SlideShare ist ein Scribd-Unternehmen logo

Introduction to Hybrid Information-Centric Networking

L
Luca Muscariello

The document provides an overview of hybrid Information-Centric Networking (hICN). Key points: - hICN brings Content-Centric Networking (CCN) into IPv6 to allow connection-less and location-independent data access using names. - It uses an Interest/Data packet format with the name prefix in the IPv6 header to leverage IP routing. This allows hICN to be an overlay of IPv6. - It provides many-to-many communication, mobility, redundancy elimination and other benefits while being implemented as an evolutionary upgrade to current networks. - The implementation status includes a VPP plugin network forwarder, transport library, and applications support. Work

Technologie
1 von 27
Downloaden Sie, um offline zu lesen
Luca Muscariello, Cisco Systems An Introduction to the Hybrid Information-Centric Networking Project FD.io mini summit at Kubecon 2019, Barcelona 20th of May 2019
What is hICN in the first place? • You may have heard • Content-Centric Networking (RFC to be published in 2019, implementation in FD.io CICN) • Name-Data Networking (currently in the Intel-NSF Wireless-Edge Network program) • The whole idea was launched by Van Jacobson at Xerox’s PARC in 2009 as a research project. • Cisco has acquired CCN Xerox’s IPR in 2017 and open sourced CICN and hICN in FD.io. • hICN brings CCN into IPv6. • How?
• A network architecture to transport many different kinds of applications from real-time to content-distribution; • enables connection-less and location-independent communications by identifying data with unambiguous names; • hICN is based on request/reply semantics and an hICN node accepts data from an input interface if and only if there is a pending request for it (local flow balance principle). • data authentication instead of end-point authentication. • The application can ask “what” it wants to the transport network and not “where” to find it. What is hICN in the first place?
• Many-to-Many communications • Simpler anycast, multicast • Mobility and multi-homing is built-in • Redundancy elimination • Transport services are receiver-driven, the data sender is stateless • Scalability for many workloads we struggle with today: Group communications, Multicast. What does it bring to current networking?
Outline • Motivation • Naming data with IPv6 • The network architecture • Application support
• Insert ICN into the Internet Protocol • Evolutionary implementation • Shorter time to deployment • Minimize standardization effort • Minimize clean-slate work in routers and end-hosts • Enable hybrid deployment and interconnection of IPv6 and hICN • hICN as an overset of IPv6 Motivation
Name prefixes in IPv6 numbers • location-independent identifiers for data sources • An RTP media source • An HTTP service • A video object • An end host • A service
• Definitions: • Name prefix: encoded as an IPv6 128 bits word and carried in IPv6 header fields • Name suffix: encoded in transport headers fields such as TCP • Name: hierarchical concatenation of name prefix and suffix Naming data with the Internet Protocol bits 48 (or >) 16(or <) 64 fields Routing prefix Subnet Interface id bits 64 64 fields Routing prefix Resource prefix Name prefix in AF_HICN
• It is an open problem to determine which IPv6 prefixes should be used as name prefixes: several options are possible. • It is desirable to be able to recognize that an IPv6 prefix is a name prefix, e.g. with an address family • However this can be determined and distributed by a control plane to configure routers IPv6 prefixes for data names 1. a new IPv6 address family AF_HICN, b001::/16 2. Let the management and control plane to locally configure HICN prefixes and announce them to neighbors for interconnection. A prefix owner can reuse existing prefixes 3. Other solutions…
Packet format
Packet format: two protocol data units • The protocol semantic is request/reply • Two protocol data units: Interest/Data • Interest is used to query Data with a 1:1 match • The semantics are unchanged w.r.t. NDN/CCN • draft-irtf-icnrg-ccnxmessages-09 (RFC in 2019) • draft-irtf-icnrg-ccnxsemantics-10 (RFC in 2019) L4 Header Payload L3 Header L4 Header L3 Header Interest Packet Data Packet
Packet format L3 • The name prefix is stored in the DST address field to exploit IP routing/forwarding of the requests • The name prefix is stored in the SRC address field as replies are not routed by name • SRC and DST in Interest/Data are valid IPv6 addresses (locators), i.e. identifiers of network interfaces Destination Address Name Prefix for Interest Packets Source Address Name Prefix for Data Packets Payload Length Next Header Hop Limit Flow LabelTraffic ClassVersion 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
