General audience texts
Besides the scholarly publications listed below, I have written many texts in English and German. My more notable German texts appeared by DNIP.ch. I also maintain document collections intended for a broad audience:
Scholarly publications
Up-to-date citation counts (provided by Google Scholar). List of patents granted.
2007
Marcel Waldvogel; Tobias Köck
Light-weight End-to-End QoS as DoS Prevention Proceedings Article
In: Proceedings of IEEE LCN 2007, 2007.
Abstract | BibTeX | Tags: Denial of Service, Quality of Service, Security | Links:
@inproceedings{Waldvogel2007Light-weight,
title = {Light-weight End-to-End QoS as DoS Prevention},
author = {Marcel Waldvogel and Tobias Köck},
url = {https://netfuture.ch/wp-content/uploads/2006/waldvogel06light-weight.pdf},
year = {2007},
date = {2007-09-01},
urldate = {1000-01-01},
booktitle = {Proceedings of IEEE LCN 2007},
abstract = {Despite decades of QoS research and many years of DoS defence work, neither group of proponents have been able to get their results included into mainstream Internet service. It seems that demand for either solution exists, but individually, they seem to be just below the cost/ benefit threshold. This paper proposes a first step into a common solution, where combined and extended interests will hopefully allow us to surpass this threshold. While there are still some open issues, we hope to not only pro- pose a basic working mechanism but also provide fresh ideas to start thinking off the beaten path. Our main contribution is to create a lightweight, end-to-end binding between path and service, which is then used as a basis to associate fur- ther attributes and mechanisms to this binding. As a result, both DoS defence and QoS can be achieved with stateless routers and only with prior consent of receiving the end sys- tems, short, achieving several of the IntServ advantages in a DiffServ-style system, i.e., avoiding per-connection state.},
keywords = {Denial of Service, Quality of Service, Security},
pubstate = {published},
tppubtype = {inproceedings}
}
Despite decades of QoS research and many years of DoS defence work, neither group of proponents have been able to get their results included into mainstream Internet service. It seems that demand for either solution exists, but individually, they seem to be just below the cost/ benefit threshold. This paper proposes a first step into a common solution, where combined and extended interests will hopefully allow us to surpass this threshold. While there are still some open issues, we hope to not only pro- pose a basic working mechanism but also provide fresh ideas to start thinking off the beaten path. Our main contribution is to create a lightweight, end-to-end binding between path and service, which is then used as a basis to associate fur- ther attributes and mechanisms to this binding. As a result, both DoS defence and QoS can be achieved with stateless routers and only with prior consent of receiving the end sys- tems, short, achieving several of the IntServ advantages in a DiffServ-style system, i.e., avoiding per-connection state.
2003
Andreas Kind; Roman Pletka; Marcel Waldvogel
The Role of Network Processors in Active Networks Proceedings Article
In: Proceedings of IWAN 2003, pp. 18-29, Kyoto, Japan, 2003.
Abstract | BibTeX | Tags: Active Networks, Network Processors, Quality of Service, Security | Links:
@inproceedings{Kind2003Role,
title = {The Role of Network Processors in Active Networks},
author = {Andreas Kind and Roman Pletka and Marcel Waldvogel},
url = {https://netfuture.ch/wp-content/uploads/2003/kind03role.pdf},
year = {2003},
date = {2003-12-01},
urldate = {1000-01-01},
booktitle = {Proceedings of IWAN 2003},
pages = {18-29},
address = {Kyoto, Japan},
abstract = {Network processors (NPs) implement a balance between hardware and software that addresses the demand of performance and programmability in active networks (AN). We argue that this makes them an important player in the implementation and deployment of ANs. Besides a general introduction into the relationship of NPs and ANs, we describe the power of this combination in a framework for secure and safe capsule-based active code. We also describe the advantages of offloading AN control point functionality into the NP and how to execute active code in the data path efficiently. Furthermore, the paper reports on experiences about implementing active networking concepts on the IBM PowerNP network processor. },
keywords = {Active Networks, Network Processors, Quality of Service, Security},
pubstate = {published},
tppubtype = {inproceedings}
}
Network processors (NPs) implement a balance between hardware and software that addresses the demand of performance and programmability in active networks (AN). We argue that this makes them an important player in the implementation and deployment of ANs. Besides a general introduction into the relationship of NPs and ANs, we describe the power of this combination in a framework for secure and safe capsule-based active code. We also describe the advantages of offloading AN control point functionality into the NP and how to execute active code in the data path efficiently. Furthermore, the paper reports on experiences about implementing active networking concepts on the IBM PowerNP network processor.
