Alan Shieh
Andrew C. Myers
Emin Gün Sirer
Abstract
Traditional operating system interfaces and network protocol implementations force some system state to be kept on both sides of a connection. This state ties the connection to its endpoints, impedes transparent failover, permits denial-of-service attacks, and limits scalability. This article introduces a novel TCP-like transport protocol and a new interface to replace sockets that together enable all state to be kept on one endpoint, allowing the other endpoint, typically the server, to operate without any per-connection state. Called Trickles, this approach enables servers to scale well with increasing numbers of clients, consume fewer resources, and better resist denial-of-service attacks. Measurements on a full implementation in Linux indicate that Trickles achieves performance comparable to TCP/IP, interacts well with other flows, and scales well. Trickles also enables qualitatively different kinds of networked services. Services can be geographically replicated and contacted through an anycast primitive for improved availability and performance. Widely-deployed practices that currently have client-observable side effects, such as periodic server reboots, connection redirection, and failover, can be made transparent, and perform well, under Trickles. The protocol is secure against tampering and replay attacks, and the client interface is backward-compatible, requiring no changes to sockets-based client applications.
- Allman, M., Paxson, V., and Stevens, W. 1999. RFC 2581: TCP Congestion Control. Google Scholar
Digital Library
- Aura, T. and Nikander, P. 1997. Stateless connections. In Proceedings of the International Conference on Information and Communication Security. Beijing, China, 87--97. Google ScholarDigital Library
- Ballani, H. and Francis, P. 2004. Towards a deployable IP anycast service. In Proceedings of the Workshop on Real, Large Distributed Systems. San Francisco, CA. Google ScholarDigital Library
- Banga, G., Mogul, J. C., and Druschel, P. 1999. A scalable and explicit event delivery mechanism for UNIX. In Proceedings of the USENIX Annual Technical Conference. Monterey, CA, 253--265. Google ScholarDigital Library
- Bavier, A., Bowman, M., Chun, B., Culler, D., Karlin, S., Muir, S., Peterson, L., Roscoe, T., Spalink, T., and Wawrzoniak, M. 2004. Operating systems support for planetary-scale network services. In Proceedings of the Symposium on Networked Systems Design and Implementation. San Francisco, CA. Google ScholarDigital Library
- Bernstein, D. 2005. SYN Cookies. http://cr.yp.to/syncookies.html.Google Scholar
- Bloom, B. H. 1970. Space/time tradeoffs in hash coding with allowable errors. In Commun. ACM. Google ScholarDigital Library
- Braden, R. 1994. RFC 1644: T/TCP -- TCP Extensions for Transactions. Google ScholarDigital Library
- Carson, M. and Santay, D. 2005. NIST Net. http://www-x.antd.nist.gov/nistnet.Google Scholar
- Chakravorty, R., Banerjee, S., Rodriguez, P., Chesterfield, J., and Pratt, I. 2004. Performance optimizations for wireless wide-rea networks: comparative study and experimental evaluation. In Proceedings of the International Conference on Mobile Computing and Networking. Philadelphia, PA. Google ScholarDigital Library
- Crane, D., Pascarello, E., and James, D. 2005. Ajax in Action. Manning Publications, New York, NY. Google ScholarDigital Library
- Daemen, J. and Rijmen, V. 1999. AES Proposal: Rijndael. http://csrc.nist.gov/encryption/aes/rijndael/Rijndael.pdf.Google Scholar
- Ely, D., Spring, N., Wetherall, D., Savage, S., and Anderson, T. 2001. Robust congestion signaling. In Proceedings of the International Conference on Network Protocols. Riverside, CA, 332--341. Google ScholarDigital Library
- Fan, L., Cao, P., and Almeida, J. 1998. Summary cache: a scalable wide-Area Web cache sharing protocol. In Proceedings of ACM SIGCOMM. Vancouver, Canada. Google ScholarDigital Library
- Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., and Berners-Lee, T. 1999. RFC 2616: Hypertext Transfer Protocol -- HTTP /1.1. Google ScholarDigital Library
- Floyd, S. 1991. Connections with multiple congested gateways in packet-switched networks part 1: one-way traffic. SIGCOMM Comput. Commun. Rev. 21, 5, 30--47. Google ScholarDigital Library
- Gupta, R., Chen, M., McCanne, S., and Walrand, J. 2000. A receiver-driven transport protocol for the web. In Proceedings of the INFORMS Telecommunications Conference. San Antonio, TX.Google Scholar
- Hacker, T. J., Noble, B. D., and Athey, B. D. 2002. The effects of systemic packet loss on aggregate TCP flows. In Proceedings of IEEE/ACM Supercomputing. Baltimore, MD. Google ScholarDigital Library
- Hsieh, H.-Y., Kim, K.-H., Zhu, Y., and Sivakumar, R. 2003. A receiver-centric transport protocol for mobile hosts with heterogeneous wireless interfaces. In Proceedings of the International Conference on Mobile Computing and Networking. San Diego, CA. Google ScholarDigital Library
