References of "Edeline, Korian"
     in
Bookmark and Share    
Full Text
Peer Reviewed
See detailmmb: Flexible High-Speed Userspace Middleboxes
Edeline, Korian ULiege; Iurman, Justin ULiege; Soldani, Cyril ULiege et al

in Applied Networking Research Workshop (2019, July)

Nowadays, Internet actors have to deal with a strong increase in Internet traffic at many levels. One of their main challenge is building high-speed and efficient networking solutions. In such a context ... [more ▼]

Nowadays, Internet actors have to deal with a strong increase in Internet traffic at many levels. One of their main challenge is building high-speed and efficient networking solutions. In such a context, kernel-bypass I/O frameworks have become their preferred answer to the increasing bandwidth demands. Many works have been achieved, so far, all of them claiming to have succeeded in reaching line-rate for traffic forwarding. However, this claim does not hold for more complex packet processing. In addition, all those solutions share common drawbacks on either deployment flexibility or configurability and user-friendliness. This is exactly what we tackle in this paper by introducing mmb, a VPP middlebox plugin that allows, through an intuitive command-line interface, to easily build stateless and stateful classification and rewriting middleboxes. mmb makes a careful use of instruction caching and memory prefetching, in addition to other techniques used by other high-performance I/O frameworks. We compare mmb performance with other middlebox solutions, such as kernel-bypass framework and kernel-level optimized approach, for enforcing middleboxes policies (firewall, NAT, transport-level engineering). We demonstrate that mmb performs, generally, better than existing solutions, sustaining a line-rate processing while performing large numbers of complex policies [less ▲]

Detailed reference viewed: 16 (2 ULiège)
Full Text
Peer Reviewed
See detailHic Sunt Proxies: Unveiling Proxy Phenomena in Mobile Networks
Zullo, Raffaele; Pescapé, Antonio; Edeline, Korian ULiege et al

in IEEE/IFIP Workshop on Mobile Network Measurement (MNM) (2019, June)

Over the years middleboxes have established themselves as a solution to a wide range of networking issues, progressively changing network landscape and turning the end-to-end principle into a reminder of ... [more ▼]

Over the years middleboxes have established themselves as a solution to a wide range of networking issues, progressively changing network landscape and turning the end-to-end principle into a reminder of an Arcadian age of the Internet. Among them, proxies have found breeding ground especially in mobile networks that, moreover, have become the most popular way to access the Internet. In this paper, we present Mobile Tracebox, an Android measurement tool, and describe how its methodology, coping with the lack of privileges of mobile devices, can not only detect proxies but also characterize different facets, from their transport layer behavior to their location inside the network. Data collected from a crowdsourced deployment over more than 90 carriers and 350 Wi-Fi networks contributes to describe the potential of the tool and to draw a panorama of proxies across mobile networks. Our study confirms their prevalence and reveals that their scope is not limited to HTTP but can include several TCP services and even non standard ports. We detail the different implementations observed and delve into specific aspects of their configuration, like the initial Receive Window, the Window Scale factor or the set of Options supported, to understand how proxies can affect performance or obstruct extensions. Finally, we focus on fingerprinting and attempt to draw a dividing line between packet modifications performed by proxies and those performed by other classes of middleboxes. [less ▲]

Detailed reference viewed: 19 (0 ULiège)
Full Text
Peer Reviewed
See detailA Bottom-Up Investigation of the Transport-Layer Ossification
Edeline, Korian ULiege; Donnet, Benoît ULiege

in Network Traffic Measurement and Analysis (TMA) Conference 2019 (2019, June)

Recent years have seen the rise of middleboxes, such as NATs, firewalls, or TCP accelerators. Those middleboxes play an important role in today's Internet, and are now extensively deployed in various ... [more ▼]

