Upload
scott-kelly
View
215
Download
1
Embed Size (px)
Citation preview
KAIST EECS Computer Engineering Research Lab
CORE
A General Purpose Proxy Filtering Mechanism Applied to the Mobile Environment
Bruce Zenel
Jupyung Lee
CoreLab, KAIST
March 18. 2003
KAIST EECS Computer Engineering Research Lab
CORE
Contents
• Introduction• Architecture
– PMICP
– Proxy Server
– Adaptation through Filter Control
• Designed and Implemented Filters• Evaluation
– HTTP filter
– NFS filter
– TCP filter
• Conclusion & Future Work
KAIST EECS Computer Engineering Research Lab
CORE
Introduction
• Mobile environment– Slower, more costly, less reliable, less secure than WAN, LAN…
– Heterogeneity problem : hosts move unpredictably in networks which have different speed, cost, security, loss rate
• Proxy improves the mobile environment– Drop / Compress / Delay / Cache data
• MPEG / HTTP, NFS / POP / TCP
– Act as substitute for mobile client• ICMP ECHO request
– Use a different transport protocol(or parameter settings)
– Generally… : perform trading off computation for communication
* Minimize server/client modification
KAIST EECS Computer Engineering Research Lab
CORE
Introduction (cont’)
• Filter : program downloading & executing on proxy– Often application specific
– Dynamically control filter behavior
• Contribution of this paper– Propose ‘general purpose proxy filtering mechanism’ applied to the
mobile environment
– Apply it to the HTTP, NFS, TCP
KAIST EECS Computer Engineering Research Lab
CORE
Architecture: PMICP
• Problem: – All traffic from/to MH must past through a single gateway
– But mobile protocol* supports host mobility• Keep track of the location of the MH• Using Mobile Support Routers(MSR)
• Solution– New Protocol : PMICP**
• Each MH choose Proxy MSR(PMSR)• PMICP guarantees that all traffic from/to MH will pass through PMSR
* Proxy filter runs on PMSR
* Columbia Mobile IP Protocol
** Proxy Mobile Internetworking Control Protocol
KAIST EECS Computer Engineering Research Lab
COREArchitecture: Proxy Server
• High Level Proxy– Use filter insertion
• Low Level Proxy– LLP packet queue is created
configured.
– It contains matching criterion
– If criterion is matched, filter is allows to read/write LLP packet queue
* Analogous to socket program
KAIST EECS Computer Engineering Research Lab
CORE
(Filter Insertion)
* Kernel on Proxy & MH may be modified
* Server notices no change
KAIST EECS Computer Engineering Research Lab
CORE
Architecture: Adaptation through Filter Control
• Event Registry(ER) – Register in certain events
• Change in network bandwidth• Network interface information• Change in MH battery power• MH location
– Notified when these events occur
KAIST EECS Computer Engineering Research Lab
CORE
Designed and Implemented Filters
• HTTP: compress header/body of HTTP messages• MPEG: drop intermediate MPEG frames• SMTP: drop all multimedia data• NFS: compress file data• ICMP: provide replies to queries
• TCP– Cache unacknowledged TCP to MH
– Perform local re-TX when packet loss is detected• arrival of a duplicate ack, local timeout
– Not break the end-to-end semantics of TCP
– Originally from “Improving TCP/IP Performance over Wireless Networks”
KAIST EECS Computer Engineering Research Lab
CORE
Evaluation
• 10Mbps Ethernet vs. 2Mbps Wavelan vs. 33.3Kbps SLIP• HTTP filter
– compress text file using ZLIB or LZO
– not compress image file
– Primary proxy as compressor, secondary as decompressor• Provide client transparency
• NFS filter : compress text/binary files using ZLIB or LZO• TCP filter : use unacknowledged packet caching
Server Proxy Gateway ClientClientClient
KAIST EECS Computer Engineering Research Lab
CORE
Conclusion & Future Work
• General Purpose Proxy Mechanism• Author’s future work
– End-to-End semantics• High level proxy breaks the end-to-end semantics of TCP
– Security• Message security between proxy & MH• Filter code security
– Proxy mobility
– # proxies
– Adapt protocol / application