SCION
This is a modal window.
The media could not be loaded, either because the server or network failed or because the format is not supported.
Formal Metadata
| Title |
| |
| Subtitle |
| |
| Title of Series | ||
| Number of Parts | 490 | |
| Author | ||
| Contributors | ||
| License | CC Attribution 2.0 Belgium: You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor. | |
| Identifiers | 10.5446/47312 (DOI) | |
| Publisher | ||
| Release Date | ||
| Language |
Content Metadata
| Subject Area | ||
| Genre | ||
| Abstract |
|
FOSDEM 2020393 / 490
4
7
9
10
14
15
16
25
26
29
31
33
34
35
37
40
41
42
43
45
46
47
50
51
52
53
54
58
60
64
65
66
67
70
71
72
74
75
76
77
78
82
83
84
86
89
90
93
94
95
96
98
100
101
105
106
109
110
116
118
123
124
130
135
137
141
142
144
146
151
154
157
159
164
166
167
169
172
174
178
182
184
185
186
187
189
190
191
192
193
194
195
200
202
203
204
205
206
207
208
211
212
214
218
222
225
228
230
232
233
235
236
240
242
244
249
250
251
253
254
258
261
262
266
267
268
271
273
274
275
278
280
281
282
283
284
285
286
288
289
290
291
293
295
296
297
298
301
302
303
305
306
307
310
311
315
317
318
319
328
333
350
353
354
356
359
360
361
370
372
373
374
375
379
380
381
383
385
386
387
388
391
393
394
395
397
398
399
401
409
410
411
414
420
421
422
423
424
425
427
429
430
434
438
439
444
449
450
454
457
458
459
460
461
464
465
466
468
469
470
471
472
480
484
486
487
489
490
00:00
InternetworkingStatisticsBitMultiplication signUsabilityReal numberComputer animation
00:50
InternetworkingSlide ruleRight angleInternetworkingComputer animation
01:26
EmailCASE <Informatik>InternetworkingDifferent (Kate Ryan album)Computer clusterSoftwareCausalityComputer animation
01:57
Multiplication signInternetworkingVirtual machineComputer animation
02:07
Internet der DingeDifferent (Kate Ryan album)Computer animation
02:21
TelecommunicationInformationControl flowSet (mathematics)RoutingGame controllerBitDataflowMessage passing
03:29
Category of beingRoutingStreaming mediaInternet service providerRandom matrixIntegrated development environmentSoftwareRouter (computing)CASE <Informatik>1 (number)MathematicsComputer animation
04:50
Internet service providerSoftwareDigital photographyGame controllerRoutingScalabilityIntegrated development environmentIn-System-ProgrammierungCASE <Informatik>Router (computing)Open sourcePublic domainPoint (geometry)Arithmetic meanHierarchyDifferent (Kate Ryan album)Computer animation
06:51
Computer networkSoftwareComputer animation
07:01
Computer networkUniverse (mathematics)Computer animation
07:12
Computer networkWorkloadComputer animation
07:26
Mixed realityLogic gatePoint (geometry)Ocean currentLevel (video gaming)Computer architectureMereologyServer (computing)Software testingBuildingRouter (computing)Inheritance (object-oriented programming)Computer animation
08:27
MultiplicationControl flowInternet service providerDifferent (Kate Ryan album)CASE <Informatik>Cartesian coordinate systemSlide ruleLecture/Conference
08:52
Link (knot theory)Computer animationLecture/Conference
09:05
Open sourcePoint cloudFacebook
Transcript: English(auto-generated)
00:05
OK, just a bit of statistics. Does any one of you have been yesterday to the same talk but in the longer version? OK, not so many people. So it will be the same, but I will do it in 10 minutes instead of 50. So probably everyone will enjoy.
00:20
OK, so long story short, we are trying to redesign internet, of course, because everyone wants to do it. We are kind of academies because I'm coming from ETH Zurich, but also we have a spin-off which is now doing this for real. So for people to really use it, and it's something usable. So it's not just a next wish, nice, dream,
00:43
which has nothing to do with reality, but really have something working. That's why I want to present it. I will skip this slide because of the timing. So what we are doing? So of course, we are designing the new internet because there is a fundamental problem with the current internet, which I will show you in the next slide.
01:01
We are doing this in a very clean state, which means we get rid of what you have currently and we redesign it. Not to be too much of a revolutionist, we are trying to make it working on the current infrastructure also. So you have mixed deployments, so you do not really need to redesign all your infrastructure at once because this is money and probably it's nice,
01:23
but you won't do it in reality. So you want to have a solution that you can use from right now. So this is one of the snapshots of the articles from Wired, infrastructure mess causing countless internet outages. You can see it every month. So BGP causes problems. In general, routing causes problems.
01:42
And if you go into the whole network stack layer for, it's in general causing a lot of problems because people either use it incorrectly or people do not know how to use it, or it's been designed 50 years ago and it covers different use cases. Because at the time when internet was originally designed,
02:01
everything was super simple. So your computer, it was just a machine for sending mails, nothing more. But right now, we have really smart devices. So all the IoT blockchains, all these fancy buzzwords, this really needs different concepts, different approach to privacy, to how we treat data, where we store data, who has access to data, and all these kind of things.