Packet format L4 • Use the TCP header by default • Keep SRC/DST ports • But also UDP header to carry a hICN L4 header • May be the long term approach as new transport services tend to be developed on top of UDP (LEDBAT, QUIC) Name Suffix Destination PortSource Port Path Label Checksum Lifetime 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 Data Offset Time Scale Loss Detection and Recovery M A N A C K S I G R S T S Y N F I N Name Suffix Destination PortSource Port Path Label Checksum Data Offset Time Scale Loss Detection and Recovery M A N A C K S I G R S T S Y N F I N ChecksumLength TCP UDP TCP-like OR
Security: authentication and integrity • Authenticity and Integrity provided by using crypto signatures • Binds data, data name and producer identity. • Two signature envelops: a single data packet or the transport manifest • In the first case the signature is carried by the IP authentication header • In the second case the transport manifest is the only signed unit • Definition of L4 Manifest • A low level index of names of a collection of data packets • Carries hashes of data for integrity (e.g. SHA256) • Carries the signature of the manifest for authentication (Cipher text of the RSA256 using producer’s private key). L4 Header Payload L3 Header Data Packet AH Header L4 Header L3 Header L4 Manifest
Forwarding path consumer producer
hICN protocol semantics: the interest path ingress Packet cache RX(Interest) name:=PARSE(Interest Packet) lookup(name, exact match) Data? yes no TX(Data, data.v6.dst:= interest.v6.src) drop egress Inter est yes same src? cache duplicate no IPv6 FIB forwarding strategy yes lookup(name prefix, longest match) TX(Interest, interest.v6.src:= interface.v6.addr) valid interfaces no match valid interfaces
hICN protocol semantics: the data path egress Packet cache RX(Data) lookup(name, exact match) no ingress Inter est yes TX(Data, data.v6.dst:= interest[1].v6.src) Get all interests and evict TX(Data, data.v6.dst:= interest[2].v6.src) TX(Data, data.v6.dst:= interest[3].v6.src) drop cache name:=PARSE(Data)
• hICN traffic requires a punting rule • Has to be efficient and easy to manage • AF_HICN putting using ACL • Explicitly flag hICN traffic, how? Port numbers? Punting hICN traffic Packetparser AccessControlList PuntingandPolicy Ingress VRF: hICN function Egress AddressTables
Application Support
• An INET like Socket API and a post-socket API • Unidirectional sockets: producer and consumers • Socket identifiers based on name prefixes • Segmentation and signature computation at the producer • Reassembly and signature verification at the consumer • DATAGRAM or STREAM transport • Reliable or unreliable • Support of current applications: HTTP, (S)RTP • Support (D)TLS and soon MLS (for group communications). Transport Layer and Socket API IP TCP, UDP HTTP, RTP hICN STREAM, DATAGRAM, RELIABLE, UNRELIABLE DASH, RTC
Application ADU Forwarding Engine L3 PDU (I/D) Transport Socket Library Segmentation Authentication NamingIntegrity Reassembly Verification Flow ControlFetching Producer Services Consumer Services Routing and Forwarding Application Logic Transport Services
Producer Socket Consumer Socket Interest Input Buffer Data Output Buffer Integrity Authentication Segmentation Naming Hit Miss Interests Application (e.g. HTTP Client) Interest Output Buffer Data Input Buffer Data Packets Integrity/Auth Check Reassembly Data Retrieval Protocol Interests Data Packets Application (e.g. HTTP Server) Interests can be satisfied directly at the transport layer
ABR video distribution with HTTP cache
WebRTC with a media bridge
RSocket over hICN
Implementation Status (v19.04) Network • VPP plugin implementing the packet forwarder • Socket-based app for end client (Windows 10, macOS 12.14, iOS 12, Android 8, Linux Ubuntu/CentOS) • NETCONF/YANG support using a sysrepo plugin • Network management and Telemetry • Mobility management. Transport • A user-space library implementing transport services • Reliable/Unreliable • Real-Time (Audio and Video) • Congestion control (Delay-Based, BBR) • Loss detection and recovery • a memif based connector to VPP • a socket based connector for the client packet forwarder. https://github.com/FDio/hicn
Work in progress • Performance enhancements in the VPP plugin and the transport library • More supported applications • gRPC • BitTorrent • Control/Management plane • Routing • DHCP for name provisioning