Recent years have seen the rise of middleboxes, such as NATs, firewalls, or TCP accelerators. Those middleboxes play an important role in today's Internet, and are now extensively deployed in various networks including corporate networks, Tier-1 ASes, cellular networks, and WiFi hot-spots. Unfortunately, despite the added value that they bring to networks, they radically change the transport paradigm from the legacy end-to-end principle, and drive increasing complexity in the path. The consequences of these changes are a wide variety of simple to subtle impairments to protocols and features, that in turn lead to the ossification of the network infrastructure. While the latter is now a well-known problem, its causes are not that much understood. To fill this gap, we provide a more detailed explanation of the factors of the transport-level ossification, and we give insights on their prevalence in the wild. We extract path conditions by processing a large collection of observations of middlebox in-path packet manipulations, and we categorize the observed transport impairments based on the complications that they engender. We show that more than one third of network paths are crossing at least one middlebox, and a substantial percentage are affected by feature or protocol-breaking policies. Finally, we show that the majority of the devices that implements them are located in edge networks. [less ▲]

Detailed reference viewed: 65 (20 ULiège)
Full Text
See detailmmb: Flexible High-Speed Userspace Middleboxes
Edeline, Korian ULiege; Iurman, Justin ULiege; Soldani, Cyril ULiege et al

Report (2019)

Detailed reference viewed: 26 (2 ULiège)
Full Text
Peer Reviewed
See detailAn Observation-Based Middlebox Policy Taxonomy
Edeline, Korian ULiege; Donnet, Benoît ULiege

in ACM CoNEXT 2017 Student Workshop (2017, December 12)

Recent years have seen the rise of middleboxes, such as NATs, firewalls, or TCP accelerators. Those middleboxes play an important role in today's Internet, including enterprise networks and cellular ... [more ▼]

Recent years have seen the rise of middleboxes, such as NATs, firewalls, or TCP accelerators. Those middleboxes play an important role in today's Internet, including enterprise networks and cellular networks. However, despite their undisputable success in modern network architecture, their actual impact on packets, traffic, and network performance is not that much understood. In this paper, we propose a path impairment oriented middlebox classification that aims at categorizing the initial purpose of a middlebox policy as well as its potential complications. [less ▲]

Detailed reference viewed: 78 (12 ULiège)
Full Text
Peer Reviewed
See detailA First Look at the Prevalence and Persistence of Middleboxes in the Wild
Edeline, Korian ULiege; Donnet, Benoît ULiege

in International Teletraffic Congress (2017, September)

Recent years have seen an uprise in the development of middleboxes functionalities (CGNATs, proxies, accelerators, etc), participating so in the ossification of the Internet. In parallel, various ... [more ▼]

Recent years have seen an uprise in the development of middleboxes functionalities (CGNATs, proxies, accelerators, etc), participating so in the ossification of the Internet. In parallel, various solutions have been developed to detect or circumvent unwanted middleboxes interferences such as UDP-based middlebox-proof transports (Google's QUIC, PLUS), middlebox-proof extensions to TCP (HICCUPS, TCPcrypt), and middlebox traversal mechanisms (STUN, ICE, PLUS). All those solutions make the assumption of ubiquitous middleboxes. However, a view of their actual deployment in the wild, in IPv4 wired networks, is missing. In particular, knowing how autonomous systems (ASes) deploy middleboxes in terms of prevalence and persistence would provide additional relevant information to Internet topology models. In this paper, we aim at filling this gap. Based on a large-scale measurement campaign, we highlight different characteristics of middlebox deployment within ASes to elicit middleboxes profiles. [less ▲]

Detailed reference viewed: 95 (27 ULiège)
Full Text
Peer Reviewed
See detailcopycat: Testing Differential Treatment of New Transport Protocols in the Wild
Edeline, Korian ULiege; Kühlewind, Mirja; Trammell, Brian et al

in Applied Networking Research Workshop (2017, July)

