Transparent network services via a virtual traffic layer for virtual machines

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Transparent network services via a virtual traffic layer for virtual machines

Full text

Pdf (262 KB)

Source

High Performance Distributed Computing archive
Proceedings of the 16th international symposium on High performance distributed computing table of contents

Monterey, California, USA

SESSION: Networking table of contents

Pages: 23 - 32

Year of Publication: 2007

ISBN:978-1-59593-673-8

Authors

John R. Lange	Northwestern University
Peter A. Dinda	Northwestern University

Sponsors

ACM: Association for Computing Machinery
SIGARCH: ACM Special Interest Group on Computer Architecture

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 7, Downloads (12 Months): 128, Citation Count: 1

Additional Information:

abstract references cited by index terms collaborative colleagues

Tools and Actions:	Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1272366.1272370 What is a DOI?

ABSTRACT

We claim that network services can be transparently added to existing unmodified applications running inside virtual machine environments. Examples of these network services include protocol transformations (e.g. TCP to UDT), network connection persistence during long duration unavailability (e.g. wide area VM migration), and network flow modification (e.g. local acknowledgments and Split-TCP). To demonstrate the utility of this concept, and to enable the practical implementations of these examples and others, we have developed VTL. VTL is a framework for packet modification and creation whose purpose is to modify network traffic to and from a VM, doing so transparently to the VM and its applications. We explain how to use VTL to implement the examples mentioned above and others, such as providing anonymized connectivity for a virtual machine through the Tor anonymizing network, and creating cooperative selective wormholing services for network intrusion detection systems.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	AnonymOS LiveCD. http://sourceforge.net/projects/anonymos/.
	2	A. Bakre , B. R. Badrinath, I-TCP: indirect TCP for mobile hosts, Proceedings of the 15th International Conference on Distributed Computing Systems, p.136, May 30-June 02, 1995
	3	Paul Barham , Boris Dragovic , Keir Fraser , Steven Hand , Tim Harris , Alex Ho , Rolf Neugebauer , Ian Pratt , Andrew Warfield, Xen and the art of virtualization, Proceedings of the nineteenth ACM symposium on Operating systems principles, October 19-22, 2003, Bolton Landing, NY, USA
	4	Border, J., Kojo, M., Griner, J., Montenegro, G., and Shelby, Z. Performance enhancing proxies intended to mitigate link-related degradations. Tech. Rep. RFC 3135, Network Working Group, June 2001.
	5	Christopher Clark , Keir Fraser , Steven Hand , Jacob Gorm Hansen , Eric Jul , Christian Limpach , Ian Pratt , Andrew Warfield, Live migration of virtual machines, Proceedings of the 2nd conference on Symposium on Networked Systems Design & Implementation, p.273-286, May 02-04, 2005
	6	Roger Dingledine , Nick Mathewson , Paul Syverson, Tor: the second-generation onion router, Proceedings of the 13th conference on USENIX Security Symposium, p.21-21, August 09-13, 2004, San Diego, CA
	7	Renato J. Figueiredo , Peter A. Dinda , José A. B. Fortes, A Case For Grid Computing On Virtual Machines, Proceedings of the 23rd International Conference on Distributed Computing Systems, p.550, May 19-22, 2003
	8	Figueiredo, R., Dinda, P. A., and Fortes, J. Special issue on virtualization. IEEE Computer (May 2005).
	9	Ganguly, A., Agrawal, A., Boykin, P., and Figueiredo, R. Wow: Self-organizing wide area overlay networks of virtual workstations. In Proc. of the 15th IEEE International Symposium on High Performance Distributed Computing (HPDC) (June 2006), pp. 30--42.