Empfohlen

Chapitre 6 hachage statique
Chapitre 6 hachage statiqueChapitre 6 hachage statique
Chapitre 6 hachage statiqueSana Aroussi
 
Kernel Proc Connector and Containers
Kernel Proc Connector and ContainersKernel Proc Connector and Containers
Kernel Proc Connector and ContainersKernel TLV
 
Le montage d'un ordinateur
Le montage d'un ordinateurLe montage d'un ordinateur
Le montage d'un ordinateurD1clic
 
Cryptographie
CryptographieCryptographie
CryptographieSeifallah Jardak
 
Implémentation des principaux algorithmes de chiffrements en Java
Implémentation des principaux algorithmes de chiffrements en JavaImplémentation des principaux algorithmes de chiffrements en Java
Implémentation des principaux algorithmes de chiffrements en JavaIbn Tofail University
 
Chapitre 1 Définitions et vocabulaires de base.pdf
Chapitre 1 Définitions et vocabulaires de base.pdfChapitre 1 Définitions et vocabulaires de base.pdf
Chapitre 1 Définitions et vocabulaires de base.pdfYounesAziz3
 
Virtual Machine Constructions for Dummies
Virtual Machine Constructions for DummiesVirtual Machine Constructions for Dummies
Virtual Machine Constructions for DummiesNational Cheng Kung University
 
Quick and Easy Device Drivers for Embedded Linux Using UIO
Quick and Easy Device Drivers for Embedded Linux Using UIOQuick and Easy Device Drivers for Embedded Linux Using UIO
Quick and Easy Device Drivers for Embedded Linux Using UIOChris Simmonds
 

Empfohlen

Chapitre 6 hachage statique
Chapitre 6 hachage statiqueChapitre 6 hachage statique
Chapitre 6 hachage statiqueSana Aroussi
 
Kernel Proc Connector and Containers
Kernel Proc Connector and ContainersKernel Proc Connector and Containers
Kernel Proc Connector and ContainersKernel TLV
 
Le montage d'un ordinateur
Le montage d'un ordinateurLe montage d'un ordinateur
Le montage d'un ordinateurD1clic
 
Cryptographie
CryptographieCryptographie
CryptographieSeifallah Jardak
 
Implémentation des principaux algorithmes de chiffrements en Java
Implémentation des principaux algorithmes de chiffrements en JavaImplémentation des principaux algorithmes de chiffrements en Java
Implémentation des principaux algorithmes de chiffrements en JavaIbn Tofail University
 
Chapitre 1 Définitions et vocabulaires de base.pdf
Chapitre 1 Définitions et vocabulaires de base.pdfChapitre 1 Définitions et vocabulaires de base.pdf
Chapitre 1 Définitions et vocabulaires de base.pdfYounesAziz3
 
Virtual Machine Constructions for Dummies
Virtual Machine Constructions for DummiesVirtual Machine Constructions for Dummies
Virtual Machine Constructions for DummiesNational Cheng Kung University
 
Quick and Easy Device Drivers for Embedded Linux Using UIO
Quick and Easy Device Drivers for Embedded Linux Using UIOQuick and Easy Device Drivers for Embedded Linux Using UIO
Quick and Easy Device Drivers for Embedded Linux Using UIOChris Simmonds
 
Cryptographie quantique
Cryptographie quantiqueCryptographie quantique
Cryptographie quantiqueFranck Franchin
 
Présentation Cryptographie
Présentation CryptographiePrésentation Cryptographie
Présentation CryptographieCynapsys It Hotspot
 
Detecting Silent Data Corruptions using Linux DMA Debug API
Detecting Silent Data Corruptions using Linux DMA Debug APIDetecting Silent Data Corruptions using Linux DMA Debug API
Detecting Silent Data Corruptions using Linux DMA Debug APISamsung Open Source Group
 
Linux MMAP & Ioremap introduction
Linux MMAP & Ioremap introductionLinux MMAP & Ioremap introduction
Linux MMAP & Ioremap introductionGene Chang
 
ADRESSAGE DANS LES RESEAUX INFORMATIQUE.pptx
ADRESSAGE DANS LES RESEAUX INFORMATIQUE.pptxADRESSAGE DANS LES RESEAUX INFORMATIQUE.pptx
ADRESSAGE DANS LES RESEAUX INFORMATIQUE.pptxStephen Salama
 
Translation d'adresse réseau (NAT)
Translation d'adresse réseau (NAT)Translation d'adresse réseau (NAT)
Translation d'adresse réseau (NAT)Manassé Achim kpaya
 
Arm A64fx and Post-K: Game-Changing CPU & Supercomputer for HPC, Big Data, & AI
Arm A64fx and Post-K: Game-Changing CPU & Supercomputer for HPC, Big Data, & AIArm A64fx and Post-K: Game-Changing CPU & Supercomputer for HPC, Big Data, & AI
Arm A64fx and Post-K: Game-Changing CPU & Supercomputer for HPC, Big Data, & AIinside-BigData.com
 
Introduction à l’architecture des ordinateurs
Introduction à l’architecture des ordinateursIntroduction à l’architecture des ordinateurs
Introduction à l’architecture des ordinateursAbdoulaye Dieng
 
LCU14 302- How to port OP-TEE to another platform
LCU14 302- How to port OP-TEE to another platformLCU14 302- How to port OP-TEE to another platform
LCU14 302- How to port OP-TEE to another platformLinaro
 
