The Abone distinguishes between core nodes and edge nodes. Core nodes are permanent members of the ABone, whereas edge nodes can be transient. For example, an edge node may persist only for the duration of an ABone experiment. The Dynamic Active Network Topology Extension (DANTE) mechanism allows an edge node (or nodes) to create a temporary tunnel to a core node. The current release of ANTS (2.0) provides a baseline implementation of the DANTE specification. Each node can be a core node or an edge node (but not both). An edge node can request an address from an arbitrary core node, and a dynamic tunnel will be created between these node.
The current dynamic tunnel mechanism differs from the DANTE specification in the following respects. First, an edge node can only connect to a single core node, and an edge node cannot request a block of addresses. These simplifications trivially enforce the property that an edge network not provide an alternate path for core routes. In addition, ANTS ignores the refresh timer and the error code fields in the DANTE header. Finally, ANTS does not use the type/length/value format for virtual link layer addresses. Rather, it uses the string representation used by other protocols in ANTS.
ANTS distributes dynamic addresses in the following way. On start-up, a core node is given a static block of addresses which it is free to distribute. Upon receiving a JOIN request contained in a DynamicAddressCapsule, the core node creates a RESPONSE capsule containing a dynamically allocated address. If no address is available, then the core node responds with an ERROR message. The new address is marked as allocated by the core node, but a dynamic tunnel is not created at this stage.
If the edge node does not receive a RESPONSE capsule, it sends another request after a suitable timeout period. Currently, an edge node will send up to five requests, and it waits three seconds between requests. Upon receiving a RESPONSE capsule, the edge node sets its address and forms a dynamic tunnel to the core node. The edge node immediately sends a keep-alive capsule across this tunnel. When the core node receives the keep-alive, it forms the reverse tunnel to the edge node.
The core node maintains a timer to detect when dynamically allocated addresses can be reclaimed. Each allocated address contains a use bit, which is cleared after a pre-set time limit (currently five minutes). If an address has a false use bit, then it is reclaimed, and its corresponding tunnel is destroyed. The use bits are refreshed by the keep-alive capsules, which are sent every 30 seconds by default. Thus, 10 keep-alives would have to be lost before a tunnel is accidently destroyed.
There is currently no mechanism by which an edge node can explicitly return its address (i.e., the DANTE LEAVE message). An edge node that wishes to leave the network simply shuts off, and the timeout mechanism on the core node will eventually cancel the address.
Dynamic tunnel information is propagated using a RIP-like routing protocol
that is packaged with ANTS. This has implications for speed-of-convergence.
This is discussed in the known issues section.
Configuration
This section describes how to start an ABone node.
An ABone node can be configured to run as a core node or an edge node (but not both). The mode of an ANTS node is dictated by arguments in an ANTS configuration file. This file is passed on startup to the ANTS configuration manager.
# Core Node 1 node 12.12.12.0 -routes core.routes -updateRoutes true channel 12.12.12.0 stdin -proxyaddr foo.bar.edu:3322 application 12.12.12.0 ants.dante.DanteServer -start 12.12.12.1 -end 12.12.12.244 -principal DanteUser # Other core nodes... Node 2, Node 3, ... ## Core node connection graph connect 12.12.12.0 12.12.12.1 connect 12.12.12.1 12.12.12.2 # ...Each node must have an address that is unique across the ABone. Note that this address need not have any relation to the local host's IP address. This address is the first argument to the configuration commands (node, channel, application, etc.).
The node
command defines node-wide parameters, in this
case it points to the initial routing table (-routes
core.routes), and turns on the dynamic routing application
(-updateRoutes true). Note that dynamic routing is required to
make DANTE-created routes useful.
The channel
command creates an input channel over which
Capsules are read. The first argument describes how capsules are read
into ANTS; this argument should be 'stdin' on the ABONE. In
standalone mode, this argument is of the form host:port. The
'-proxyaddr' flag indicates a local proxy that receives capsules on
behalf of ants; typically, this will be an anetd server.
The application
command creates a DanteServer that hands
out addresses between 12.12.12.1 and 12.12.12.244. The '-principal'
flag indicates that the server should run as the DanteUser principal
for the purpose of access control checks.
In addition to a configuration file, core nodes require a routes file in order to establish permanent tunnels. A routes file can be established by running the makeroutes utility, which is included in the ANTS distribution in the scripts directory. The makeroutes file looks for "connect" command in the configuration file of the form connect A B, where A and B are dotted addresses of ANTS nodes. A tunnel is formed between A and B. A routing table (assuming equal weight tunnels) is created using shortest paths. The syntax of the makeroutes utility is:
makeroute -route < configFile > routesFileNote that makeroute is written in TCL and requires
tclsh
.
# Edge Node 1; 0.0.0.1 is a temporary address node 0.0.0.1 -updateRoutes -routes edge.routes channel 0.0.0.1 nitrogen.cs.washington.edu:3325 application 0.0.0.1 apps.ping.PingApplication -port 45 application 0.0.0.1 ants.dante.DanteClient -node 12.12.12.0 -physical "*:8004:alpha.darpa.gov" -protocol if/ipv4/udp -principal DanteUser # Node 2, Node 3, ...The arguments to the node command are:
ABONE edge nodes must invoke a DanteClient application to acquire an ABONE address. The application should run as the DanteUser principal to provide sufficient access control. The '-node' flag indicates the address of the core node on the ABONE. The '-physical' flag indicates the physical address of the core node in the following format: srcAddr:destPort:destAddr:srcPort. Setting the destination port and destination address is sufficient. Finally, the 'protocol' flag indicates the "link-layer" protocol used to communicate with the core node; currently, only if/ipv4/udp is supported. Additional application commands can be added to execute user programs. The second argument must be the fully-qualified name of a class that extends ants.core.Application. If no principal argument is given, then the application is assigned to the LocalUsers group. The '-port' flag indicates a port over which the application receives capsules.
In ABone mode, anetd is used to indirectly instantiate ANTS. The anetd SC command loads an ANTS execution environment on a running anetd daemon. Typically, this process is automated by a set of scripts. There are some sample scripts in the ants distribution. See the Anetd documentation for more details.
The frequency of routing updates is controlled by parameters in
RouteTable.java (see below).
Known issues
In practice, this rarely happens accidently
because it requires sending to an invalid address. Also, this address
must correspond to a host (and UDP port) that were restarted before
the original routing entry expired.
I would be happy to entertain suggestions for how to change this. Send suggestions along to the address at the bottom of this page.