Technical Plenay in Seville

On Feb 7/8 the MAMI project met in Seville for the third technical plenary meeting. Besides the great Spanish food and tapas crawl organized and guided by our technical project coordinator Diego Lopez, we made good progress on the technical aspects of the of the project.

We discussed next steps on PATHspider, both using PATHspider for more measurements as well as the development of new features in PATHspider. Currently the integrating into the MONROE testbed is underway. Further, potential integration with OONI was discussed to extend censorship measurements to low layer mechanisms. We plan for a new release in the next couple of month. Check out GitHub for the current implementation status and details on planned extensions.

The MAMI middlebox taxonomy that will be published end of June in D2.1 feeds into the development of PATHspider and other measurement tools by providing input to define a formalized test description and conditions to measured. Measurement data describing conditions of path transparency observations will soon be publicly available over the Path Transparency Observatory frontend webpage.

The MAMI project is also working on the specification of the Middlebox Cooperation Protocol (see draft-trammell-plus-spec), planning an endpoint implementation using QUIC as transport layer protocol for an HTTP/2 web service example use case and a fd.io based middlebox implementation supporting network diagnostics and differential treatment for low latency services.

Posted in Uncategorized | Leave a comment

Slow going for TCP Fast Open

As part of our continued effort to measure Internet path transparency with PathSpider, we’ve taken a look at the state of deployment and potential impairments to TCP Fast Open. TCP Fast Open is an extension to TCP that allows data to be placed on the first (SYN) packet of the TCP handshake, eliminating a round-trip time from TCP connections. It uses a TCP Option to exchange a cookie to be used on subsequent fast open connection attempts, to reduce the risk of TFO-based denial of service attacks.Interference with this option could cause path impairment of TFO, and indeed Christoph Paasch has reported that this is the case on about 20% of the access networks he observed.

We set out to measure possible impairment on content provision networks and in the Internet core, and found instead that TFO deployment on popular Web servers is mostly limited to Google, who invented TFO. Of 939,680 web servers taken from the Public Targets List (PTL), only 866 (0.092%) negotiated TFO in measurements taken this week. 690 (about 79.7%) of these are Google servers. Compared to measurements taken in October 2016, we see no appreciable change; then 563 of 635,681 web servers (0.086%) negotiated TFO. This is unsurprising, given that TFO requires significant changes to both client-side and server-side application logic as well as kernel support on both endpoints, we expect slow adoption compared, e.g., to ECN.

The story on DNS, where TFO is part of an effort to improve query privacy by using TLS and TCP for DNS, is similar: of the 53,267 authoritative name servers taken from the PTL, 56 (0.105\%) negotiate TFO, only three of which are not Google name servers; two of those three use an experimental ID, and fail to ACK data on the SYN.

Posted in Uncategorized | Leave a comment

A Public Targets List

Comparability of measurements and repeatability of experiments is key to science, and active Internet measurement studies are no different. Active measurement studies need not only open descriptions of the experiment (preferably with open source code and analysis, as we use in the MAMI project) but a comparable set of targets against to run experiments.

For some time, the Alexa top million web domains list has acted as a de facto standard of this comparable set of targets, and we’ve used it ourselves in several studies. Recent announcements by Amazon have made it clear that the Alexa top million list will no longer be freely available, and the announced cost for API access have made periodic resolution of the list too expensive for most active measurement studies. Therefore, we have started compilation of a public targets list to replace this de-facto standard.

The initial MAMI Public Targets List is available in GitHub; see the README there for details.

Posted in Uncategorized | Leave a comment

MAMI at IETF97

MAMI was represented by ETH Zürich at the 97th meeting of the Internet Engineering Task Force in Seoul.

img_2283

The biggest news this time around was the first meeting of the QUIC working group, which will standardize a next-generation, encrypted transport protocol encapsulated in UDP based on Google’s QUIC and TLS version 1.3. Brian Trammell presented a concept for a transport-independent state machine for middleboxes at the meeting, to start the discussion about how QUIC’s wire image should interact with on-path devices, both present and future. While it’s not clear how much of the proposed transport protocol mechanism will be adopted into QUIC, discussion during and after the working group meeting has led to further refinement thereof.

Measurement and Analysis for Protocols (MAP) RG

Measurement and Analysis for Protocols (MAP) research group meeting

Mirja Kühlewind chaired a meeting of the Measurement and Analysis for Protocols Research Group (MAPRG), the first meeting since the group was officially chartered. The four presentations included techniques for passive delay measurements, a study of broadband access peformance using M-Lab, a study of the performance gain associated with HTTP2, and a characterization of traffic rate policing in the Internet.

