Network Architecture Lab

Trustworthy Network Debugging

The current Internet provides no information on the fate of transmitted packets. As a result, when packets get lost or delayed, there is no clean way for the affected parties to localize the problem and fix it (if it is local), ask for compensation (if a service-level agreement has been violated), or simply learn from it (e.g., re-assess a peering agreement with an under-performing neighbor). Probing tools like traceroute can help localize network failures, however, they draw their conclusions based on the fate of probes, not actual traffic, which makes them susceptible to manipulation by transit networks.  
 
The goal of this project is a way to change this lack of accountability in the Internet: a clean, yet practical solution that tells network entities what they need to know (who is responsible for losing or delaying their packets), but not what they shouldn't (the internal structure and policies of other networks or ISPs). The key idea behind our work is that this information need not (and should not) be extricated by ad-hoc probing tools that treat the Internet as a black box and try to reverse-engineer its structure and failures. Rather, it should be provided by a cooperative, incentive-based framework, where networks provide verifiable information on their own performance and, in exchange, learn how their own traffic is being treated by their neighbors.

Papers etc

Verifiable Network-Performance Measurements, Katerina Argyraki, Petros Maniatis, and Ankit Singla. In CoNEXT 2010. This paper shows how the Internet network layer can provide an accurate, lie-resistant, and lightweight mechanism that gives information on the fate of transported traffic. It presents Network Confessional, a system and protocol that enables network domains to export information on their loss and delay performance. This system guarantees accurate and trustworthy information while minimizing in-network monitoring state, in particular, it requires no per-packet, per-flow, or per-path monitoring state inside the network.

 Loss and Delay Accountability for the Internet, Katerina Argyraki, Petros Maniatis, Olga Irzak, Ashish Subramanian, and Scott Shenker. In ICNP 2007. This paper presents AudIt, an explicit "accountability interface,"  through which network domains can export information on their loss and delay performance with respect to transported TCP traffic.

Providing Packet Obituaries, Katerina Argyraki, Petros Maniatis, David R. Cheriton, and Scott Shenker. In the HotNets 2004 workshop. This paper introduces the idea of network domains providing feedback on the traffic they forward and describes a preliminary mechanism for informing traffic sources where their packets are getting lost.

Related work

A more theoretical perspective on accountability. Uses tools from cryptography to prove the minimum set of requirements for providing accountability under the broadest threat model.

In PeerReview, members of a distributed system hold each other accountable for Byzantine behavior by replaying secure logs of exchanged messages.

An economic analysis of ISP business shows that, without accountability, innovation and competition in the Internet are impossible.

Availability-oriented path selection relies on accurate information on the performance of transit networks to optimize route selection in multi-path routing.

SOME RESULTS

► We showed that it is feasible to design a software packet-processing platform that achieves predictable performance in the face of resource contention (NSDI '12).

► We argued for shifting the focus of network performance tomography from identifying congested links to a new, more realistic goal: identifying the frequency with which links are congested (CoNEXT '11). 

► We relaxed one of the strongest assumptions made until now by network performance tomography, namely that the status of a network link is independent from the status of any other link (IMC '10).

► We developed RouteBricks, a parallel router architecture made up entirely of commodity PCs, which achieves multi-Gbps line rates by parallelizing functionality both across and within PCs (SOSP '09).