Invariant Preserving Middlebox Traversal

Abujoda, Ahmed; Papadimitriou, Panagiotis

doi:10.1007/978-3-319-22572-2_10

Ahmed Abujoda¹⁶ &
Panagiotis Papadimitriou¹⁶

Part of the book series: Lecture Notes in Computer Science ((LNCCN,volume 9071))

Included in the following conference series:

International Conference on Wired/Wireless Internet Communication

1003 Accesses

Abstract

Middleboxes, such as firewalls, NATs, proxies, and application accelerators are known for their undesirable implications on traffic (mainly due to packet headers or payload modifications) and for hindering connection establishment when certain protocols are in use (e.g., UDP, SCTP).

Since many of these implications occur in middleboxes within ISPs or cellular networks, we present a software-defined network (SDN) architecture that can foster the collaboration between end-hosts and ISPs. In particular, an end-host can express a desirable behavior from the network, specified as an invariant (e.g., no IP header or payload modification), and the ISP, in turn, can establish a connection through middleboxes that preserve this invariant. We discuss the proposed architecture and the requirements for invariant preserving middlebox traversal. We further propose an algorithm for the selection of the best path through a sequence of invariant-preserving middleboxes. We use simulations to assess the efficiency of our approach.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

Internet2. http://www.internet2.edu/
Sedgewick, R.: Algorithms in C, Part 5: Graph Algorithms, 3rd edn. Addison Wesley Professional, Upper Saddle River (2001)
Google Scholar
Enns, R.: NETCONF Configuration Protocol, RFC 4741, IETF, December 2006
Google Scholar
Stiemerling, M., Quittek, J., Cadar, C.: NEC’s Simple Middlebox Configuration (SIMCO), RFC 4540. http://tools.ietf.org/html/rfc4540
McKeown, N., et al.: OpenFlow: enabling innovation in campus networks. ACM SIGCOMM CCR 38(2), 69–74 (2008)
Article Google Scholar
Kazemian, P., Varghese, G., McKeown, N.: Header space analysis: static checking for networks. In: USENIX NSDI, San Jose, CA, April 2012 (2012)
Google Scholar
Stoenescu, R., Popovici, M., Negreanu, L., Raiciu, C.: Symnet: static checking for stateful networks. In: ACM HotMiddlebox (2013)
Google Scholar
Wischik, D., Raiciu, C., Greenhalgh, A., Handley, M.: Design, implementation and evaluation of congestion control for multipath tcp. In: USENIX NSDI (2011)
Google Scholar
Wang, Z., Qian, Z., Xu, Q., Mao, Z., Zhang, M.: An untold story of middleboxes in cellular networks. In: ACM SIGCOMM, Toronto, Canada, August 2011 (2011)
Google Scholar
Raiciu, C., Olteanu, V., Stoenescu, R.: Good cop, bad cop: forcing middleboxes to cooperate. In: IAB (2015)
Google Scholar
Sherry, J., et al.: Making middleboxes someone elses problem: network processing as a cloud service. In: ACM SIGCOMM, Helsinki, Finland, August 2012 (2012)
Google Scholar
Fayazbakhsh, S., Sekar, V., Yu, M., Mogul, J.: FlowTags: enforcing network-wide policies in the presence of dynamic middlebox actions. In: ACM SIGCOMM HotSDN, Hong Kong, China, August 2013 (2013)
Google Scholar
Gember, A., et al.: Stratos: Virtual Middleboxes as First-Class Entities
Google Scholar
Guha, S., Takeda, Y., Francis, P.: NUTSS: a SIP-based approach to UDP and TCP network connectivity. In: ACM SIGCOMM FDNA (2004)
Google Scholar
Eppinger, J.L.: TCP Connections for P2P Apps: A Software Approach to Solving the NAT Problem. http://reports-archive.adm.cs.cmu.edu/anon/isri2005/CMU-ISRI-05-104.pdf
Biggadike, A., Ferullo, D., Wilson, G., Perrig, A.: NATBLASTER: establishing TCP connections between hosts behind NATs. In: ACM SIGCOMM ASIA (2005)
Google Scholar
Kho, W., Baset, S.A., Schulzrinne, H.: Skype relay calls: measurements and experiments. In: IEEE Global Internet Symposium (2008)
Google Scholar

Download references

Acknowledgments

This work was partially supported by the EU FP7 T-NOVA Project (619520).

Author information

Authors and Affiliations

Institute of Communications Technology, Leibniz Universität Hannover, Hannover, Germany
Ahmed Abujoda & Panagiotis Papadimitriou

Authors

Ahmed Abujoda
View author publications
You can also search for this author in PubMed Google Scholar
Panagiotis Papadimitriou
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ahmed Abujoda .

Editor information

Editors and Affiliations

ETSI Telecomunicación, Malaga, Spain
Mari Carmen Aguayo-Torres
ETSI Telecomunicación, Malaga, Spain
Gerardo Gómez
ETSI Telecomunicación, Malaga, Spain
Javier Poncela

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Abujoda, A., Papadimitriou, P. (2015). Invariant Preserving Middlebox Traversal. In: Aguayo-Torres, M., Gómez, G., Poncela, J. (eds) Wired/Wireless Internet Communications. WWIC 2015. Lecture Notes in Computer Science(), vol 9071. Springer, Cham. https://doi.org/10.1007/978-3-319-22572-2_10

Download citation

DOI: https://doi.org/10.1007/978-3-319-22572-2_10
Published: 23 August 2015
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-22571-5
Online ISBN: 978-3-319-22572-2
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics