Slashdot Log In
The Fight For End-To-End: Part One
from the in-one-NIC-and-out-the-other dept.
The summary provided by the conference organizers has a brief description of end-to-end:
"The "end-to-end argument" was proposed by network architects Jerome Saltzer, David Reed and David Clark in 1981 as a principle for allocating intelligence within a large scale computer network. It has since become a central principle of the Internet's design. End-to-end [e2e] counsels that "intelligence" in a network should be placed at its ends -- in applications -- while the network itself should remain as simple as is feasible, given the broad range of applications that the network might support."Another way to view end-to-end might be as a sort of network non-interference policy: all bits are created equal. The problem is that there are substantial economic incentives to treat bits differently, and these incentives are changing the architecture of the Internet in ways which may be detrimental to public values.
The workshop covered a number of areas:
- Voice over IP
- Network Security
- Quality of Service
- Content Caching
- Broadband
- Wireless
Jerome Saltzer started off with a technical overview of the end-to-end argument. In summary: digital technology builds systems of stunning complexity, and the way to manage this complexity is to modularize. For networking, this resulted in the layer model that many slashdot readers are familiar with. He suggested that designers should be wary of putting specific functions in lower layers, since all layers above must deal with that design decision. For a longer explanation, one can always read the original paper. If you've never heard of end-to-end before, I do suggest reading this paper before continuing. It's short.
First, Scott Bradner described two competing architectures for voice-over-IP protocols: one which employs central servers to direct and manage calls (the Media Gateway Control model, or Megaco), and one which puts most of the intelligence in the end-points, with the phones/computers originating the calls (the Session Initiation Protocol, or SIP). One important difference: SIP phones can use a central server to direct calls, but Megaco phones have no capability to act independently. Building a great deal of intelligence into the central servers is less end-to-end-compliant than building it into phones at the edges of the network.
One member of the audience pointed out that Federal law requires companies to build wiretapping capabilities into phone switches and wireless network equipment, and wondered how that would be implemented if the phones initiated the connections themselves (SIP). Traditional wiretapping is predicated upon the idea that there is a central server which all communications pass through. The panel candidly replied that when no central server is used and encryption is employed, wiretapping is difficult. One audience member pointed out that wiretapping at centralized switches is not the most effective way to do it, anyway -- since switches can be routed around and communications can be encrypted, the only truly effective way to wiretap would be to build tapping capabilities all the way at the edge of the network -- the phone itself. While some of the audience laughed, I think most of the participants also realized the dark undertones of this suggestion.
Next the discussion turned to innovation. In one model, the central servers would be controlled by companies with a vested interest in managing them conservatively, suppressing competition, etc. In the other, individuals would be able to create/control their own phones on the perimeter of the network, and the only barrier to innovation would be finding someone else to adopt your improvement as well so that the two of you could communicate. In the first model, innovations which benefited the company would be the only ones permitted. In the second one, any innovation which benefited the end-user would be possible.
Finally the discussion moved to a rarely thought about side effect of voice over IP. Universal service -- phone service to (nearly) every resident of the United States -- is funded through access charges on your phone bill. In effect, people in cheap-to-service areas are subsidizing those in expensive-to-service areas, ranging from the badlands of Nevada to wilderness areas of Alaska. From a societal point of view, ubiquitous access to telephones has been a great boon, but providing it requires a societal commitment -- otherwise people living outside of major population centers might never have phone service. Suppose now that traditional telephony is replaced by voice over IP, and no central servers are involved -- there would be no easy way to collect the access charges which subsidize outlying areas. While lowering such taxes may have widespread appeal, completely abandoning the commitment to universal service would be a great loss to society.
The next focus was network security. Firewalls are probably the most obvious breaks in the end-to-end paradigm -- after all, these devices' sole purpose is to stand in the way of network connections, and decide which are permitted and which are not. Participants brought up (but thankfully, quickly moved past) the true-but-useless point that if all operating systems were secured properly, there would be no need for firewalls.
