Practical active packets

Active networking adds programmability to the network infrastructure to promote service introduction. One approach involves active packets that carry programs rather than standard passive headers. To date, no one has proposed an active packet system that is truly practical: providing added flexibility over passive packet schemes without sacrificing either safety or efficiency. In this work, we propose a new system, SNAP (Safe and Nimble Active Packets), that strikes a useful balance. First, SNAP is safe. We use a combination of language design (limited expressiveness) and safe interpretation techniques that allow us to show that SNAP exhibits robustness (resistance to malicious or buggy code), isolation (non-interference with other packets), and resource predictability. In particular, we prove that each execution of a packet program consumes at most an amount of CPU and memory resources that are linearly proportional to the program's length; we also show the total number of packet executions that can be caused by a packet or its descendents is bounded. Second, SNAP is efficient. We designed the SNAP packet format to minimize memory overhead: most packets can be executed in-place in kernel network buffers. We show experimentally that SNAP latency and bandwidth microbenchmarks perform within a few percent of their IP-family counterparts in software routers connected by 100 Mb/s Ethernet links. SNAP incurs extremely low overhead: IP-like functionality is available at IP-like performance. Finally, SNAP is flexible, despite the fact that we have limited its expressiveness. We briefly describe a compiler that translates PLAN (an earlier active packet language) into SNAP using a combination of function inlining and sending copies of the current packet over a node's loopback interface to emulate backward branches. Since this loopback technique consumes one unit of resource bound, we find that the resource bound field of the packet is a convenient knob for trading off tight bounds on global resource usage for increased flexibility (in terms of the amount of looping available to the packet). We also describe two new native SNAP applications: distributed denial-of-service attack detection and active video-on-demand.

[1]  Dave Katz,et al.  IP Router Alert Option , 1997, RFC.