Restoring End-to-End Resilience in the Presence of Middleboxes

Restoring End-to-End Resilience in the Presence of Middleboxes,10.1109/ICCCN.2011.6006072,Eric J. Brown,Mark K. Gardner,Umar Kalim,Wu-chun Feng

Restoring End-to-End Resilience in the Presence of Middleboxes  
BibTex | RIS | RefWorks Download
The philosophy upon which the Internet was built places the intelligence close to the edge. As the Internet has matured, intermediate devices or middleboxes, such as firewalls or application gateways, have been introduced, thereby weakening the end-to-end nature of the network. As a result, applications must often modify their behavior to accommodate the middle- boxes. This is is especially true in the case of transient failure of stateful devices. The failure of a middlebox causes it to lose the state it main- tained, causing the failure of the associated TCP connections. Rather than assign the responsibility for recovery to applications, we incorporate a mechanism called an isolation boundary into TCP itself. The isolation boundary maintains a small amount of state across TCP connections, thus enabling reconnection. Furthermore, it does so without breaking backward compatibility with existing TCP. We present an implementation of the isolation boundary in the FreeBSD kernel and demonstrate its backward compatibility with TCP. We quantify the performance impact of the proposed mechanism on the establishment of new and resumed connections for both legacy and extended TCP stacks. Index Terms—TCP/IP, middleboxes, fault tolerance, resilience.
Cumulative Annual
View Publication
The following links allow you to view full publications. These links are maintained by other sources not affiliated with Microsoft Academic Search.