Middleboxes No Longer Considered Harmful

نویسندگان

  • Michael Walfish
  • Jeremy Stribling
  • Maxwell N. Krohn
  • Hari Balakrishnan
  • Robert Tappan Morris
  • Scott Shenker
چکیده

Intermediate network elements, such as network address translators (NATs), firewalls, and transparent caches are now commonplace. The usual reaction in the network architecture community to these so-called middleboxes is a combination of scorn (because they violate important architectural principles) and dismay (because these violations make the Internet less flexible). While we acknowledge these concerns, we also recognize that middleboxes have become an Internet fact of life for important reasons. To retain their functions while eliminating their dangerous side-effects, we propose an extension to the Internet architecture, called the Delegation-Oriented Architecture (DOA), that not only allows, but also facilitates, the deployment of middleboxes. DOA involves two relatively modest changes to the current architecture: (a) a set of references that are carried in packets and serve as persistent host identifiers and (b) a way to resolve these references to delegates chosen by the referenced host.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Challenges in Unifying Control of Middlebox Traversals and Functionality

Network services appliances, i.e., middleboxes, are a key component of enterprise networks. Through examination andmodification of network traffic, middleboxes help ensure security, optimize performance, and facilitate remote access. A diverse array of middleboxes exist, both in terms of functionality and vendor, requiring distinct, distributed configuration across the enterprise [8]. Furthermo...

متن کامل

How to Detect Middleboxes: Guidelines on a Methodology

Internet middleboxes such as VPNs, firewalls, and proxies can significantly change handling of traffic streams. They play an increasingly important role in various types of IP networks. If end hosts can detect them, these hosts can make beneficial, and in some cases, crucial improvements in security and performance But because middleboxes have widely varying behavior and effects on the traffic ...

متن کامل

Design and Implementation of a Consolidated Middlebox Architecture

Network deployments handle changing application, workload, and policy requirements via the deployment of specialized network appliances or “middleboxes”. Today, however, middlebox platforms are expensive and closed systems, with little or no hooks for extensibility. Furthermore, they are acquired from independent vendors and deployed as standalone devices with little cohesiveness in how the ens...

متن کامل

Rfc 3234

This document is intended as part of an IETF discussion about "middleboxes" defined as any intermediary box performing functions apart from normal, standard functions of an IP router on the data path between a source host and destination host. This document establishes a catalogue or taxonomy of middleboxes, cites previous and current IETF work concerning middleboxes, and attempts to identify s...

متن کامل

In-Network Processing, User-Level Stacks and the Future of Internet Evolution

In past years, it has become increasingly evident that the venerable end-to-end model often taught in networking courses has more to do with Internet lore than with the reality of the network today. Over time, operators have deployed a vast array of middleboxes to enhance the capabilities of the network, ranging from security (firewalls, IDSes, traffic scrubbers), traffic shaping (rate limiters...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2004