain sensor, trace back and filter project [2] as part of the G-Lab project. functional blocks. In the following we describe the demo flow for the last step. REFERENCES [1] BMBF Funded Project, G-Lab, [online] (last access 09.06.2011) III.DEFENCE CONDITION http://www.german-lab.de After starting the attacker, the interactions from detecting [2] BMBF Funded Project, G-Lab DEEP, [online] (last access 09.06.2011) http://www.g-lab-deep.de until blocking the attack are as follows: [3] Paul Mueller, Bernd Reuther. Future Internet Architecture - A Service 1) Sensor functional blocks detect the intrusion based on Oriented Approach, it - Information Technology, Jahrgang 50 (2008) [4] Sandro, 11 million Euro loss in VoIP fraud .. and my VoIP logs, predefined attack patterns. [online] (last access 09.06.2011) http://blog.sipvicious.org/2010/12/11- 2) Sensors report intrusion alerts in Intrusion Detection million-euro-loss-in-voip-fraud-and.html Message Exchange Format (IDMEF) [5] to the ICAC. [5] H. Debar, D. Curry, and B. Feinstein. RFC 4765 - The Intrusion Detection Message Exchange Format. IETF, (2007) 3) Correlating and aggregating the alerts. The ICAC trig- [6] Abbas Siddiqui, Daniel Gunther,¨ Paul Mueller. Mediation between Ser- gers the Broker and reports attack source IP-Address and vice and Network Composition, 10th Wrzburg Workshop on IP: Joint attacked SIP Extensions to the Broker. ITG, ITC, and Euro-NF Workshop ”Visions of Future Generation Net- works” EuroView, (2010), Wurzburg,¨ Germany 4) Broker triggers SONATE to activate the Packet Tracking [7] Santos, Tacio, Henke Christian, Schmoll Carsten, Zseby Tanja, Multi- components via the Mediator. hop packet tracking for experimental facilities, Proceedings of the ACM 5) Trace back of the attack traffic to the last G-Lab node SIGCOMM conference (2010), New Delhi, India with filtering functional block. Demo Abstract: A Showcase on Live Video Lecturing Using the H∀Mcast-Architecture

Sebastian Meiling, Thomas C. Schmidt, Sebastian Zagaria Matthias Wahlisch¨ {sebastian.meiling, sebastian.zagaria}@haw-hamburg.de, [email protected] [email protected] Internet Technologies Research Group – Department Informatik Institut fur¨ Informatik Hamburg University of Applied Sciences Freie Universitat¨ Berlin Berliner Tor 7, 20099 Hamburg, Germany Takustr. 9, 14195 Berlin, Germany

Abstract—The H∀Mcast-architecture provides a universal Group Application join/leave group-communication service, its concept combines an abstract Socket naming scheme for multicast groups, a common multicast API HAMcast Stub send/receive API-Library and a service-middleware for endsystems. In our demo showcase C

we present the prototype of the H∀Mcast-middleware and API P Middleware I using the G-Lab testbed environment. We developed a live- Sockets HAMcast lecturing software that uses H∀Mcast to send and receive a Socket video-stream and group-chat via multicast. Further, we introduce a monitoring framework to visualize multicast trees and node information. Service Selection

I.INTRODUCTION Group- Group communication is a paradigm found in many pop- Scribe Mapping IPv4 IPv6 IPv4 IPv4 ... IPAvL4M ular Internet applications, such as IPTV, MMORGs and in- IPv4 IPv4 IPv4 Service- stant messaging. Data distribution within a group of multiple Discovery senders and receivers is most efficiently done using multicast. Pluggable Technology Modules Nevertheless, despite the variety of existing multicast tech- Underlay nologies, these application often rely on proprietary techniques based on IP-unicast, such as proxies or cache-servers. The Fig. 1. H∀Mcast-Architecture Overview two key problems are: (a) incompatible application interfaces between different multicast technologies (e.g. IPv4/IPv6 and ASM/SSM), and (b) divergent deployment states of multicast does not rely on a complete deployment of the H∀Mcast- services. This forces developers and programmers of group middleware on every endsystem. On the contrary it allows applications to choose a multicast-technology at compile-time, for an incremental deployment within networks and attached unaware of the availability at run-time. Often the result is, nodes. that multicast is not used at all. However, multicast is often We implemented the H∀Mcast-middleware prototype in available in campus and enterprise networks. Unfortunately, C++. Fig. 1 gives an overview on the design of our software there is no general interconnection of these edge-networks over prototype, that consists of three core components: the Internet, thus they remain isolated. The H∀Mcast-architecture overcomes these obstacles and • a common API, for transparent multicast access provides concepts to enable a universal multicast service , i.e. • a user-space middleware, running once per host an abstract naming scheme, a common multicast API and • dynamic loadable multicast technology modules system-centric middleware component as well as gateways The H∀Mcastmulticast API is provided as a library in (IMGs) to cross administrative or technological borders. In C++ and is in full conformance with the IRTF draft [2]. our demonstration we present a showcase on the H∀Mcast- The H∀Mcast-middleware provides an abstraction from the prototype, including the usage of the multicast API and the available multicast-technologies and connects via a selfdevel- IMGs concept. oped, lightweight IPC protocol with the client application, that uses the transparent multicast API. At the moment, II.THE H∀Mcast-MIDDLEWARE PROTOTYPE there are two multicast technology modules available for H∀Mcast-architecture [1] aims to provide a universal group H∀Mcast, a module for IP-multicast [3] (H∀Mcast-IP) and communication service based on a hybrid approach. The one for overlay-multicast based on Scribe [4] (H∀Mcast- concept is independent of the availability of a certain multicast OM). The H∀Mcast-prototype is available for download on technology, such as IP-multicast or overlay-multicast, and http://hamcast.realmv6.org.

115 IP-Multicast IMG Sender

Receiver

<

IP-Multicast

<

(a) Screenshot of the Monitoring Software (b) Demo Setup Example

III.DEMO PRESENTATION • IMG daemon – to connect sender/receiver domain with Our demo presentation consists of two parts. First, we overlay-multicast domain present a live-lecturing software as a sample use-case of • VideoStreamer – uses the H∀Mcast-API to send/receive the H∀Mcast-architecture. The software allows to send and video stream and chat messages receive a video-stream via multicast utilizing the common mul- • Monitoring dameon – a small probe, that runs on endhosts ticast API for group communication provided by H∀Mcast. to discover multicast distribution tree and node informa- Further, it offers a multicast chat to pose and answer question tion in the group of participants. • Monitoring viewer – a software to collect and visualize Second, we demonstrate a framework to monitor multicast data from monitoring daemons nodes and visualize the distribution tree of multicast groups. ACKNOWLEDGMENT The framework consists of a monitoring viewer and a daemon The authors would like to thank Dominik Charousset, for endhosts. The latter is a small probe, that sends node Fabian Holler and Sebastian Wolke¨ for their supporting work. specific information, e.g. joined groups, to the monitoring This work is funded by the Federal Ministry of Education and viewer. Fig. 2a shows a screenshot of the monitoring viewer Research (BMBF) of Germany within the project H∀Mcast with the visualization of small group tree. To run our demo, and the G-Lab initiative, see http://hamcast.realmv6.org. we deploy our prototype of the H∀Mcast-middleware within the G-Lab testbed. Fig. 2b shows an example of our demo REFERENCES setup. [1] S. Meiling, D. Charousset, T. C. Schmidt, and M. Wahlisch,¨ “System- assisted Service Evolution for a Future Internet – The HAMcast Approach IV. DEMO SETUP &COMPONENTS to Pervasive Multicast,” in Proc. of IEEE GLOBECOM 2010, Workshop For our demo setup we create an overlay-multicast domain MCS 2010. Piscataway, NJ, USA: IEEE Press, Dec. 2010. [2] M. Waehlisch, T. Schmidt, and S. Venaas, “A Common API for Transpar- in the G-Lab testbed to interconnect multicast-enabled edge- ent Hybrid Multicast,” IETF, Internet-Draft – work in progress 01, March networks, namely the sender site at HAW Hamburg and a 2011. receiver at the demo site. Further we make use of the following [3] S. E. Deering and D. R. Cheriton, “Multicast Routing in Datagram Internetworks and Extended LANs,” ACM Trans. Comput. Syst., vol. 8, software tools: no. 2, pp. 85–110, 1990. [4] M. Castro, P. Druschel, A.-M. Kermarrec, and A. Rowstron, “SCRIBE: • H∀Mcast-middleware – runs on all nodes, to enable A large-scale and decentralized application-level multicast infrastructure,” universal multicast service IEEE Journal on Selected Areas in Communications, vol. 20, no. 8, pp. 100–110, 2002. A Testbed for Efficient Multicasting and Seamless Mobility Support

