Distributed Peer-to-peer Name Resolution

Download Report

Transcript Distributed Peer-to-peer Name Resolution 

Distributed Peer-to-peer Name
Resolution
Christian Huitema
Architect, Windows Networking
Microsoft Corporation
Vision: The user to user web!
Mainframe
PC
Web
P2P
Centralized
7/18/2015
Personal
Enable each PC to
be a server
Serve ad-hoc groups
Promote and use
IPv6, directly attach
the users to the Net
Provide a server-less
DNS for IPv6
Platform for
developers
Distributed Peer-to-peer Name
Resolution
2
Making Windows a great platform for P2P
Sockets,
DNS, files,
print, ….
DNS?
Firewall,
NAT
Firewall
Traversal
Multicast?
IPv6
Security?
Graphs
P2P Names
7/18/2015
Group
Membership
Distributed Peer-to-peer Name
Resolution
3
Naming: the key to P2P development
Provide each computer with a name

Each computer is a server
Names must be stable

Resolve names to addresses
Also name groups, users…


7/18/2015
Find a member of a group,
Find the location of a user
Distributed Peer-to-peer Name
Resolution
4
Peer-to-Peer Name Resolution
Identity = 128-bit
number

No trademark!
Nodes manage a
cache of “records”



Look up initiated
7/18/2015
Identity
IPv6 address
Proof (certificate)
Secure, Scalable,
Robust, Private,
Usable…
Distributed Peer-to-peer Name
Resolution
5
Design Goal 1, Security:
Hello, I am
[email protected]
7/18/2015
Names should
resolve to the
intended address,
One should not be
able to fake an
identifier
But one should not
impose a central
server…
Distributed Peer-to-peer Name
Resolution
6
Secure: use certificates, prove the name
Record = Identity, IPv6 Address, Proof
Sign [identity, address] with local
private key

Check signature before placing in cache
Host Identity = hash (public key)
Group member Id = hash (group key)

Group membership, certified by group key
Generic = hash (authority’s key, Name)

7/18/2015
Validity certified by “authority”
Distributed Peer-to-peer Name
Resolution
7
Design Goal 2: Scalable
Scale to the size of
the Internet!
Assume at least one
name per node.
Scale without a
central server.
7/18/2015
Distributed Peer-to-peer Name
Resolution
8
Scalable: a hierarchical cache
Circular space, centered
on self
Cache levels:



First level: 360°
Second level: 36°
Etc.
Query:


Forward to “nearest”
Gain one level
log base X of (N) levels,
2.X Entries per level
7/18/2015
Distributed Peer-to-peer Name
Resolution
9
Scalable cache management
Initial cache:


from memory, from neighbor
Proactive requests, “tell the network”
Update:


Learn from queries, requests
Try to fill each level, then replace
Finest level:

7/18/2015
Learn about all “immediate neighbors”
Distributed Peer-to-peer Name
Resolution
10
Design Goal 3: Robust
No central point of
control, no central point
of failure.
Large distributed
system: some nodes
will fail at any time.
Uncontrolled systems:
some nodes may be
actively conspiring
against us
… but hopefully not too
many.
7/18/2015
Distributed Peer-to-peer Name
Resolution
11
Robust: reputation & randomization
Neighbor reputation: from query
completion + verification
Forward query: random choice, use
reputation
Cache replacement: random &
reputation
Timers, removal of failing entries from
the cache
7/18/2015
Distributed Peer-to-peer Name
Resolution
12
Design Goal 4: Privacy
Some information is sensitive: location,
membership in groups, documents…
Control who can learn what you
publish!
7/18/2015
Distributed Peer-to-peer Name
Resolution
13
Privacy: control the scope of publication
Peer-to-peer name cloud = set of caches
Parallel clouds




Ad hoc, on the same “link”
In the same “site”
Within a group (group = authority)
The whole Internet
Enforcement:



7/18/2015
Check membership of requestor
Don’t forward outside of scope
Don’t cache out of scope records
Distributed Peer-to-peer Name
Resolution
14
Design Goal 5: immediately usable
On the Internet,
Name = Domain
Name
Used for Web Page,
E-Mail, FTP
Limited availability,
requires a contract
and a permanent IP
address.
7/18/2015
Distributed Peer-to-peer Name
Resolution
15
Usable: gateway to the DNS
Global DNS name:
Target Node: Reply
on the same path



<ID>.pnrp.net
Use in URL, e-mail
Enables bootstrap
Central DNS
gateway:



Publish NS record,
Join P2P cloud,
Forward requests
Local gateway:
Look up initiated

P2P aware resolver
PNRP.net
7/18/2015
Distributed Peer-to-peer Name
Resolution
16
Peer-to-peer Naming: Summary
Numbers are our
friends: hosts,
groups, URL
Scale to the size of
the Internet, peerto-peer, no server.

Target Node: Reply
on the same path
Prototype tested with
50,000 nodes
Secure, Private,
Robust, Usable
Look up initiated
PNRP.net
7/18/2015
Distributed Peer-to-peer Name
Resolution
17
Peer-to-Peer Roadmap
UPnP Enabled NATs – End of ‘01
IPv6 Service Deployment – End of ‘01
P2P SDK Design Review – End of ‘01
P2P SDK beta – Q1-02
P2P SDK v1 – Q3-02
7/18/2015
Distributed Peer-to-peer Name
Resolution
18
Call to Action
Support IPv6 in your Applications
Leverage UPnP NAT Traversal Today
Participate in Software Design Review
7/18/2015
Distributed Peer-to-peer Name
Resolution
19