Post Sockets, the API concept atop MAMI’s flexible transport layer (FTL), was discussed at the TAPS working group meeting. Tommy Pauly of Apple, a co-author of the Post draft, presented a quite similar approach. Post is very much a work in progress, but we’re happy to see broad interest in the concept, and look forward to developing it further with a broad group of collaborators both inside and outside the project.

Banana BoF (thanks @MeganRKruse)

Standing room only at the BANANA BoF (thanks @MeganRKruse)

The Bandwidth Aggregation for Networked Access (BANANA) BoF looked into standardizing approaches to share bandwidth on a customer network across two access links (usually one mobile and one terrestrial), as we explored in our ANRW paper last year. There is a lot of interest in doing work in this space, but not yet a lot of agreement as to what that work is yet; as is often the case, discussion continues on the mailing list. The MAMI project will also look into providing cooperative signaling for such approaches.

Yaron Sheffer presented a solution to the problem addressed in last meeting’s LURK BoF using short-term, automatically renewable certificates provisioned using the ACME protocol to the ACME working group meeting. The draft has a good chance of being adopted in the timeframe of the next IETF meeting, and work is progressing in parallel on a prototype.

Mirja Kühlewind and Brian Trammell led a discussion on protocol transitions in transport protocols at the Transport Area’s open meeting, both as an open forum on transition in an area full of efforts to deploy new work at Internet scale, and as input for an IAB document on the topic.

We’re back in Zürich now, and the jet lag is finally over. We’re already busy preparing for IETF 98 in March in Chicago, and the QUIC working group’s interim in Tokyo in January!

Posted in Uncategorized | Leave a comment

PATHspider Plugins

In today’s Internet we see an increasing deployment of middleboxes. While middleboxes provide in-network functionality that is necessary to keep networks manageable and economically viable, any packet mangling — whether essential for the needed functionality or accidental as an unwanted side effect — makes it more and more difficult to deploy new protocols or extensions of existing protocols.

For the evolution of the protocol stack, it is important to know which network impairments exist and potentially need to be worked around. While classical network measurement tools are often focused on absolute performance values, PATHspider performs A/B testing between two different protocols or different protocol extensions to perform controlled experiments of protocol-dependent connectivity problems as well as differential treatment.

PATHspider 1.0.1 has been released today and is now available from GitHub, PyPI and Debian unstable. This is a small stable update containing a documentation fix for the example plugin.

PATHspider now contains 3 built-in plugins for measuring path transparency to explicit congestion notification, DiffServ code points and TCP Fast Open. It’s easy to write your own plugins, and if they’re good enough, they may be included in the PATHspider distribution at the next feature release.

We have a GitHub repository you can fork that has a premade directory structure for new plugins. You’ll need to implement logic for performing the two connections, for the A and the B tests. Once you’ve verified your connection logic is working with Wireshark, you can move on to writing Observer functions to analyse the connections made in real time as PATHspider runs. The final step is to merge the results of the connection logic (e.g. did the operating system report a timeout?) with the results of your observer functions (e.g. was ECN successfully negotiated?) and write out the final result.

We have dedicated a section of the manual to the development of plugins and we really see plugins as first-class citizens in the PATHspider ecosystem. While future releases of PATHspider may contain new plugins, we’re also making it easier to write plugins by providing reusable library functions such as the tcp_connect() function of the SynchronisedSpider that allows for easy A/B testing of TCP connections with any globally configured state set. We also provide reusable observer functions for simple tasks such as determining if a 3-way handshake completed or if there was an ICMP unreachable message received.

Visit the PATHspider website to learn more.

Posted in Uncategorized | Leave a comment

Web Performance is in the Eye(org) of the User

Tremendous effort is undergoing to make the Web faster. However, quantifying speed on the Web is complex: usually we are attempting to capture human perception with a computer-generated metric. In many studies, participants are simply shown a page loading, in person, in a controlled environment, which has a clear scalability problem. MAMI partners at Telefonica Research (in collaboration with Carnegie Mellon University) took a different approach and built Eyeorg, an automated system for crowdsourcing Web Quality of Experience (QoE) measurements. Eyeorg uses crowdsourced participants to scale and shows videos of pages loading to provide a consistent experience to all participants, regardless of their network connections and device configurations. In their paper, to be published at CONEXT 2016, they present hands-on experience from using Eyeorg to 1) study the quality of several PLT metrics, 2) compare HTTP/1.1 and HTTP/2 performance, and 3) assess the impact of online advertisements and ad blockers on user experience. A key result they observed is that many videos have two modes, one for participants who consider the pages “ready” when the primary content is in place and one for those who wait for auxiliary content like advertisement (see below). These results show the potential of Eyeorg to measure the impact changes to the web have on people. For example, Eyeorg can be used to evaluate TCP vs. QUIC, TLS 1.2 vs TLS 1.3, HTTP/2 push/priority strategies, web design techniques like domain sharding or image spriting, browser plugins, or even in-network services like Google’s Flywheel compression proxy.

viz-tool-modes

Some sites exhibit multiple modes; here, some participants consider the site “ready” before the ads load.