	10	Tal Garfinkel , Ben Pfaff , Jim Chow , Mendel Rosenblum , Dan Boneh, Terra: a virtual machine-based platform for trusted computing, Proceedings of the nineteenth ACM symposium on Operating systems principles, October 19-22, 2003, Bolton Landing, NY, USA
	11	Garfinkel, T., and Rosenblum, M. A virtual machine introspection based architecture for intrusion detection. In Proc. Network and Distributed Systems Security Symposium (February 2003).
	12	Gu, Y., and Grossman, R. L. Udt: An application level transport protocol for grid computing. In 2nd International Workshop on Protocols for Long-Distance Networks (PFLDNet) (February 2004), pp. 13--14.
	13	Gupta, A., and Dinda, P. A. Inferring the topology and traffic load of parallel programs running in a virtual machine environment. In Proc. of the 10th Workshop on Job Scheduling Strategies for Parallel Processing (JSPPS) (June 2004), pp. 125--143.
	14	Gupta, A., Zangrilli, M., Sundararaj, A., Huang, A., Dinda, P., and Lowekamp, B. Free network measurement for virtual machine distributed computing. In Proc. of the 20th IEEE International Parallel and Distributed Processing Symposium (IPDPS) (April 2006).
	15	Wei Huang , Jiuxing Liu , Bulent Abali , Dhabaleswar K. Panda, A case for high performance computing with virtual machines, Proceedings of the 20th annual international conference on Supercomputing, June 28-July 01, 2006, Cairns, Queensland, Australia [doi>10.1145/1183401.1183421]
	16	JanusVM: An Internet Privacy Appliance. http://janusvm.peertech.org.
	17	Xuxian Jiang , Dongyan Xu, SODA: A Service-On-Demand Architecture for Application Service Hosting Utility Platforms, Proceedings of the 12th IEEE International Symposium on High Performance Distributed Computing, p.174, June 22-24, 2003
	18	K. Keahey , I. Foster , T. Freeman , X. Zhang, Virtual workspaces: Achieving quality of service and quality of life in the Grid, Scientific Programming, v.13 n.4, p.265-275, October 2005
	19	Koblas, D., and Koblas, M. R. Socks. In UNIX Security III Symposium (September 1992), Usenix, pp. 77--88.
	20	Kozuch, M., Satyanarayanan, M., Bressoud, T., and Ke, Y. Efficient state transfer for Internet suspend/resume. Tech. Rep. IRP-TR-02-03, Intel Research Laboratory at Pittsburgh, May 2002.
	21	T. V. Lakshman , Upamanyu Madhow, The performance of TCP/IP for networks with high bandwidth-delay products and random loss, IEEE/ACM Transactions on Networking (TON), v.5 n.3, p.336-350, June 1997 [doi>10.1109/90.611099]
	22	Lange, J., Sundararaj, A., and Dinda, P. Automatic dynamic run-time optical network reservations. In Proc. of the 14th IEEE International Symposium on High Performance Distributed Computing (HPDC) (July 2005), pp. 255--264.
	23	Lange, J., Dinda, P., and Bustamante, F. Vortex: Enabling Cooperative Selective Wormholing for Network Security Systems, In Submission.
	24	Joshua LeVasseur , Volkmar Uhlig , Jan Stoess , Stefan Götz, Unmodified device driver reuse and improved system dependability via virtual machines, Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation, p.2-2, December 06-08, 2004, San Francisco, CA
	25	Libnet. http://libnet.sourceforge.net/.
	26	Bin Lin , Peter A. Dinda, VSched: Mixing Batch And Interactive Virtual Machines Using Periodic Real-time Scheduling, Proceedings of the 2005 ACM/IEEE conference on Supercomputing, p.8, November 12-18, 2005 [doi>10.1109/SC.2005.80]
	27	Jiuxing Liu , Wei Huang , Bulent Abali , Dhabaleswar K. Panda, High performance VMM-bypass I/O in virtual machines, Proceedings of the Annual Technical Conference on USENIX'06 Annual Technical Conference, p.3-3, May 30-June 03, 2006, Boston, MA