Recent years have seen the development of multiple transport solutions to address the ossification of TCP in the Internet, and to ease transport-layer extensibility and deployability. Recent approaches ... [more ▼]

Recent years have seen the development of multiple transport solutions to address the ossification of TCP in the Internet, and to ease transport-layer extensibility and deployability. Recent approaches, such as PLUS and Google's QUIC, introduce an upper transport layer atop UDP; their deployment therefore relies on UDP not being disadvantaged with respect to TCP by the Internet. This paper introduces copycat, a generic transport protocol testing tool that highlights differential treatment by the path in terms of connectivity and QoS between TCP and a non-TCP transport protocol. copycat generates TCP-shaped traffic with custom headers, and compares its performance in terms of loss and delay with TCP. We present a proof-of-concept case study (UDP vs. TCP) in order to answer questions about the deployability of current transport evolution approaches, and demonstrate the extent of copycat's capabilities and possible applications. While the vast majority of UDP impairments are found to be access-network linked, and subtle impairment is rare, middleboxes might adapt to new protocols that would then perform differently in the wild compared to early deployments or controlled environment testing. [less ▲]

Detailed reference viewed: 66 (12 ULiège)
Full Text
Peer Reviewed
See detailHic Sunt NATs: Uncovering Address Translation with a Smart Traceroute
Zullo, Raffaele; Pescapé, Antonio; Edeline, Korian ULiege et al

in IEEE/IFIP Workshop on Mobile Network Measurement (MNM) (2017, June)

Middleboxes are pervasive in today's Internet as they are deployed for an increasing number of reasons. An example is the network address translation (NAT), one of the first task to be performed to cope ... [more ▼]

Middleboxes are pervasive in today's Internet as they are deployed for an increasing number of reasons. An example is the network address translation (NAT), one of the first task to be performed to cope with the lack of IPv4 addresses. Recently the landscape for NATs has become even more crowded, especially in mobile networks, mainly due to the impossibility of IPv6 to be a large-scale solution to addressing issues. In this paper, we present a novel methodology for detecting NATs embodied in Mobile Tracebox, a measurement tool for Android smart devices that detects a wide range of middleboxes. It analyzes ICMP time-exceeded messages received during \traceroute and points at IP and transport checksum inconsistencies in the embedded packets to uncover address translation along a path. We deployed Mobile Tracebox through a crowdsourcing approach and used the collected dataset to validate our methodology. Results showed that, in absence of middleboxes breaking \traceroute, it can help to detect and locate NATs in the majority of the cases. [less ▲]

Detailed reference viewed: 60 (9 ULiège)
Full Text
See detailUsing UDP for Internet Transport Evolution
Edeline, Korian ULiege; Külhewind, Mirja; Trammell, Brian et al

Report (2016)

The increasing use of middleboxes (e.g., NATs, firewalls) in the Internet has made it harder and harder to deploy new transport or higher layer protocols, or even extensions to existing ones. Current work ... [more ▼]

The increasing use of middleboxes (e.g., NATs, firewalls) in the Internet has made it harder and harder to deploy new transport or higher layer protocols, or even extensions to existing ones. Current work to address this Internet transport ossification has led to renewed interest in UDP as an encapsulation for making novel transport protocols deployable in the Internet. Examples include Google's QUIC and the WebRTC data channel. The common assumption made by these approaches is that encapsulation over UDP works in the present Internet. This paper presents a measurement study to examine this assumption, and provides guidance for protocol design based on our measurements. The key question is "can we run new transport protocols for the Internet over UDP?" We find that the answer is largely "yes": UDP works on most networks, and impairments are generally confined to access networks. This allows relatively simple fallback strategies to work around it. Our answer is based on a twofold methodology. First, we use the RIPE Atlas platform to basically check UDP connectivity and first-packet latency. Second, we deploy copycat, a new tool for comparing TCP loss, latency, and throughput with UDP by generating TCP-shaped traffic with UDP headers. [less ▲]