J. Schneider, C. Mannweiler, A. Klein, J. Weinreich, H.D. Schotten Chair for Wireless Communications and Navigation, University of Kaiserslautern, Germany {schneider,mannweiler,aklein,weinreich,schotten}@eit.uni-kl.de

Abstract—In modern wireless communications infrastructures, The Context Broker acts as a centralized register for all connectivity issues are very important and need to be addressed context providing entities (NUM, Group Management, SME, during the design of new radio network architectures. Therefore, Access Points and Mobile Terminals). Its function is special network components and devices are necessary to ensure comparable to a look-up table. the best possible connection for a user. Furthermore, it is important to ensure an efficient use of the available transport 2) Network Use Management (NUM) medium. To evaluate our proposed concept, we developed an The scope of the Network Use Management (NUM) module is appropriate test bed. In this paper, we introduce our hardware to provide intelligent, context-aware network selection for for the testbed and explain the individual parts of our wired and wireless networks. The overall goal is to achieve an architecture and the according functionality. Additionally, we enhanced overall network capacity and performance balancing give an overview about the interaction between the components. (i.e. to avoid underutilized or over utilized networks and improve QoS). Mobility Support, Multicast, Handover, Quality of Service, 3) Multiparty Transport Overlay (MTO) Multiparty Transport Overlay, Context Broker This module provides multiparty transport overlay services to allow the support of IP unicast and IP multicast connections. Therefore, it is necessary to collect the network parameters I. INTRODUCTION from the NUM and transport layer QoS parameters from the Today, the heterogeneity of the radio network landscape IP transport module. The processing of the retrieved data requires new concepts for access control. To ensure a mobile enables the provisioning of functions to allow dynamic terminal always gets the best connection in terms of Quality of interactions between the MTO module and the Group Service (QoS), it is essential to develop and evaluate concepts Management. for performing horizontal and vertical handovers. Decisions for 4) Group Management (GM) performing a handover depend on a list of parameters. These The Group Management provides a dynamic management of parameters are not restricted to network specific values like multiparty transport groups. All required data can be retrieved Receives Signal Strength Indicator (RSSI), rather, additional from the CxB or the MTO. sensor information (like e.g. location or speed) will help to predict an upcoming handover. 5) IP Transport (IPT) The “IP Transport” (IPT) functional module aims to control the This paper introduces an architecture for testing and configuration of context-aware network devices in order to evaluating developed concepts in [1], [2], [3], and [4] to deploy an efficient provisioning of network resources suitable improve QoS results. Figure 1 shows a block diagram of our for group applications. The main idea consists in using context testbed. of network devices, in addition to session, for a dynamical This paper is structured in the following way: Section II allocation of network resources in terms of bandwidth and IP presents a brief overview on each part of the testbed. In Section multicast trees. III, we give a system description and present the procedures. In 6) Flash Server Section IV, a conclusion and an outlook about future work is The flash server provides video streams with respect to the given. requirements or requests from the MTO and SME respectively. 7) Access Points and Mobile Terminal II. SYSTEM ARCHITECTURE The access points are responsible to provide access for the In this section, we briefly describe the major blocks of the mobile terminals and to send context data like load of the architecture. access point or attached number of users to the CxB. A mobile terminal is a data consumer. It requests a data stream A. Functional entities and initiates all necessary processes in terms of network In the first subsection, we describe the functional blocks of our optimization. Additionally, it provides context information, system architecture (cf. Figure 1). like its position or available networks and sends this data to 1) Context Broker (CxB) the CxB.

This work has been supported by the Federal Ministry of Education and Research of the Federal Republic of Germany (Foerderkennzeichen 01 BK 0808, GLab and 01 BU 1116, SolarMesh). The authors alone are responsible for the content of the paper.

117 Multiparty Transport Overlay Soket Group Context Broker Network Use Management (NUM) (MTO) Management (CxB) + IP Transport (IPT)

Flash Server

Session Management SoAP Enabler (SME) · Stream Quality · Stream Mobility · Session Adaptation Access Access SIP Point Point

Context ML Mobile Terminal · Handover Algorithem · Running Session Info

Sensors: GPS WLAN

Figure 1: System architecture block diagram coverage of another radio network, the terminal handover B. Hardware algorithm checks whether the HO condition is fulfilled. Only To ensure a flexible implementation, we decided to use if the signal strength of the (newly) best-rated AP of the scan common computer hardware. Our mobile terminals are Dell results list is above a certain threshold plus hysteresis margin Latitude E5500 Notebooks with an internal and an additional for a defined number of successive time intervals, a HO is PCMCIA D-Link DWA-645 Wireless LAN card, and a triggered. If this HO condition is satisfied, the former “scan” Garmin GPS receiver. Our Wireless LAN access points are card connects to the identified AP and informs the SME about Dell Desktop PCs with additional PCI Wireless LAN Cards. a necessary session adaptation. After session adaptation is Both card types are equipped with an Atheros chipset. completed and traffic redirected, the second W-LAN card All remaining components are implemented in Java or C code, becomes the “scan” card. i.e. a common PC is sufficient for the deployment. IV. CONCLUSIONS AND FUTURE WORK III. SYSTEM DESCRIPTION AND PROCEDURES This paper presents a testbed for analyzing multicasting and A. Multicasting handover procedures for mobility support. Especially mobility In our considered test scenario, several users are co-located in support requires the facility of vertical and horizontal handover our deployment area. The users start requesting video streams. procedures. Since our hardware is restricted to W-LAN, we extended each mobile terminal with a second W-LAN card to The SME entity informs the Group Management about the significantly improve handover performance. user requests. The GM acquires information such as user profiles that include device capabilities with respect to e.g. In the future, we will integrate additional radio access screen resolution, supported radio technologies, point of technologies like GSM to provide improved options for testing attachment, available radio networks, and network status for handover procedures. group building. In coordination with the SME and MTO, user REFERENCES sessions are initiated and different video streams, originating from the flash server, are triggered. In case the user situation [1] C. Janneteau, J. Simoes, J. Antoniou, C. Christophorou, M. Kellil, A. Klein, A. Neto, F. Cabral Pinto, P. Roux, S. Sargento, H. D. Schotten, J. changes, e.g. a change in his point of attachment, the SME is Schneider, “Context-Aware Multiparty Networking”, ICT- triggered via SIP signaling to adapt the ongoing session. MobileSummit 2009 Conference Proceedings, Santander, Spain, June 2009 B. Mobility Support [2] C. Mannweiler, A. Klein, J. Schneider, H. D. Schotten, “Context-based The proposed concept aims at enabling seamless mobility. In User Grouping for Multi-Casting in Heterogeneous Radio Networks”, order to ensure an efficient handover (HO) performance, each Advances in Radio Science Vol. 9 (2011) terminal is equipped with two W-LAN adapters continuously [3] J. Schneider, A. Klein, C. Mannweiler, H. D. Schotten, “An Efficient Architecture for the Integration of Sensor and Actuator Networks into changing their roles, where one card is in charge of the Future Internet”, Advances in Radio Science Vol. 9 (2011) establishing a connection to the most suitable AP, while the [4] A. Klein, C. Mannweiler, J. Schneider, F. Thillen, H.D. Schotten, A second card periodically scans for available radio networks. In Concept for Context-Enhanced Heterogeneous Access Management, in case a mobile user changes his location and enters the radio Proceedings of the Workshop on Seamless Wireless Mobility at GLOBECOM 2010, Miami, USA, December 2010 Requirements Based Automatic Service Composition: A Demonstration

Dennis Schwerdel, Rahamatullah Khondoker, Eric MSP Veith, Bernd Reuther, Paul Mueller Integrated Communication Systems Lab, University of Kaiserslautern, Germany {schwerdel, khondoker, veith, reuther, pmueller}@informatik.uni-kl.de

