Page last updated on Feb 15, 2016
Webmaster only:
|
My research activity is focused on the study of Internet routing, both within the network of a single ISP and with respect to interdomain routing with the
Border
Gateway Protocol (BGP).
The overwhelmingly complex nature of the Internet system, consisting of
slightly less than fifty
thousand ASes, makes it very interesting to study the behavior of BGP. However, this is not my only area of interest. A selection of my research topics follows.
-
Software-Defined Networking
Software-Defined Networks (SDNs) are being more and more extensively adopted in several contexts (data centers, Internet Exchange Points, etc.). The main advantage of Software-Defined Networking is the separation between data plane functionalities, which are implemented by high-efficiency hardware, and the control plane logic, which is realized by a piece of software that usually runs on a separate machine. Network devices (datapaths) only need to execute basic packet handling rules, consisting of a bitmask matched against the headers of incoming packets and a set of actions to be applied to matching packets (e.g., forward, drop, manipulate).
This empowers network operators to customize routing policies in a very flexible way, while ensuring scalability because datapaths can store packet handling rules in flow tables and apply them autonomously. The most widely adopted implementation of the SDN paradigm has been standardized by theĀ Open Networking Foundation under the OpenFlow specification.
Research in this field develops along at least two branches. The first one is the investigation of the applicability of state-of-the-art approaches proposed in the literatute to realize specific network architectures (e.g., Internet Exchange Points) on currently available hardware. Besides publicly documented limits that affect vendor-specific implementations of the OpenFlow specification, there are also gaps between the features declared as supported and the functions that are actually usable on a device. Unveiling this gap and assessing its impact on the applicability of SDN literature is the main goal of this line of research.
The second branch consists in simplifying the deployment of existing network architectures (e.g., Virtual Private Networks) by taking advantage of the flexibility and centralized control introduced by SDN. Besides this, novel network architectures that can only be realized with SDN technologies are also explored.
-
Algorithms for Internal Routing in an ISP Network
Internal routing inside an ISP network is the foundation for lots of services that generate revenue
from the ISP's customers. A fine-grained control of paths taken by network
traffic once it enters the ISP's network is therefore a crucial means to
achieve a top quality offer and, equally important, to enforce SLAs. Many
widespread network technologies and approaches (most notably, MPLS) offer
limited (e.g., with RSVP-TE), tricky (e.g., with OSPF metrics), or no
control on internal routing paths. On the other hand, recent advances in the
research community are a good starting point to address this shortcoming,
but miss elements that would enable their applicability in an ISP's network.
The goal within this research area is to introduce a new control plane for
internal routing that has the following qualities: it is designed to operate
on the internal routing of an ISP; it enables fine grained management of
network paths with suitable configuration primitives; it is scalable because
routing changes are only propagated to the network portion that is affected
by the changes; it supports independent configuration of specific network
portions without the need to know the configuration of the whole network; it
is robust thanks to the adoption of multipath routing; it supports the
enforcement of QoS levels; it is independent of the specific data plane used
in the ISP's network; it can be incrementally deployed and nicely coexist
with other control planes.
-
Monitoring of MPLS VPNs and VPLS
In order to interconnect different geographically scattered sites of an ISP, a network provider can set up its backbone network to offer a transit service, by means of suitable technologies (typically, MPLS VPNs and VPLS). With the goal of offering a high quality of service, it is of paramount importance that these technologies operate continuously and efficiently. A fundamental role to pursue this goal is played by the activity of monitoring the network state.
Although there are several tools around, also commercially available, that support this activity, most of them fail in effectively combining the following features: ability to observe the effects of a particular network event (fault, configuration change) on the whole network; non intrusiveness of the monitoring process; interoperability, based on the adoption of standard technologies; compatibility with different technologies being monitored; intuitive graphical visualization of the history of the network status. This research direction aims at proposing a methodology and a tool to address these shortcomings.
