Overlay Networks: An Akamai Perspective Ramesh K. Sitaraman, mangesh kasbekar, Woody Lichtenstein,...
-
Upload
cecily-hamilton -
Category
Documents
-
view
218 -
download
0
Transcript of Overlay Networks: An Akamai Perspective Ramesh K. Sitaraman, mangesh kasbekar, Woody Lichtenstein,...
Overlay Networks: An Akamai Perspective
Ramesh K. Sitaraman, mangesh kasbekar, Woody Lichtenstein, and Manish Jain
Akamai Technologies IncUniverisy of Massachusetts, Amherst
Presented by Huazhe Wang
Akamai Technologies, Inc. is a content delivery network and cloud services provider headquartered in Cambridge, Massachusetts, in the United States.
Outline
Motivation Overview of Overlay Networks Caching Overlays Routing Overlays Security Overlays
Content Distribution using the Internet The Internet is increasingly being used for digital
content and media delivery. Business, commerce, entertainment, news and social
interactions
Requirements: high reliability, performance, security, scalability and low operating costs. Major e-commerce sites require 99.99% of reliability TransportingTens of petabits per second of data to
support High quality television
Deficiencies of the Internet A heterogeneous network of
networks Access traverses multiple
networks to obtain content
“Best effort”
Failures and performance degradation are common
Major shortcomings of the Internet Outrages
Misconfigured routers, DDoS attacks, cable cuts, power disruptions…
Congestion High traffic demand Economic reasons
Lack of scalability One point failure Over/under provisioning
server
C0
client 1
client 2
client n
Major shortcomings of the Internet
Slow adaptability Large investment Business relations
Lack of security Growing Distributed denial
of service (DDoS) attacks Cost additional servers and
bandwidth
Challenges: How to bridge the gap between what modern Internet-based services need and what the Internet actually provides? Redesign of the Internet
Hard to implement given the wide-adoption of the current technology
Overlay Networks
Overview of Overlay Networks Fundamental idea: virtually great what you
want with what you have. Fragmented storage to a single, contiguous virtual
memory space Virtual machine Internet was built as a overlay on top of the
telephone network
Overview of Overlay Networks
An overlay network is built on top of the public Internet to provide the stringent requirements that rich Internet-based services need.
Peer to peer (P2P) Overlays
P2P uses end users’ host to form overlays that can be used for downloading content. Unnecessary long distance Traversing multiple Ass
P2P Problem : Network Inefficiency P2P applications are largely network-
oblivious and may not be network efficient Verizon (2008)
average P2P bit traverses 1,000 miles on network average P2P bit traverses 5.5 metro-hops
Karagiannis et al. on BitTorrent, a university network (2005) 50%-90% of existing local pieces in active users are
downloaded externally
Peer to peer (P2P) Overlays
Hybrid approaches that combine P2P principles with a dedicated overlay infrastructure are widely used.
Overlays described in the paper use a dedicated server infrastructure owned and operated by the overlay provider, rather than the computers belonging to users.
Overlay Architecture Overlays used to deliver content, applications and services
Origins One or a few, locates in core
Edge servers Hundreds thousand Locates at the edges, close to users
Transport system High reliability and performance
Outline
Motivation Overview of Overlay Networks Caching Overlays Routing Overlays Security Overlays
Caching Overlays Caching HTTP/HTTPS
proxy servers
Usage Static objects can be cached for some period
Embedded image on a web page, a movie, a music, a software download, or a software update
Benefits Availability, performance and origin offload
Performance benefits
30 agents located in Asia, Europe, and North America The agents hourly download a popular web page Origin servers locate in Dallas
Origin offload benefits Origin offload
Is equal to the ratio of the volume of traffic served by the origin without the overlay to the volume of traffic served by the origin with the overlay. A large decrease in server, bandwidth, expenses.
Popular vs cold traffic Cache hierarchy
Adding a layer of parent servers Increases the origin offload, easy to implement
Performance benefits
Origin offload increases with deployment of cache hierarchy
Performance benefits
Outline
Motivation Overview of Overlay Networks Caching Overlays Routing Overlays Security Overlays
Yale LANS
Routing Overlays Usage
Not all content on the Internet is cacheable for long time Gaming, live streams.
Benefits Discovering better ‘overlay path’ to improve performance
and availability
Yale LANS
Routing Overlays
Some issues to be considered An overlay construction algorithm to compute a set of
candidate overlay paths Real-time latency, loss, available bandwidth Choosing which of these paths to use depends on real-time
testing of the different path options.
Yale LANS
Routing Overlays Formulating overlay construction as multi-
commodity flow
Yale LANS
Routing Overlays Link costs can be defined in different ways to construct different types of routing overlays.
Latency vs bandwidth price e.g. finding the fastest overlay routes while avoiding links that are too expensive, or finding the cheapest overlay paths while avoiding paths that are too slow.
Throughput Minimizing latency is important when delivering small-size responses. Maximizing throughput is important for large responses.
TCP performance The overlay paths must remain “sticky" over longer periods of time.
Yale LANS
Routing Overlays Selecting the reverse proxy
Choosing a reverse proxy close to the origin Low latency, loss, Shared link Reducing penalty to set up a new TCP connection
Performance benefits
The significantly greater performance is due to the ability of the routing overlay to find alternate paths that avoid the failed links between different parts of Asia to the Boston origin.
Performance benefits Without major Internet outrage
Outline
Motivation Overview of Overlay Networks Caching Overlays Routing Overlays Security Overlays
Yale LANS
Security Overlays Defending against DDoS attacks
Not provided by Internet architecture In caching/routing overlay networks, performing
security tasks at the edge server of overlay networks is effective.
Security overlay Architecture
Yale LANS
Security Overlays Security overlay Architecture
Shared attack capacity Is flexible to increase bandwidth capacity at some locations
on-demand as needed. Cost effective.
Shared expertise and lower costs A team of security experts provides high level of defense with
low costs.
Advanced security features Security features to defend against all kind of attacks, like a
networking stack, firewall.
Yale LANS
Security Overlays Shielding the origin
Shielding the origin from accesses coming from strange end hosts
Control design Controls are provided for individual content providers
Performance benefits 50 to 9000
during a DDoS attack
90% of attacker’s requests are denied
Summary
Overlays hold the keys to the rapid evolution of Internet services.
Three key types of overlays.
Thank you and Questions