FRANCAIS

ABOUT THE
INTERNET SOCIETY
ISOC Mission Statement
Membership

CONFERENCE OVERVIEW
Working Party
RealVideo Broadcast
Mbone Broadcast
At-a-Glance
Program
Conference and Program
   Committees
Geneva and Palexpo
Call for Papers
Plenary Speakers
Evening Events
Internet Access Room
BOF Meetings
Pre-Post Tours
Chapter Activities
Internet Related Meetings
Reports From The   Conference

PRE-CONFERENCE EVENTS
K-12 Workshop
Developing Countries Networking Symposium
Technical Tutorials
Network Training Workshops

SPONSORSHIP + EXHIBITION
Invitation to Sponsors
INET'98 Sponsors
Previous INET Sponsors
Sponsor Benefits
Exhibition Hall

MEDIA/PRESS
Press Releases
Media Accreditation and Form
Official INET'98 Publications

REGISTRATION, HOUSING, TRAVEL
Registration Information and Form
Hotel Information and Form
Tour Information and Form
Airline Travel

HELP PROMOTE INET'98

Organizations/Companies Displaying the INET'98 Logo

FREQUENTLY ASKED QUESTIONS

Reports

These reports, written by volunteers, summarise information for people not able to attend the sessions. Their comprehensiveness and accuracy are not guaranteed. For more information, please contact the presenters directly. Their e-mail addresses are available at http://www.isoc.org/inet98/program.shtml

Track 6: Network Technology and Engineering

Panel: Active Networks

By Paul Gillingwater, 22 July 1998

What is an active network? According to Richard A. Carlson of Argonne National Laboratories, it’s the next big thing that could replace the current Internet architecture. Traditional networks use source and destination addresses to help packets find their way, but this is very much a passive operation, with devices known as "routers" actually doing all the work. Packets themselves are sent on their way based on the best available route to their destination, which is encoded in their header. The next generation of "Active Networks" takes a different approach, where each packet is smart — embedded within the header is a small piece of program code, which allows the packet to decide where, and more importantly how, it should go through the network.

In order to test these new types of networks (and allow researchers to try out many other types of new networking techniques), Argonne has built the MORPHNet ( http://www.anl.gov:80/ECT/Public/research/morphnt2.htm ), which is intended to allow production network operations (such as e-mail, web and backups) to co-exist peacefully with developers and network researchers.

Another challenge they faced was to build and deploy test networks that could easily be migrated into production, once they were sufficiently stable. In order to achieve this, several layers of network infrastructure had to be considered. Starting with the hardware, Argonne selected Dense Wave Division Multiplexing along with Sonet block multiplexing to keep signals separate within the optical fiber paths that form the backbone of their net. On top of this they provide ATM (Asynchronous Transfer Mode) at the media layer, to provide control over Quality of Service (QOS) and both virtual and permanent paths. The bearer service is presently IPv4, but of course IPv6 and other non-IP protocols can also be used.

A key goal of the project was to ensure that any experimental network protocol that might accidentally "run amok" would not adversely affect the normal 24 hour a day production applications, and vice versa, so that sufficient bandwidth would be available for researchers during heavy production runs such as backups. This was partly achieved using multiple SONET channels to guarantee separation. Achieving this segmentation of infrastructure, with a single application as the point of control, requires considerable cooperation with the hardware vendors of the switches and routers, as well as the Telcos for the wide area networking. The issues of QOS (both requesting and verification) needs some form of cross-layer signaling, combined with a mechanism for encoding and enforcing policy, which the MORPHNet architecture attempted to address. In summary, users and network administrators need and want more control, and building "object-based" active networks with smart packets is one potentially effective way to give it to them.

The second speaker was Hilarie K. Orman, from Defense Advanced Research Projects Agency. Originally one of the developers of the Internet and related technologies, DARPA has shown that it is actively pursuing key research into future networks with this presentation, which focused on the concept of "Active Packets." (The speaker showed an amusing graphic depiction of flying Turing tapes, each with a payload of data, and jokingly explained that the project had already shown a positive financial return in the number of Tee-shirts with that picture sold to other researchers.)

The DARPA vision of Active Networks (http://www.sds.lcs.mit.edu/darpa-activenet/) is "Networks that turn on a dime." ( http://www.darpa.mil/ito/research/anets/index.html   ). Such networks must be capable of rapid reconfiguration on the fly, allowing them to be responsive to the needs of its applications. To achieve this, additional computation is placed into the network, by associating small programs with each packet of data. The tradeoffs (in terms of computational load, latency and increased packet size) seem to be compensated for by the benefits of offering smarter services, especially as new technologies (such as wireless LANs) become more sophisticated, with more demanding applications.

