Enabling Future Internet innovations through Transit wire (eFIT)

Today’s Architectural Handicaps

" Success of the Internet has been driven by user innovations

"Architectural objective: enable and facilitate future innovations

"Architectural requirement: provide universal connectivity"Edge independence: two ends should be able to talk to each other as

long as they deploy the same protocol (without relying on changes to the middle)

"Scalability: connectivity should scale with future growth of Internet user population (anything that supports connectivity, e.g. routing, needs to scale).

"Availability: resilience against physical faults and malicious attacks

"Users are handicapped by"Lack of ISP support in new

innovations"Lack of globally unique

addresses"Lack of DDoS protection

"ISPs are handicapped by"Lack of routing scalability

"Lack of manageability

"Lack of routing system security

Dan Massey (NetSec, Colorado State University)Lan Wang (NetLab, University of Memphis)

Beichuan Zhang (University of Arizona)Lixia Zhang (Internet Research Lab, UCLA)

Design Challenges Research Plan

The Value of the Internet:Innovative applications

Our Solution: eFIT

"Design eFIT components" mapping service;

" transit wire;

"Use simulation and testbed to evaluate eFIT

" packet delivery performance;

" availability under attack;

" scalability with regard to user growth;

"Demonstrate how eFIT can provide universal connectivity through test cases, for example:" DDoS protection

" Multicast

"Integrate research results into education: hold joint research seminar course across four campuses

Fundamental Problem:

• one address space, one routing space

• User networks and ISPs are tightly bundled together, neither can move forward independent of the other.

"Transit Wire: eFIT enables users to treat the transit core as a wire connecting to all other Internet hosts

"This model can be realized by putting users and ISPs in different address and routing spaces."Enable the two parties to evolve independently;"Enable scalable routing system design"Raise the bar against attacks targeted at the global routing infrastructure

"Mapping Service: bridges the two spaces

"Map each destination user address to a provider router address via which the destination network is attached to the Internet.

"Insulate the changes of one space to another, provides a layer of indirection, through which additional services (e.g., traffic engineering, DDoS prevention) can be realized.

Transit Wire

User Network S

User Network D

Src Dst

A XP1 P2

DstSrcP1 P2

DstSrc

DstSrcP1 P2

DstSrc

C1C2

Global Routable Address Space

Global Deliverable Address Space

Packet Delivery in eFIT

"Mapping Service:"How to ensure the authenticity and availability

of mapping information under atacks and faults?"How to scale the mapping system to the growth

in user sites?"How to minimize packet losses and delays in

face of transient failurs?"How to design a flexible interface to support

plug-in of new services and functions?

"Transit Wire:"How to structure the transit wire addresses to

better support traffic engineering, management and routing scalability?ISP ownershipgeographic location information

"How to design a new routing protocol to harmonize the interactions between inter-domain and intra-domain routing?

"How to take full advantages of new optical technology at physical layer?

"Ingress router uses mapping service to locate the egress router that serves the destination address Dst;

"In transit wire, packets from Src to Dst are encapsulated with ingress and egress routers’ addresses (P1 and P2);

Future Internet Architecture

Ubiquitous end-to-end connectivity is the key to enable the innovations

digg