Ch8 correction exercices (1)
Ch8 correction exercices (1)Ch8 correction exercices (1)
Ch8 correction exercices (1)abdellah12
 
Chapitre 3 NP-complétude
Chapitre 3 NP-complétudeChapitre 3 NP-complétude
Chapitre 3 NP-complétudeSana Aroussi
 
Chapitre 2 complexité
Chapitre 2 complexitéChapitre 2 complexité
Chapitre 2 complexitéSana Aroussi
 
Systèmes d'Exploitation - chp5-gestion fichiers
Systèmes d'Exploitation - chp5-gestion fichiersSystèmes d'Exploitation - chp5-gestion fichiers
Systèmes d'Exploitation - chp5-gestion fichiersLilia Sfaxi
 
Algorithmique et Structures de Données II
Algorithmique et Structures de Données IIAlgorithmique et Structures de Données II
Algorithmique et Structures de Données IIRiadh Bouslimi
 
Video
VideoVideo
VideoDr. Abdelwahad MAAROUF
 
Administration des services réseaux
Administration des services réseauxAdministration des services réseaux
Administration des services réseauxFethi Kiwa
 
La détection de la fraude par la connaissance des données - Carte Blanche Par...
La détection de la fraude par la connaissance des données - Carte Blanche Par...La détection de la fraude par la connaissance des données - Carte Blanche Par...
La détection de la fraude par la connaissance des données - Carte Blanche Par...Jean-François Tripodi
 
WIlfried K. AGBO- Exposé sur la Cryptographie
WIlfried K. AGBO- Exposé sur la CryptographieWIlfried K. AGBO- Exposé sur la Cryptographie
WIlfried K. AGBO- Exposé sur la CryptographieWilfreid AGBO
 
partie-samba.pptx
partie-samba.pptxpartie-samba.pptx
partie-samba.pptxpharmnature
 
LAS16-403: GDB Linux Kernel Awareness
LAS16-403: GDB Linux Kernel AwarenessLAS16-403: GDB Linux Kernel Awareness
LAS16-403: GDB Linux Kernel AwarenessLinaro
 
Future Internet protocols
Future Internet protocolsFuture Internet protocols
Future Internet protocolsOlivier Bonaventure
 
Innovation is back in the transport and network layers
Innovation is back in the transport and network layersInnovation is back in the transport and network layers
Innovation is back in the transport and network layersOlivier Bonaventure
 

Weitere ähnliche Inhalte

Was ist angesagt?

Detecting Silent Data Corruptions using Linux DMA Debug API
Detecting Silent Data Corruptions using Linux DMA Debug APIDetecting Silent Data Corruptions using Linux DMA Debug API
Detecting Silent Data Corruptions using Linux DMA Debug APISamsung Open Source Group
 
Linux MMAP & Ioremap introduction
Linux MMAP & Ioremap introductionLinux MMAP & Ioremap introduction
Linux MMAP & Ioremap introductionGene Chang
 
ADRESSAGE DANS LES RESEAUX INFORMATIQUE.pptx
ADRESSAGE DANS LES RESEAUX INFORMATIQUE.pptxADRESSAGE DANS LES RESEAUX INFORMATIQUE.pptx
ADRESSAGE DANS LES RESEAUX INFORMATIQUE.pptxStephen Salama
 
Translation d'adresse réseau (NAT)
Translation d'adresse réseau (NAT)Translation d'adresse réseau (NAT)
Translation d'adresse réseau (NAT)Manassé Achim kpaya
 
Arm A64fx and Post-K: Game-Changing CPU & Supercomputer for HPC, Big Data, & AI
Arm A64fx and Post-K: Game-Changing CPU & Supercomputer for HPC, Big Data, & AIArm A64fx and Post-K: Game-Changing CPU & Supercomputer for HPC, Big Data, & AI
Arm A64fx and Post-K: Game-Changing CPU & Supercomputer for HPC, Big Data, & AIinside-BigData.com
 
Introduction à l’architecture des ordinateurs
Introduction à l’architecture des ordinateursIntroduction à l’architecture des ordinateurs
Introduction à l’architecture des ordinateursAbdoulaye Dieng
 
LCU14 302- How to port OP-TEE to another platform
LCU14 302- How to port OP-TEE to another platformLCU14 302- How to port OP-TEE to another platform
LCU14 302- How to port OP-TEE to another platformLinaro
 
Ch8 correction exercices (1)
Ch8 correction exercices (1)Ch8 correction exercices (1)
Ch8 correction exercices (1)abdellah12
 
Chapitre 3 NP-complétude
Chapitre 3 NP-complétudeChapitre 3 NP-complétude
Chapitre 3 NP-complétudeSana Aroussi
 