Posted in Uncategorized | Leave a comment

MAMI at IETF96

IMG_1790

Berlin

The MAMI project was out in force at last week’s IETF 96 meeting in Berlin. The Measurement and Analysis for Protocols Research Group, founded by MAMI partner ETH and chaired by coordinator Mirja Kühlewind and external advisor Dave Plonka from Akamai, was officially chartered as a research group of the Internet Research Task Force during the meeting. MAPRG provides a place to discuss protocol-design-relevant measurement techniques and results. MAPRG’s Monday evening meeting included several interesting presentations on ongoing measurements, including an interesting CDN-based survey of active IPv4 space and dynamic address allocation policies by Phillip Richter.

IMG_1772

Full room at the QUIC BoF on Wednesday morning, IETF 96, Berlin

The biggest event on the IETF calendar this time was the QUIC Birds of a Feather (BoF) session on Wednesday morning, where on the order of 400 participants — about a third of the attendees of the IETF as a whole — discussed the formation of a working group to standardize the QUIC UDP-based transport protocol for HTTP and HTTP-like applications developed by Google. It seems likely that a working group will be formed in the coming weeks. Brian Trammell of ETH co-chaired the BoF. MAMI’s measurements of UDP impairment in the Internet are relevant to the deployability of QUIC, and the project will participate in the development of the protocol on the background of this measurement.

Another BoF of interest was a second Limited Use of Remote Keys (LURK) BoF, which decided not to form a working group to handle key management and delegation within content delivery networks, but rather to solve the problem using short-lived certificates, perhaps provisioned using the ACME protocol.

The Transport Area Open Meeting on Monday saw a presentation by Volker Sypli of Germany’s telecom regulator BNetzA, representing the European association of telecom regulators BEREC, invited by MAMI project coordinator and Transport Area Director Mirja Kühlewind, to explain the BEREC network neutrality guidelines. The discussion was interesting and spirited. While MAMI is not concerned with network neutrality per se, path impairment and neutrality violations are related, and work on the Path Transparency Observatory may contribute to the development of measurement tools for network neutrality, as well.

At the Transport Services (TAPS) working group on Thursday, Brian Trammell presented Post Sockets, a potential API for the MAMI flexible transport layer. Discussion following the presentation indicates some interest in defining next generation APIs for transport, and the project will follow up with interested collaborators.

IMG_1779

Brian Trammell explains the Path Layer, PLUS BoF, IETF 96, Berlin

Most important for the MAMI project as a whole, though, was the Path Layer UDP Substrate (PLUS) BoF on Thursday morning, which discussed and aimed to form a working group to standardize explicit cooperation approaches over UDP, informed by MAMI’s Middlebox Cooperation Protocol (MCP) development. While more work will be needed before a working group can be formed, there was significant interest in the room in continuing work on the effort, and we received valuable feedback from the community with respect to the scope and use cases, the details of the protocol mechanisms, and the privacy characteristics of explicit cooperation approaches in general. A presentation detailing the abstract mechanisms of the present proposal can be seen here. Internet-Drafts describing the PLUS proposal in more detail will appear in the coming weeks. Watch this space for an announcement!

Posted in Uncategorized | Leave a comment

Applied Networking Research Workshop at IETF-96

The first ACM, IRTF & ISOC Applied Networking Research Workshop 2016 (ANRW ‘16) was held in co-location with IETF-96 on July 16, 2016, in Berlin. The MAMI project conributed with one full paper and three short papers describing multipath bonding as an use case for MCP, PATHspider’s inital release, as well as the basic structure of MAMI’s Path Transparency Observatory (see ANRW’16 webpage for papers and presentations):

  • Multipath bonding at Layer 3. (Full)
    Maciej Bednarek (ETH Zurich), Guillermo Barrenetxea Kobas (Swisscom), Mirja Kühlewind (ETH Zurich), and Brian Trammell (ETH Zurich).
  • Towards a Multipath TCP Aware Load Balancer. (Short)
    Simon Liénardy (Université de Liège) and Benoit Donnet (Université de Liège).
  • PATHspider: A tool for active measurement of path transparency. (Short)
    Iain R. Learmonth (University of Aberdeen), Brian Trammell (ETH Zurich), Mirja Kuhlewind (ETH Zurich), and Gorry Fairhurst (University of Aberdeen).
  • Towards an Observatory for Network Transparency Research. (Short)
    Stephan Neuhaus (Zürcher Hochschule für Angewandte Wissenschaften), Roman Müntener (Zürcher Hochschule für Angewandte Wissenschaften), Korian Edeline (Université de Liège), Benoit Donnet (Université de Liège), and Elio Gubser (ETH Zurich).