- Jain, R. 1991. The Art of Computer Systems Performance Analysis: Techniques for Experimental Design, Measurement, Simulation, and Modeling. John Wiley and Sons, Inc.Google Scholar
- Juels, A. 1999. Client puzzles: a cryptographic countermeasure against connection depletion attacks. In Proceedings of Networks and Distributed Security Systems. San Diego, CA.Google Scholar
- Krishnamurthy, B., Mogul, J. C., and Kristol, D. M. 1999. Key differences between HTTP/1.0 and HTTP/1.1. In Proceedings of the World Wide Web Conference. Toronto, Canada. Google ScholarDigital Library
- Lemon, J. 2001. Kqueue: a generic and scalable event notification facility. In Proceedings of the USENIX Annual Technical Conference. Boston, MA. Google ScholarDigital Library
- Mogul, J., Brakmo, L., Lowell, D. E., Subhraveti, D., and Moore, J. 2004. Unveiling the transport. SIGCOMM Comput. Commun. Rev. 34, 1, 99--106. Google ScholarDigital Library
- National Internet Measurement Infrastructure. 2005. Distribution of packet drop rates. http://www.icir.org/models/NIMI-drop-rates.ps.Google Scholar
- Pai, V. S., Druschel, P., and Zwaenepoel, W. 1999. IO-Lite: a unified I/O buffering and caching system. In Proceedings of the Symposium on Operating Systems Design and Implementation. New Orleans, LA. Google ScholarDigital Library
- Patel, P., Whitaker, A., Wetherall, D., Lepreau, J., and Stack, T. 2003. Upgrading transport protocols using untrusted mobile code. In Proceedings of the Symposium on Operating Systems Principles. Bolton Landing, NY. Google ScholarDigital Library
- Rost, S., Byers, J., and Bestavros, A. 2001. Cyclone server architecture: streamlining the delivery of popular content. In Proceedings of the International Workshop on Web Caching and Content Distribution. Boston, MA.Google Scholar
- route|daemon9. 1998. T/TCP vulnerabilities. Phrack Magazine 8, 53.Google Scholar
- Savage, S., Cardwell, N., Wetherall, D., and Anderson, T. 1999. TCP congestion control with a misbehaving receiver. SIGCOMM Comput. Commun. Rev. 29, 5, 71--78. Google ScholarDigital Library
- Semke, J., Mahdavi, J., and Mathis, M. 1998. Automatic TCP buffer tuning. In Proceedings of ACM SIGCOMM. Vancouver, Canada. Google ScholarDigital Library
- Shieh, A., Myers, A. C., and Sirer, E. G. 2005. Trickles: a stateless network stack for improved scalability, resilience, and flexibility. In Proceedings of the Symposium on Networked Systems Design and Implementation. Boston, MA. Google ScholarDigital Library
- Snoeren, A. C. 2002. A session-based approach to internet mobility. Ph.D. thesis, Department of Electrical Engineering and Computer Science, Massachusetts Institute of Technology.Google Scholar
- Standard Performance Evaluation Corporation. 1999. The SPECweb99 benchmark.Google Scholar
- Stoica, I. 2000. Stateless core: a scalable approach for quality of service in the internet. Ph.D. thesis, Department of Electrical and Computer Engineering, Carnegie Mellon University. Google ScholarDigital Library
- Sultan, F. 2004. System support for service availability, remote healing and fault tolerance using lazy state propagation. Ph.D. thesis, Division of Computer and Information Sciences, Rutgers University. Google ScholarDigital Library
- Sultan, F., Bohra, A., and Iftode, L. 2003. Service ontinuations: an operating system mechanism for dynamic migration of Internet service sessions. In Proceedings of the Symposium on Reliable Distributed Systems. Florence, Italy.Google Scholar
- Sun Microsystems. 1989. RFC 1094: NFS: Network File System Protocol Specification. Google ScholarDigital Library
- Zúquete, A. 2002. Improving the functionality of SYN cookies. In Proceedings of the IFIP Communications and Multimedia Security Conference. Portoroz, Slovenia. Google ScholarDigital Library
Index Terms
- A stateless approach to connection-oriented protocols
Recommendations
An end-middle-end approach to connection establishment
SIGCOMM '07: Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communicationsThe current model for flow establishment in the Internet: DNS Names, IP addresses, and transport ports, is inadequate. Not all of the problem is due to the small IPv4 address space and resulting NAT boxes. Even where global addresses exist, firewalls ...
Implementation of stateless transport protocols in ns-3
WNS3 '15: Proceedings of the 2015 Workshop on ns-3Development of transport protocols has received a great deal of attention of network research community at several past decades. One of the general directions of such an effort was to improve a congestion control mechanism of the TCP (Transmission ...
An end-middle-end approach to connection establishment
The current model for flow establishment in the Internet: DNS Names, IP addresses, and transport ports, is inadequate. Not all of the problem is due to the small IPv4 address space and resulting NAT boxes. Even where global addresses exist, firewalls ...
Comments