1 / 32

Connection Migration: Why & How

Connection Migration: Why & How. Hari Balakrishnan Networks and Mobile Systems Group MIT Lab for Computer Science http://nms.lcs.mit.edu/ Joint work with Alex Snoeren & Dave Andersen. www.cnn.com’s HTTP service (port). Some socket on breeze.lcs.mit.edu. 207.25.71.23:80. 18.31.0.83:5678.

aubrey-cash
Download Presentation

Connection Migration: Why & How

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Connection Migration: Why & How Hari Balakrishnan Networks and Mobile Systems Group MIT Lab for Computer Science http://nms.lcs.mit.edu/ Joint work with Alex Snoeren & Dave Andersen

  2. www.cnn.com’s HTTP service (port) Some socket on breeze.lcs.mit.edu 207.25.71.23:80 18.31.0.83:5678 Anatomy of a connection • Connection defined by IPA:PortA  IPB:PortB • An IP address does not identify a host; it only identifies a network interface • Is this a good definition of a connection?

  3. Problem #1: Host mobility • Cerf’s comment from DoD Internet paper: “If a host were to move, its network (and host) addresses would change and this would affect the connection identifiers used by the TCP. This is rather like a problem called "dynamic reconnection" which has plagued network designers since the inception of the ARPANET project in 1968.” • Two options today for connections: • Terminate and retry • Somehow preserve IP address and continue • “Horizontal” mobility isn’t quite enough...

  4. Vertical mobility: Seamless inter-provider movement Regional-Area/ ”wireless cable” Metro-Area Campus-Area Packet Radio In-building & In-room

  5. cnn.com Problem #2: Unreliable components • What happens to a bound connection on failure or unresponsiveness? • Individual components rather unreliable • Replicate for improved reliability and availability

  6. Possible solutions • 1. Force constant IP address for end-point • Mobile IP • Layer-N switches with “Virtual IPs” • 2. Make names routable • All packets identify destination by name, which serves as routing identifier • Intentional naming (late binding), TRIAD • 3. In-band migration • Don’t confound end-point and routing identifiers!

  7. “Detunnel” to D on addr dtmp D D D D Home Agent Intercepts pkts “Tunnel” to FA dFA Address constancy: Mobile IP Correspondent Hosts Foreign Agent (FA) Temporary address dtmp changes with mobility Mobile Host

  8. Why Mobile IP isn’t right • Requires additional network support and infrastructure (HA, FA, authentication,…) • Triangle routing even for “local” interactions • Many types of mobile applications • Connections that don’t care for seamlessness • Connection initiators • Both initiators and responders • Ingress filtering  reverse tunneling too! • Vertical mobility can’t be properly handled • Applications can’t be made aware of mobility

  9. Address constancy: Layer-N switching With work can solve: Local distribution Client But we want: Global distribution

  10. Intentional name • [service = camera] • [building = NE43 • [room = 510]] Name-based routing (example) Intentional name resolvers form an overlay network Lookup image Late binding: integrate resolution and message routing

  11. What should a connection be? • Between communicating applications, not network interfaces • Should be possible for an application to easily change network interface of connection: • While preserving good unicast routes • Securely • Should not require a priori knowledge of valid network interfaces • Dynamism should not affect semantics or correctness, nor worsen reliability If done right, can solve both problems at once!

  12. Location Query (DNS Lookup) Location Update (Dynamic DNS Update) Name server Connection Initiation Connection Migration Migrating Host foo.bar.edu yyy.yyy.yyy.yyy Migrate overview Fixed Host xxx.xxx.xxx.xxx

  13. Problems • Consistency of name mapping • Correctness • Handling packet losses around time of movement • What if someone else gets your old address? • Security • Connection hijacking • Denial-of-service protection • Semantics • How to maintain semantics of connection sequence across different nodes?

  14. Dynamic name mappings • Zero TTL on A-records for migratable names • Use Dynamic DNS (RFC 2136, 2137) for Internet names • Potential problems: • Race condition between name update and movement • Simply retry! This isn’t a new failure mode • What about old BIND implementations? • Pray that they’ll vanish off the face of the earth • What about extra DNS load? • What load? Ask Akamai!

