The paper presents the insights and learnings from designing and
implementing an active network prototype called ANTS. Active networks
provide two key benefits: First, they enable wide range of application
that leverages computation within the network. Second, they help
accelerate the pace of innovation by decoupling services from
infrastructure. An important implication of this active network approach
is that they provide extensibility to individual services and the
automatic code deployment of capsules provides a novel model for deploying
systematic changes across wide area networks.
ANTS is based on aggressive capsule design that adds extensibility at the
IP packet level. Capsules are like mobile agents that direct themselves
using a custom forwarding routine. Active nodes understand this forwarding
scheme. In order to distribute capsules, any party can develop the code
and forwarding routine and get it signed by a trusted authority such as
IETF-equivalent before it gets freely executed at nodes. Once a capsule is
received at an active node, routines are safely executed within a sandbox
to provide isolation with the rest of the system. Further, ANTS is
designed to be incrementally deployable. Not all nodes are required to be
active nodes and one can strategically select active nodes as an obvious
strategy.
Perhaps, the most compelling applications of active network approach are
IPv6, multicast and NAT deployment. IPv6 deployment has been very slow and
active network approach can speed up the deployment process. In order for
a service to make use of this approach, it must be expressible, compact,
fast and incrementally deployable.
Simulation results indicate that active network provides reasonable
throughput and performance but the author claims that root of this
under-performance come from the fact that the prototype is implemented in
Java. The authors found that capsule forwarding is the limiting factor for
node performance, in practice.
However, active network still has lot of limitations that needs to be
addresses thus keeping it as open research area (at least when the paper
was written). The design does not prevent misbehaving programs from
monopolizing resources across a group of nodes. Security and resource
management concerns seem to be prime concern but they seem to exceed the
performance provided by the active network approach. Also, single
forwarding uses too many resources at a single that making it difficult to
scale. Finally, the certificate management process for trusted code makes
the deployment process slow.
Received on Thu Nov 23 2006 - 09:16:47 EST
This archive was generated by hypermail 2.2.0 : Thu Nov 23 2006 - 09:30:12 EST