Protecting Critical Inter-Domain Communication through Flyover Reservations

TL;DR

This paper introduces flyover reservations, a hop-based bandwidth reservation system for critical inter-domain communication, and presents Helia, a secure, high-performance protocol that outperforms existing systems in scalability and security.

Contribution

The paper proposes flyover reservations as a novel hop-based approach and introduces Helia, a secure protocol for setup and data transmission, demonstrating scalability and security.

Findings

Helia achieves 160 Gbps reservation traffic processing.

Helia resists various powerful security attacks.

Flyover reservations are scalable in large network graphs.

Abstract

To protect against naturally occurring or adversely induced congestion in the Internet, we propose the concept of flyover reservations, a fundamentally new approach for addressing the availability demands of critical low-volume applications. In contrast to path-based reservation systems, flyovers are fine-grained "hop-based" bandwidth reservations on the level of individual autonomous systems. We demonstrate the scalability of this approach experimentally through simulations on large graphs. Moreover, we introduce Helia, a protocol for secure flyover reservation setup and data transmission. We evaluate Helia's performance based on an implementation in DPDK, demonstrating authentication and forwarding of reservation traffic at 160 Gbps. Our security analysis shows that Helia can resist a large variety of powerful attacks against reservation admission and traffic forwarding. Despite its simplicity, Helia outperforms current state-of-the-art reservation systems in many key metrics.