Hans Kruse pointed out that if security must be implemented at the end anyway -- as it must if any incoming traffic is permitted through the firewall -- then there's no reason to do it at the center as well. David Clark put forth the useful distinction between mandatory and discretionary access controls -- mandatory controls being ones put into place by someone else, discretionary ones put into place by you. Discretionary controls do not violate end-to-end, but mandatory ones generally do. Michael Kleeman noted that the reasons firewalls are put into place include the desire to control the actions of users inside the firewall as often as the desire to control access from outside.Doug Van Houweling spoke regarding Network Address Translation (NAT). NAT allows two networks to be joined together, and is typically used to join a network of machines with non-routable IP addresses to the global internet. NAT is an outgrowth of the limited availability of IPv4 addresses, but is also employed in some cases as a poor man's security measure. Generally, Houweling described NAT as an affront to end-to-end, because any application which requires transparency of addresses breaks, making end-to-end encryption impossible. Added to which, applications sometimes transmit data in the TCP/IP headers which NAT alters. The group noted that NAT can be eliminated simply by putting more addresses into circulation. Later in the workshop, Andrew McLaughlin talked about the address allocation process for IPv6 and said that it is shaping up to be much better than that for IPv4.
The workshop moved on next to Quality of Service. QoS in this case covers a wide range of proposals (and a few working implementations) for selectively speeding up or slowing down network traffic -- a sort of nice for network data flows. The "benign" use of QoS is to ensure that traffic which is strongly time-sensitive like videoconferencing or telephony gets priority over the download of NT Service Pack 16. There are less-benign uses: Cisco's 1999 White Paper which encouraged cable Internet operators to use Cisco's QoS features to speed up access to proprietary (read: profitable) content while slowing down content from competitors was the red flag in the QoS realm, raising concerns about the role of ISPs in traffic delivery and abuses by telecom carriers which are also content providers.
This segment started with an overview of QoS. There are several ways to implement QoS on a network. The simplest is to build a network with a capacity great enough to never be maxed out; if the network has sufficient bandwidth, there's no need to worry about QoS in the first place. There are costs, though, to maintain sufficient excess capacity on the network. This is called "adequate provisioning" if it is your preferred method of managing traffic, or "over-provisioning" if you prefer one of the other QoS approaches. The other ways under consideration are an integrated service architecture and a differentiated service architecture. The former would monitor and track each individual data flow -- the call you place to your mother in Singapore could be treated differently from the call you place to your grandmother in Kracow. The latter would only allow differentiation between classes of services -- all videoconferencing would be treated similarly, for example. Of the three, adequate provisioning is fully end-to-end while DiffServ is less so, and IntServ is highly non-compliant.
Jerome Saltzer (from the audience) made the point that no QoS technique provides real guarantees of service, and any technique except having plenty of excess bandwidth available violates the principles of end-to-end. He emphasized that people should be aware of the trade-offs.
Jamie Love mentioned not only the Cisco white paper but pointed out that this situation lent itself to behavior like that which has landed Microsoft in hot water -- using one's control of a particular system to speed up one's own content and impede competitors' from flowing. A member of the audience countered QoS would allow companies to create different levels of service -- pay more for fast access, less for slow access -- and that this was a good thing.
There were two distinct classes of problems identified. The first is similar to the distinction among methods for carrying voice over IP: the companies that control the QoS-enabled servers get to control who gets to innovate in QoS-related areas. The second, related problem is that of carriers using QoS features to promote their own content. The second problem has traditionally been solved by requiring a separation of carriage and content -- keeping the owner of the lines and the provider of content over those lines separate. The current FCC and FTC are not enforcing that traditional check against monopolization of content in telecommunications; thus it's likely that unless governmental policies change, AOL/Time Warner will be a position to promote its own content through control of the cable Internet services it owns.
Doug Van Houweling then spoke and noted that the Internet2 project is taking a very strong stance promoting QoS, because that stance is seen as necessary to promote investment in Internet2 architecture.
An audience member spoke up and suggested that the best regulatory course would be regulation with a light touch -- regulation could provide the minimum necessary controls to provide really necessary QoS while disallowing abusive uses. At this point Deborah Lathen asked the $64,000 question: how would the FCC make this fine regulatory distinction? No one had a good answer to that question.
In Part two tomorrow: transparent caching, broadband and wireless access, and capitalism.
Re:More government regulation, great! (Score:3)
This has to be one of the most asinine conclusions I've ever seen. Did you even read the rest of the Britannica entry? Specifically, the part you left out in the middle of your quote. I assume you did, since it tells a very different story than the selective quote you provided.