	28	Steven McCanne , Van Jacobson, The BSD packet filter: a new architecture for user-level packet capture, Proceedings of the USENIX Winter 1993 Conference Proceedings on USENIX Winter 1993 Conference Proceedings, p.2-2, January 25-29, 1993, San Diego, California
	29	Dejan S. Milojičić , Fred Douglis , Yves Paindaveine , Richard Wheeler , Songnian Zhou, Process migration, ACM Computing Surveys (CSUR), v.32 n.3, p.241-299, Sept. 2000 [doi>10.1145/367701.367728]
	30	Michael Nelson , Beng-Hong Lim , Greg Hutchins, Fast transparent migration for virtual machines, Proceedings of the USENIX Annual Technical Conference 2005 on USENIX Annual Technical Conference, p.25-25, April 10-15, 2005, Anaheim, CA
	31	Steven Osman , Dinesh Subhraveti , Gong Su , Jason Nieh, The design and implementation of Zap: a system for migrating computing environments, Proceedings of the 5th symposium on Operating systems design and implementation Due to copyright restrictions we are not able to make the PDFs for this conference available for downloading , December 09-11, 2002, Boston, Massachusetts [doi>10.1145/1060289.1060323]
	32	Rosenberg, J., Weinberger, J., Huitema, C., and Mahy, R. Stun: Simple traversal of user datagram protocol (udp) through network address translators (nats). Tech. Rep. RFC 3489, Internet Engineering Task Force, March 2003.
	33	Paul Ruth , Xuxian Jiang , Dongyan Xu , Sebastien Goasguen, Virtual Distributed Environments in a Shared Infrastructure, Computer, v.38 n.5, p.63-69, May 2005 [doi>10.1109/MC.2005.175]
	34	Jon Salz , Alex C. Snoeren , Hari Balakrishnan, TESLA: a transparent, extensible session-layer architecture for end-to-end network services, Proceedings of the 4th conference on USENIX Symposium on Internet Technologies and Systems, p.16-16, March 26-28, 2003, Seattle, WA
	35	Constantine P. Sapuntzakis , Ramesh Chandra , Ben Pfaff , Jim Chow , Monica S. Lam , Mendel Rosenblum, Optimizing the migration of virtual computers, Proceedings of the 5th symposium on Operating systems design and implementation Due to copyright restrictions we are not able to make the PDFs for this conference available for downloading , December 09-11, 2002, Boston, Massachusetts [doi>10.1145/1060289.1060324]
	36	Son, S., Allcock, B., and Livny, M. Codo: Firewall traversal by cooperative on-demand opening. In Proc. of the 14th IEEE International Symposium on High-Performance Distributed Computing (HPDC) (July 2005), pp. 233--242.
	37	Ananth I. Sundararaj , Peter A. Dinda, Towards virtual networks for virtual machine grid computing, Proceedings of the 3rd conference on Virtual Machine Research And Technology Symposium, p.14-14, May 06-07, 2004, San Jose, California
	38	Sundararaj, A., Gupta, A., , and Dinda, P. Increasing application performance in virtual environments through run-time inference and adaptation. In Proc. of the 14th IEEE International Symposium on High Performance Distributed Computing (HPDC) (July 2005), pp. 47--58.
	39	VMWare Corporation. http://www.vmware.com/.
	40	Carl A. Waldspurger, Memory resource management in VMware ESX server, Proceedings of the 5th symposium on Operating systems design and implementation Due to copyright restrictions we are not able to make the PDFs for this conference available for downloading , December 09-11, 2002, Boston, Massachusetts [doi>10.1145/1060289.1060307]
	41	Andrew Whitaker , Marianne Shaw , Steven D. Gribble, Scale and performance in the Denali isolation kernel, ACM SIGOPS Operating Systems Review, v.36 n.SI, Winter 2002 [doi>10.1145/844128.844147]
	42	WinPcap. http://www.winpcap.org/.
	43	Marcia Zangrilli , Bruce B. Lowekamp, Using Passive Traces of Application Traffic in a Network Monitoring System, Proceedings of the 13th IEEE International Symposium on High Performance Distributed Computing, p.77-86, June 04-06, 2004 [doi>10.1109/HPDC.2004.38]