Towards an Active Network Architecture David L. Tennenhouse and David J. Wetherall* Telemedia, Networks and Systems Group, MIT ABSTRACT particularly interesting, replaces the passive packets of present day architectures with active “capsules” – Active networks allow their users to inject miniature programs that are executed at each router customized programs into the nodes of the network. An they traverse. This change in architectural perspective, extreme case, in which we are most interested, replaces from passive packets to active capsules, packets with “capsules” – program fragments that are simultaneously addresses both of the “active” executed at each network router/switch they traverse. properties described above. User data can be Active architectures permit a massive increase in the embedded within these mini-programs, in much the sophistication of the computation that is performed way a page’s contents are embedded within a fragment within the network. They will enable new applications, of PostScript code. Furthermore, capsules can invoke especially those based on application-specific multicast, pre-defined program methods or plant new ones within information fusion, and other services that leverage network nodes. network-based computation and storage. Furthermore, Our work is motivated by both technology “push” they will accelerate the pace of innovation by and user “pull”. The technology “push” is the decoupling network services from the underlying emergence of “active” technologies, compiled and hardware and allowing new services to be loaded into interpreted, supporting the encapsulation, transfer, the infrastructure on demand. interposition, and safe and efficient execution of In this paper, we describe our vision of an active program fragments. Today, active technologies are network architecture, outline our approach to its design, applied within individual end systems and above the and survey the technologies that can be brought to bear end-to-end network layer; for example, to allow Web on its implementation. We propose that the research servers and clients to exchange program fragments. community mount a joint effort to develop and deploy a Our innovation is to leverage and extend these wide area ActiveNet. technologies for use within the network – in ways that will fundamentally change today’s model of what is 1. INTRODUCTION “in” the network. Traditional data networks passively transport bits The “pull” comes from the ad hoc collection of from one end system to another. Ideally, the user data firewalls, Web proxies, multicast routers, mobile is transferred opaquely, i.e., the network is insensitive proxies, video gateways, etc. that perform user-driven to the bits it carries and they are transferred between computation at nodes “within” the network. Despite end systems without modification. The role of architectural injunctions against them, these nodes are computation within such networks is extremely limited, flourishing, suggesting user and management demand e.g., header processing in packet-switched networks for their services. We are developing the architectural and signaling in connection-oriented networks. support and common programming platforms to support the diversity and dynamic deployment requirements of Active Networks break with tradition by allowing these “interposed” services. Our goal is to replace the the network to perform customized computations on the numerous ad hoc approaches to their implementation user data. For example, a user of an active network with a generic capability that allows users to program could send a customized compression program to a their networks. node within the network (e.g., a router) and request that the node execute that program when processing their There are three principal advantages to basing the packets. These networks are “active” in two ways: network architecture on the exchange of active • Switches perform computations on the user data programs, rather than passive packets: flowing through them. • Exchanging code provides a basis for adaptive • Individuals can inject programs into the network, protocols, enabling richer interactions than the thereby tailoring the node processing to be user- exchange of fixed data formats. and application-specific. • Capsules provide a means of implementing fine grained application-specific functions at We have identified several architectural approaches strategic points within the network. to active networks. One approach, which we find ____________________________________ *{dlt,djw}@lcs.mit.edu. http://www.tns.lcs.mit.edu/. An earlier version of this paper was delivered during the keynote session of Multimedia Computing and Networking, San Jose, CA, January 1996. • The programming abstraction provides a discontinuities in the available bandwidth, e.g., powerful platform for user-driven customization the base stations of wireless networks. of the infrastructure, allowing new services to be These lead applications demonstrate that there is deployed at a faster pace than can be sustained user “pull” towards active networks. In the absence of by vendor driven standardization processes. a coherent approach to interposition they have adopted This paper presents our vision of an active network a variety of ad hoc strategies. In many cases the architecture and the approach we are following towards interposed platforms present the facade of network the deployment of an operational ActiveNet. The layer routers, but actually perform application- or user- active network approach opens a Pandora’s box of specific functions. Active networks will rationalize safety, security, and resource allocation issues. these diverse activities by providing a uniform platform Although we do not present a complete design, we for network-based computation. identify a number of specific research issues, outline the approach we are following towards their resolution Firewalls and identify the technologies we intend to leverage. Firewalls implement filters that determine which Our plan is to bootstrap a wide area ActiveNet using packets should be passed transparently and which similar techniques to those used by the prototype should be blocked. Although they have a peer MBONE, i.e., by locating platforms at strategic relationship to other routers, they implement locations and “tunneling” through existing transmission application- and user- specific functions, in addition to facilities, such as the Internet. packet routing. The need to update the firewall to In the next section we provide a description of some enable the use of new applications is an impediment to of the “lead user” applications that motivate an their adoption. In an Active Network, this process architecture that facilitates computation within the could be automated by allowing applications from network. In section 3, we provide an overview of approved vendors to authenticate themselves to the active networks, a high-level perspective on how we firewall and inject the appropriate modules into it. propose to organize their platforms and an introduction Web Proxies to the research issues that must be addressed. Section 4 describes the “instruction set” issues associated with Web proxies are an example of an application- an interoperable programming model and how “active specific service that is tailored to the serving and technologies” can be leveraged to effect the safe and caching of World Wide Web pages. Harvest [1] efficient evaluation of capsules. We then discuss the employs a hierarchical scheme in which cache nodes management of node resources, such as storage and are located near the edges of the network, i.e., within link bandwidth, followed by our plan for the the end user organizations. This system is scalable and deployment of a research ActiveNet. We realize that could be extended by allowing nodes of the hierarchy our work challenges some key assumptions that have to be located at strategic points within the networks of guided recent networking research and so the final the access providers and inter-exchange carriers. An sections of this paper discuss the architectural and interesting problem is the development of algorithms structural questions raised by our approach. and tools that automatically balance the hierarchy by re-positioning the caches themselves, not just the cached information. Schemes such as dynamic 2. LEAD USERS hierarchical caching [2] and geographical push-caching Recently, there has been considerable interest in: [3] begin to address this issue. agent technologies, which allow mobile code to travel A further argument in favor of using active from clients to servers; and in Web applets, which technologies for web caching is that a significant allow mobile code to travel from servers to clients. fraction of web pages are dynamically computed and Active networks bridge this dichotomy by allowing not susceptible to traditional (passive) caching. This applications to dispatch computation to where it is suggests the development of web proxy schemes that needed. support “active” caches that store and execute the We are encouraged by the observation that a programs that generate web pages. number of lead users have pressing requirements for the transparent interposition of computation within the Mobile/Nomadic Computing network. These include the developers of: Interposition strategies are used by a number of • Firewalls, which are typically located at researchers addressing mobility. For example, administrative boundaries. Kleinrock [4] describes a