eFIT: Enabling Future Internet Innovation via Transit Wire
Welcome to the homepage of eFIT: Enabling Future Internet Innovation via Transit Wire, part of the NSF NeTS FIND Initiative. Here you will learn more about a new Internet routing architecture designed to address serious challenges in scalability, stability and security facing today's global routing infrastructure.
The Internet routing architecture is at an important crossroad. The unprecedented growth of the Internet necessarily brought forth new requirements and new challenges that were not addressed, or even foreseen, by the original design, yet the Internet routing architecture still remains the same as 27 years ago. First, all networks run on the same flat routing space, consequently the global routing table has been growing with Internet user population. The flat routing space also means any single unstable network can flood the entire Internet with frequent updates, and any malicious node can easily inject false updates. Second, all nodes still live on the same address space, thus anyone can send packets to any other node, making it easy to send unwanted traffic to other nodes, including core routers. The eFIT project takes the clean-slate design opportunity to address not only the scalability and security of the routing system itself, but also the overall resilience of the Internet against malicious attacks. eFIT's central idea is to separate the transit core of Internet from edge networks, and engineer a layer of control and protection in between. As a result, edge dynamics will not affect routing stability in the transit core, and attackers at edges (e.g. compromised hosts) will not be able to directly target the core infrastructure. Moreover, new capabilities can be added to the insulation layer to offer DDoS protection for individual end hosts. During the first year of eFIT project, we quantitatively evaluated the benefits of separating the transit core and user networks on routing scalability, showing that the gain from reduction in both the routing table size and routing churns can be by an order of magnitude. We then identified the following major challenges in designing the middle layer between the transit core and user networks:
- how to distribute the mapping information that maps user networks to their transit providers;
- how to recover from failures during data delivery;
- how to secure the new mapping system;
- how to incrementally roll out the new system with incentives.
Read more about eFIT...
We have sketched out a preliminary system design, APT (A Practical Tunneling architecture), that addresses all the above challenges.
This material is based upon work supported by the National Science Foundation under Grant No. 0551541, 0721369, 0721859 and 0721863. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation.