Chapitre 2 complexité
Chapitre 2 complexitéChapitre 2 complexité
Chapitre 2 complexitéSana Aroussi
 
Systèmes d'Exploitation - chp5-gestion fichiers
Systèmes d'Exploitation - chp5-gestion fichiersSystèmes d'Exploitation - chp5-gestion fichiers
Systèmes d'Exploitation - chp5-gestion fichiersLilia Sfaxi
 
Algorithmique et Structures de Données II
Algorithmique et Structures de Données IIAlgorithmique et Structures de Données II
Algorithmique et Structures de Données IIRiadh Bouslimi
 
Administration des services réseaux
Administration des services réseauxAdministration des services réseaux
Administration des services réseauxFethi Kiwa
 
La détection de la fraude par la connaissance des données - Carte Blanche Par...
La détection de la fraude par la connaissance des données - Carte Blanche Par...La détection de la fraude par la connaissance des données - Carte Blanche Par...
La détection de la fraude par la connaissance des données - Carte Blanche Par...Jean-François Tripodi
 
WIlfried K. AGBO- Exposé sur la Cryptographie
WIlfried K. AGBO- Exposé sur la CryptographieWIlfried K. AGBO- Exposé sur la Cryptographie
WIlfried K. AGBO- Exposé sur la CryptographieWilfreid AGBO
 
partie-samba.pptx
partie-samba.pptxpartie-samba.pptx
partie-samba.pptxpharmnature
 
LAS16-403: GDB Linux Kernel Awareness
LAS16-403: GDB Linux Kernel AwarenessLAS16-403: GDB Linux Kernel Awareness
LAS16-403: GDB Linux Kernel AwarenessLinaro
 

Was ist angesagt? (20)

Cryptographie quantique
Cryptographie quantiqueCryptographie quantique
Cryptographie quantique
 
Présentation Cryptographie
Présentation CryptographiePrésentation Cryptographie
Présentation Cryptographie
 
Detecting Silent Data Corruptions using Linux DMA Debug API
Detecting Silent Data Corruptions using Linux DMA Debug APIDetecting Silent Data Corruptions using Linux DMA Debug API
Detecting Silent Data Corruptions using Linux DMA Debug API
 
Linux MMAP & Ioremap introduction
Linux MMAP & Ioremap introductionLinux MMAP & Ioremap introduction
Linux MMAP & Ioremap introduction
 
ADRESSAGE DANS LES RESEAUX INFORMATIQUE.pptx
ADRESSAGE DANS LES RESEAUX INFORMATIQUE.pptxADRESSAGE DANS LES RESEAUX INFORMATIQUE.pptx
ADRESSAGE DANS LES RESEAUX INFORMATIQUE.pptx
 
Translation d'adresse réseau (NAT)
Translation d'adresse réseau (NAT)Translation d'adresse réseau (NAT)
Translation d'adresse réseau (NAT)
 
Arm A64fx and Post-K: Game-Changing CPU & Supercomputer for HPC, Big Data, & AI
Arm A64fx and Post-K: Game-Changing CPU & Supercomputer for HPC, Big Data, & AIArm A64fx and Post-K: Game-Changing CPU & Supercomputer for HPC, Big Data, & AI
Arm A64fx and Post-K: Game-Changing CPU & Supercomputer for HPC, Big Data, & AI
 
Introduction à l’architecture des ordinateurs
Introduction à l’architecture des ordinateursIntroduction à l’architecture des ordinateurs
Introduction à l’architecture des ordinateurs
 
LCU14 302- How to port OP-TEE to another platform
LCU14 302- How to port OP-TEE to another platformLCU14 302- How to port OP-TEE to another platform
LCU14 302- How to port OP-TEE to another platform
 
Ch8 correction exercices (1)
Ch8 correction exercices (1)Ch8 correction exercices (1)
Ch8 correction exercices (1)
 
Chapitre 3 NP-complétude
Chapitre 3 NP-complétudeChapitre 3 NP-complétude
Chapitre 3 NP-complétude
 
Chapitre 2 complexité
Chapitre 2 complexitéChapitre 2 complexité
Chapitre 2 complexité
 
Systèmes d'Exploitation - chp5-gestion fichiers
Systèmes d'Exploitation - chp5-gestion fichiersSystèmes d'Exploitation - chp5-gestion fichiers
Systèmes d'Exploitation - chp5-gestion fichiers
 
Algorithmique et Structures de Données II
Algorithmique et Structures de Données IIAlgorithmique et Structures de Données II
Algorithmique et Structures de Données II
 
Video
VideoVideo
Video
 
Administration des services réseaux
Administration des services réseauxAdministration des services réseaux
Administration des services réseaux
 
La détection de la fraude par la connaissance des données - Carte Blanche Par...
La détection de la fraude par la connaissance des données - Carte Blanche Par...La détection de la fraude par la connaissance des données - Carte Blanche Par...
La détection de la fraude par la connaissance des données - Carte Blanche Par...
 