I.INTRODUCTION combining multiple building blocks into a protocol graph is The current Internet architecture was designed decades ago. called composition. Back then the main goals of the architecture were stability, To enable this combination, building blocks in SONATE performance and of course its functionality. Current trends, have interaction points called ports. These ports can be con- e.g. mobile devices, cloud computing, energy efficiency pose nected to allow the building blocks to communicate. Two new requirements that the current Internet architecture cannot special building blocks represent the network and the applica- fulfill. Rather than building new functionality on top of the tion, so that the protocol graph can establish a communication Internet or adding more complexity to it by introducing between the application and the network. Since the network even more conditional functionality the Future Internet should building blocks can communicate via the network, this also have a smarter way to deal with diverse requirements and enables communication between applications. environmental constraints. Future network architectures must Determining the service that a protocol graph provides is be flexible both long-term and a short-term in order to evolve a complicated task since the combination of building blocks and adapt to changing application requirements and new can add additional effects that none of the parts had, but it can transport technologies (fixed and/or mobile) with different also remove effects that one part already had. To calculate the capabilities, and should enable evolutionary changes of the combined service, a recursive approach is used. Each building network itself. Thereby long-term flexibility can be seen as block offers a description that describes the service that the the capability of a system to evolve with updated protocols building block provides on each of its ports. These descriptions and network capabilities. Short-term flexibility is understood can refer to the services that other building blocks provide on as the capability of a system to adapt itself and react to network ports that are connected. Thus the building block description 1 conditions and an application requirements [1]. can express an MTU reduction of 10 bytes (because a header The Service-Oriented Network Architecture [2] (SONATE) of that size is being added) rather than having to give an tries to handle these requirements and constraints by using absolute value. concepts of modularity and service-orientation. As such, ser- Although SONATE tries to offer generic interfaces for build- vices are central elements of SONATE: A service reflects ing block interaction, still some restrictions on which building the effects of an activity rather than the algorithms and data blocks can be combined arise. The most obvious restriction for structures that implement it. Thus, a service can be provided port compatibility is that the data types used to communicate using different algorithms. A building block is a functional on these ports must be compatible. Another restriction are block that implements one distinct networking functionality. requirements that building blocks have for the service provided Examples for building blocks are retransmission mechanisms, by connected ports. Since building blocks implement only data encryption algorithms, and monitoring functionality. Each minimal functionality, they require some effects which they building block usually has several effects like increasing the do not provide themselves. For example, stream compression end-to-end delay or reducing the maximum payload size in building blocks need the effects of order preservation and addition to its main function. All the effects of a building losslessness. block form the service which the building block provides. The two special building blocks application and network Since a service does not define the mechanism that is needed serve as placeholders for the application and the network, pro- to provide it, several building blocks can provide the same vide a service describing them, and contain their requirements service and are thus exchangeable. The services of multiple and constraints. This way, an application developer or the building blocks might be needed to provide the service which system administrator can express restrictions and requirements the application requested. on the combined service of the protocol graph. The task of both finding and combining a set of building II.SELECTION &COMPOSITION blocks to form a protocol graph that can fulfill all these restric- Building blocks implement a minimal networking func- tions and requirements is called Selection and Composition tionality that can be used to build up so called protocol (S&C). If multiple protocol graphs match the restriction and graphs with complex network functionality that is similar to the functionality of today’s network stack. The process of 1Free space in the packet for payload

119 requirements an objective function provided by the application Different algorithms can be used to create a protocol graph is used to rate the services of the protocol graphs and to such as evolutionary algorithm [3]. select the best protocol graph to be instantiated and used for Using the demonstrator the following results of selection communication. and composition in SONATE can be shown: Finding the optimal solution to the selection and composi- • a protocol graph being created according to given require- tion problem is not trivial and might be NP complete. For ments and optimization criteria practical needs, the optimal solution is not needed and a • changes in the requirements result in the creation of protocol graph that fulfills all requirements and restrictions different protocol graphs to fulfill them and has a good score in the objective function is enough. • an improved building block becoming available is auto- Several approaches for selection and composition are possible, matically being used instead of the old one ranging from manually defined protocol graphs to automatic composition at runtime. IV. FUTURE WORK The used selection and composition algorithm will be III.THE DEMONSTRATION further improved and also other algorithms will be developed The demonstration presents automatic selection and compo- to improve the quality and speed of the selection and composi- sition of building blocks for creating a protocol graph based tion. The selection and composition shown in the demonstrator on the requirements provided by the application. The graphical will be integrated with the SONATE framework that can run user interface for the demonstration is shown in figure 1. the resulting protocol graphs. An API for the application to express its requirements and objective function for the selection and composition and to use the resulting connection to communicate is being developed in cooperation with the partners in the special interest group “functional composition” of the German Lab project. Together with these partners also a language to describe building blocks that can be used in the process of selection and composition is being developed. The selection and composition algorithm improvement, the framework integration, the application API, and the building block description language will complete the chain from the application requirements to a connection that can be used for communication.

V. ACKNOWLEDGEMENTS This work has been done as part of the German Lab research project, funded by the German Federal Ministry of Education and Research (BMBF).

REFERENCES [1] F. Group, “Fundamental limitations of current internet and the path to future internet,” Draft Ver: 0.9. [Online]. Available: http://www.europa.eu/ Figure 1. The graphical user interface for an automatic service composition [2] P. Mueller, “Position paper: Towards a service-oriented internetworking architecture,” Presented in the workshop on Future Internet Architecture: The graphical user interface contains requirements, opti- Internet Design Principles, Brussels, May 2011. [3] D. Schwerdel, B. Reuther, and P. Mueller, “On using evolutionary mization criteria and available building blocks on the left side; algorithms for solving the functional composition problem,” In the the resulting protocol graph is displayed on the right side of proceedings of 10th Wuerzburg Workshop on IP: Joint ITG, ITC, and the GUI. Euro-NF Workshop on ’Visions of Future Generation Networks’ EuroView 2010. In the requirements part the service requirements of the application can be configured. Each line is an inequation considering one effect of the service of the protocol graph. A valid protocol graph must fulfill all of these requirements. The objective function that is used to select the best valid protocol graph can be specified with optimization criteria. Each line consists of an effect and a weighting factor. The resulting objective function is the sum of all weighted effects configured in the optimization criteria. Building blocks that are available for selection can be configured on the lower left of the GUI. The selection and composition algorithm can only use building blocks that are selected but can also choose not to use them. Scalable Network Support for Application Requirements with Forwarding on Gates

Florian Liers Thomas Volkert Andreas Mitschele-Thiel Technical University of Ilmenau Technical University of Ilmenau Technical University of Ilmenau Ilmenau, Germany Ilmenau, Germany Ilmenau, Germany [email protected] [email protected] [email protected]

The key contribution of this work is a demonstration of a I. INTRODUCTION scaling inter-network system, based on dynamic The scalability of functions existing in a network is one of composition of functional blocks. New function instances the most important challenges for large inter-networks. The are created, depending on application requirements. quality of service (QoS) use-case with its IntServ and Furthermore, and more important, the system is able to re- DiffServ solutions was the most prominent of the discussed use existing functions and their states for multiple features in the past. IntServ stores state information for connections in order to improve scalability. The simulator each connection on all nodes along the path of the shows that the re-use is possible without per-connection connection. The states are managed by using a signaling state information on the hosts which provide the functions. protocol, like e.g. RSVP. In inter-networks, routers suffer from the large amount of states needed for handling the II. FORWARDING ON GATES high number of connections. In order to deal with this The demonstration uses the inter-network protocol scalability problem, DiffServ maps several connections “Forwarding on Gates” [3] (FoG). It uses index-based traversing an autonomous system (AS) to a smaller number forwarding, which was adapted for networks consisting of of internal traffic classes. For example, all VoIP functional blocks. The index-based forwarding concept [4, connections are mapped to a delay optimized traffic class. 5] separates forwarding from routing of packets by using If this mapping is done, based on deep packet inspection, lists of indices as routes. Such lists represent the decision of no connection oriented state information is needed. As of the routing and are used by the forwarding to relay data drawback the application loses its possibility to inform the without doing routing. In general, they are stored in the network about its specific needs. In special, that hampers packet. Typically, the lists are calculated by the routing at the deployment of new applications because they are not the start of a communication. FoG differs from known considered in the mapping. This is important for the systems by the following two main points: flexible and open end host concept which is the main driver of innovations for the Internet. By using signaling with a a.) FoG is based on functional blocks. These blocks are DiffServ approach, the network would be enabled to react called “gates” in the context of FoG. An index to the specific needs of an application. But a scalability represents the next functional block to which the data problem occurs at the ingress nodes of each AS. These has to be transferred to. Known systems, like Pathlet nodes have to handle the signaling and store the necessary [5], encode only the next hops with these indices. mapping states. Using functional blocks as the base for networking let the routing operate on graphs of blocks, too. This scalability problem gets more severe in Future Internet architectures, providing functionality by b.) FoG uses an incremental routing process. In contrast to dynamically constructing stacks based on functional blocks source routing based systems, the routes in FoG are [1, 2]. The scalability problem arises in these systems not created incrementally by concatenating partial routes. only for QoS but also for all other functions requiring During this process, FoG packets include only parts of states. In addition to classical network based functions, like the whole route. Therefore, the routing process is multicast or mobility support, more application neither source routing nor hop-by-hop routing; it is in requirements will likely appear in the future. Examples are between these two extreme cases. an integrated network-based virus scan for incoming data or The first point enables functional blocks (“gates”) to be or video re-coding for small mobile devices. Regarding the part of the routing. Therefore, the routing can decide to scalability challenges for a network, the main questions, reuse gates for multiple connections. In general, gates can which have to be answered, are where to place functions be reused if their function does not depend on the and the required state information, and how to re-use them communication data itself and if parameters used for the for multiple connections. gates are identical. The second point enables scalable

This work was funded by the German Federal Ministry of Education and Research under the project G-Lab_FoG (support code 01BK0935).