Subhash Suri; Marcel Waldvogel; Daniel Bauer; Priyank Ramesh Warkhede
Profile-Based Routing and Traffic Engineering Journal Article
In: Computer Communications, vol. 26, no. 4, pp. 351–365, 2003.
Abstract | BibTeX | Tags: Quality of Service, Traffic Engineering | Links:
@article{Suri2003Profile-Based,
title = {Profile-Based Routing and Traffic Engineering},
author = {Subhash Suri and Marcel Waldvogel and Daniel Bauer and Priyank Ramesh Warkhede},
url = {https://netfuture.ch/wp-content/uploads/2003/suri03profilebased.pdf},
year = {2003},
date = {2003-01-01},
urldate = {1000-01-01},
journal = {Computer Communications},
volume = {26},
number = {4},
pages = {351--365},
abstract = { We present a new algorithm and framework for dynamic routing of bandwidth-guaranteed flows. The problem is motivated by the need to set up bandwidth-guaranteed paths in carrier and ISP networks dynamically. Traditional routing algorithms such as minimum-hop or widest-path routing do not take advantage of any knowledge about the traffic distribution or ingress-egress pairs, and therefore can often lead to severe network underutilization. Our work is inspired by the recently proposed "minimum interference routing" algorithm (MIRA) of Kodialam and Lakshman, but it improves on their approach in several ways. Our main idea is to use a "traffic profile" of the network, obtained by measurements or service-level agreements as a rough predictor of the future traffic distribution. We use this profile to solve a multi-commodity network flow problem, whose output is used both to guide our online path-selection algorithm as well as to impose admission control. The offline multi-commodity solution seems very effective at distributing the routes and avoiding bottlenecks around hot spots. In particular, our algorithm can anticipate a flow's blocking effect on groups of ingress-egress pairs, whereas MIRA only considers one ingress-egress pair at a time. Our simulation results show that the new algorithm outperforms shortest-path, widest-path, and minimum interference routing algorithms on several metrics, including the fraction of requests routed and the fraction of requested bandwidth routed. Finally, the framework is quite general and can be extended in numerous ways to accommodate a variety of traffic management priorities in the network.},
keywords = {Quality of Service, Traffic Engineering},
pubstate = {published},
tppubtype = {article}
}
We present a new algorithm and framework for dynamic routing of bandwidth-guaranteed flows. The problem is motivated by the need to set up bandwidth-guaranteed paths in carrier and ISP networks dynamically. Traditional routing algorithms such as minimum-hop or widest-path routing do not take advantage of any knowledge about the traffic distribution or ingress-egress pairs, and therefore can often lead to severe network underutilization. Our work is inspired by the recently proposed "minimum interference routing" algorithm (MIRA) of Kodialam and Lakshman, but it improves on their approach in several ways. Our main idea is to use a "traffic profile" of the network, obtained by measurements or service-level agreements as a rough predictor of the future traffic distribution. We use this profile to solve a multi-commodity network flow problem, whose output is used both to guide our online path-selection algorithm as well as to impose admission control. The offline multi-commodity solution seems very effective at distributing the routes and avoiding bottlenecks around hot spots. In particular, our algorithm can anticipate a flow’s blocking effect on groups of ingress-egress pairs, whereas MIRA only considers one ingress-egress pair at a time. Our simulation results show that the new algorithm outperforms shortest-path, widest-path, and minimum interference routing algorithms on several metrics, including the fraction of requests routed and the fraction of requested bandwidth routed. Finally, the framework is quite general and can be extended in numerous ways to accommodate a variety of traffic management priorities in the network.
Robert Haas; Clark Jeffries; Lukas Kencl; Andreas Kind; Bernard Metzler; Roman Pletka; Marcel Waldvogel; Laurent Freléchoux; Patrick Droz
Creating Advanced Functions on Network Processors: Experience and Perspectives Journal Article
In: IEEE Network, vol. 17, no. 4, pp. 46-54, 2003.