-
AS-level network topology
A fundamental piece of information to be taken into account when analyzing the
behavior of routing protcols is the topology of the network they operate on.
Unfortunately, this information is often difficult to collect and, for the case
of BGP, hard to obtain even in the presence of multiple observation points
(looking glasses or
route servers). This
is due to the action of configuration policies that, for different reasons, can
filter out or alter routing information before it is gathered at route
collectors. This typically makes the view provided by projects such as the
RIPE
Routing Information Service (RIS) or the
University of Oregon
Route Views unable to capture some portions of the Internet.
My research activity in this context aims at devising effective and efficient
techniques to augment the view of route collectors and looking glasses by discovering
normally unobserved Autonomous Systems and links. This is achieved through two
complementary approaches.
One is to actively probe the network by using standard BGP updates. Not only
this allows to reveal hidden ASes and peerings, but it also enables to explore
routing behaviors in the presence of alternative (e.g., backup) scenarios. As
investigations are performed in stable routing states, the proposed techniques
do not necessarily rely on the availability of route collectors (i.e., looking
glasses are enough). Experiments in the IPv6 and IPv4 Internet show the
effectiveness of this approach and prove that it does not have harmful
operational impacts.
The other approach considered in my research is to process the information
contained in the Internet Routing Registry (IRR), a distributed archive that tracks
the allocation of Internet resources (AS numbers, IP addresses) and documents
BGP configurations. Information in the IRR is maintained on a voluntary
basis, and is therefore subject to different kinds of inaccuracies. The goal in
this context is to define a methodology and a tool that allows to dig useful
information out of the IRR. The kind of information that is primarily addressed
is AS level topology, and an on-line service which
extracts BGP peerings from the IRR on a daily basis is currently available.
-
Inference of commercial relationships between ASes
The setup of BGP peerings involves the configuration of routing policies to
accommodate requirements that may have very little to do with the optimization
of routing metrics. Often these configuration policies are used in order to
enforce the fulfillment of commercial agreements.
The knowledge of which commercial agreements are established between Autonomous
Systems would be useful for operators to facilitate the debugging of routing
issues and to better choose upstream providers and for researchers to build
more realistic theoretical models.
Unfortunately, since commercial relationships are deemed critical for the
economical strategies of Internet Service Providers, the routing policies that
implement them are not publicly accessible. For this reason, inference
algorithms have been designed in order to obtain them starting from BGP routing
data.
-
Interdomain traffic engineering
While commercial agreements often impair the attainment of optimal routing, other requirements such as load balancing and equal distribution of link costs may be likewise important to ensure an efficient operation of the network. Such requirements are implemented by adopting configuration settings that are typically the result of the application of traffic engineering techniques.
One technique to perform traffic engineering on a large scale is to tune outgoing BGP announcements to shift traffic seasonably among the upstream links of an Internet Service Provider. In particular, this can be achieved by artificially inflating the length of the AS-path sent along with BGP announcements so as to discourage other Autonomous Systems from using a certain link (probably because its capacity is lower or its cost is higher). This inflation technique is known as AS-path prepending and is widely adopted in the Internet.
Several traffic engineering approaches rely on the trial-and-error principle of observing the impact of different prepending assignments in order to find the one that best fits the cost and load requirements sought for. Performing several attempts takes time and may affect the operation of the network, as oscillation prevention mechanisms (such as route flap dampening) may be triggered. My research in this field is aimed at eliminating the need to perform several attempts, by proposing models and algorithms to compute optimal prepending assignments in an offline fashion. This approach accommodates a variety of possible objective functions, and is conceived to take into account scalability aspects as well as to deal with the shortage of observable information that is typical of interdomain routing.
-
Interdomain routing policies and routing stability
Once topological information about a network at the Autonomous System level is known, it is interesting to investigate on the configuration policies that are adopted on the network. Not only the knowledge of routing policies would help in better debugging routing anomalies, but it would also help in designing configurations that provide for more effective traffic distribution and more resilient network operation while ensuring global routing consistency.