02:23
So we are creating a new protocol, a new set of protocols, just a bunch of buzzwords. So route control, failure isolation, trust information, end-to-end communication, these are just buzzwords. Let me explain a bit more what we are trying to do. So route control, the fundamental problem I have
02:41
with BGP is that you, as the end user, I, as the end user, I have completely no control of how my data flows, where it goes. I can only specify the destination, but I have no idea what happens. Every half year, I think there is something, yeah, I will try putting it a bit like this. Maybe it will be better.
03:00
So every half a year, we can read articles. China steals data, or data flows through Pakistan, even though it shouldn't, and all this kind of stuff. Sometime ago in Switzerland, we had a problem, so the traffic, which was supposed to only stay in the country, was going through Russia and China. And then, you know, I'm asking why. Why does it happen? Because there is no fundamental reason.
03:21
If I'm sending some message to a dude on the other side of the street over the internet, I want it to go with the short path, not through the other continent. So yeah, what you are trying to provide, this is the very first fundamental for this dev room. So we decentralized route, we decentralized routing.
03:41
So there is no entities on the way which control what happens to your data. You control it. So you can see with different colors, we have two computers, and we want to send data between them. So you select how the stream goes. You select the path based on different incentives. Do you want it to be high throughput? Do you want it to be super secure because it goes only through ISPs
04:00
which provide you the best trust? Of course, there is kind of money aspect because some paths, they can be cheaper. The other ones can be more expensive, different properties. But also what we want to achieve is very fast failure, resistance to failure. So I'm always bitching on BGP and BFD
04:23
because I work with this and I do not like it because it doesn't work properly in flaky network environments. So by offloading this to user, to the application, you have the possibility to react immediately to any change in the network. You do not need to wait for all the routers to converge and whatever happens in between
04:41
because you don't know what happens. So, you know, it's just a matter of trust. You trust these guys selling you internet, but they do what they think is good for you. But this is not always the case. Yeah, so path control. You select the path. I won't go into details. I just want to highlight for people knowing this stuff. This is not source routing. This is a fundamentally different concept
05:02
because you select the whole path. Routers, they just follow instructions. Routers are stateless, which also means from performance perspective, it's probably not super interesting for this Dev Room, but you do not need to parse so much stuff from the packet because you just check where to send it next. Thank you, it's done. And also the policies are enforced
05:22
in your local neighborhood, which means we have the concept of isolation domains. It can be your city, your company, your country, depends how you want to design it. The main point is you do not need to trust everyone in the network. You all need to trust your isolation domain. So if I build isolation domain for my family,
05:41
my father, my mother, my grandma, my dog, they do not need to trust my ISP and a bunch of other dudes. They all need to trust me as the ISD. So all the certificates, all this kind of stuff, it happens in this very local environment. I do not need to trust some global routes
06:00
somewhere out there. And yeah, different feature scalability because routers are stateless and we have this kind of hierarchical routing. You do not have the super huge routing tables, which you can easily mess with and just make your traffic to behave very incorrectly. We have native multipath.
06:20
So this can be a nice feature for some people because you can just use your infrastructure better. And you also can control your data more because if you go multipath, even if something went wrong, even if some ISP on the way goes crazy, goes rogue, it doesn't have all the data. And photo runs, this is what I said, by offloading this and doing kind of IKEA,
06:42
do it yourself style, you have more control because you, as a developer, you can decide what is good for you, how to behave in case of some problems. Yes, I tested my demo, but I will not show you this. Okay, just, yeah, I won't describe details. It just, we have two separate networks running already.
07:02
So this is used both by researchers around the world, but this is also used already by Swiss government and Swiss National Bank. So it's not just a bunch of guys at university doing something for fun. This is really used for more than two years now for mission critical workload of Swiss National Bank. So if they trust, I mean, Switzerland finance,
07:22
banking, all this kind of stuff, if they trust it, I would use it. Okay, so how can I run it? Because I'm saying like very, very high level overview, but I want to sell you the point. This is super easy to run. We run on any commodity server. You do not need Cisco, Juniper, or these guys to build super expensive switches and routers for you.
07:42
This is a very standard 64-bit architecture. You can take your PC, your laptop, whatever you want, even Raspberry Pi, and you can run as part of infrastructure on this device. And I said at the very beginning, we have a possibility of doing mixed deployments because of course, if we told everyone, now you need to redesign from scratch,
08:02
people wouldn't be able to join this party because they will say, okay, but we need to invest so much money and maybe there is some gain, maybe there is not, it's too risky. So we are trying to make it super easy to join on top of current stuff you have, test it, and if you are happy, push your ISP, push your IT departments, whatever,
08:23
you name it, this kind of corporate bullshit and move forward to the native deployment. Yeah, we have some Hello World, you can go through slides later. In GitHub, we have more serious applications using natively Sion. Yes, we are very happy to see different use cases because we have some, but also downstream contributors,
08:44
they are always super appreciated because you people always invent kind of use cases, solutions, problems, which we wouldn't even think about. Yes, I will show the next demo, but no, and a bunch of links if you are interested, and yes. Thank you.
Recommendations
Series of 7 media
Series of 10 media
Series of 16 media