Abstract | BibTeX | Tags: Active Networks, Network Processors, Quality of Service, Replication | Links:
@article{Haas2003Creating,
title = {Creating Advanced Functions on Network Processors: Experience and Perspectives},
author = {Robert Haas and Clark Jeffries and Lukas Kencl and Andreas Kind and Bernard Metzler and Roman Pletka and Marcel Waldvogel and Laurent Freléchoux and Patrick Droz},
url = {https://netfuture.ch/wp-content/uploads/2003/haas03creating.pdf},
year = {2003},
date = {2003-01-01},
urldate = {1000-01-01},
journal = {IEEE Network},
volume = {17},
number = {4},
pages = {46-54},
abstract = {In this paper, we present five case studies of advanced networking functions that detail how a network processor (NP) can provide high performance and also the necessary flexibility compared with Application-Specific Integrated Circuits (ASICs). We first review the basic NP system architectures, and describe the IBM PowerNP architecture from a data-plane as well as from a control-plane point of view. We introduce models for the programmer's views of NPs that facilitate a global understanding of NP software programming. Then, for each case study, we present results from prototypes as well as general considerations that apply to a wider range of system architectures. Specifically, we investigate the suitability of NPs for<ul><li>Quality of Service (active queue management and traffic engineering),</li><li>header processing (GPRS tunneling protocol),</li><li>intelligent forwarding (load balancing without flow disruption),</li><li>payload processing (code interpretation and just-in-time compilation in active networks), and protocol stack termination (SCTP).</li></ul>Finally, we summarize the key features as revealed by each case study, and conclude with remarks on the future of NPs.},
keywords = {Active Networks, Network Processors, Quality of Service, Replication},
pubstate = {published},
tppubtype = {article}
}
In this paper, we present five case studies of advanced networking functions that detail how a network processor (NP) can provide high performance and also the necessary flexibility compared with Application-Specific Integrated Circuits (ASICs). We first review the basic NP system architectures, and describe the IBM PowerNP architecture from a data-plane as well as from a control-plane point of view. We introduce models for the programmer’s views of NPs that facilitate a global understanding of NP software programming. Then, for each case study, we present results from prototypes as well as general considerations that apply to a wider range of system architectures. Specifically, we investigate the suitability of NPs for
- Quality of Service (active queue management and traffic engineering),
- header processing (GPRS tunneling protocol),
- intelligent forwarding (load balancing without flow disruption),
- payload processing (code interpretation and just-in-time compilation in active networks), and protocol stack termination (SCTP).
James Allen; Brian Bass; Claude Basso; Rick Boivie; Jean Calvignac; Gordon Davis; Laurent Freléchoux; Marco Heddes; Andreas Herkersdorf; Andreas Kind; Joe Logan; Mohammad Peyravian; Mark Rinaldi; Ravi Sabhikhi; Michael Siegel; Marcel Waldvogel
IBM PowerNP Network Processor: Hardware Software and Applications Journal Article
In: IBM Journal of Research and Development, vol. 47, no. 2/3, pp. 177-194, 2003.
Abstract | BibTeX | Tags: Fast Routers, Network Processors, Quality of Service | Links:
@article{Allen2003PowerNP,
title = {IBM PowerNP Network Processor: Hardware Software and Applications},
author = {James Allen and Brian Bass and Claude Basso and Rick Boivie and Jean Calvignac and Gordon Davis and Laurent Freléchoux and Marco Heddes and Andreas Herkersdorf and Andreas Kind and Joe Logan and Mohammad Peyravian and Mark Rinaldi and Ravi Sabhikhi and Michael Siegel and Marcel Waldvogel},
url = {https://netfuture.ch/wp-content/uploads/2003/allen03powernp.pdf},
year = {2003},
date = {2003-01-01},
urldate = {1000-01-01},
journal = {IBM Journal of Research and Development},
volume = {47},
number = {2/3},
pages = {177-194},
abstract = {Deep packet processing is migrating to the edges of service provider networks to simplify and speed up core functions. On the other hand, the cores of such networks are migrating to the switching of high-speed traffic aggregates, e.g., using switching with dense wavelength division multiplexing (DWDM). As a result, more services will need to be performed at the edges, both on behalf of the core and end users. Associated network equipment will therefore require high flexibility to support evolving high-level services as well as extraordinary performance to deal with the high packet rates. Whereas in the past network equipment were based either on general-purpose processors (GPPs) or application-specific integrated circuits (ASICs), favoring flexibility over speed or vice versa, the network processor approach achieves both flexibility and performance. The key advantage of network processors is that hardware-level performance is complemented by flexible software architecture. In this paper, we describe the IBM PowerNP&tm; NP4GS3 network processor and how it addresses these issues. Its hardware and software design characteristics and its comprehensive base operating software of this network processor make it well suited for a wide range of networking applications.},
keywords = {Fast Routers, Network Processors, Quality of Service},
pubstate = {published},
tppubtype = {article}
}
Deep packet processing is migrating to the edges of service provider networks to simplify and speed up core functions. On the other hand, the cores of such networks are migrating to the switching of high-speed traffic aggregates, e.g., using switching with dense wavelength division multiplexing (DWDM). As a result, more services will need to be performed at the edges, both on behalf of the core and end users. Associated network equipment will therefore require high flexibility to support evolving high-level services as well as extraordinary performance to deal with the high packet rates. Whereas in the past network equipment were based either on general-purpose processors (GPPs) or application-specific integrated circuits (ASICs), favoring flexibility over speed or vice versa, the network processor approach achieves both flexibility and performance. The key advantage of network processors is that hardware-level performance is complemented by flexible software architecture. In this paper, we describe the IBM PowerNP&tm; NP4GS3 network processor and how it addresses these issues. Its hardware and software design characteristics and its comprehensive base operating software of this network processor make it well suited for a wide range of networking applications.