121 implementations of the routing since each routing instance For demonstrating purposes, the packet loss rate can be needs to calculate a partial route only in its known adjusted by a graphical control element in the software. surrounding. This is shown in Figure 1 as slider below the link between If FoG is used, each application is able to specify host B and C. With the help of the slider the packet loss explicitly its requirements for the communication with rate can be set dynamically. The variation of packet loss peers, like packet ordering, encryption, automatic wiill lead to obvious differences in the video transmission retransmission or the maximum transmission delay. Based quality of case one and two. Coding artifacts and on the location of a communication request and its presentation stops occur in the video presentation of case parameters, the routing instances are contacted. They one. In case two the video has only an additional dellay calculate a route through the graph of gates satisfying the which is caused by the “LLC Gates” and their applied requirements and reaching the destination. In addition, the retransmission of packets. The different handling of both creation of new function instances can be necessary. In the transmissions based on the requirements shows the first current demo, the placement of a function is done by an contribution. approach, which instantiates the function on the first node Third, an additional video transmission is started with the along the communication route, whose policy allows this. same requirements as in the previous one. The network will now re-use the created gates from the second scenario. This III. DEMONSTRATION includes all QoS enabled functional blocks for unicast Our demonstrator illustrates the two mentioned key transmission as well as video encoding and decoding features in a live scenario as depicted in Figure 1. Our use blocks. The whole process of finding and using existing case is live video streaming and uses three different reusable blocks will be visible to the audience in the requirement sets. In general, the stream is transferred in a graphical display showing the network topology. UDP-like fashion. The application defines additional non- functional and functional requirements, the network has to satisfy. Basically, our demonstrator consists of two applications, developed by us. The first one is an IP-only application with graphical user interface and video preview. It is responsible for video grabbing (either from a webcam or from a local video file) and delivers this video stream to the second applicaation. Within this second application, the FoG concept and needed management functions are Figure 2: demonstrator screenshot implemented. The software is able to simulate a FoG based network and its communication in real-time. It has an The graphical user interface of the FoG prototyppe, additional interface to real (IP) networks. The interface is depicted in Figure 2, enables the user to observe every used to convert the video stream from IP to FoG. Within process in the network graphically. It consist of (from the the software, a FoG based video viewer shows the received top left to the bottom right in Figure 2) an AS overview, a stream. Via several verbose graphical outputs it is possible network topology presentaation, several video stream to observe all activities in the FoG network. Based on this, outputs, a packet view, a debug console with different log our software shows the key features of FoG. levels and a property view which is able to show properties and attributes of the currently selected item of the network. First, the video display is requesting the video from the For example, this can be a physical host or link, a logical video source just via best effort, like in today’s Internet. function block or a running application. This is marked by “1.” in Figure 1. The received video is displayed as a separate widget within the software. IV. REFERENCES [1] D. Martin, L. Volker, M. Zitterbart: A flexible framework for Future Future Internet design, assessment, and operation, Computer Networks, Volume 55, Issue 4, Special Issue on Architectures and Protocols for the Future Internet, March 2011. [2] B. Reuther, D. Henrici: A model for service-oriented communication systems, Journal of Systems Architecture, 2008. [3] F. Liers, T. Volkert, A. Mitschele-Thiel: A Flexible Abstraction for Figure 1: scenario overview the Future Internet, 8th Würzburg Workshop on IP (EuroView), Second, the video is transmitted with the explicit Germany, Würzburg, August 2008. application requirement “maximum loss rate limiteed to [4] D. R. Cheriton: Sirpent: a high-performance internetworking approach. In proceedings of ACM SIGCOMM '89: Symposium explicit value”. In this case special gates (“LLC Gates”) are proceedings on Communications architectures & protocols, 1989. automatically created by the network to implement [5] P. B. Godfey, I. Ganichev, S. Shenker, I. Stoica: Pathlet Routing, In transmission error detection and retransmission of packets. proceedings of SIGCOMM 2009, August 2009. Deployment of Application-tailored Protocols in Future Networks (Demo Abstract)

Hans Wippel Oliver Hanka Karlsruhe Institute of Technology Technische Universitat¨ Munchen¨ Institute of Telematics Institute for Communication Networks [email protected] [email protected]

I.INTRODUCTION Generation Internet (NGI) architecture is shown. The Hi- iMap architecture [3] follows the locator/identifier separation When the Internet was designed and standardized, its main paradigm and introduces a hierarchical mapping system. This purpose was the transmission of files from one node to another mapping system is used to store information about the virtual in a reasonable amount of time. This, however, does not networks and to distribute the storage location of the Netlets. conform with today’s usage pattern. Although the Internet is Furthermore, the NGI architecture is used as the underlying still used to transfer files between nodes, new applications, basic control network to exchange Netlets between nodes. such as VoIP, video streaming and real-time gaming/transfers In the following, the architecture and visualization of the have emerged and become a dominant factor. In contrast to proposed demo is described. the early days, not only some research facilities are intercon- nected. Instead, many businesses heavily rely on the Internet. II.DEMONSTRATOR DESCRIPTION This development is driving today’s general purpose Internet Figure1 gives an overview of the demo setup. architecture to its limits. Research on the design of a Future Internet within the HiiMap Video Client Video Server Globall G-Lab project [1], therefore, focuses on providing multiple Authority virtual networks instead of a single multi purpose one [2]. Each of these networks is optimized for the requirements Netlet Selection Netlet Selection of a different use case or a certain application. In these HiiMap Transport Video TP Video virtual networks, communication is provided by application- TP Video tailored protocols encapsulated in so-called Netlets. These Region 1 Region 2 Netlets are explicitly designed for the respective networks and applications. Protocol composition constitutes a feasible Network Access Manager NAM approach to support a network designer in the development of Repo NA NA NA such protocols. During protocol composition, new Netlets are Control Video created by combining reusable building blocks, which in turn Repo Network provide individual protocol functionalities. Network An application-tailored network is offered by a virtual net- Repo work provider (VNP), which uses the infrastructure provided Designer by traditional Internet service providers. After composing a set of Netlets for a novel virtual network, the VNP is in Fig. 1. Demo overview charge of deploying them to network nodes. The VNP could distribute the Netlets onto nodes inside the network when the In the demo there is a virtual network which is optimized VNP instantiates the virtual network. This scheme, however, for an online video store. This means, the network is optimized is rather impracticable. An arbitrary amount of end nodes may for on-demand video streaming and personalization of videos join virtual networks at arbitrary points in time. Thus, a VNP during transmission. cannot deploy Netlets to end nodes in advance. Furthermore, In order to achieve this optimization, the Designer creates a VNP could be overstrained with requests and would be a video streaming Netlet (Video TP) and deploys it using a required to provide his own load balance solution for protocol design tool. In order to deploy this Netlet to network nodes, distribution. the Designer uploads the Netlet to repositories in the basic In this demo, the Netlet distribution over the HiiMap Next network. Additionally, the Designer adds the Netlet to the List

123 of Netlets used inside the video network. This list is stored A detailed view shows which nodes currently are active and in the video network’s entry in the HiiMap mapping system receive any requests or updates (Figure3). The requests and also located in the basic control network. Furthermore, the updates in this demo are generated by the NENA framework Designer adds an entry in the mapping system for the video during the deployment process. Additionally, clients within the Netlet that contains the locators of the repositories on which Seattle testbed [4] also utilize the mapping service and cause the Netlet is stored. further traffic. Inside the video network, the video store owner—in this case the VNP—operates a video streaming server Video Server, that streams videos to customers of the video store. This server is already connected to the video network and already possesses the video streaming Netlet. In the demo scenario a new customer (Video Client) wants to join the network and watch a video. In order to achieve this, the customer’s node is required to perform the following steps. First, the node must establish a connection to the video network. This means, a virtual link from the customer’s node to the video network is created. In a next step, the node must acquire the video streaming Netlet to be able to receive the video over the virtual link. To this end, the customer’s node relies on the services provided by the basic control network. The node requests the virtual network’s entry in the HiiMap mapping system. This entry contains a list of Netlets used inside the video network—in this case the name and ID of the video transport Netlet. Then the node resolves the video Netlets ID and thus acquires the list of repository locators. The node downloads the Netlet from one of these repositories. Fig. 3. HiiMap topology view - detail view Finally, it loads the Netlet in the NENA framework [2] and utilizes it to receive the video. For the HiiMap mapping system, a topology monitor is provided (Figure2). It shows the activity in all regions which are represented by the different sites of the G-Lab experimental ACKNOWLEDGEMENT facility. This work was funded by the Federal Ministry of Education and Research of the Federal Republic of Germany (01 BK 0807, 01 BK 0808). The authors alone are responsible for the content of the paper.