anrw-postersWhile this was a great opertunity to present the work of the MAMI project, there have been a number of very interesting and related papers. To learn more about an extended API for Multipath TCP, multi-homing in IPv6, the effects and cost of Happy-Eyeballs,  and measurement on IPv6 and DSCP usage, check out the ANRW’16 webpage.

Thanks to Lars and Colin for organizing this very interesting and interactive workshop!

Posted in Uncategorized | Leave a comment

2. MAMI Plenary Meeting in Berlin

The MAMI project held its second technical plenary on July 13-15, 2016, in Berlin. This time also members of the External Advisory Board (EAB) participated. Thanks for your time, fruitful discussions and very valuable input! Also special thanks Joe Hildebrand for providing meeting space in the Cisco openBerlin Innovation Center (as well as the free barista team building event..)!

openBerlin.jpggroup

We started on our first afternoon with an open discussion slot focusing on two main topics of the project: test specifications and Middlebox Cooperation Protocol (MCP) design. While the MAMI project is currently running a number of path transparency tests on the Internet, we decided to also provide a specifications of current and planned tests to enable external parties to run similar measurements on other testbeds. Stay tuned, we will provide further measurement results as well as the specs soon!

Just before the meeting, we released the first PATHspider version “Phidippus audax” (0.9.0). In case you wonder why PATHspider only has six legs, there is a sad story to tell which involves a compression middlebox…

pathspider-textpathspider-release.jpg

After submitting our first technical deliverable D3.1 on Use Cases and Requirements for MCP, we now enter the actual protocol design phase. We discussed and agreed on the basic mechanisms for signaling from and to middleboxes, as also outlined at the PLUS BoF meeting at IETF96 in the following week (see slides here).

Further, work package 2 on Middlebox Classification and Modelling started this month. This work will be informed by our own middlebox measurements and testing as well as additional tests we plan to run in cooperation with our EAB member Paul Hoffman on the ICANN middlebox testlab.

All in all, we had a very productive and fruitful meeting, including an old-fashioned french dinner, and a great tour of craft breweries in bars throughout Berlin.

Posted in Uncategorized | Leave a comment

70% of popular Web sites support ECN

One of the primary goals of MAMI’s measurement work is to quantify path transparency in the Internet: how likely a given transport protocol or feature is to work on which paths, and how these features break. Earlier work by MAMI partners ETH and the University of Aberdeen on this topic focused on Explicit Congestion Notification (ECN) in TCP, a feature that allows congestion to be detected without packet loss. Our paper, based on measurements in August and September 2014 and published at PAM 2015, found that 56% of IPv4 and 65% of IPv6 hosts serving the Alexa top million websites would negotiate ECN if the client requested it, which at the time was not the default in any major client operating system. ECN negotiation attempts could lead to connectivity issues and fallback to non-ECN usage for 0.42% of IPv4 and 0.05% of IPv6 servers in the top million.

In the meantime, Apple has added ECN negotiation by default on the client side in developer previews of Mac OS X and iOS, and our patch adding fallback in the case of ECN failure to non-ECN usage, as specified in RFC 3168, has been added to the Linux kernel. The tooling for the 2015 paper is evolving into a generic path impairment measurement tool called PathSpider. So what’s the state of the Alexa top million today?

ecn-trendWe recently ran a measurement from a single vantage point, a DigitalOcean server in Amsterdam, to the set of unique IPv4 and IPv6 addresses serving the top million websites, and found that 432544 of 617873 (70.005%) of IPv4 addresses and 20262 of 24472 (82.797%) IPv6 addresses will negotiate ECN. This continues a trend ETH started observing in 2013, shown here.

The proportion of servers requiring fallback has not changed appreciably: 0.44% of IPv4 and 0.11% of IPv6 servers. This reflects the two different forces at work: ECN support on the server side generally follows the operating system defaults, and web hosting machines generally run a recent Linux, the first operating system with server side ECN on by default. Connectivity problems, however, are often a function of faulty middleboxes, which are more slowly replaced, or firewall rules explicitly disabling ECN traffic for dubious reasons.

Detailed analysis behind this blog post is available here; the raw data it runs on will be made available shortly.

Posted in Uncategorized | Leave a comment