2002
Subhash Suri; Marcel Waldvogel; Daniel Bauer; Priyank Ramesh Warkhede
Profile-Based Routing and Traffic Engineering Technical Report
IBM no. RZ-3399, 2002.
BibTeX | Tags: Quality of Service, Traffic Engineering
@techreport{Suri2002Profile-Based-techreport,
title = {Profile-Based Routing and Traffic Engineering},
author = {Subhash Suri and Marcel Waldvogel and Daniel Bauer and Priyank Ramesh Warkhede},
year = {2002},
date = {2002-01-01},
urldate = {1000-01-01},
number = {RZ-3399},
institution = {IBM},
keywords = {Quality of Service, Traffic Engineering},
pubstate = {published},
tppubtype = {techreport}
}
2001
Subhash Suri; Marcel Waldvogel; Priyank Ramesh Warkhede
Profile-Based Routing: A New Framework for MPLS Traffic Engineering Proceedings Article
In: Boavida, Fernando (Ed.): Quality of future Internet Services, pp. 138-157, Springer Verlag, Berlin, 2001.
Abstract | BibTeX | Tags: MPLS, Quality of Service, Traffic Engineering | Links:
@inproceedings{Suri2001Profile-Based,
title = {Profile-Based Routing: A New Framework for MPLS Traffic Engineering},
author = {Subhash Suri and Marcel Waldvogel and Priyank Ramesh Warkhede},
editor = {Fernando Boavida},
url = {https://netfuture.ch/wp-content/uploads/2001/suri01profilebased.pdf},
year = {2001},
date = {2001-09-01},
urldate = {1000-01-01},
booktitle = {Quality of future Internet Services},
number = {2156},
pages = {138-157},
publisher = {Springer Verlag},
address = {Berlin},
series = {Lecture Notes in Computer Science},
abstract = { We present a new algorithm and framework for dynamic routing of bandwidth guaranteed flows. The problem is motivated by the need to dynamically set up bandwidth guaranteed paths in carrier and ISP networks. Traditional routing algorithms such as minimum hop routing or widest path routing do not take advantage of any knowledge about the traffic distribution or ingress-egress pairs, and therefore can often lead to severe network underutilization. Our work is inspired by the recently proposed ``minimum interference routing'' algorithm (MIRA) of Kodialam and Lakshman, but it improves on their approach in several ways. Our main idea is to use a ``traffic profile'' of the network, obtained by measurements or service level agreements (SLAs), as a rough predictor of the future traffic distribution. We use this profile to solve a multicommodity network flow problem, whose output is used both to guide our online path selection algorithm as well as impose admission control. The offline multicommodity solution seems very effective at distributing the routes and avoiding bottlenecks around hot spots. In particular, our algorithm can anticipate a flow's blocking effect on groups of ingress-egress pairs, while MIRA only considers one ingress-egress pair at a time. Our simulation results show that the new algorithm outperforms shortest path, widest path, and minimum interference routing algorithms on several metrics, including the fraction of requests routed and the fraction of requested bandwidth routed. Finally, the framework is quite general and can be extended in numerous ways to accommodate a variety of traffic management priorities in the network. },
keywords = {MPLS, Quality of Service, Traffic Engineering},
pubstate = {published},
tppubtype = {inproceedings}
}
We present a new algorithm and framework for dynamic routing of bandwidth guaranteed flows. The problem is motivated by the need to dynamically set up bandwidth guaranteed paths in carrier and ISP networks. Traditional routing algorithms such as minimum hop routing or widest path routing do not take advantage of any knowledge about the traffic distribution or ingress-egress pairs, and therefore can often lead to severe network underutilization. Our work is inspired by the recently proposed “minimum interference routing” algorithm (MIRA) of Kodialam and Lakshman, but it improves on their approach in several ways. Our main idea is to use a “traffic profile” of the network, obtained by measurements or service level agreements (SLAs), as a rough predictor of the future traffic distribution. We use this profile to solve a multicommodity network flow problem, whose output is used both to guide our online path selection algorithm as well as impose admission control. The offline multicommodity solution seems very effective at distributing the routes and avoiding bottlenecks around hot spots. In particular, our algorithm can anticipate a flow’s blocking effect on groups of ingress-egress pairs, while MIRA only considers one ingress-egress pair at a time. Our simulation results show that the new algorithm outperforms shortest path, widest path, and minimum interference routing algorithms on several metrics, including the fraction of requests routed and the fraction of requested bandwidth routed. Finally, the framework is quite general and can be extended in numerous ways to accommodate a variety of traffic management priorities in the network.