REFERENCES

[1] (2011, May) German Lab. [Online]. Available: http://www.german-lab.de [2]L.V olker,¨ D. Martin, I. El Khayat, C. Werle, and M. Zitterbart, “A Node Architecture for 1000 Future Networks,” in Proceedings of the International Workshop on the Network of the Future. Dresden, Germany: IEEE, Jun. 2009. [3] O. Hanka, G. Kunzmann, C. Spleiß, J. Eberspacher,¨ and A. Bauer, “Hi- iMap: Hierarchical Internet Mapping Architecture,” In First International Conference on Future Information Networks, Beijing, China, P.R. China, pp. 17–24, Oct. 2009. [4] (2011, May) Seattle open peer-to-peer computing. [Online]. Available: http://seattle.cs.washington.edu Fig. 2. HiiMap topology view - all regions

Tuesday, August 2nd Program – Session 7

Tuesday, August 2nd, 2011, 3:30 PM to 4:50 PM Session 7: Wireless and Mobile Networks

th

11 Würzburg Workshop on IP:

Joint ITG and Euro‐NF Workshop on

“Visions of Future Generation Networks“ EuroView2011

Co‐located with Official G‐Lab Status Meeting

Chair of Communication Networks Institute of Computer Science University of Würzburg

th

11 Würzburg Workshop on IP:

Joint ITG and Euro‐NF Workshop on

“Visions of Future Generation Networks“ EuroView2011

Co‐located with Official G‐Lab Status Meeting

Chair of Communication Networks Institute of Computer Science University of Würzburg Application-Aware Self-Optimization of Wireless Mesh Networks with AquareYoum and DES-SERT

Barbara Staehle, Florian Wamser, Sebastian Deschner, Andreas Blenk, Dirk Staehle Julius-Maximilians-Universitat¨ Wurzburg¨ {bstaehle,florian.wamser,sebastian.deschner,andreas.blenk,dstaehle}@informatik.uni-wuerzburg.de Oliver Hahm, Nicolai Schmittberger, Mesut Gunes¨ Freie Universitat¨ Berlin {oliver.hahm,nicolai.schmittberger,mesut.guenes}@fu-berlin.de

application-layer information for network management which is implemented by the AquareYoum [5] (Application and I. INTRODUCTION Quality of Experience Aware Resource Management for During the last years, wireless mesh networks (WMNs) have YouTube in Wireless Mesh Networks) suite, can benefit from become popular for offering simple and convenient Internet each other’s functionality to further improve the overall self- access possibilities beyond the reach of the wired backbone. optimization performance. In detail, the network status infor- WMNs achieve this larger geographical coverage by building mation provided by DES-SERT can be used by AquareYoum a wireless multi-hop network connected to the wired backbone to better evaluate which parameters should be changed and network. The client devices are thereby enabled to easily which actions should be taken. exchange data and access the Internet from anywhere in either the WMN or the wired backbone network. But the improved II. THE ROUTING FRAMEWORK DES-SERT AND support for mobility and accessibility comes at the price of AQUAREYOUM more complex topologies and thus considerable management and configuration effort for the developer. The DES-SERT framework permits the operating system Self-optimization describes the cooperation of autonomous independent implementation of proactive, reactive and hybrid resource management (RM) tasks or intelligent configuration routing protocols. In conjunction with the DES-Testbed it algorithms network planning and optimization tasks. This is enables a fair comparison and evaluation of routing protocols seen as a promising option for reducing the management for WMNs. For analysis, debugging and configuration pur- effort in wireless networks in general [1], and is hence in poses the DES-SERT daemon can be accessed via a command particular interesting for WMNs. Commonly, self-optimization line interface (CLI) and SNMP. In this way, it can provide consists of three actions which are continuously repeated. information like packet retransmissions, duplicate packets or The first action is the measurement of the network quality. routing tables to the experimenter. The selected link and This allows to monitor the network for unintended failures routing metrics of the used routing protocol provide additional and incidental defects. Secondly, these measurement results information which can be accessed via the CLI. allow to execute an adequate optimization action if necessary. Aquarema [4] (Application and Quality of Experience Finally, external parameters are considered for making the Aware Resource Management) is an application-aware re- network more effective. Normally, these parameters trigger source management framework. Its key idea is to utilize the a reconfiguration of a number of radio parameters or RM application comfort (AC) which characterizes the application- algorithms which however also depend on external network layer performance of a program for a optimization actions. planning decisions or policies of the network provider. Monitoring the AC allows to react prior to a Quality of Experi- One major challenge for any self-optimizing network is ence (QoE) degradation and hence ensures the customer satis- routing. This holds in particular for WMNs where the wireless faction. For this purpose, four components are interacting. The medium introduces new issues that have to be addressed and network-application interaction is assured by the application demand for novel routing approaches. The DES-SERT frame- monitor, a light-weight tool installed at the client. It signals the work [2] (DES - Simple and Extensible Routing-Framework presence of an application to the mesh advisor and constantly for Testbeds) was created to take on these issues and experi- monitors the AC. In case of an imminent QoE degradation, ment with them in the DES-Testbed [3]. the AC falls below a threshold. This is immediately reported In this demonstration we show how the combination of to the mesh advisor. The mesh advisor evaluates this warning the DES-Testbed using DES-SERT and the idea of using together with the information about the network status that it periodically receives from the mesh monitor tool and then This work was funded by the Federal Ministry of Education and Research of the Federal Republic of Germany (Forderkennzeichen¨ 01 BK 0800, GLab). decides about a network optimization action which is executed The authors alone are responsible for the content of the paper. by an adequate radio resource management tool.

