core kaist eecs computer engineering research lab a general purpose proxy filtering mechanism...

KAIST EECS Computer Engineering Research Lab

CORE

A General Purpose Proxy Filtering Mechanism Applied to the Mobile Environment

Bruce Zenel

Jupyung Lee

CoreLab, KAIST

March 18. 2003


CORE

Contents

• Introduction• Architecture

– PMICP

– Proxy Server

– Adaptation through Filter Control

• Designed and Implemented Filters• Evaluation

– HTTP filter

– NFS filter

– TCP filter

• Conclusion & Future Work


CORE

Introduction

• Mobile environment– Slower, more costly, less reliable, less secure than WAN, LAN…

– Heterogeneity problem : hosts move unpredictably in networks which have different speed, cost, security, loss rate

• Proxy improves the mobile environment– Drop / Compress / Delay / Cache data

• MPEG / HTTP, NFS / POP / TCP

– Act as substitute for mobile client• ICMP ECHO request

– Use a different transport protocol(or parameter settings)

– Generally… : perform trading off computation for communication

* Minimize server/client modification


CORE

Introduction (cont’)

• Filter : program downloading & executing on proxy– Often application specific

– Dynamically control filter behavior

• Contribution of this paper– Propose ‘general purpose proxy filtering mechanism’ applied to the

mobile environment

– Apply it to the HTTP, NFS, TCP


CORE

Architecture: PMICP

• Problem: – All traffic from/to MH must past through a single gateway

– But mobile protocol* supports host mobility• Keep track of the location of the MH• Using Mobile Support Routers(MSR)

• Solution– New Protocol : PMICP**

• Each MH choose Proxy MSR(PMSR)• PMICP guarantees that all traffic from/to MH will pass through PMSR

* Proxy filter runs on PMSR

* Columbia Mobile IP Protocol

** Proxy Mobile Internetworking Control Protocol


CORE

(Proxy MSR)


COREArchitecture: Proxy Server

• High Level Proxy– Use filter insertion

• Low Level Proxy– LLP packet queue is created

configured.

– It contains matching criterion

– If criterion is matched, filter is allows to read/write LLP packet queue

* Analogous to socket program


CORE

(Filter Insertion)

* Kernel on Proxy & MH may be modified

* Server notices no change


CORE

Architecture: Adaptation through Filter Control

• Event Registry(ER) – Register in certain events

• Change in network bandwidth• Network interface information• Change in MH battery power• MH location

– Notified when these events occur


CORE

Designed and Implemented Filters

• HTTP: compress header/body of HTTP messages• MPEG: drop intermediate MPEG frames• SMTP: drop all multimedia data• NFS: compress file data• ICMP: provide replies to queries

• TCP– Cache unacknowledged TCP to MH

– Perform local re-TX when packet loss is detected• arrival of a duplicate ack, local timeout

– Not break the end-to-end semantics of TCP

– Originally from “Improving TCP/IP Performance over Wireless Networks”


CORE

Evaluation

• 10Mbps Ethernet vs. 2Mbps Wavelan vs. 33.3Kbps SLIP• HTTP filter

– compress text file using ZLIB or LZO

– not compress image file

– Primary proxy as compressor, secondary as decompressor• Provide client transparency

• NFS filter : compress text/binary files using ZLIB or LZO• TCP filter : use unacknowledged packet caching

Server Proxy Gateway ClientClientClient


CORE

Performance of HTTP Filter


CORE

Performance of NFS Filter


CORE

Performance of TCP Filter


CORE

Conclusion & Future Work

• General Purpose Proxy Mechanism• Author’s future work

– End-to-End semantics• High level proxy breaks the end-to-end semantics of TCP

– Security• Message security between proxy & MH• Filter code security

– Proxy mobility

– # proxies

– Adapt protocol / application

core kaist eecs computer engineering research lab a general purpose proxy filtering mechanism...

Documents