Abstract
Middleboxes, such as firewalls, NATs, proxies, and application accelerators are known for their undesirable implications on traffic (mainly due to packet headers or payload modifications) and for hindering connection establishment when certain protocols are in use (e.g., UDP, SCTP).
Since many of these implications occur in middleboxes within ISPs or cellular networks, we present a software-defined network (SDN) architecture that can foster the collaboration between end-hosts and ISPs. In particular, an end-host can express a desirable behavior from the network, specified as an invariant (e.g., no IP header or payload modification), and the ISP, in turn, can establish a connection through middleboxes that preserve this invariant. We discuss the proposed architecture and the requirements for invariant preserving middlebox traversal. We further propose an algorithm for the selection of the best path through a sequence of invariant-preserving middleboxes. We use simulations to assess the efficiency of our approach.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Internet2. http://www.internet2.edu/
Sedgewick, R.: Algorithms in C, Part 5: Graph Algorithms, 3rd edn. Addison Wesley Professional, Upper Saddle River (2001)
Enns, R.: NETCONF Configuration Protocol, RFC 4741, IETF, December 2006
Stiemerling, M., Quittek, J., Cadar, C.: NEC’s Simple Middlebox Configuration (SIMCO), RFC 4540. http://tools.ietf.org/html/rfc4540
McKeown, N., et al.: OpenFlow: enabling innovation in campus networks. ACM SIGCOMM CCR 38(2), 69–74 (2008)
Kazemian, P., Varghese, G., McKeown, N.: Header space analysis: static checking for networks. In: USENIX NSDI, San Jose, CA, April 2012 (2012)
Stoenescu, R., Popovici, M., Negreanu, L., Raiciu, C.: Symnet: static checking for stateful networks. In: ACM HotMiddlebox (2013)
Wischik, D., Raiciu, C., Greenhalgh, A., Handley, M.: Design, implementation and evaluation of congestion control for multipath tcp. In: USENIX NSDI (2011)
Wang, Z., Qian, Z., Xu, Q., Mao, Z., Zhang, M.: An untold story of middleboxes in cellular networks. In: ACM SIGCOMM, Toronto, Canada, August 2011 (2011)
Raiciu, C., Olteanu, V., Stoenescu, R.: Good cop, bad cop: forcing middleboxes to cooperate. In: IAB (2015)
Sherry, J., et al.: Making middleboxes someone elses problem: network processing as a cloud service. In: ACM SIGCOMM, Helsinki, Finland, August 2012 (2012)
Fayazbakhsh, S., Sekar, V., Yu, M., Mogul, J.: FlowTags: enforcing network-wide policies in the presence of dynamic middlebox actions. In: ACM SIGCOMM HotSDN, Hong Kong, China, August 2013 (2013)
Gember, A., et al.: Stratos: Virtual Middleboxes as First-Class Entities
Guha, S., Takeda, Y., Francis, P.: NUTSS: a SIP-based approach to UDP and TCP network connectivity. In: ACM SIGCOMM FDNA (2004)
Eppinger, J.L.: TCP Connections for P2P Apps: A Software Approach to Solving the NAT Problem. http://reports-archive.adm.cs.cmu.edu/anon/isri2005/CMU-ISRI-05-104.pdf
Biggadike, A., Ferullo, D., Wilson, G., Perrig, A.: NATBLASTER: establishing TCP connections between hosts behind NATs. In: ACM SIGCOMM ASIA (2005)
Kho, W., Baset, S.A., Schulzrinne, H.: Skype relay calls: measurements and experiments. In: IEEE Global Internet Symposium (2008)
Acknowledgments
This work was partially supported by the EU FP7 T-NOVA Project (619520).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Abujoda, A., Papadimitriou, P. (2015). Invariant Preserving Middlebox Traversal. In: Aguayo-Torres, M., Gómez, G., Poncela, J. (eds) Wired/Wireless Internet Communications. WWIC 2015. Lecture Notes in Computer Science(), vol 9071. Springer, Cham. https://doi.org/10.1007/978-3-319-22572-2_10
Download citation
DOI: https://doi.org/10.1007/978-3-319-22572-2_10
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-22571-5
Online ISBN: 978-3-319-22572-2
eBook Packages: Computer ScienceComputer Science (R0)