127 1) A node failure happens. This might have manifold causes, e.g. an electrical failure or blackout or a me- chanical manipulation (intentional or unintentional). 2) The routing protocol implemented in DES-SERT recog- nizes the broken route and replaces it with another one provided by some other mesh nodes. 3) While the new route does guarantee a successful packet delivery, it does not offer enough bandwidth for the YouTube video. As a result, β falls below the critical threshold and YoMo sends an alarm message to Dory. 4) By evaluating the information from DES-SERT, Dory knows that the bandwidth of the path that the YouTube video currently takes is not sufficient and that no better Fig. 1. Interaction of the components during the demo path exists. As a consequence, it triggers Forrest to move to the location of the nonfunctional mesh node. 5) Forrest moves to the location defined by Dory. AquareYoum [5] is an implementation of this idea for the 6) The routing protocol recognizes the new and better route case where WMNs are used as access networks for clients and moves the YouTube flow to this path. displaying YouTube videos. Together with an RM tool which 7) As a result the AC of the YouTube video increases again is able to seamlessly move the YouTube flow from a congested and the video playback continues without stalling. gateway to a less loaded one, it has proved to greatly increase IV. CONCLUSION AND OUTLOOK the customer satisfaction. Thanks to the project G-Lab, AquareYoum and DES-SERT, The demo shows how two tools, originally designed for originally designed independently, have been successfully different tasks in the scope of WMNs, can be combined to combined. Firstly, we were able to prove the scalability of maintain the QoE despite of changing topologies within the the AquareYoum concept by implementing it in the DES- WMN. This cooperation of remote partners was facilitated by Testbed. Secondly, the subsequently described demo will show the G-Lab experimental facility. Beyond this, the successful that AquareYoum is an interesting option for triggering the cooperation of AquareYoum and DES-SERT shows that the manifold RM possibilities enabled by DES-SERT. Aquarema concept and its core idea, the cross-layer resource management enabled by application comfort monitoring, are useful concepts beyond the scope of access networks. III. DEMO SETUP The DES-SERT framework in turn allows the evaluation Our demo intends to underline two facts. On the one hand, of routing protocols in WMNs for varying requirements. It it will show that WMNs are a suitable means for flexibly enables the easy implementation of several WMN routing pro- complementing or replacing parts of a broken, destroyed tocols, thereby allowing an autonomous and resilient network or sabotaged wired Internet backbone. On the other hand, operation. If, however, the information provided by DES-MON it will demonstrate that AquareYoum is useful beyond the is used as an input for AquareYoum, a more holistic view on the access network domain for networks where self-optimizing network allows to trigger an increase of the network resources algorithms are already running. if the application demands are not satisfied. Future works For this purpose, we use one client laptop, located in will be dedicated to supporting more applications, introducing Wurzburg¨ and displaying a YouTube video. It is connected to more application layer metrics, and triggering more resource the G-Lab experimental facility which allows to communicate management actions. with the DES-Testbed. The DES-Testbed in turn assures the REFERENCES link to the wired Internet and acts as an interconnection [1] SOCRATES - Self-Optimisation and self-ConfiguRATion in wirelEss between the two fixed infrastructure components. networkS. http://www.fp7-socrates.org/, 2008. The course of interaction of the components is shown [2] BLYWIS, B., GUNES¨ , M., JURASCHEK,F.,SCHMIDT,P.,AND KUMAR, in Figure 1. The mesh advisor Dory queries the DES-SERT P. DES-SERT: A Framework for Structured Routing Protocol Implemen- tation. In IFIP WD’09 (Paris, France, September 2009). routing daemon for information about the state of the network. [3] GUNES¨ , M., JURASCHEK,F.,BLYWIS, B., MUSHTAQ, Q., AND The application monitor tool YoMo monitors the YouTube AC SCHILLER, J. A Testbed for Next Generation Wireless Networks which is defined as the amount of playtime β the YouTube Research. Special Issue PIK on Mobile Ad-hoc Networks IV (Oktober- Dezember 2009). player has prebuffered. The RM tool Dory is able to trigger [4] STAEHLE, B., HIRTH, M., PRIES, R., WAMSER,F.,AND STAEHLE,D. is the robot Forrest which carries a mesh node on its back. If Aquarema in Action: Improving the YouTube QoE in Wireless Mesh advised so, it will move to a nonfunctional part of the network Networks. In BCFIC’11 (Riga, Latvia, February 2011). [5] STAEHLE, B., WAMSER,F.,HIRTH, M., STEZENBACH, D., DESCHNER, and is consequently able to compensate for node failures. S., AND STAEHLE, D. AquareYoum: Application and Quality of The demonstration of a successful interaction of Experience-Aware Resource Management for YouTube in Wireless Mesh AquareYoum and DES-SERT consists of 7 steps: Networks. Winner of KuVS Communication Software Award (2011). Performance Evaluation of Multipath TCP Linux Implementations

Amanpreet Singh, Carmelita Görg Andreas Timm-Giel Michael Scharf, Thomas-Ralf Banniza Communication Networks Institute of Communication Networks Bell Labs Germany University of Bremen Hamburg University of Technology Alcatel-Lucent Bremen, Germany Hamburg, Germany Stuttgart, Germany {aps|[email protected]} {[email protected]} {Michael.scharf|Thomas- [email protected]}

different links over which the subflows are transported may I. INTRODUCTION have different throughputs and delays, so the arrival order of Nowadays, wireless devices are often equipped with multiple the packets at the receiver is unpredictable. In MPTCP, interfaces such as fixed network, wireless LAN, UMTS, congestion control is coupled across paths, so as to ensure WiMAX, Bluetooth and so on. These enhancements allow for fairness without needing to detect shared bottlenecks [3]. deploying multipath transport to increase throughput, improve The beforementioned topic of multipath TCP transmission is resilience and balance congestion in the network [1]. currently under investigation at the IETF where different Theoretically, it is possible to transport data simultaneously solutions have been published as drafts: Multipath TCP over more than one interface in order to increase the transfer (MPTCP 1 ) [2][3], Payload Multi-connection Transport speed. In practice, however, legacy transport protocols such as (PLMT) [4] and Multiple Connection TCP (MCTCP) [5]. The TCP only support a single end-to-end connection over one solutions differ in the in the structure of the protocol stack as interface. In order to do so, a data flow has to be split into well as signalling: multiple subflows which are then transferred over the different • In MPTCP, each multipath TCP subflow looks to the interfaces. Each subflow contains a subset of the packets network as a normal TCP flow, with the only which form the data stream. At the receiving station, these difference that it carries new TCP options for subflows have again to be reassembled before being handed MPTCP signalling. It is a kernel-space solution over to the application. where the existing TCP stack is modified. • PLMT encodes all the signalling information in the II. MULTIPATH TRANSPORT OF APPLICATION DATA payload of TCP connections. It operates as an STREAMS additional protocol layer in the user space on top of This work is focused on the Multipath TCP (MPTCP) [2] existing TCP stacks so that the latter do not need to which is a set of extensions for TCP that allows spreading of a be modified. In this work, it is not further considered. single TCP flow across multiple subflows. One of the design • MCTCP is a hybrid variant that encodes control goals for such a solution is that each subflow should appear to information, as far as possible, in the payload of the the network as a normal TCP flow. TCP connections. It uses the TCP option field for the MPTCP operations need additional signalling information in connection setup messages (SYN/ACK for the TCP segments, either in the TCP options field or payload. MPCapability and Join messages). It is transparent in Issues to be negotiated are the multipath capability and the the single-path case. currently available interfaces. Further, it must be tracked to A comparison of the three variants for multipath TCP was which connection each subflow belongs. Finally, data also discussed in [6]. sequence numbers, an accumulative data acknowledgement This work compares the performance of the MPTCP and and a data FIN is required at the connection level. MCTCP protocol in a dynamically changing network The MPTCP proposal uses a dual sequence number space. subjected to varying delay and packet loss rate. MPTCP’s Each subflow has its own sequence space that identifies bytes Linux kernel implementation is currently open source [7]. The within a subflow as if it was running alone. There is also a development of the MCTCP concept and its implementation in data (or connection level) sequence space, which allows the Linux kernel as well as user space has been done within reordering at the (aggregated) connection level. Each segment the German-Lab Phase-2 project NETCOMP [8]. carries both subflow and data sequence numbers. Retransmissions are driven only by the subflow sequence number; hence MPTCP avoids problems due to connection 1 level reordering of packets. The challenge to be met is that the In this context, MPTCP is the name of one multipath TCP solution, not of the general multipath concept.

129 III. INVESTIGATED SCENARIO (option, payload and hybrid) for exchange of multipath For the initial comparisons of the two above mentioned signalling information. All the MPTCP solution variants claim variants for multipath transport a direct connected topology to adhere to the requirement goals of the multipath TCP was chosen for the local testbed, depicted in Figure 1. architecture, i.e. they increase the throughput, are more resilient and move congestion away from the congested paths while offering reliable, in-order transport being transparent to applications. In this work, the performance of MPTCP and MCTCP solution variants were investigated with respect to different Figure 1: Testbed setup for direct connected nodes transmission parameters such as throughput and delay. Results obtained from a local testbed reveal that MCTCP can schedule IV. RESULTS the traffic equally on the available subflows, thereby reducing Comparison of MPTCP and MCTCP performances for the congestion on a single path. In addition, the MCTCP solution direct connected scenario is depicted in Figure 2. The server is robust to dynamic changes in the network such as variations rate for the depicted results is 10Mbps. For the test runs, 3 in the packet loss or end-to-end delay. On the other hand, the events are scheduled that introduces packet losses or MPTCP solution is also able to open multiple subflows additional delay over one or both the links. The packet losses whenever possible and hence increases the overall throughput are first introduced on both the links after 10s from the start of or reduces the congestion on a single path. But, scheduling of the test run, for duration of 10s (event1 – losses on both the traffic on the subflows is not equal even though the subflows links). After another 10s, packet losses are configured again experience same network characteristics, i..e, delay, packet for duration of 10s but this time only on one of the links loss and bandwidth. (event2 – losses on link1). After another 10s, the link delay on The number of subflows which can be opened for a MPTCP one of the links is increased to 100ms from 10ms for duration flow and the criteria when to close an underperforming of 10s (event3 – 100ms delay on link2). In the depicted subflow needs to be further investigated. In addition, the results, 4 different cases are considered for both multipath fairness of multipath TCP solutions needs to investigated. protocol variants with respect to the introduced packet losses, With respect to multipath-aware applications, specific APIs to i.e. 0, 2, 5 or 10% (refer Figure 2). control the setup and operation of a multipath TCP connection

need to be also developed. Both MPTCP and MCTCP implementation is a work in progress and hence evolving to provide a better solution for future communication demands.

VI. ACKNOWLEDGEMENT The authors are supported by the German-Lab project (http://www.german-lab.de/), a research project funded by the German Federal Ministry of Education and Research (BMBF).