For those who are too lazy to read for themselves, here's the part tylerh left out:
Vail was brought back into the company as president in 1907, and from then until his retirement in 1919 he molded AT&T into virtually the organization that lasted until 1984. Vail set about trying to achieve a monopoly for AT&T over the American telecommunications industry. He consolidated the Bell associated companies into state and regional organizations, acquired many previously independent companies, and achieved control over Western Union in 1910.
In other words, AT&T used standard laissez faire capitalist techniques to achieve their monopoly. But what about the Graham-Willis Act of 1921? It didn't create the monopoly; ATT had done that themselves. Do a google search on it, and you'll find that (essentially) all it did was exempt telcos from the Sherman Antitrust Act.
So what's the moral of the story? Aside from the fact that tylerh has no problem using selective quoting to deceive the lazy, what we see is that ATT basically bought a law that gave them (temporary) immunity from antitrust prosecution. The gov't didn't create ATT, or do anything to create it's monopoly. They simply refused to use federal law to restrain ATT in 1921. To imply that ATT used a gov't granted monopoly to put down their "growing competition" is sheer intellectual dishonesty.
Re:More government regulation, great! (Score:3)
kali,
You are correct that my Brittanica link did not fully support my conclusion. Slashdotters are not reknowned for their long attention spans, so I keep my posts brief.
Since you've read this far, let me take more of your time and tell a fuller story. It's more intersting. Sadly, I don't have supporting links handy
As Kali points out, ATT reached for monopoly via "standard laissez faire ." If memory serves, they had about a 70-80% market share when, as Kali correctly points out, they bought themselves anti-trust protection and stomped the rest of their market. While we'll never know, many (myself included) doubt that ATT would ever have reached their ultimate 95%+ penetration without government help. Microsoft seems stuck in the 90-95% range, and even Standard Oil never got that far.
Back on topic, Kali is missing a key fact. Consistent with " standard laissez faire," the ATT "monopoly" was already under attack. Ever wonder why security companies get their bare copper provided to them by the telcos on the cheap? ah, there is a tale. By the 1910s, Private alarm companies had sprung up that were laying their own copper. ATT realized that this was a competing infrastructure, so they cut a deal: we'll give you our copper cheap, you stay out of voice. This was formalized in the rate tariffs as the government set concrete on ATTs "monopoly." And there matters stayed, until DSL pioneers staring ordering bare copper "security alarm" lines for their data networks. Nasty lawsuits/hearings ensued, where this juicy history turned up.
... and if mine was the "one of the most asinine conclusions [you]'ve ever seen," kali you are clearly new to slashdot.
Scalability (Score:4)
The problem is that folks are trying to put services (like voice) that need realtime delivery onto a network that wasn't designed for it. In a straight IP based network, each router only needs resources for the packets that it is currently handling. As soon as a packet gets sent, the router's interest in it ends. A packet can (theoretically!) take any route at all through the network, and it's the endpoint's responsibility to put everything back together.
Anything else requires additional resources for each connection going through the router. For a backbone router, this is a *lot* of connections. It also means that each connection is "nailed" to a single route through the network. Lose a router and you not only lose the packets that it is storing at the time, but all the connections that it is handling. There are ways of handling this, of course, but the solutions are expensive, in terms of both hardware and bandwidth.
In my somewhat cynical opinion, what the providers want to do is take the simple "flat rate" model that the Internet is built on and turn it into what Scott Adams calls a "confusopoly", where the customer is never sure what services she is getting or what they're supposed to cost.
Combine this with the Government's desire (all governments) to monitor and control all communications, and you have the recipe for a real mess.
--
Re:I'm jumping the gun, but why is any of this eve (Score:4)
If you take your little network and hook it to another little network, no one cares. Now, let's suppose that you are a big network; in fact, you are the monopoly cable provider in your town. Now, let's suppose you like Fred Foo for mayor, because he helped you arrange your monopoly, and you hate Bart Barr, because he's trying to get a competing cable franchise established. So you decide to give the Foo campaign high QoS and 300 bps to the Barr campaign. Still no reason to regulate?
