"Networking Named Content"

by Van Jacobson
Content Centric Networking
(CCN)
OutIine
P Bottleneck
CCN Architecture
CCN packets, naming, forwarding engine, ...
CCN Networking Features
Flow Control, routing, Security, ...
Performance
Summary & Related Work
The Current ModeI
Problems of the 60's & 70's: Scarce Resources
Problem of today's nternet: Too much rich Content
The P model based on a host to host
No multiple sources for the same packet(looping)
neffective in mobile or disruptive tolerant networks
Each Packet is destined to a single interface on a
clients machine
Best Effort, Stateless, Unreliable
P provides no extra features for security or routing
P Networking
http://electronics.wesrch.com/paper-details , Myeong-Wuk Jang
CCN Networking
http://electronics.wesrch.com/paper-details , Myeong-Wuk Jang
CCN Architecture
CNN Packets:
Consumers send interests packets, and nodes that can
satisfy that interests respond with data packet
Context-dependent name prefixes (e.g., /local/Friends)
Nonces to prevent nterests looping
self dentifying and self Authenticating
CCN Architecture
Other things to notice..
Data not routed, follows PT entries
(breadcrumbs)
duplicate Data packets are discarded
Content store uses LRU replacement
PT entries have a timeout
ndexes ordered correctly for entry searches
multiple faces as source/destination
CCN Architecture
CCN Architecture
Addressing Scheme
CCN Networking
Reliability:
Accomplished by Application resending requests
Duplicate Data:
f the Data is found in the Content Store, its discarded
Although this makes data not Loop, nterest packets can
still loop (answer: nonces)
Flow Control:
At most One Data packet per nterest packet
TCP window advertisements -> nterest packets
Flow balance maintained at each hop
CCN Strategy Layer:
No binding to L3 P address
Multiple interfaces aloud
sendToAll, sendToBest ,...
Only Data not found locally is routed
Routing:
Any routing scheme that works well for P
multi-sources, multi-destinations
CCN Networking
Content authenticated with signatures
Content protected with encryption
Signature = Name+content+signed info
Content can validate other content it refers to
CCN doesn't mandate any specific encryption
scheme
DDoS attacks not possible because at each point
only a single data packet is forwarded
CCN Security ModeI
CCN Security ModeI
Interest flooding attack:
generation of a large number of interest
packets to overwhelm content source's
bandwidth
Defences:
Nodes can monitor how many interests packets of the
same prefix were successfully resolved.
Domain can ask downstream routers to throttle the
number of interests they forward of the same prefix
CCN Security ModeI(cont.)
Test 1:
ccnd vs. ttcp, 2 machines running Linux,
6MB file, and 100Mb/s link.
CCN needed 5 times the pipelining
-Says its because Linux TCP is so optimized
CCN packets encapsulated in P/UDP for
test
CCN Performance Tests
Test 2:
All machines of various architectures and
operating systems
source node -> 10Mbps link -> 6 sink nodes
-> 1 Gbps link
A large files is downloaded multiple times
over the bottleneck
CCN Performance Tests
"CCN Talks about Data, not to nodes"
Summary
Website: http://www.ccnx.org
The 4Ward Project:
http://www.4ward-project.eu
The TRAD Project:
http://gregorio.stanford.edu/triad/
Resources & ReIated Work