VII. REFERENCES [1] A. Ford and C. Raiciu and S. Barre and J. Iyengar, Architectural Guidelines for Multipath TCP Development, RFC 6182 (work in progress), IETF, March 2011 [2] A. Ford and C. Raiciu and M. Handley, TCP Extensions for Multipath Operation with Multiple Addresses, draft-ietf-mptcp-multiaddressed-03 (work in progress), IETF, March 2011 [3] C. Raiciu and M. Handley and D. Wischik, Coupled Congestion Control Figure 2: MPTCP and MCTCP comparison results for direct for Multipath Transport Protocols, draft-ietf-mptcp-congestion-03 (work in progress), IETF, April 2011 connected scenario [4] A. Singh, M. Scharf, PayLoad Multi-connection Transport using Further, tests were also done for higher server rates for the Multiple Addresses, draft-singh-mptcp-plmt-00 (work in progress), directly connected scenario. In addition, different scenarios IETF, August 2010 with an extended network topology were also studied. Since, [5] M. Scharf, Multi-Connection TCP (MCTCP) Transport, draft-scharf- mptcp-mctcp-01 (work in progress), IETF, July 2010 the local testbed can be limited due to the availability of the [6] M. Scharf, T.-R. Banniza, A. Singh, P. Schefczik and A. Timm-Giel, hardware; virtualization solutions offered within the German- Evaluation and Prototyping of Multipath Protocol Mechanisms, 10th Lab platform were also investigated in this work, e.g. Würzburg Workshop on IP: Joint ITG, ITC, and Euro-NF Workshop Topology Management Tool [9]. "Visions of Future Generation Networks" (EuroView2010), 2010 [7] MPTCP Linux Implementation Downloads V. CONCLUSION https://scm.info.ucl.ac.be/trac/mptcp/downloads There are different proposed multipath TCP solutions within [8] Network Computing, http://www.german-lab.de/phase-2/netcomp/ the IETF MPTCP WG which span different design choices [9] Topology Management Tool, http://tomato.german-lab.de/

A Novel Threshold-Based Transmission Control Scheme for Wireless Sensor Networks

J. Schneider, S. Lorenz, A. Klein, C. Mannweiler, H.D. Schotten Chair for Wireless Communications and Navigation, University of Kaiserslautern, Germany {schneider,lorenz,aklein,mannweiler,schotten}@eit.uni-kl.de

Abstract—Wireless Sensor Networks (WSNs) have become more selected, the threshold values can change. An advantage of the important over the past few years, among others due to their protocol is the reduced amount of deliveries. As a ability to deliver information in difficult and dangerous disadvantage, one can consider situations where an irrelevant, situations. Developments in microelectronics have achieved a however frequent variation of the measured values leads to reduction in costs and size related to the manufacturing of a numerous threshold changes. Increasing the soft threshold node. Based on these facts, there is the need of energy efficient value would solve that issue but one would risk not recognizing routing schemes so that the lifetime of a network increases. In from a node for a while and possibly miss a sensor using up all this paper, we introduce and analyze a modification of the its energy. Therefore, we introduce our extension for TEEN in threshold sensitive energy-efficient sensor network protocol order to avoid that problem. (TEEN) in order to increase the lifetime of a WSN. Simulation results have shown that our event driven modification can B. Extension for TEEN increase a network’s lifetime dramatically. One can hypothesize the measured attribute follows a Keywords: Cluster based routing, energy efficiency, syncronized continuous process. Therefore, differences in successional clusters, network lifetime, wireless sensor networks elements are most likely small. Accordingly, we introduce three states for our extension for TEEN: I. INTRODUCTION  If a node transmits its exact value p times, the node Wireless Sensor Networks (WSNs) can be used for will send a short message including a flag defining the gathering context information of an environment in order to tendency of the measured attribute instead of the exact serve several applications. In most cases, replacing a sensors’ value. battery is not economically advantageous. Therefore, WSNs need to act in an energy efficient manner to maximize their  If a node has to send a data packet for k times, it will lifetime. Energy-efficient protocols have been developed for turn its transceiver off for m rounds. data centric networks, offering the possibility to aggregate data  If a node notices a dramatic change in the measured from adjacent nodes if they have the same or similar data [1]. attribute, it will send a data packet directly to the base Kulik et al. [2] designed an energy efficient protocol for station. wireless sensor networks. Heinzelmann et al. [3] introduced a low-energy adaptive clustering hierarchical routing protocol Implementing those three states, we presume a heavy (LEACH). Ajina et al. [4] present a modification of dynamic reduction in the power consumption in a WSN. Our research is source routing, so that the amount of route request messages based on the IRIS node by Crossbow where the temperature gets reduced. Sazak et al. [5] developed an energy-efficient and barometer sensor deliver a 16bit value. Therefore, MAC protocol for cluster-based WSNs. submitting a single flag with the size of one bit will reduce the time a transceiver has to be turned on. Hence, this will reduce This paper is structured as follows: Section II presents a the power consumption of a node. According to the assumption brief overview about related work done in this field of research. that changes in temperature are continuous, changes will be In Section III, we present our extension of TEEN, called Event rather small. Thus, if a transceiver did not have to become Driven-TEEN (ED-TEEN). In Section IV, we analyze ED- active for a certain time, its measured attribute will not change TEEN and compare its performance with TEEN. significantly. This will give a node the opportunity to stay idle II. AN EXTENSION FOR TEEN for a certain amount of rounds. Since the WSN is using a TDMA scheme within its clusters, nodes are synchronized to A. Characteristics of TEEN each other and know by their allocated slots when they have to TEEN [6] is a cluster-based, reactive routing protocol that have their data ready if new attributes are available. In case of works with two threshold values. These values regulate an (unlikely) significant change in a measured value, a node is whether a node becomes active or not. A hard threshold is able to deliver its new data directly to the base station. In order defining a threshold value for the measured attribute. Nodes to be able to use these new states, we had to restructure the only turn their transceivers on if their measured value is existing TEEN protocol. Instead of picking new cluster heads beyond that defined threshold. A soft threshold determines the every round, we are going to determine new cluster heads necessary difference between two measurements for a every n (n ≥ m) rounds. If the network started the setup phase transceiver becoming active. Every time new cluster heads get earlier, some nodes would not be able to finish their idle period

This work has been supported by the Federal Ministry of Education and Research of the Federal Republic of Germany (Foerderkennzeichen 01 BK 0808, GLab and 01 BU 1116, SolarMesh). The authors alone are responsible for the content of the paper.

131 and we would notice losses in the performance of our new IV. CONCLUSIONS AND FUTURE WORK approach. If k and p are chosen too large, a network will loose With TEEN, a reactive cluster based routing scheme was its accuracy and there would be a risk to loose important developed. In our extension, we changed a message into a information about certain states the network is in. Having k and p too small, there will not be a significant advantage to TEEN. small notification for a cluster head determining whether the Thus, one can derive optimal values for k and p depending on measured value increased or decreased. As long as there is no the desired application for a WSN. drastic change, a cluster head can disregard a sensor’s attribute. Drastic changes in measurements will be accounted III. SYSTEM MODELING AND SIMULATION RESULTS for by an immediate data transmission. Since we are interested in a network’s lifetime, simulations It has been shown that in certain scenarios, like monitoring will provide results faster than experiments with the nodes. a room’s temperature or fire detection, ED-TEEN is more Figure 1 shows a general model of a node’s energy efficient than TEEN. One has to consider that ED-TEEN will consumption. With our approach, we try to minimize the have no advantages in situation of a constant significant change amount of time a node has to keep its transceiver turned on. in the attribute. In that case, ED-TEEN has a similar behavior as TEEN. Future work includes a detailed energy model for a WSNs behavior, e.g. the consumption of a node during a transmission or reception of data packets. Also, the energy consumption of executing computations and sensing processes on a sensor will be studied.

