An end to the middle
作者: Arvind Krishnamurthy , Thomas Anderson , Colin Dixon
DOI:
关键词: Computer science 、 Intrusion detection system 、 Protocol (object-oriented programming) 、 Network packet 、 Traffic prioritization 、 Private network 、 Physical network 、 The Internet 、 Computer network 、 Suite
摘要: The last fifteen years has seen a vast proliferation of middleboxes to solve all manner persistent limitations in the Internet protocol suite. Examples include firewalls, NATs, load balancers, traffic shapers, deep packet intrusion detection, virtual private networks, network monitors, transparent web caches, content delivery and list goes on on. However, most smaller networks homes, small businesses developing world are left without this level support. Further, management burden apparent even enterprise networks. We argue for shift from using proprietary middle-box harware as dominant tool managing toward open software running end hosts. We show that functionality seemingly must be network, such NATs prioritization, can more cheaply, flexibly, securely provided by distributed hosts, working concert with vastly simplified physical hardware.
colindixon.com 参考文章(14)
Jennifer Rexford, David A. Maltz, Geoffrey Xie, Jibin Zhan, Hui Zhang, Andy Myers, Gisli Hjalmtysson, Albert Greenberg, Network-Wide Decision Making: Toward A Wafer-Thin Control Plane ,(2004)
Hemant Gogineni, David A. Maltz, Zheng Cai, T. S. Eugene Ng, Hong Yan, Hui Zhang, Tesseract: a 4D network control plane networked systems design and implementation. pp. 27- 27 ,(2007)
Michael Walfish, Jeremy Stribling, Maxwell N Krohn, Hari Balakrishnan, Robert Tappan Morris, Scott Shenker, None, Middleboxes no longer considered harmful operating systems design and implementation. pp. 15- 15 ,(2004)
Mark Gritter, David R. Cheriton, An architecture for content routing support in the internet usenix symposium on internet technologies and systems. pp. 4- 4 ,(2001)
Dan Boneh, Nick McKeown, Scott Shenker, Tal Garfinkel, Michael J. Freedman, Martin Casado, Aditya Akella, SANE: a protection architecture for enterprise networks usenix security symposium. pp. 10- ,(2006)
Natasha Gude, Teemu Koponen, Justin Pettit, Ben Pfaff, Martín Casado, Nick McKeown, Scott Shenker, NOX: towards an operating system for networks acm special interest group on data communication. ,vol. 38, pp. 105- 110 ,(2008) , 10.1145/1384609.1384625
Nick Feamster, Donald Caldwell, Jennifer Rexford, Jacobus van der Merwe, Matthew Caesar, Aman Shaikh, Design and implementation of a routing control platform networked systems design and implementation. pp. 15- 28 ,(2005) , 10.5555/1251203.1251205
Changhoon Kim, Matthew Caesar, Jennifer Rexford, Floodless in seattle ACM SIGCOMM Computer Communication Review. ,vol. 38, pp. 3- 14 ,(2008) , 10.1145/1402946.1402961
Thomas Karagiannis, Richard Mortier, Antony Rowstron, Network exception handlers ACM SIGCOMM Computer Communication Review. ,vol. 38, pp. 123- 134 ,(2008) , 10.1145/1402946.1402973
Martin Casado, Michael J. Freedman, Justin Pettit, Jianying Luo, Nick McKeown, Scott Shenker, Ethane: taking control of the enterprise acm special interest group on data communication. ,vol. 37, pp. 1- 12 ,(2007) , 10.1145/1282380.1282382