2000
Marcel Waldvogel
Multi-Dimensional Prefix Matching Using Line Search Proceedings Article
In: Proceedings of IEEE Local Computer Networks, pp. 200-207, Tampa, FL, USA, 2000.
Abstract | BibTeX | Tags: Fast Routers, Hash Tables, Quality of Service | Links:
@inproceedings{Waldvogel2000Multi-Dimensional,
title = {Multi-Dimensional Prefix Matching Using Line Search},
author = {Marcel Waldvogel},
url = {https://netfuture.ch/wp-content/uploads/2000/waldvogel00multidimensional.pdf},
year = {2000},
date = {2000-11-01},
urldate = {1000-01-01},
booktitle = {Proceedings of IEEE Local Computer Networks},
pages = {200-207},
address = {Tampa, FL, USA},
abstract = {With the increasing popularity of firewalls, virtual private networks (VPNs) and Quality of Service (QoS) routing, packet classification becomes increasingly important in the Internet. The high-performance solutions known so far strongly rely on certain properties of the filter database to match against, such as a small number of distinct prefixes or the absence of conflicts. In this paper, we present Line Search as a two-dimensional generalization of the one-dimensional binary search on prefix lengths, exploiting the advantage given by the different approach therein. This algorithm also works best on the filter databases that are expected to occur most often, but degrades gracefully when these assumptions no longer hold. We also show how to efficiently extend the algorithm to a complete five-dimensional Internet Protocol (IP) and transport header match.},
keywords = {Fast Routers, Hash Tables, Quality of Service},
pubstate = {published},
tppubtype = {inproceedings}
}
With the increasing popularity of firewalls, virtual private networks (VPNs) and Quality of Service (QoS) routing, packet classification becomes increasingly important in the Internet. The high-performance solutions known so far strongly rely on certain properties of the filter database to match against, such as a small number of distinct prefixes or the absence of conflicts. In this paper, we present Line Search as a two-dimensional generalization of the one-dimensional binary search on prefix lengths, exploiting the advantage given by the different approach therein. This algorithm also works best on the filter databases that are expected to occur most often, but degrades gracefully when these assumptions no longer hold. We also show how to efficiently extend the algorithm to a complete five-dimensional Internet Protocol (IP) and transport header match.
Sherlia Shi; Marcel Waldvogel
A Rate-based End-to-end Multicast Congestion Control Protocol Technical Report
Department of Computer Science, Washington University in St. Louis no. WUCS-00-03, 2000.
BibTeX | Tags: Multicast, Quality of Service | Links:
@techreport{Shi2000Rate-based-techreport,
title = {A Rate-based End-to-end Multicast Congestion Control Protocol},
author = {Sherlia Shi and Marcel Waldvogel},
url = {https://netfuture.ch/wp-content/uploads/2000/shi00ratebased-techreport.pdf},
year = {2000},
date = {2000-01-01},
urldate = {1000-01-01},
number = {WUCS-00-03},
institution = {Department of Computer Science, Washington University in St. Louis},
keywords = {Multicast, Quality of Service},
pubstate = {published},
tppubtype = {techreport}
}
Sherlia Shi; Marcel Waldvogel
A Rate-based End-to-end Multicast Congestion Control Protocol Proceedings Article
In: Proceedings of ISCC 2000, pp. 678-686, Antibes, France, 2000.