Or, to take a more realistic example: you have a cable monopoly and you own a movie studio. You provide high QoS jitter-free streaming interactive movies to your cable modem customers -- but only movies owned by your studio. Competitors can only use your generic, bursty service, with lots of packet retransmissions and brief outages. Customers can use DSL instead of a cable modem, but the local phone company, which controls all DSL traffic, has made a deal with a different movie studio, so if you want to watch someone else's movies you're still hosed. You can try wireless IP, but there's not enough available bandwidth and too much interference.
Long ago, the feds made a very wise decision: they forced the major studios to sell their theaters. In the old days if you were in a small town you might only be able to get movies produced by the studio that owned your local theater. Content and distribution need to be kept separate, by law if need be.
QoS and direct connections (Score:3)
QoS is actually used in a large portion of the backbone, but not at the IP layer.
For example, Sprint uses the same network for their digital voice (PCS, long distance). This is a big SONET backbone tied to OCx ATM networks. From there they branch to voice or data.
For IP data networks, it flies over the OCx networks just the same as voice, but voice has QoS applied to its virtual connections via ATM AAL2. IP data traffic is usually AAL5 with no QoS.
Also, many of the backbone IP providers (sprint, UUnet) use QoS/traffic shaping at the entry point for small ISP's to ensure that traffic from big fish like sprint or UUnet or AOL? gets better response.
You may remember an article about big data providers (UUnet and sprint specifically) giving crappy data service to ISP's and affecting their ability to compete or provide relaible services.
At any rate, the point of this is that currently QoS is used but internal to the backbone carriers themselves. It is definately nice to have, and allows them to implement all sorts of latency intolerant services like voice and video over their networks which cannot be implemented without QoS.
It will take a lot of effort to get QoS at the IP layer, as this will entail paying ISP's for a QoS connection, probably ATM, and running IP over that connection, or fundamentally altering the IP protocol to include QoS capabilities similar to those provided by ATM. The latter will not happen
Re:More government regulation, great! (Score:3)
Secondly, corporations abuse power. They help their friends and burn their enemies, with the consumer left as the meat in the sandwich. Bureaucracy is bureaucracy, private or public. Absolutely. I in no way disagree with you. The fundamental difference is that by law I do not have to buy a particular company's products. I have to abide by whatever laws the government sets. If a bunch of bureacratic slimy corporations do not provide what I am looking for I can buy something from a small business. The most disgusting things that corporations can do is to basically make themselves a part of the government by lobbying them to influence legislation that interferes with the free market. Remember that corporations and their CEOs are not necessarily interested in the free market.
Stuart Eichert
Getting really sick (Score:4)
I look at the situation now and want to throw up; vendors paying for stuff that is already being payed for by someone else, names and numbers being bought in blocks and hoarded, etc. etc., protocols that don't want to work with each other, a government that couldn't even fathom the complexity of the system but wants a chokehold on it. We're so screwed.
I'm moving to Sealand
Re:NAT IPv6 and Security... (Score:3)
Re:More government regulation, great! (Score:3)
Re:More government regulation, great! (Score:4)
The point of QoS (Score:3)
Separating internet traffic into high-jitter and low-jitter classes could easily reduce VoIP jitter by a factor of 10.
Re:More government regulation, great! (Score:3)
Can't you realize that government regulation got rid of the AT&T monopoly?
This is only half true. During telephony's first 1/2 century ( roughty 1875-1920), vigorous competition was the norm. From Brittanica [britannica.com]:
That's right, ATT was facing growing competition, so they had the government declare them a "natural monopoly." In 1984, the government was just trying to undue the mistake it had made 60 years earlier.
Yawn, QoS (Score:4)
Because nobody is willing to pay for it. Customers of ISP service, given the choice between more bandwidth and priority, always buy more bandwidth with the same dollars. Bandwidth is cheaper and cheaper to provide; priority is expensive. These trends are, if anything, accelerating as DWDM and the like make it ever cheaper to cram more gigabits of traffic onto the same fiber.
Of course bad guys like cable carriers may use QoS to implement CoS (Crappiness of Service) for their less favored customers, but as options increase, customers of such will switch away.
It's like soccer in the US: QoS is the wave of the future - and always will be!
Re:More government regulation, great! (Score:3)
Deregulation of electrical power supply in California is perhaps leading to higher electrical bills in the long run.
Secondly, corporations abuse power. They help their friends and burn their enemies, with the consumer left as the meat in the sandwich. Bureaucracy is bureaucracy, private or public.