Internet Indirection Infrastructure April 16, 2009

This seems to do the same as SSH reverse tunneling in terms of its mobility.

Indirection — this allows for portability in that the end user does not need to know the exact location of the other end and the system can more easily do “creative” rerouting (e.g. multicast).

Distributed routing “tables” — instead of having one central domain name server as a single point of failure, this allows for some reliability through multiplexing and redundancy.

I see an issue with the routing efficiency. The paper gives the example of having the sender and receiver in Berkeley, but the i3 node storing the triggers in London. The claim is that the data can avoid the trip from Berkeley to London and back by way of a private trigger on a closer server, but does not account for the case where there is no closer server.

Internet Indirection Infrastructure April 16, 2009

The main contributions of this paper are:

1. Indirection: the authors discuss how decoupling of the sender and receivers helps to generalize point-to-point communication. i3 provides better mobility, multicast, and anycast through this indirection. i3 identifiers and triggers serve to achieve this level of indirection.
2. The paper proves the flexibility of overlay networks. It further provides valuable techniques to build security, scalability, availability, fault tolerance, and improved performance on top of the overlay. Overlay also allows for incremental deployment of i3 in a network.
3. The authors provide many novel ideas such as using a stack of i3 identifiers to achieve service composition on top of i3, heterogeneous multicast (where receivers choose to receive different flavors of the multicast data), and fault tolerance (if one identifier fails, try the next identifier).

Glaring problems: The paper is well written and many scenarios are well thought of, however, the authors provide no experimental results for the applications of i3 most discussed in the paper: multicast, anycast, mobility. The paper goes at length to describe how i3 eases multicast, but does not provide evidence about i3’s efficiency when dealing with these. Additionally, it is my understanding that i3 would make unicast quite slow, so it would not be a suitable replacement for existing network infrastructue.

Future research: it would be interesting to implement a hybrid approach where packets are not required to go through an i3 node. Also implement i3 servers as modified switches. That is, modify a network switch to work with i3 triggers and identifiers instead of IP packets. If a switch can be made like this, a lot of the overhead from processing the triggers in software is taken away.

Internet Indirection Infrastructure April 16, 2009

Single overlay capable of achieving multiple communication services over a P2P network
The paper comes up with a single infrastructure capable of supporting several services such as multicast, broadcast, anycast, mobility etc over the Internet architecture with was built to be P2P. It achieves this by introducing a level of indirection in the form of nodes that act as i3 servers. Senders direct outgoing messages to identifiers instead of a particular destination node address. Receiving nodes can then subscribe to these identifiers if they wish to the message. Hence, more than one receiver can subscribe to an identifier, thereby allowing for the above mentioned services to be achieved over a P2P network. This method suggested by them provides for a lot of flexibility in the terms of the types of services that can be provided, nodes that can add or drop themselves to a service, etc. Other than providing for these services, their structure achieves security (in some aspects, while giving rise to different set of security concerns that they consider in detail and provide methods to counteract) which couldn’t have been achieved in a P2P system.

Methods to add new nodes, handle failure of old ones and provide efficient routing
In addition to suggesting the basic infrastructure, the paper also talks of efficient methods implementation of the idea. The first question that comes to mind when the i3 structure is suggested is, the overhead it would add. The paper provides for a method of packet forwarding that seems to add minimal overhead. In the method suggested, the senders cache the address of the server that is responsible for routing packets to the identifier the sender wishes to send packets to. This reduces the time to find the server for subsequent sends. The receivers reduce the time to receive packets from the servers by choosing servers close to themselves. Similarly, the paper also suggests efficient methods to deal with node failures, node additions and packet forwarding.

Methods to handle security threats
The nature of how the i3 system works exposes it to several security threads. The paper makes a detailed analysis of all possible threats and suggests methods to counteract them.

PROBLEMS

The paper claims that it handles the triangle problem by getting the receiving nodes to choose a server close to themselves to store the trigger containing their id. However, this solution only works if the system has a large number of i3 servers. If there exist only a few servers for a large number of nodes, it is likely that two nodes, adjacent to one another, might have to communicate with a far away server node to be able to reach one another.

Several of the methods they suggest to handle the issue of security work by inhibiting free and flexible use of i3 by the servers. For eg, one of the methods limit the number of triggers a node can have. Also, the innate structure of i3 introduces far too many means of intrusion to be able to detect and counter every one of them.

In spite of several methods to reduce overhead, the structure still introduces them at various stages and steps. There is the overhead introduced by in the security methods suggested, enabling caching by the appropriate server sending out the, “it is me you want to send future messages to” message, etc.

FUTURE WORK

It seems like i3 would provide a workable and efficient platform for a network of rapidly moving nodes. it seems to have the mechanisms in place to provide support for such a system. Work could be done to explore possibilities in the area.