Abstract | BibTeX | Tags: Multicast, Quality of Service | Links:
@inproceedings{Shi2000Rate-based,
title = {A Rate-based End-to-end Multicast Congestion Control Protocol},
author = {Sherlia Shi and Marcel Waldvogel},
url = {https://netfuture.ch/wp-content/uploads/2000/shi00ratebased.pdf},
year = {2000},
date = {2000-01-01},
urldate = {1000-01-01},
booktitle = {Proceedings of ISCC 2000},
pages = {678-686},
address = {Antibes, France},
abstract = {Current reliable multicast protocols do not have scalable congestion control mechanisms and this deficiency leads to concerns that multicast deployment may endanger stability of the network. In this paper, we present a sender-based approach for multicast congestion control targeted towards reliable bulk data transfer. We assume that there are a few bottleneck links in a large scale multicast group at any time period and these bottlenecks persist long enough to be identified and adapted to. Our work focus on dynamically identifying the worst congested path in the multicast tree and obtaining TCP-friendly throughput on this selected path. We devise novel selection (amongst receivers) and aggregation (over time) methods to achieve our goal. The response time of our protocol is then compatible to TCP once the worst path is identified. Only when switching between worst paths, the protocol response time is relaxed to multiple RTTs (less than 10) for the reasons of scalability and stability. We use the network simulator (NS2) to validate and evaluate our congestion control algorithm with both drop-tail and RED gateways. },
keywords = {Multicast, Quality of Service},
pubstate = {published},
tppubtype = {inproceedings}
}
Current reliable multicast protocols do not have scalable congestion control mechanisms and this deficiency leads to concerns that multicast deployment may endanger stability of the network. In this paper, we present a sender-based approach for multicast congestion control targeted towards reliable bulk data transfer. We assume that there are a few bottleneck links in a large scale multicast group at any time period and these bottlenecks persist long enough to be identified and adapted to. Our work focus on dynamically identifying the worst congested path in the multicast tree and obtaining TCP-friendly throughput on this selected path. We devise novel selection (amongst receivers) and aggregation (over time) methods to achieve our goal. The response time of our protocol is then compatible to TCP once the worst path is identified. Only when switching between worst paths, the protocol response time is relaxed to multiple RTTs (less than 10) for the reasons of scalability and stability. We use the network simulator (NS2) to validate and evaluate our congestion control algorithm with both drop-tail and RED gateways.
1999
Burkhard Stiller; Christina Class; Marcel Waldvogel; Germano Caronni; Daniel Bauer
A Flexible Middleware for Multimedia Communication: Design, Implementation, and Experience Journal Article
In: IEEE Journal on Selected Areas in Communications, vol. 17, no. 9, pp. 1580-1598, 1999.
Abstract | BibTeX | Tags: Middleware, Quality of Service | Links:
@article{Stiller1999Flexible,
title = {A Flexible Middleware for Multimedia Communication: Design, Implementation, and Experience},
author = {Burkhard Stiller and Christina Class and Marcel Waldvogel and Germano Caronni and Daniel Bauer},
url = {https://netfuture.ch/wp-content/uploads/1999/stiller99flexible.pdf},
year = {1999},
date = {1999-01-01},
urldate = {1000-01-01},
journal = {IEEE Journal on Selected Areas in Communications},
volume = {17},
number = {9},
pages = {1580-1598},
abstract = {Distributed multimedia applications require a variety of com-munication services. These services and different application requirements have to be provided and supported within (1) end-systems in an efficient and integrated manner, combining the precise specification of Quality-of-Service (QoS) requirements, application interfaces, multicast support, and security features, and within (2) the network. The Da CaPo++ system presented here provides an efficient end-system middleware for multimedia applications, capable of handling various types of applications in a modular fashion. Application needs and communication demands are specified by values in terms of QoS attributes and functional properties, such as encryption requirements or multicast support. Da CaPo++ automatically configures suitable communication protocols, provides for an efficient run-time support, and offers an easy-to-use, object-oriented application programming interface. While its applicability to real-life applications was shown by prototype implementations, performance evaluations have been carried out yielding practical experiences and numerical results.},
keywords = {Middleware, Quality of Service},
pubstate = {published},
tppubtype = {article}
}
Distributed multimedia applications require a variety of com-munication services. These services and different application requirements have to be provided and supported within (1) end-systems in an efficient and integrated manner, combining the precise specification of Quality-of-Service (QoS) requirements, application interfaces, multicast support, and security features, and within (2) the network. The Da CaPo++ system presented here provides an efficient end-system middleware for multimedia applications, capable of handling various types of applications in a modular fashion. Application needs and communication demands are specified by values in terms of QoS attributes and functional properties, such as encryption requirements or multicast support. Da CaPo++ automatically configures suitable communication protocols, provides for an efficient run-time support, and offers an easy-to-use, object-oriented application programming interface. While its applicability to real-life applications was shown by prototype implementations, performance evaluations have been carried out yielding practical experiences and numerical results.
