Building Virtual Networks for Experimentation and Profit

Users now demand high availability, good end-to-end performance, strong security, protection from unwanted traffic, and new (often critical) services from the Internet. This growing set o f requirements has exposed the current Internet's poor support for certain functions. Unfortunately, new network protocols and services typically face two deployment hurdles, both of which network virtualization can help surmount.

First, new protocols and services must be thoroughly tested under realistic scenarios before being deployed, but such rigorous testing first requires deployment on a real network. VINI, a virtual network infrastructure, can help resolve this "deployment deadlock" . VINI allows researchers to evaluate protocols and services in a realistic environment that also provides a high degree of control over network conditions. VINI allows users to define flexible topologies and experiment with real routing software, traffic, and network events. I will discuss VINI's design and implementation and demonstrate an implementation of VINI on PlanetLab.

Second, a new protocol or service typically requires coordinated adoption by the Internet's independently administered networks. This "coordination constraint" stifles deployment, especially in cases where no single network benefits by deploying the technology independent of other networks. Network virtualization may also mitigate this constraint: An infrastructure for network virtualization might serve not only as the proving grounds for new network architectures, but also as the architecture itself, on which real network protocols and services are deployed. I will describe such an architecture, Cabo, which uses network virtualization to decouple infrastructure providers (who manage physical infrastructure) and service providers (who deploy network protocols and services), and discuss some associated challenges and opportunities. This work is joint with Andy Bavier, Jennifer Rexford, Lixin Gao, Mark Huang, and Larry Peterson.
Nick Feamster is an assistant professor in the College of Computing at Georgia Tech. He received his Ph.D. in Computer science from MIT in 2005, and his S.B. and M.Eng. degrees in Electrical Engineering and Computer Science from MIT in 2000 and 2001, respectively. His research focuses on many aspects of computer networking and networked systems, including the design, measurement, and analysis of network routing protocols, network security, anonymous communication systems, and adaptive streaming media protocols. His honors include award papers at SIGCOMM 2006 (network-level behavior of spammers), the NSDI 2005 conference (fault detection in router configuration), Usenix Security 2002 (circumventing web censorship using Infranet), and Usenix Security 2001 (web cookie analysis).