WIlfried K. AGBO- Exposé sur la Cryptographie
WIlfried K. AGBO- Exposé sur la CryptographieWIlfried K. AGBO- Exposé sur la Cryptographie
WIlfried K. AGBO- Exposé sur la Cryptographie
 
partie-samba.pptx
partie-samba.pptxpartie-samba.pptx
partie-samba.pptx
 
LAS16-403: GDB Linux Kernel Awareness
LAS16-403: GDB Linux Kernel AwarenessLAS16-403: GDB Linux Kernel Awareness
LAS16-403: GDB Linux Kernel Awareness
 

Ähnlich wie Introduction to Hybrid Information-Centric Networking

Innovation is back in the transport and network layers
Innovation is back in the transport and network layersInnovation is back in the transport and network layers
Innovation is back in the transport and network layersOlivier Bonaventure
 
IPv6 .pdf
IPv6 .pdfIPv6 .pdf
IPv6 .pdfniran10
 
Networking presentation 9 march 2009
Networking presentation 9 march 2009Networking presentation 9 march 2009
Networking presentation 9 march 2009Kinshook Chaturvedi
 
DCHP,NAT,forwarding of ip packets
DCHP,NAT,forwarding of ip packetsDCHP,NAT,forwarding of ip packets
DCHP,NAT,forwarding of ip packetsrajshreemuthiah
 
JCSA2013 05 Pascal Thubert - La frange polymorphe de l'Internet
JCSA2013 05 Pascal Thubert - La frange polymorphe de l'InternetJCSA2013 05 Pascal Thubert - La frange polymorphe de l'Internet
JCSA2013 05 Pascal Thubert - La frange polymorphe de l'InternetAfnic
 
In Defence of NATs
In Defence of NATsIn Defence of NATs
In Defence of NATsAPNIC
 
16.) layer 3 (basic tcp ip routing)
16.) layer 3 (basic tcp ip routing)16.) layer 3 (basic tcp ip routing)
16.) layer 3 (basic tcp ip routing)Jeff Green
 
AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?
AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?
AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?Mark Smith
 
Understanding i pv6 2
Understanding i pv6 2Understanding i pv6 2
Understanding i pv6 2srmanjuskp
 
8.X Sec & I Pv6
8.X Sec & I Pv68.X Sec & I Pv6
8.X Sec & I Pv6phanleson
 
CCNA Interview.pdf
CCNA Interview.pdfCCNA Interview.pdf
CCNA Interview.pdfhoang971
 
Web technologies: recap on TCP-IP
Web technologies: recap on TCP-IPWeb technologies: recap on TCP-IP
Web technologies: recap on TCP-IPPiero Fraternali
 

Ähnlich wie Introduction to Hybrid Information-Centric Networking (20)

Future Internet protocols
Future Internet protocolsFuture Internet protocols
Future Internet protocols
 
Innovation is back in the transport and network layers
Innovation is back in the transport and network layersInnovation is back in the transport and network layers
Innovation is back in the transport and network layers
 
IPv6 .pdf
IPv6 .pdfIPv6 .pdf
IPv6 .pdf
 
Ipv6up
Ipv6upIpv6up
Ipv6up
 
Networking presentation 9 march 2009
Networking presentation 9 march 2009Networking presentation 9 march 2009
Networking presentation 9 march 2009
 
DCHP,NAT,forwarding of ip packets
DCHP,NAT,forwarding of ip packetsDCHP,NAT,forwarding of ip packets
DCHP,NAT,forwarding of ip packets
 
JCSA2013 05 Pascal Thubert - La frange polymorphe de l'Internet
JCSA2013 05 Pascal Thubert - La frange polymorphe de l'InternetJCSA2013 05 Pascal Thubert - La frange polymorphe de l'Internet
JCSA2013 05 Pascal Thubert - La frange polymorphe de l'Internet
 
Network Layer And I Pv6
Network Layer And I Pv6Network Layer And I Pv6
Network Layer And I Pv6
 
In Defence of NATs
In Defence of NATsIn Defence of NATs
In Defence of NATs
 
Ipv6
Ipv6Ipv6
Ipv6
 
16.) layer 3 (basic tcp ip routing)
16.) layer 3 (basic tcp ip routing)16.) layer 3 (basic tcp ip routing)
16.) layer 3 (basic tcp ip routing)
 
AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?
AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?
AusNOG 2014 - Network Virtualisation: The Killer App for IPv6?
 