Detailed reference viewed: 32 (0 ULiège)
Full Text
Peer Reviewed
See detailTowards an Observatory for Network Transparency Research
Neuhaus, Stephan; Münter, Roman; Edeline, Korian ULiege et al

in Applied Networking Research Workshop (2016, July)

The Internet is full of middleboxes that change packets and flows. In fact, there is probably no IP or TCP header that is not affected by at least one middlebox. Obviously, middleboxes impede path ... [more ▼]

The Internet is full of middleboxes that change packets and flows. In fact, there is probably no IP or TCP header that is not affected by at least one middlebox. Obviously, middleboxes impede path transparency, i.e., the idea that an exchange of messages results in more or less the same packets, no matter what path the packets takes. But no one seems to have a truly global view of what middleboxes do to packets on what Internet paths, which would however be an essential knowledge for new transport protocols to be successfully deployed. We address these concerns in the MAMI project by building an observatory of path transparency measurements. The project hosts an extensive set of path transparency measurements - we believe it to be the first dataset to deal specifically with middlebox involvement. In this paper, we describe that Observatory and a number of questions that we want to address with the data in that Observatory. Eventually, the project will provide public access to that Observatory so that researchers and the interested public can ask their own questions about path transparency issues and middlebox involvement. [less ▲]

Detailed reference viewed: 83 (7 ULiège)
Full Text
Peer Reviewed
See detailTracking Middleboxes in the Mobile World with TraceboxAndroid
Thirion, Valentin; Edeline, Korian ULiege; Donnet, Benoît ULiege

in 7th International Workshop on Traffic Monitoring and Analysis (TMA) (2015, April)

Middleboxes are largely deployed over cellular networks. It is known that they might disrupt network performance, expose users to security issues, and harm protocols deployability. Further, hardly any ... [more ▼]

Middleboxes are largely deployed over cellular networks. It is known that they might disrupt network performance, expose users to security issues, and harm protocols deployability. Further, hardly any network measurements tools for smartphones are able to infer middlebox behaviors, specially if one cannot control both ends of a path. In this paper, we present TraceboxAndroid a proof-of-concept measurement application for Android mobile devices implementing the tracebox algorithm. It aims at diagnosing middlebox-impaired paths by detecting and locating rewriting middleboxes. We analyze a dataset sample to highlight the range of opportunities offered by TraceboxAndroid. We show that TraceboxAndroid can be useful for mobile users as well as for the research community. [less ▲]

Detailed reference viewed: 141 (14 ULiège)
Full Text
Peer Reviewed
See detailTowards a Middlebox Policy Taxonomy: Path Impairments
Edeline, Korian ULiege; Donnet, Benoît ULiege

in International Workshop on Network Science for Communication Networks (NetSciCom): Hong Kong April 27 2015 (2015, April)

Recent years have seen the rise of middleboxes, such as firewalls, NATs, proxies, or Deep Packet Inspectors. Those middleboxes play an important role in today's Internet, including enterprise networks and ... [more ▼]

Recent years have seen the rise of middleboxes, such as firewalls, NATs, proxies, or Deep Packet Inspectors. Those middleboxes play an important role in today's Internet, including enterprise networks and cellular networks. However, despite their huge success in modern network architecture, they have a negative impact on the Internet evolution as they can slow down the TCP protocol evolution and its extensions. Making available a summary of the potential middlebox network interferences is of the highest importance as it could allow researchers to confront their new transport protocol to potential issues caused by middleboxes. And, consequently, allowing again innovation in the Internet. This is exactly what we tackle in this paper. We propose a path impairment oriented middlebox taxonomy that aims at categorizing the initial purpose of a middlebox policy as well as its potential unexpected complications. Based on a measurement campaign on IPv4 and IPv6 networks, we confront our taxonomy to the real world. Our dataset is freely available. [less ▲]

Detailed reference viewed: 399 (17 ULiège)