As for this topic, I have been studying techniques that, based on BGP probe messages, allow to infer the level of preference associated to different AS-paths as well as to determine whether arbitrarily chosen, and possibly never observed, routing paths may be used in alternate routing scenarios (for example, in case of node or link failures).
Policy opaqueness with respect to other ASes may also lead to inconsistently configured routers. In the worst case, these inconsistencies may lead to the selection of unpredictable routing paths or, even worse, to persistent oscillations of the routing choices. While the stability of BGP has been long studied, it is still unclear which are the relationships among the different approaches proposed in the literature. My research in this area aims at filling the gap between different models and methodologies by clarifying their common aspects and describing properties that hold under a common model. Also, my interests include defining a model that can be used to efficiently point out potential routing inconsistencies.
Interdomain routing changes are sometimes due to natural disasters or improper device reconfigurations. While the connection between the routing change and the causing event can be evident if there is previous knowledge of their consequentiality, it is very difficult to associate the two based on the sole observation of BGP routing data. However, there are models and systems that are explicitly aimed at seeking the root cause of routing events. My activity includes integrating an existing system with capabilities to combine live routing information with static information from the Internet Routing Registry.
-
Emulation of computer networks
Network models devised by theoretical tools often require a validation phase to ascertain their effectiveness in reproducing real world scenarios. On the other hand, network administrators are usually interested in having a way to test new configurations before deploying them on a production network and without disrupting the operation of their existing infrastructure.
This is where network emulation comes into play. I am currently participating in the development of Netkit, a lightweight network emulator based on User-Mode Linux. With respect to other emulators, Netkit offers an environment to support an easy setup of complex networks consisting of several virtual nodes running on a single workstation. The emulated networks can then be easily redistributed to reproduce the same experience on a different workstation. The user interface is designed in such a way to make the setup of emulated scenarios straightforward and to relieve users of the need to deal with the configuration settings of the emulator rather than those of the network. Netkit also ships with a set of ready-to-use virtual "labs" that allow to quickly experiment with interesting case studies involving switching, routing, application level services (e.g., DNS, e-mail), as well as other topics. The labs come together with a corpus of lecture slides that explain in detail the scenario being emulated and propose experiments that can be interactively performed on it.
-
Techniques for passive and non-intrusive measurements
Network customers negotiate contracts with Internet Service Providers in order to establish Service Level Agreements (SLAs). Such agreements define the quality of the provided connectivity service in terms of performance indicators such as delay, jitter, and packet loss.
Failure to comply to the SLAs results in penalties for the violating party, therefore constant monitoring of the performance indicators is very important. This is usually achieved by using either active or passive systems. Active systems inject additional probe packets in the network under measurement: this, besides perturbing the network itself, only allows to perform the measurement on the extra traffic, and establishes a strong dependence between the probe rate and the quality of the measurement.
On the other hand, passive systems do not inject extra traffic, but also suffer from limits in the possibility to exchange information between endpoints: this is often worked around by resorting to an additional off band communication channel or by reducing the amount of information to be exchanged by means of sampling.
My research in this field aims at overcoming the limits of both the active and the passive approaches. In order to achieve this, we exploit some bits of network packets that are always transmitted but normally not considered by any devices along a network path. This technique is commonly known as "covert channel", and we exploit it to propose a passive and non-intrusive method to measure performance indicators.
-
RFID
RFID (Radio Frequency IDentification) technologies include devices, protocols,
and communication software aimed at automating the processing of identification
information acquired by proximity. An RFID communication system exploits radio
signals to read/write to an electronic "tag" (typically, a label with a
microchip and an antenna, or a sensor equipped with a radio transceiver). The
information retrieved from a tag can then be processed and stored by using a
suitable middleware.
Part of my research is aimed at studying solutions to make
handling of RFID data secure, with particular reference to the context of
freight transportation. Because of the crucial role of RFID systems for
logistics, having a means to make RFID communication secure is a significant
improvement.
|