Understanding i pv6 2
Understanding i pv6 2Understanding i pv6 2
Understanding i pv6 2
 
RPKI Tutorial
RPKI Tutorial RPKI Tutorial
RPKI Tutorial
 
8.X Sec & I Pv6
8.X Sec & I Pv68.X Sec & I Pv6
8.X Sec & I Pv6
 
Chapter4 Network
Chapter4 NetworkChapter4 Network
Chapter4 Network
 
CCNA Interview.pdf
CCNA Interview.pdfCCNA Interview.pdf
CCNA Interview.pdf
 
Web technologies: recap on TCP-IP
Web technologies: recap on TCP-IPWeb technologies: recap on TCP-IP
Web technologies: recap on TCP-IP
 
computerNetworkSecurity.ppt
computerNetworkSecurity.pptcomputerNetworkSecurity.ppt
computerNetworkSecurity.ppt
 
Network.pptx
Network.pptxNetwork.pptx
Network.pptx
 

Kürzlich hochgeladen

Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 

Kürzlich hochgeladen (20)

Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 

Introduction to Hybrid Information-Centric Networking

  • 1. Luca Muscariello, Cisco Systems An Introduction to the Hybrid Information-Centric Networking Project FD.io mini summit at Kubecon 2019, Barcelona 20th of May 2019
  • 2. What is hICN in the first place? • You may have heard • Content-Centric Networking (RFC to be published in 2019, implementation in FD.io CICN) • Name-Data Networking (currently in the Intel-NSF Wireless-Edge Network program) • The whole idea was launched by Van Jacobson at Xerox’s PARC in 2009 as a research project. • Cisco has acquired CCN Xerox’s IPR in 2017 and open sourced CICN and hICN in FD.io. • hICN brings CCN into IPv6. • How?
  • 3. • A network architecture to transport many different kinds of applications from real-time to content-distribution; • enables connection-less and location-independent communications by identifying data with unambiguous names; • hICN is based on request/reply semantics and an hICN node accepts data from an input interface if and only if there is a pending request for it (local flow balance principle). • data authentication instead of end-point authentication. • The application can ask “what” it wants to the transport network and not “where” to find it. What is hICN in the first place?
  • 4. • Many-to-Many communications • Simpler anycast, multicast • Mobility and multi-homing is built-in • Redundancy elimination • Transport services are receiver-driven, the data sender is stateless • Scalability for many workloads we struggle with today: Group communications, Multicast. What does it bring to current networking?
  • 5. Outline • Motivation • Naming data with IPv6 • The network architecture • Application support
  • 6. • Insert ICN into the Internet Protocol • Evolutionary implementation • Shorter time to deployment • Minimize standardization effort • Minimize clean-slate work in routers and end-hosts • Enable hybrid deployment and interconnection of IPv6 and hICN • hICN as an overset of IPv6 Motivation
  • 7. Name prefixes in IPv6 numbers • location-independent identifiers for data sources • An RTP media source • An HTTP service • A video object • An end host • A service
  • 8. • Definitions: • Name prefix: encoded as an IPv6 128 bits word and carried in IPv6 header fields • Name suffix: encoded in transport headers fields such as TCP • Name: hierarchical concatenation of name prefix and suffix Naming data with the Internet Protocol bits 48 (or >) 16(or <) 64 fields Routing prefix Subnet Interface id bits 64 64 fields Routing prefix Resource prefix Name prefix in AF_HICN
  • 9. • It is an open problem to determine which IPv6 prefixes should be used as name prefixes: several options are possible. • It is desirable to be able to recognize that an IPv6 prefix is a name prefix, e.g. with an address family • However this can be determined and distributed by a control plane to configure routers IPv6 prefixes for data names 1. a new IPv6 address family AF_HICN, b001::/16 2. Let the management and control plane to locally configure HICN prefixes and announce them to neighbors for interconnection. A prefix owner can reuse existing prefixes 3. Other solutions…
  • 11. Packet format: two protocol data units • The protocol semantic is request/reply • Two protocol data units: Interest/Data • Interest is used to query Data with a 1:1 match • The semantics are unchanged w.r.t. NDN/CCN • draft-irtf-icnrg-ccnxmessages-09 (RFC in 2019) • draft-irtf-icnrg-ccnxsemantics-10 (RFC in 2019) L4 Header Payload L3 Header L4 Header L3 Header Interest Packet Data Packet
  • 12. Packet format L3 • The name prefix is stored in the DST address field to exploit IP routing/forwarding of the requests • The name prefix is stored in the SRC address field as replies are not routed by name • SRC and DST in Interest/Data are valid IPv6 addresses (locators), i.e. identifiers of network interfaces Destination Address Name Prefix for Interest Packets Source Address Name Prefix for Data Packets Payload Length Next Header Hop Limit Flow LabelTraffic ClassVersion 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