Traditional packet switching is the basis for most current Internet networking, which is passive, address-based routing with all packets treated the same way. In Active Networks, the Active Packets carry "how" information. These delivery instructions are called a "method", and methods are applied to the data they accompany by being executed within network devices such as routers or switches.

An example of where Active Networks may be beneficial is with a multicast videoconference that links participants in many different locations. The packets associated with that application could be sent out onto the network containing the instructions necessary to adjust bandwidth and quality of service dynamically, in order to ensure the optimum usage of the network resources. Other types of dynamic methods could be applied to eligible packets, depending upon the demands of the application, such as caching, error correction, data compression and of course encryption.

The Active Networks research group is developing detailed high-level specifications in three areas: Node Architecture, API and Development tools, Security Architecture.

One final example of a smart packet at work is a traceback using Active Packets to the source of a denial-of-service attack on the Internet. Such an Active Packet would find its way to the router nearest to the origin of the attack, requesting a small filter or firewall to be dynamically installed in that router to prevent future attacks.

The third speaker was Christian Tschudin of the University of Zuerich, Switzerland. He described work that has been going on in Zuerich since 1993, under the "Messenger Project." This features a mobile program (typically less than 1500 bytes in size, around the size of a typical Ethernet packet), written in a purpose-developed language called M0.

The messenger project has been quite successful, establishing several nodes in Japan, the USA and Europe, of the Active Networking ( http://cuiwww.unige.ch/tios/msgr/msgr.html   ). Messengers are "autonomous flows of control that can spawn across the network." Starting with a "stupid network", messengers are like a germ or worm that propagate across the network, copying themselves from node to node to deploy services throughout the network. In this model, a single Messenger contains (DNA-like) all the information necessary to replicate itself, and even if all the nodes but one in the network were purged, it would begin again to re-deploy itself.

A crucial finding of the Messenger Project was that the network should start as dumb as possible, thereby reducing biased choices, and that all services should where possible be deployed as mobile code. At this point, Mr Tschudin drew parallels from the Science Fiction world of Star Trek, contrasting the centralized control of the "Borg" against the co-operative collective of the "Federation." Using this model, he identified two areas where some choices needed to be made in advance of messenger deployment, that is, security and resource allocation.

Security appears to impose choices about the trust and authenticity of both packets and nodes. Such authentication, which could be implemented by "hardening" packets with both encrypted contents and methods, was generally computationally expensive, but necessary where a network is not under complete control. Resource allocation, which was identified as probably the most difficult and urgent problem of Active Networks, looks at questions of Quality of Service, and how much of a esource a packet could consume (where resources might include bandwidth, cache RAM, computation capability or certificate administration.)

The essential solution to the resource issue seems to be based on an economic model, where the packet equivalent of money (in terms of Teleclicks, a TTL counter or even out-of-band reservation) dictates how packets could negotiate for resources. Such use of artificial money could be vital as both a signaling mechanism, and as an audit function for possible linking to "real" money.

The final speaker, Ian Wakeman from the University of Sussex, presented a new programming language called "Safetynet", which was developed from the ground up as a semantically safe and strongly typed language for implementation of the methods within Active Packets. Using the latest analytical and semantic techniques of Higher Order Programming, Wakeman and his colleagues developed a design for a language which makes key assumptions about its environment, and that forces most of the important checking to be done at the compilation stage, rather than at run-time.

After thinking seriously about how the Internet presently operates (accompanied by a few beers in the local pub), the team developed guidelines for the language design that excluded the possibility to modify routing or IP addressing, that took into account the dynamic (i.e., failure prone) nature of today’s Internet, and that seeks to protect resources against unintentional program effects during run-time. Bugs (or even malicious code) in an Active Network program should not be able to over-consume or destroy resources shared with other applications. By enforcing very strong typing at the compile stage, the Safetynet language seeks to replace run-time checking with static checking as much as possible, and to fix important policy into programs up front, thereby resulting in higher performance and safer code. The language design is now finalized, and a prototype compiler (producing Java code) is nearing completion.

In summary, this session, with its four capable speakers, offered an excellent introduction to the field of Active Networking, with some very interesting examples of techniques and methodologies that will be crucial to the success of "smart packets" in making future networks more responsive to the needs and choices of users.