Milind M. Buddhikot; Subhash Suri; Marcel Waldvogel
Space Decomposition Techniques for Fast Layer-4 Switching Proceedings Article
In: Touch, Joseph D.; Sterbenz, James P. G. (Ed.): Protocols for High Speed Networks IV (Proceedings of PfHSN ’99), pp. 25-41, Kluwer Academic Publishers, Salem, MA, USA, 1999, ISBN: 0-7923-8690-6.
Abstract | BibTeX | Tags: Fast Routers, Quality of Service, Traffic Engineering | Links:
@inproceedings{Buddhikot1999Space,
title = {Space Decomposition Techniques for Fast Layer-4 Switching},
author = {Milind M. Buddhikot and Subhash Suri and Marcel Waldvogel},
editor = {Joseph D. Touch and James P. G. Sterbenz},
url = {https://netfuture.ch/wp-content/uploads/1999/buddhikot99space.pdf},
isbn = {0-7923-8690-6},
year = {1999},
date = {1999-01-01},
urldate = {1000-01-01},
booktitle = {Protocols for High Speed Networks IV (Proceedings of PfHSN '99)},
pages = {25-41},
publisher = {Kluwer Academic Publishers},
address = {Salem, MA, USA},
abstract = { Packet classification is the problem of matching each incoming packet at a router against a database of filters, which specify forwarding rules for the packets. The filters are a powerful and uniform way to implement new network services such as firewalls, Network Address Translation (NAT), Virtual Private Networks (VPN), and per-flow or class-based Quality of Service (QOS) guarantees. While several schemes have been proposed recently that can perform packet classification at high speeds, none of them achieves fast worst-case time for adding or deleting filters from the database. In this paper, we present a new scheme, based on space decomposition, whose search time is comparable to the best existing schemes, but which also offers fast worst-case filter update time. The three key ideas in this algorithm are as follows: (1) innovative data-structure based on quadtrees for a hierarchical representation of the recursively decomposed search space, (2) fractional cascading and precomputation to improve packet classification time, and (3) prefix partitioning to improve update time. Depending on the actual requirements of the system this algorithm is deployed in, a single parameter can be used to tradeoff search time for update time. Also, this algorithm is amenable to fast software and hardware implementation.},
keywords = {Fast Routers, Quality of Service, Traffic Engineering},
pubstate = {published},
tppubtype = {inproceedings}
}
Packet classification is the problem of matching each incoming packet at a router against a database of filters, which specify forwarding rules for the packets. The filters are a powerful and uniform way to implement new network services such as firewalls, Network Address Translation (NAT), Virtual Private Networks (VPN), and per-flow or class-based Quality of Service (QOS) guarantees. While several schemes have been proposed recently that can perform packet classification at high speeds, none of them achieves fast worst-case time for adding or deleting filters from the database. In this paper, we present a new scheme, based on space decomposition, whose search time is comparable to the best existing schemes, but which also offers fast worst-case filter update time. The three key ideas in this algorithm are as follows: (1) innovative data-structure based on quadtrees for a hierarchical representation of the recursively decomposed search space, (2) fractional cascading and precomputation to improve packet classification time, and (3) prefix partitioning to improve update time. Depending on the actual requirements of the system this algorithm is deployed in, a single parameter can be used to tradeoff search time for update time. Also, this algorithm is amenable to fast software and hardware implementation.
1998
V. Srinivasan; George Varghese; Subhash Suri; Marcel Waldvogel
Fast and Scalable Layer Four Switching Proceedings Article
In: Proceedings of ACM SIGCOMM, pp. 191-202, 1998.
