Notes taken at the Second ACM Workshop on Hot Topics in Networks (HotNets-II) Cambridge MA, 11/2003 Barath Raghavan barath@cs.ucsd.edu These notes represent my thoughts during the talks given at the workshop and are very sparse. In several cases, I didn't take notes because I already knew the work or was unable to take notes for some other reason. Let me know if you find more complete notes on the workshop or have corrections to my notes. Session 1 --------- No notes. Session 2 --------- Enabling Large-scale Wireless Broadband: The Case for TAPs - poor coverage/cost for wifi hotspots and cell - soln - directional antennas to build backbone - tap infrastructure / mobile node infra. - fairness of access over multihop - new physical layer? - improve protocol use of existing capacity Q free space optics? A sure Q are there some short term, some long term goals? A not sure Q ricochet? A bad marketing.. Q why low power in 802.11? A standard somewhat arbitrary, but some places limit power A interference Turning 802.11 Inside-Out - building wide area network with directional 802.11 - what is the path loss? - multipath echo, etc. outdoor harder - need power - solar panel? - don't need to have spectral eff. -> cost eff. - need to handle multiple directional antenna at one location (inter.) - channel allocation issues - directional capacity allocation - topology planning, config. + dyanmic topo. - what is the right regulation? - need to optimize things right for developing world. Q adapt available bw to power available (or use a battery) A can't just use a battery, and might not have power for days the trans. power isn't the bw in use, more the hardware Q what about policy isues / using the right protocol A not sure Q wondering about decreasing total sys. cost rather than base stations A 802.11 is so much cheaper Q maybe routing protocols aren't needed (big ones) A not sure Session 3 --------- Preventing Internet Denial-of-Service with Capabilities - require network cooperation - packets carry tokens allowing src->dst - rts/cts for comm. - hash chain to feed back tokens for subsequent sends - protect rts channel Q packet transforms A problem. Q might not solve the problem pushback doesn't solve problem? A congestion control in the network isn't addressed here a solution must be at every step Q virtual circuit approach similarity? A it is similar to virt. cir., but not to address DoS. Q how can it be deployed? what is the incentive? A not sure Q diff between virt. cir. and this is that there is no identity so you can share tokens A deploy everywhere, and then you can limit traffic Q IDS systems might still be needed A can identify traffic now, which is better than before Q does this just introduce application-level know. at rts/cts servers? A not everything needs app-level... Taming IP Packet Flooding Attacks - same position: let end hosts stop attacks in the network - white list with i3 - isolate traffic with i3 by publishing different ids for diff. services - protect existing conn. by requiring capcha to get trigger for server Q does it address the doomsday scenario? A no, but nothing really can. Q would the i3 arch be protected? A it would have to be. Q attacks on the network shouldn't be handled at end host, and net has better perspective A yes for 1, no for 2 Honeycomb - Creating Intrusion Detection Signatures Using Honeypots - analyze traffic coming into honeypots - reassemble stream, generate sigs - detected slammer Q could polymorphic get around it? A it could Q what about tricking the system into getting legit. traffic filtered A maybe. The Dark Side of the Web: An Open Proxy's View - wanted to build an academic cdn to protect against ddos - cdn network of proxy servers on planetlab - lots of problems Session 4 --------- Repeatable and Realistic Wireless Experimentation through Physical Emulation - building a physical emu. with a emulated physical layer - emu is better than sim at accuracy of hardware - experiments show accurate behavior of physical layer Q not better than sim A it is Opportunistic Routing in Multi-Hop Wireless Networks - take adv of density + broadcast to get packets further once in a while - assume - density, distance v. reception, uncorrelated loss - slotted acks from candidate destinations Q what's the end-to-end improvement? A implementation will provide this Q have overlapping networks in the same space A point is to take advantage of broadcast medium Q candidate selection hard. what density works? A usually better with more than 1 receiver. have different levels of candidates in terms of risk Q doing a rts/cts? A rts/cts doesn't work, because it requires predicting who will deliver Q energy efficiency tradeoff vs. decreasing # tx A sure. Q cell issues in gupta and kumar A roofnet attenuating due to obstacles MAC-Layer Anycasting in Wireless Ad Hoc Networks - forward to one node as directed by the set given by the routing layer - used first in directional case - use power control to avoid collision Q mobility experiments? proactive bad for high mobility A not sure Q anycast confusing. really anyforwarding. Q route layer should know what next hops are chosen first; route layer might want to do load balancing A not sure Session 5 (Panel) --------- No notes. Session 6 --------- Decoupling Policy from Mechanism in Internet Routing Q What don't you want to happen? Can you express negative preferences? A Don't want to tie the ISPs hand Q Don't get how policy translates into