  15. Migrating a connection • Initiate migration from new network address • Identify previous connection with token, on SYN • Secure token to protect against hijacking • Requires some state machine changes to guarantee correctness • Preserves service model to application • Handles “middle boxes” • Works with most NATs, PEPs, stateful firewalls • Requires changes to transport protocol • Kernel TCP, SCTP, RTP (linked library)

  16. TCP ConnectionMigration 1. Initial SYN 2. SYN/ACK 3. ACK (with data) 4. Normal data transfer 5. Migrate SYN 6. Migrate SYN/ACK 7. ACK (with data)

  17. TCP ConnectionMigration 1. Initial SYN 2. SYN/ACK 3. ACK (with data) 4.Normal data transfer 5. Migrate SYN 6. Migrate SYN/ACK 7. ACK (with data)

  18. TCP ConnectionMigration 1. Initial SYN 2. SYN/ACK 3. ACK (with data) 4. Normal data transfer 5.Migrate SYN 6.Migrate SYN/ACK 7. ACK (with data)

  19. Two correctness issues • SYN uses 1 byte of sequence space; what should SYN ACK value be set to? • Needed to correctly handle lost segments • What if someone else gets your previous address? • Peer TCP will reset connection

  20. Correctness: SYN ACK corresponds to data 1. Initial SYN 2. SYN/ACK 3. ACK (with data) 4. Normal data transfer 5.Migrate SYN 6.Migrate SYN/ACK 7. ACK (with data)

  21. Modified TCP State Machine • 2 new transitions between existing states • - and - • 1 new state handles potential race condition due to rapid readdressing appl: migrate send: SYN (migrate T, R) recv: SYN (migrate T, R) send: SYN, ACK recv: SYN (migrate T, R) send: SYN, ACK recv: RST 2MSL timeout MIGRATE_WAIT

  22. Securing the Migration • Problem: Increased vulnerability to hijacking • Ingress filtering (RFC 2827) doesn’t help • Attacker only needs token and sequence space • Solution: Keep the token secret • Negotiate it using Diffie-Hellman exchange (Elliptic-Curve DH) • Use sequence numbers to prevent replay • Complete crypto exchange in SYN handshake • Result: Connections are as secure as standard TCP • Use IPsec or SSH for real security

  23. Semantics of multi-machine migration • Sequence spaces across different machines may not have same application-layer semantics ACK 9000 7801-9000

  24. foo.mp3 ISN = I Token = T caddr = Ca cport = Cp preload-tcb One solution: Soft-state synchronzation • Technique for static content (e.g., file) • Information about mapping between filename and TCP initial sequence periodically disseminated Health Monitor ACK 9000 7801-9000

  25. Implementation • Use application-specific stream mapper to map between sequence space and app (e.g., HTTP range requests) HTTP range request HTTP GET parser/creator Client request Backend HTTP server HTTP header parser/ stripper Response handler Response Data relay To client • Stream mapper involved in initial connection processing and in re-establishment

  26. 19.2Kbps Modem Mobile Location 2 …then moves to a new location Experiment #1: Mobility Mobile Location 1 Mobile client initiates a transfer… 19.2Kbps Modem Fixed Server Fixed Basestation 100Mbps Ethernet

  27. SYN/ACK Migration Trace Buffered Packets (old address) Migrate SYN

  28. SYN/ACK A Lossy Trace with SACK Buffered Packets (old address) ACK w/SACK Migrate SYN

  29. Experiment #2: Failover works! 0.000 cl.1065 > sA.8080: . ack 0505 win 31856 ----> (Erroneous) sA death pronouncement issued 0.080 sA.8080 > cl.1065: P 0505:1953(1448) ack 1 win 31856 ----> Successful connection migration to sB 0.095 sB.1033 > cl.1065: S 0:0(0) win 0 <migrate PRELOAD 1> 0.096 cl.1065 > sB.1033: S 0:0(0) ack 1953 win 32120 0.142 sB.1033 > cl.1065: . ack 1 win 32120 ----> Continued data transmission from sA (Reset by client) 0.174 sA.8080 > cl.1065: P 0505:1953(1448) ack 1 win 31856 0.174 cl.1065 > sA.8080: R 1:1(0) win 0 ----> Resumed data transmission from sB 0.241 sB.1033 > cl.1065: P 1953:3413(1460) ack 1 win 32120...

  30. Oscillations aren’t a problem

  31. Summary • Host mobility and service failover are examples of the same fundamental problem: • Connections must be between applications • The Migrate architecture enables connections to be separated from, and move between, IP addresses • Mobility & service failover are both really end-to-end issues! • Got code?

  32. Migrate code for Linux 2.2 available from: http://nms.lcs.mit.edu/software/ Migrate project Web page: http://nms.lcs.mit.edu/projects/migrate/ Networks and MobileSystems

More Related