The Experts below are selected from a list of 15 Experts worldwide ranked by ideXlab platform
Mike West - One of the best experts on this subject based on the ideXlab platform.
-
Let 'localhost' be localhost.
2017Co-Authors: Mike WestAbstract:This document updates RFC6761 with the goal of ensuring that "localhost" can be safely relied upon as a name for the local host's Loopback Interface. To that end, stub resolvers are required to resolve localhost names to Loopback addresses. Recursive DNS servers are required to return "NXDOMAIN" when queried for localhost names, making non-conformant stub resolvers more likely to fail and produce problem reports that result in updates. Together, these requirements would allow applications and specifications to join regular users in drawing the common-sense conclusions that "localhost" means "localhost", and doesn't resolve to somewhere else on the network.
Wang Binjun - One of the best experts on this subject based on the ideXlab platform.
-
SSL VPN System Based on Simulated Virtual NIC
2013 Fourth International Conference on Networking and Distributed Computing, 2013Co-Authors: Wang BinjunAbstract:SSL VPN system depends on TUN device on Linux host. Without TUN device, it can't be deployed on Linux hosts. In order to overcome this limitation, a new kind of SSL VPN system is developed. This system is based on simulated virtual NIC based on Loopback Interface. With the help of simulated virtual NIC, SSL VPN client can be deployed on Linux hosts without TUN devices. Thus a Linux host without TUN devices can access the protected resources by SSL VPN. After system experiments and analysis, this kind of SSL VPN system can work well with normal network traffic. It is a new model of SSL VPN system, compared with traditional SSL VPN system.
Scott M. Nettles - One of the best experts on this subject based on the ideXlab platform.
-
Practical active packets
2020Co-Authors: Jonathan T. Moore, Scott M. NettlesAbstract:Active networking adds programmability to the network infrastructure to promote service introduction. One approach involves active packets that carry programs rather than standard passive headers. To date, no one has proposed an active packet system that is truly practical: providing added flexibility over passive packet schemes without sacrificing either safety or efficiency. In this work, we propose a new system, SNAP (Safe and Nimble Active Packets), that strikes a useful balance. First, SNAP is safe. We use a combination of language design (limited expressiveness) and safe interpretation techniques that allow us to show that SNAP exhibits robustness (resistance to malicious or buggy code), isolation (non-interference with other packets), and resource predictability. In particular, we prove that each execution of a packet program consumes at most an amount of CPU and memory resources that are linearly proportional to the program's length; we also show the total number of packet executions that can be caused by a packet or its descendents is bounded. Second, SNAP is efficient. We designed the SNAP packet format to minimize memory overhead: most packets can be executed in-place in kernel network buffers. We show experimentally that SNAP latency and bandwidth microbenchmarks perform within a few percent of their IP-family counterparts in software routers connected by 100 Mb/s Ethernet links. SNAP incurs extremely low overhead: IP-like functionality is available at IP-like performance. Finally, SNAP is flexible, despite the fact that we have limited its expressiveness. We briefly describe a compiler that translates PLAN (an earlier active packet language) into SNAP using a combination of function inlining and sending copies of the current packet over a node's Loopback Interface to emulate backward branches. Since this Loopback technique consumes one unit of resource bound, we find that the resource bound field of the packet is a convenient knob for trading off tight bounds on global resource usage for increased flexibility (in terms of the amount of looping available to the packet). We also describe two new native SNAP applications: distributed denial-of-service attack detection and active video-on-demand.
Jonathan T. Moore - One of the best experts on this subject based on the ideXlab platform.
-
Practical active packets
2020Co-Authors: Jonathan T. Moore, Scott M. NettlesAbstract:Active networking adds programmability to the network infrastructure to promote service introduction. One approach involves active packets that carry programs rather than standard passive headers. To date, no one has proposed an active packet system that is truly practical: providing added flexibility over passive packet schemes without sacrificing either safety or efficiency. In this work, we propose a new system, SNAP (Safe and Nimble Active Packets), that strikes a useful balance. First, SNAP is safe. We use a combination of language design (limited expressiveness) and safe interpretation techniques that allow us to show that SNAP exhibits robustness (resistance to malicious or buggy code), isolation (non-interference with other packets), and resource predictability. In particular, we prove that each execution of a packet program consumes at most an amount of CPU and memory resources that are linearly proportional to the program's length; we also show the total number of packet executions that can be caused by a packet or its descendents is bounded. Second, SNAP is efficient. We designed the SNAP packet format to minimize memory overhead: most packets can be executed in-place in kernel network buffers. We show experimentally that SNAP latency and bandwidth microbenchmarks perform within a few percent of their IP-family counterparts in software routers connected by 100 Mb/s Ethernet links. SNAP incurs extremely low overhead: IP-like functionality is available at IP-like performance. Finally, SNAP is flexible, despite the fact that we have limited its expressiveness. We briefly describe a compiler that translates PLAN (an earlier active packet language) into SNAP using a combination of function inlining and sending copies of the current packet over a node's Loopback Interface to emulate backward branches. Since this Loopback technique consumes one unit of resource bound, we find that the resource bound field of the packet is a convenient knob for trading off tight bounds on global resource usage for increased flexibility (in terms of the amount of looping available to the packet). We also describe two new native SNAP applications: distributed denial-of-service attack detection and active video-on-demand.
Rodrigo Palhares - One of the best experts on this subject based on the ideXlab platform.
-
Collocation optimizations in an aspect-oriented middleware system
Journal of Systems and Software, 2007Co-Authors: Marco Tulio Valente, Rodrigo PalharesAbstract:In distributed object-oriented systems, there are situations where client and server objects are deployed in the same address space. In such scenarios, it is possible to dispatch remote calls without having to transverse the infrastructure provided by the underlying communication middleware system and thus without incurring the overhead of using a networking Loopback Interface. Such optimizations are called collocation optimizations. In this paper we describe an implementation of collocation that is centered on aspect-oriented programming abstractions. This implementation provides high degrees of modularization, configurability and adaptability than current object-oriented support to collocation. The paper also presents results about the performance gains derived from the optimization proposed.