Abstract | BibTeX | Tags: Fast Routers, Hash Tables, Quality of Service | Links:
@inproceedings{Srinivasan1998Fast,
title = {Fast and Scalable Layer Four Switching},
author = {V. Srinivasan and George Varghese and Subhash Suri and Marcel Waldvogel},
url = {https://netfuture.ch/wp-content/uploads/1998/srinivasan98fast.pdf},
year = {1998},
date = {1998-09-01},
urldate = {1000-01-01},
booktitle = {Proceedings of ACM SIGCOMM},
pages = {191-202},
abstract = { In Layer Four switching, the route and resources allocated to a packet are determined by the destination address as well as other header fields of the packet such as source address, TCP and UDP port numbers. Layer Four switching unifies firewall processing, RSVP style resource reservation filters, QoS Routing, and normal unicast and multicast forwarding into a single framework. In this framework, the forwarding database of a router consists of a potentially large number of filters on key header fields. A given packet header can match multiple filters, so each filter is given a cost, and the packet is forwarded using the least cost matching filter. In this paper, we describe two new algorithms for solving the least cost matching filter problem at high speeds. Our first algorithm is based on a grid-of-tries construction and works optimally for processing filters consisting of two prefix fields (such as destination-source filters) using linear space. Our second algorithm, cross-producting, provides fast lookup times for arbitrary filters but potentially requires large storage. We describe a combination scheme that combines the advantages of both schemes. The combination scheme can be optimized to handle pure destination prefix filters in 4 memory accesses, destination-source filters in 8 memory accesses worst case, and all other filters in 11 memory accesses in the typical case.},
keywords = {Fast Routers, Hash Tables, Quality of Service},
pubstate = {published},
tppubtype = {inproceedings}
}
In Layer Four switching, the route and resources allocated to a packet are determined by the destination address as well as other header fields of the packet such as source address, TCP and UDP port numbers. Layer Four switching unifies firewall processing, RSVP style resource reservation filters, QoS Routing, and normal unicast and multicast forwarding into a single framework. In this framework, the forwarding database of a router consists of a potentially large number of filters on key header fields. A given packet header can match multiple filters, so each filter is given a cost, and the packet is forwarded using the least cost matching filter. In this paper, we describe two new algorithms for solving the least cost matching filter problem at high speeds. Our first algorithm is based on a grid-of-tries construction and works optimally for processing filters consisting of two prefix fields (such as destination-source filters) using linear space. Our second algorithm, cross-producting, provides fast lookup times for arbitrary filters but potentially requires large storage. We describe a combination scheme that combines the advantages of both schemes. The combination scheme can be optimized to handle pure destination prefix filters in 4 memory accesses, destination-source filters in 8 memory accesses worst case, and all other filters in 11 memory accesses in the typical case.
1997
Daniel S. Decasper; Marcel Waldvogel; Zubin Dittia; Adiseshu Hari; Guru Parulkar; Bernhard Plattner
Crossbow — A Toolkit for Integrated Services over Cell Switched IPv6 Proceedings Article
In: Proceedings of the IEEE ATM ’97 workshop, Lisboa, Portugal, 1997.
Abstract | BibTeX | Tags: Fast Routers, Quality of Service | Links:
@inproceedings{Decasper1997Crossbow,
title = {Crossbow --- A Toolkit for Integrated Services over Cell Switched IPv6},
author = {Daniel S. Decasper and Marcel Waldvogel and Zubin Dittia and Adiseshu Hari and Guru Parulkar and Bernhard Plattner},
url = {https://netfuture.ch/wp-content/uploads/1997/decasper97crossbow.pdf},
year = {1997},
date = {1997-05-01},
urldate = {1000-01-01},
booktitle = {Proceedings of the IEEE ATM '97 workshop},
address = {Lisboa, Portugal},
abstract = {The project Crossbow provides a framework to investigate services and mechanisms including resource management and packet scheduling for multimedia/multicast applications. In particular the Internet Protocol version 6 (IPv6, IP next generation, IPng) protocol suite on top of ATM is considered to demonstrate possible synergy between ATM and IPv6. The presented architecture includes IPv6 and RSVP, running on BSD Unix using the 1.2 Gbps APIC (ATM Port Interconnect Controller) chip, as well as support for Ethernet networks.},
keywords = {Fast Routers, Quality of Service},
pubstate = {published},
tppubtype = {inproceedings}
}
The project Crossbow provides a framework to investigate services and mechanisms including resource management and packet scheduling for multimedia/multicast applications. In particular the Internet Protocol version 6 (IPv6, IP next generation, IPng) protocol suite on top of ATM is considered to demonstrate possible synergy between ATM and IPv6. The presented architecture includes IPv6 and RSVP, running on BSD Unix using the 1.2 Gbps APIC (ATM Port Interconnect Controller) chip, as well as support for Ethernet networks.