  • 13. Packet format L4 • Use the TCP header by default • Keep SRC/DST ports • But also UDP header to carry a hICN L4 header • May be the long term approach as new transport services tend to be developed on top of UDP (LEDBAT, QUIC) Name Suffix Destination PortSource Port Path Label Checksum Lifetime 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 Data Offset Time Scale Loss Detection and Recovery M A N A C K S I G R S T S Y N F I N Name Suffix Destination PortSource Port Path Label Checksum Data Offset Time Scale Loss Detection and Recovery M A N A C K S I G R S T S Y N F I N ChecksumLength TCP UDP TCP-like OR
  • 14. Security: authentication and integrity • Authenticity and Integrity provided by using crypto signatures • Binds data, data name and producer identity. • Two signature envelops: a single data packet or the transport manifest • In the first case the signature is carried by the IP authentication header • In the second case the transport manifest is the only signed unit • Definition of L4 Manifest • A low level index of names of a collection of data packets • Carries hashes of data for integrity (e.g. SHA256) • Carries the signature of the manifest for authentication (Cipher text of the RSA256 using producer’s private key). L4 Header Payload L3 Header Data Packet AH Header L4 Header L3 Header L4 Manifest
  • 16. hICN protocol semantics: the interest path ingress Packet cache RX(Interest) name:=PARSE(Interest Packet) lookup(name, exact match) Data? yes no TX(Data, data.v6.dst:= interest.v6.src) drop egress Inter est yes same src? cache duplicate no IPv6 FIB forwarding strategy yes lookup(name prefix, longest match) TX(Interest, interest.v6.src:= interface.v6.addr) valid interfaces no match valid interfaces
  • 17. hICN protocol semantics: the data path egress Packet cache RX(Data) lookup(name, exact match) no ingress Inter est yes TX(Data, data.v6.dst:= interest[1].v6.src) Get all interests and evict TX(Data, data.v6.dst:= interest[2].v6.src) TX(Data, data.v6.dst:= interest[3].v6.src) drop cache name:=PARSE(Data)
  • 18. • hICN traffic requires a punting rule • Has to be efficient and easy to manage • AF_HICN putting using ACL • Explicitly flag hICN traffic, how? Port numbers? Punting hICN traffic Packetparser AccessControlList PuntingandPolicy Ingress VRF: hICN function Egress AddressTables
  • 20. • An INET like Socket API and a post-socket API • Unidirectional sockets: producer and consumers • Socket identifiers based on name prefixes • Segmentation and signature computation at the producer • Reassembly and signature verification at the consumer • DATAGRAM or STREAM transport • Reliable or unreliable • Support of current applications: HTTP, (S)RTP • Support (D)TLS and soon MLS (for group communications). Transport Layer and Socket API IP TCP, UDP HTTP, RTP hICN STREAM, DATAGRAM, RELIABLE, UNRELIABLE DASH, RTC
  • 21. Application ADU Forwarding Engine L3 PDU (I/D) Transport Socket Library Segmentation Authentication NamingIntegrity Reassembly Verification Flow ControlFetching Producer Services Consumer Services Routing and Forwarding Application Logic Transport Services
  • 22. Producer Socket Consumer Socket Interest Input Buffer Data Output Buffer Integrity Authentication Segmentation Naming Hit Miss Interests Application (e.g. HTTP Client) Interest Output Buffer Data Input Buffer Data Packets Integrity/Auth Check Reassembly Data Retrieval Protocol Interests Data Packets Application (e.g. HTTP Server) Interests can be satisfied directly at the transport layer
  • 23. ABR video distribution with HTTP cache
  • 24. WebRTC with a media bridge
  • 26. Implementation Status (v19.04) Network • VPP plugin implementing the packet forwarder • Socket-based app for end client (Windows 10, macOS 12.14, iOS 12, Android 8, Linux Ubuntu/CentOS) • NETCONF/YANG support using a sysrepo plugin • Network management and Telemetry • Mobility management. Transport • A user-space library implementing transport services • Reliable/Unreliable • Real-Time (Audio and Video) • Congestion control (Delay-Based, BBR) • Loss detection and recovery • a memif based connector to VPP • a socket based connector for the client packet forwarder. https://github.com/FDio/hicn
  • 27. Work in progress • Performance enhancements in the VPP plugin and the transport library • More supported applications • gRPC • BitTorrent • Control/Management plane • Routing • DHCP for name provisioning