Overlay network - network built on top of another network - nodes connected by virtual links that are paths - Internet was initially an overlay on the phone network - motivations: (i) new functionality (multicast, IPv6) and (ii) better performance, reliability, security, privacy, etc. than the underlay IPv6 - 6bone: overlay testbed using tunnels over IPv4 to connect IPv6-capable nodes - Teredo: relays to connect IPv6 host to the IPv6 network over IPv4 End-system multicast - IP multicast hasn't seen much deployment (complex, hard to do interdomain, security risks, economic incentives, hard to deal with loss/retransmission) - can build a tree out of computers instead (with duplicate packets at some points, higher latency, etc.) RON (resilient overlay networks) - it is hard to run a federated routing infrastructure at scale - BGP limitations: (i) slow convergence, (ii) disallows some paths (valley-free), (iii) doesn't pick based on performance (no performance metrics, reacts to fail-stop failurels not congestion), (iv) single path for all (classes of) traffic, with no app interface - can you do better on top of something that is worse? - yes, can do better with a smaller, cooperative set of nodes (cooperation, small scale) - fully-connected graph, frequent probes, two-hop routes - probes: frequent active probes and passive observations (seconds rather than minutes) - application-specific metrics (e.g., latency, throughput, etc.) and routes - extensions to sparser overlay topologies to scale to larger networks RAN (routing around nation states) - bounce off an intermediate node to circumvent offending countries - intermediate nodes as web proxies used selectively depending on the destination (using Proxy Auto-Config files) - TCP-level interaction with the proxies SOS (Secure Overlay Services) - preventing DoS attacks - teasing apart * authentication to tell good from bad (SOAPs) * data-plane filtering to limit who can talk to the destination * secrecy to prevent DoS on those nodes or spoofing of those nodes (secret servlets) - simple but non-scalable way to hide the secret servlets * SOAPs randomly route till packet stumbles into a secret servlet * that way, nobody (except the secret servlets and the target) know the servelts * but, that's clearly very expensive - distributed hash table with key as target IP address * individual node can route to any value with little knowledge of the overall topology * SOAP routes to a beacon, and target publishes secret servlets at a beacon * don't return the "value" (servlet) but instead route to it through the overlay (that is, the routing on the DHT is not just query routing, but also traffic routing) - why not just massively replicate the service in the first place?