Reliability and Security in the CoDeeN Content Distribution Network

With the advent of large-scale, wide-area networking testbeds, researchers can deploy long-running distributed services that interact with other resources on the Web. The CoDeeN Content Distribution Network, deployed on PlanetLab, uses a network of caching Web proxy servers to intelligently distribute and cache requests from a potentially large client population. We have been running this system nearly continuously since June 2003, allowing open access from any client in the world. In that time, it has become the most heavily-used long-running service on PlanetLab, handling over four million accesses per day. In this paper, we discuss the design of our system, focusing on the reliability and security mechanisms that have kept the service in operation. Our reliability mechanisms assess node health, preventing failing nodes from disrupting the operation of the overall system. Our security mechanisms protect nodes from being exploited and from being implicated in malicious activities, problems that commonly plague other open proxies. We believe that future services, especially peer-to-peer systems, will require similar mechanisms as more services are deployed on non-dedicated distributed systems, and as their interaction with existing protocols and systems increases. Our experiences with CoDeeN and our data on its availability should serve as an important starting point for designers of future systems.

[1]  Peter B. Danzig,et al.  A Hierarchical Internet Object Cache , 1996, USENIX Annual Technical Conference.

[2]  Syam Gadde,et al.  Not all Hits are Created Equal: Cooperative Proxy Caching Over a Wide-Area Network , 1998, Comput. Networks.

[3]  Alec Wolman,et al.  On the scale and performance of cooperative Web proxy caching , 1999, SOSP.

[4]  Miguel Oom Temudo de Castro,et al.  Practical Byzantine fault tolerance , 1999, OSDI '99.

[5]  Michael Dahlin,et al.  Design considerations for distributed caching on the Internet , 1999, Proceedings. 19th IEEE International Conference on Distributed Computing Systems (Cat. No.99CB37003).

[6]  G. Voelker,et al.  On the scale and performance of cooperative Web proxy caching , 2000, OPSR.

[7]  Peter Druschel,et al.  Pastry: Scalable, distributed object location and routing for large-scale peer-to- , 2001 .

[8]  Mark Handley,et al.  A scalable content-addressable network , 2001, SIGCOMM '01.

[9]  Andrew S. Tanenbaum,et al.  Efficient Tracking of Mobile Objects in Globe , 2001, Comput. J..

[10]  Antony I. T. Rowstron,et al.  Pastry: Scalable, Decentralized Object Location, and Routing for Large-Scale Peer-to-Peer Systems , 2001, Middleware.

[11]  David R. Karger,et al.  Chord: A scalable peer-to-peer lookup service for internet applications , 2001, SIGCOMM '01.

[12]  Larry L. Peterson,et al.  Proceedings of the 5th Symposium on Operating Systems Design and Implementation the Effectiveness of Request Redirection on Cdn Robustness , 2022 .

[13]  Liuba Shrira,et al.  The design of a robust peer-to-peer system , 2002, EW 10.

[14]  Niels Provos,et al.  Detecting Steganographic Content on the Internet , 2002, NDSS.

[15]  Antony I. T. Rowstron,et al.  Squirrel: a decentralized peer-to-peer web cache , 2002, PODC '02.

[16]  Miguel Castro,et al.  Farsite: federated, available, and reliable storage for an incompletely trusted environment , 2002, OPSR.

[17]  Anjali Gupta,et al.  One Hop Lookups for Peer-to-Peer Overlays , 2003, HotOS.

[18]  David Mazières,et al.  Democratizing Content Publication with Coral , 2004, NSDI.