TEEN ED-TEEN

100

80

60

40

Figure 1: Model of energy consumption SensorNodes alive

The transceiver of the IRIS node consumes between 10 to 20 17 mA for a data transmission, depending on the transmission power. The bit rate of the transceiver is 250 kbps. Since the 0 temperature sensor produces a 16bit value for the measured 0 200 400 600 800 1000 1200 1400 1600 1800 2000 temperature and air pressure, the transceiver would be turned Rounds on for a while. In contrast to the active antenna, the idle Figure 2: Comparison of network lifetime transceiver consumes 0.1 µA. REFERENCES For our simulations, we used the network simulator 2, version 2.34. The optimal amount of cluster heads within a [1] E.M. Royer and C.-K. Toh, “A Review of Current Routing Protocols for Ad-Hoc Mobile Wireless Networks”, Personal Communications, IEEE, WSN of 100 nodes is between three and five [2]. We chose vol. 6, no. 2, pp. 46-55, Apr 1999 five as the desired amount of cluster heads. Also, we set the [2] J. Kulik, W. Rabiner, and H. Balakrishnan, ”Adaptive Protocols for deployment area to 100x100 meter. The simulation compares Information Dissemination in Wireless Sensor Networks”, Proceedings TEEN with ED-TEEN where we allow nodes to sleep for one of the 5th ACM/IEEE International Conference on Mobile Computing period if they did not have to become active the last four and Networking (MobiCom’99), 1999 periods. Furthermore, nodes will only send a flag with the [3] W.B. Heinzelmann, A. P. Chandrakasan, and H. Balakrishnan, “An attributes tendency after p=3 consecutive periods of changes. Application-Specific Protocol Architecture for Wireless Microsensor Networks”, IEEE Transactions On Wireless Communications, vol. 1, no. Figure 2 presents the performance evaluation between 4, pp. 660-670, October 2002 TEEN and ED-TEEN using the parameters described before. [4] A. Ajina, G.R. Sakthidharan, and K.M. Miskin, “Study of Energy Network lifetime increases intensely. One can consider that Efficient, Power Aware Routing Algorithm and Their Applications”, Proceedings of the Second International Conference on Machine increasing k and p is going to impact the reliability of a Learning and Computing, pp. 288-291, IEEE 2010 network if the values are chosen too high. Since ED-TEEN [5] N. Sazak, I. Erturk, E. Koklukaya, and M. Cakirogly, “An Energy encourages nodes to stay idle instead of being active or reduces Efficient MAC Protocol for Cluster Based Event Driven WSN the size of a packet to send, it is possible that some nodes have Applications”, Proceedings of IEEE International Conference on to execute more operations than others in the network. Thus, Software, Telecommunications and Computer Networks (SoftCOM), the slope of ED-TEEN is less steep than the one of TEEN. 2010 [6] A. Manjeshwar and Dharma P. Argawal, “TEEN: A Routing Protocol for Enhanced Efficiency in Wireless Sensor Networks”, Proceedings of the 15th IEEE International Parallel and Distributed Processing Symposium (IPDPS), 2001 System Enhancements for Accessing Broadcast Services in All-IP Networks

Patrick Stupar, Krishna Pandit, and Wolfgang Granzow Qualcomm Corporate R&D Center Nuremberg Qualcomm CDMA Technologies GmbH, Nürnberg, Germany

the content server to the MBMS gateway (MBMS-GW) which acts as the IP multicast source and routes the multicast packets I. MOTIVATION to the radio access nodes for synchronized broadcasting. The “All IP Network” (AIPN) in wireless communications has been a topic thoroughly discussed in the last decade both in academia and in standardization fora such as 3GPP [1]. One III. BROADCAST SERVICE SCENARIOS of the benefits of the AIPN paradigm is the possibility to Two possible scenarios have been identified where the introduce in the network new technologies with minimal 3GPP elements implementing the AIPN can interwork with extensions to the core network (hence reducing capital broadcast-specific functionalities to improve the system expenditures). Generally, the enabler of this feature is the use performance: of IP router functionalities collocated in the base station providing the radio access, in a distributed fashion. 1. User counting scenario: the numbers of UEs On the other hand, the integration of broadcast services in an subscribed to the broadcast service available in the AIPN appears to be more challenging as the broadcast services area is low. The system may hence decide to stop rely on a central entity acting as content provider and solutions the provisioning of the broadcast service through may require synchronized delivery of the data packets at the the broadcast channel and deliver it in a unicast radio interface (see e.g. evolved Multimedia Broadcast fashion in order to optimize resources usage. Multicast Service - eMBMS – as defined in [4] and [5]). The 2. Retention priority handling: the number of deployment of this central entity may indeed require core services that are expected to be delivered using the network extensions (Figure 1 shows that eMBMS specific broadcast channel is too high and some service functionalities – BM-SC and MBMS-GW – which are needs to be delivered using unicast connectivity. In required in the core network to implement broadcast services). this case the system prioritizes the services and A possible alternative approach to better exploit the benefits transmits over the broadcast channel only services of AIPN for broadcasting, is the definition of interworking with higher priority. Services which are not between the functionalities providing broadcast services and transmitted through the broadcast channel are the All-IP networks. Interworking enables provisioning of transmitted in a unicast fashion. service to the user over different access systems, e.g. via 3GPP eMBMS broadcast channels in E-UTRAN or via WiFi unicast When selecting unicast transmission, the service may be channels. Depending e.g. on the user scenario, network load delivered in the same access system providing the broadcast conditions, and radio conditions, the access system can be service (if supported by the technology, e.g. eMBMS dynamically changed in a way that is transparent to the user. broadcast over E-UTRAN), or it can be delivered using a different access technology such as e.g. WiFi.

II. ALL-IP AND EMBMS IN 3GPP ARCHITECTURE IV. INTERWORKING SOLUTIONS FOR TRAFFIC OFFLOAD The architecture adopted by 3GPP to apply the AIPN paradigm [2, 3] is described first, whereby IP connectivity to In this presentation we consider the eMBMS architecture as the user terminal is provided by means of Packet Data example of a broadcast system and the 3GPP AIPN Network Gateway (PGW; acting as access router or mobility architecture featuring support for non-3GPP access (e.g. anchor depending on the access technology selected by the WiFi). Both scenarios identified above can be addressed by user equipment (UE)) and Evolved Packet Data Gateway performing interworking between non-3GPP access and (ePDG; IPSec tunnel end-point when the user is connected to eMBMS functionality. Two possible interworking solutions a non-3GPP access), see Figure 1. are proposed and analyzed in the presentation: Then the eMBMS architecture is described [4, 5] in terms of functional elements and the reference interfaces, both at radio 1. Reusing existing interfaces: the traffic is sent by access and core network side. Broadcast packets are sent from the eMBMS content synchronization and

133 distribution function to the PGW which in turn and MBMS-GW as the traffic is delivered through the sends it to the UE connected to the non-3GPP network controlled by the mobile network operator. access. Such traffic can be routed using IP unicast or IP multicast. VI. REFERENCES 2. Defining a new interface connecting the ePDG (or the WLAN access network directly if the ePDG is [1] 3GPP TR 22.978, “All-IP Network (AIPN) feasibility study”, V10.0.0 not required) to the IP multicast distribution point (2011-03), http://www.3gpp.org/ftp/Specs/html-info/22978.htm (MBMS-GW) of MBMS user plane data. [2] 3GPP TS 23.401. "General Packet Radio Service (GPRS) enhancements for Evolved Universal Terrestrial Radio Access Network (E-UTRAN) access". Version 10.3.0. http://www.3gpp.org/ftp/specs/html- Both approaches have benefits and disadvantages which info/23401.htm. . depend on the underlying access network characteristics [3] 3GPP TS 23.402. "Architecture enhancements for non-3GPP accesses". (e.g. if multicast routing protocol is deployed or not). Version 10.3.0. http://www.3gpp.org/ftp/specs/html-info/23402.htm. [4] 3GPP TS 36.440. "General aspects and principles for interfaces supporting Multimedia Broadcast Multicast Service (MBMS) within E- UTRAN" Version 10.0.1. http://www.3gpp.org/ftp/specs/html- V. CONCLUSIONS info/36440.htm The presentation outlines the All-IP network solution and [5] 3GPP TS 23.246. "Multimedia Broadcast/Multicast Service (MBMS); the eMBMS architecture defined by 3GPP and proposes two Architecture and functional description" Version 10.0.0. possible solutions of interworking between the two http://www.3gpp.org/ftp/specs/html-info/23246.htm architectures. The solution reusing existing interfaces has limited impact on the current architecture but requires that the broadcast service is sent through the public Internet, which is not controlled by the mobile network operator and may have performance characteristics that affect the delivery of the broadcast service. Such limitation does not affect the solution based on a new interface between ePDG

Content Provider

BM-SC

Public Internet

PGW MBMS-GW Trusted 3GPP GPRS 3GPP Enhanced non-3GPP Core Packet Core Access GERAN Access UTRAN ePDG Access E-UTRAN Access Untrusted non- 3GPP Access (E.g. WiFi)

Figure 1: 3GPP AIPN architecture

th

11 Würzburg Workshop on IP:

Joint ITG and Euro‐NF Workshop on

“Visions of Future Generation Networks“ EuroView2011

Co‐located with Official G‐Lab Status Meeting

Chair of Communication Networks Institute of Computer Science University of Würzburg