DataRouter: A Network-Layer Service for Application-Layer Forwarding

Touch, Joseph D.; Pingali, Venkata K.

doi:10.1007/978-3-540-24715-9_11

Cited by 5 publications

(10 citation statements)

References 28 publications

(30 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The structure of id.node depends on the underlying routing used by the particular FI; for example, it could represent the IP address of the node (e.g. DataRouter [33]), or the DHT identifier of the node (e.g. i3 [30]).…”

Section: A Identifiers and Forwarding Entriesmentioning

confidence: 99%

“…DataRouter is a forwarding engine that provides generic string matching and rewriting capabilities at the IP layer based on application-specific needs [33]. DataRouter is a high performance generic alternative to application-layer overlays.…”

Section: ) Dataroutermentioning

confidence: 99%

“…Some examples of such routing architectures include TRIAD [6], i3 [30], NIRA [39], DataRouter [33], and Network Pointers [34]. While exposing control over routing to thirdparties departs from conventional network architecture, these proposals have shown that such control significantly increases the flexibility and extensibility of these networks.…”

Section: Introductionmentioning

confidence: 99%

“…Forwarding infrastructures typically provide user control by either allowing source-routing (such as [6], [30], [39]) or allowing users to insert forwarding state in the infrastructure (such as [30], [33], [34]). Allowing forwarding entries enables functions like mobility and multicast that are hard to achieve using source-routing alone.…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Securing User-Controlled Routing Infrastructures

Lakshminarayanan

Adkins

Perrig

et al. 2008

IEEE/ACM Trans. Networking

View full text Add to dashboard Cite

Abstract-Designing infrastructures that give untrusted thirdparties (such as end-hosts) control over routing is a promising research direction for achieving flexible and efficient communication. However, serious concerns remain over the deployment of such infrastructures, none less than the new security vulnerabilities they introduce. The flexible control plane of these infrastructures can be exploited to launch many types of powerful attacks with little effort.In this paper, we make several contributions towards studying security issues in forwarding infrastructures. We present a general model for a forwarding infrastructure, analyze potential security vulnerabilities, and present techniques to address these vulnerabilities. The main technique that we introduce in this paper is the use of simple, light-weight, cryptographic constraints on forwarding entries. We show that it is possible to prevent a large class of attacks on end-hosts, and bound the flooding attacks that can be launched on the infrastructure nodes to a small constant value. Our mechanisms are general and apply to a variety of earlier proposals such as i3, DataRouter and Network Pointers.

show abstract

Section: A Identifiers and Forwarding Entriesmentioning

confidence: 99%

Section: ) Dataroutermentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Securing User-Controlled Routing Infrastructures

Lakshminarayanan

Adkins

Perrig

et al. 2008

IEEE/ACM Trans. Networking

View full text Add to dashboard Cite

show abstract

“…Using the same logic, the overlay router uses the end-point identifiers for network layer address translation (e.g. IPNL [13], DataRouter [36]). The situation is illustrated in Figure 1 a) and b).…”

Section: Related Workmentioning

confidence: 99%

SPINAT: Integrating IPsec into Overlay Routing

Ylitalo

Salmela

Tschofenig

First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05)

View full text Add to dashboard Cite

show abstract

DataRouter: A Network-Layer Service for Application-Layer Forwarding

Touch

Pingali

2004

Active Networks

Self Cite

View full text Add to dashboard Cite

Abstract. DataRouter forwards network layer packets using application layer tags, without requiring per-hop termination of transport protocols and the consequent reimplementation of transport services in the application. DataRouter provides network delivery based on pattern matching and string replacement. It combines a byte string as a loose source route IP option tag and regular expression routing entries to provide a new network service. DataRouter tags have a variety of forms, including fixed-length with exact matches for distributed hash tables and variable-length with regular expression matches for URL redirection. Tagged IPv6 packets traverse non-DataRouter routers transparently. On a platform forwarding IPv4 packets at 310K packets/sec., an unoptimized FreeBSD IPv4 DataRouter forwards hash-match packets at up to 270K packets/sec. (87% of max.) and pattern-match packets 155K packets/sec. (50% of max.). DataRouter thus provides a viable, higher-performance alternative to application-layer implementation of forwarding, in a generic service more interoperable with existing network and transport protocols.

show abstract

DataRouter: A Network-Layer Service for Application-Layer Forwarding

Cited by 5 publications

References 28 publications

Securing User-Controlled Routing Infrastructures

Securing User-Controlled Routing Infrastructures

SPINAT: Integrating IPsec into Overlay Routing

DataRouter: A Network-Layer Service for Application-Layer Forwarding

Contact Info

Product

Resources

About