Lecture 6, SCION Architecure
Clean-Slate Architectures
Clean-slate technologies: re-invent the internet stack (TCP/IP)
Most generally didn't make it
But some aspects of it did get adopted into TCP/IP
Network devices are opening up slightly
Making adoption of new technologies faster
- RINA
- Everything is IPC (Inter-Process Communication)
- WIP implementations: ProtoRINA, OpenIRATI
- NDN
- Data centric
- Stateful, lots of caching in the network
- Implementation: named-data.net
- Useful for static data, less so for dynamic protocols like ssh
- Extensible Internet
- Introduces layer 3.5
- No implementation yet
- SCION
- Path selection
- Active community
- Implementation: github.com/scionproto
SCION
Scalability, Control and Isolation on next-generation Networks
Goal: improve security of inter-domain routing
Security by design (rather than tacked on, as with modern protocols)
Path-aware networking (Sender selects path)
Multi-path comm.
Existing applications can still be used
Isolation Domain (ISD)
Group of ASes
ISD core: ASes managing the ISD
Core AS: part of the ISD core
Introduces intra-ISD and inter-ISD routing
%20Advanced%20Networking/Attachments/Pasted%20image%2020260220102834.png)
Numbering
??
Routing
Control plane: construct path segments
Data plane:
Combine segments to path
Packets contain path
Routers forwards based on path in packet (Stateless)
%20Advanced%20Networking/Attachments/Pasted%20image%2020260220103249.png)
Inter-ISD:
Performed by Core-ASes
Flooding similar to BGP
Only involves Core ASes
Intra-ISD
Downstream multi-path flooding
Path Construction Beacons (PCBs) are received, extended and forwarded by each AS
%20Advanced%20Networking/Attachments/Pasted%20image%2020260220103438.png)
PCBs are signed by every AS along the path (BGPsec baby)
ISD's CA issues certificates to all ASes
Control Plane root key is embedded in the Trust Root Configuration (TRC)
TRC
Signed collection of:
CP root certs
Voting certs
Several ASes hold voting certificates
If the TRC needs to change, these ASes need to agree on it
ISD policy information (defines roles within the ISD)
TL;DR
Path info is added to packet headers
Sender of the packet selects the path
Recipient address is no longer used for routing decisions
Security
Control plane
PCBs are authenticated using signatures
So no route hijacks
Data plane
User combines authenticated path segments (PCBs)
Hop fields in path are authenticated through a cryptographic MAC (Message Authentication Code)
Address spoofing is no longer possible on an AS-level
Packet uses the same path on the way back, so spoofing source IP has no effect
Hidden paths
Path info is not published
Can only be used by parties that know the relevant hop fields
Security extensions:
Every Packet Is Checked (EPIC)
Reliability and QoS
Use multiple paths for redundancy
Failover on failure
No waiting for convergence
Possible to add latency information to PCBs
Choose path based on latency
Hummingbird extension
Minimum bandwidth reservation
Transitioning to SCION
Use gateways between SCION and non-SCION networks
%20Advanced%20Networking/Attachments/Pasted%20image%2020260220104827.png)
Overhead
Every packet contains a full path
However, routers can be stateless -> they can handle more traffic
SCION in P4
On Intel Tofino
Except it has no hardware support for crypto -> cannot process packets at line rate
Instead populate a table from the control plane (works in limited scenarios)
Complex header fields
Intention: info per section (up, inter, down)
However, differing lengths of hop fields make it hard
Instead, put all info fields first, and then all the hop fields
When designing a protocol with hardware in mind
Use explicit lengths (dynamic lengths are a pain)
Do not use absolute offsets
Variable length fields are the devil(!)
Do not use complex data structures
Evaluation
Achieved near line-rate for almost all tested path lengths
SCION can be implemented on switch hardware