what router does? A Capabilities don't express what policy is. Only hand cap. given policy Q How do you translate policy to cap. A Hand them a capability. Q How would I express a backup policy? A The right set of caps. Q If a lot of failures are due to policy, then you're giving more power than needed, rather than finding the best route A Yes, that's a different problem Practical Verification Techniques for Wide-Area Routing - Need to be able to verify bgp policy configuration - Challenges in building a verification tool - FSM based check for reachability - Check inter-as policy based on control graph Q How many errors are static (single-box) and how many are across multiple boxes (but are static) and how many are intention-based A There are some that you can catch are config-time. Not sure how much. A (jrex) Many are things that are intention-based, but the intention was somewhat wrong. Some can be caught statically. Q Seem like IOS bugs, not BGP. Q Most interesting things that are problems at both ends Q Router config. - it wasn't designed for inexperienced folks. People want to do things that violate invariants of the architecture, so the little tuning tools. Q Protocol - very little that can be done that looks like BGP. Point was that policy isn't expressed inter-AS. Q If new features come into BGP, how do we handle new rules? New features require new verification. A As new features are created Unmanaged Internet Protocol - IP is wrong for edge networks - Unmanaged IP - no central authority to hand out addresses, no maintenence for forwarding, handles mobility - DHT-based approach possible - Source routes in DHT Q how would you deploy/test? A it runs as a daemon that can provide uip service to apps Q stretch factor of 2 over what? A synthetic networks that represent deployment scenarios Q how do you discover direct links? A just try talking directly. Q when do you *not* want to have network connectivity? how would you implement policy? A not proposing constant connectivity, just should be easy Q have you read FARA? do we need another ID space? do we need anything beyond IP? A we don't necessarily need another id space, but we don't have a flat namespace. Session 7 --------- Unveiling the Transport - Extending sockets - How to do tcp migration at user level? - Expose transport protocol state, not impl. details Q people might want to dump the transport state Q this has been addressed as a session layer thing A we don't want people to change things significantly Q adaptation require end-to-end machinery to do useful things more useful things might be wanting to change the way the transport protocol to get it to do something A sure, but it may affect the state you'd have to export Q what about user-level TCP? A sure, but there are reasons for doing it in the kernel Q don't understand about getting unacked data. A performance implication of data that hasn't been moved Q TLS? A dunno. Q how does the checkpoint/recovery scenario work? A doesn't really A Case for Run-time Adaptation in Packet Processing Systems - No notes. Practical, Distributed Network Coordinates - No notes. Session 8 --------- Exposing Resource Tradeoffs in Region-Based Communication Abstractions for Sensor Networks - programming sensor networks - bw and energy to do in-network processing - spacial coordination - resource consumption vs. accuracy - over an abstract region, do tuple space set/get - aggregate over local values - expose the tuning knob to adjust accuracy v. energy - object tracking, for example, is easy using prog. model - contour detection (finding a cut) Q what's your api? A form a region; retrieve variables; get keys; pass keys to an operator / reductions Q what are the properties of planar meshes - why one alg. A the alg. is simple and works well. Coping with irregular spatio-temporal sampling in sensor networks - can you make assumptions about node distribution and time sync - how do you deal with lag and skew for time series data Q weighting to (voronoi) not clearly better A if it's smooth, then yes Q what's the general lesson here? A that irregularity is hard. also, if you exploit irreg. it might work better than regularity sometimes. Should we build Gnutella on a structured overlay? - use a hybrid approach - flood a query by tagging each query with a routing table row, and only forward a message to rows with higher numbers (like lock taking policy) - structure to reduce overhead - unstructured to do queries Q why can't a pure DHT thing like overnet work? A it can, but it's not as general Q why not use location cache to direct queries to those with more capacity A we are proposing to do this Q what additional benefit is there by introducing structure? how does heterogeneity in the real-world do? A Gia Q what about asymmetric network failure A it's a problem, but it's not a big problem A Case for Testbed Embedding Services - how do you make real testbed experiments accurate? - how do you find a topology that matches the requested constrained topology - hard problem, but it might work for small nets - reducing measurements - hard to find cliques on planetlab that are separated by big gaps Q is it a good idea to simulate things with specific topo when the point of planetlab is the internet A you sometimes want that, so you'd have to hand-pick things Q sometimes you want things that violate your topology A yes. Q how about arbitrary predicates A yes, because it's brute force search, but it's harder to prune