Markdown Version | Recording 1 | Recording 2 | Recording 3 | Recording 4

Session Date/Time: 22 Jul 2025 07:30

anrw

Summary

The Applied Networking Research Workshop (ANRW) 2025 meeting covered a range of topics including network misconfiguration, carbon-aware content delivery, and 360 video streaming. Laurent Van Bever delivered a keynote on tackling network misconfiguration using verification techniques. Presentations followed on carbon-intelligent content scheduling in CDNs and end-to-end 360 video streaming over HTTP/3.

Key Discussion Points

• Network Misconfiguration (Laurent Van Bever):

  • Configuring networks is challenging due to a semantic gap between high-level operator requirements and low-level configurations.
  • Network verification promises to improve network reliability by formally proving configuration compliance.
  • Current verifiers often check a restricted set of properties (primarily forwarding-level properties) and are imprecise.
  • Verifiers need to be sound (report all bugs) and complete (report only bugs).
  • Discussion on model-based vs. model-less approaches for network management.
  • Question from Sergey regarding verification roles related to cascading failures and electrical power grids.
  • Question from Rudiger on high-level abstraction of specification languages.
  • Question from Matthew on collaboration with ISPs.
  • Question from Debo on LEO satellites and AI.
  • Question on Ops Area's interaction to help network operators and academics.

• Carbon-Intelligent Content Scheduling in CDNs (Sassan Ele Zahar):

  • Exploration of carbon-aware scheduling of content fill in CDNs to reduce carbon emissions.
  • Multi-hop transmission between caches offers further carbon savings.
  • Demonstrated 13-17% carbon savings with single-hop and 53-64% with multi-hop scheduling on Netflix data.
  • Savings higher in Europe due to greater green energy adoption.
  • Scheduling window of three days ahead provides significant savings.
  • Question from John regarding how traffic switching results in savings.
  • Questions about the significance of transfer and relating carbon/energy to different aspects.

• End-to-End 360 Video Streaming over HTTP/3 (Felipe Ribeiro Rosa):

  • Presentation on an architecture for end-to-end 360 video streaming using HTTP/3.
  • Discussion of adaptive bitrate selection and tile-based delivery to optimize video quality.
  • Multi-path QUIC and SAECF (prioritized streams) are employed to improve quality of service.
  • Experiement with blocking/non-blocking tiles.
  • Stalls remain a big problem.
  • Question from Here about stream setup.
  • Question from Sergey about network issues and limitations for 3D streaming.

Decisions and Action Items

• Action Item: Follow-up between Debo and Laurent regarding LLM applications and AI integration.
• Action Item: Suggested follow up with NMOP and INI regarding future jobs.
• Action Item: Laurent and his team to visit OPS area for discussing future work.
• Decision: The meeting will have a break of 30 minutes and will reconvene at 1130.

Next Steps

• Continue research on increasing properties, improve coverage, improve usability.
• Further research on traffic scheduling and improvement for performance for 360 streaming.

Session Date/Time: 22 Jul 2025 09:30

anrw

Summary

The anrw session featured six presentations covering diverse topics: affiliations within SDOs like IETF, utilizing LLMs for IETF collaboration, automated network protocol testing with LLMs, emulation of satellite constellations, website loading emulation, and network tomography using explicit flow measurements (EFM). Discussions focused on the implications of each study, potential improvements, and future research directions.

Key Discussion Points

• IETF Affiliations (Ignacio Castro):
  • The number of organizations participating in the IETF has remained stable while individual participation has decreased.
  • Engagement varies significantly by type (meetings, mailing lists, drafts, RFCs).
  • Conversion rate from draft to RFC is decreasing.
  • Inequality in organizational participation is roughly stable.
  • Discussion around the cyclical nature of work within the IETF (problem-solving phases).
  • There was a discussion if the presenters work identified differences among the IETF areas.
• LLM-Enhanced IETF Collaboration (Jib Bian):
  • A data set called Cautex Flow links working group discussions to internet draft changes.
  • A search system uses information retrieval (sparse and dense retrieval) to connect comments to specific drafts.
  • An edit task instructs LLMs to produce internet drafts based on previous versions and comments.
  • Discussion about distinguishing the approach from direct LLM paper writing; the work focuses on accelerating the editing phase.
  • Concerns were raised about LLM hallucinations and how to validate results.
• Automated Network Protocol Testing with LLMs (Junze Way):
  • The study addresses the widening gap between protocol testing demands and the capabilities of current methods.
  • The framework (NetTAS AIM) extracts structured specifications from RFCs to generate test cases and code.
  • A validation process is used to check the generated test cases.
  • Coverage of 95.1% was reported for evaluated RFCs.
  • Discussion about the definition of coverage.
  • Discussion regarding comparison with human written tests.
• Phantom Link: Emulating Virtual End-to-End Links (Juan Sosa):
  • Phantom Link is an emulation tool for satellite constellations, focusing on space-to-space and space-to-ground links.
  • The tool addresses the challenge of rapidly changing and multi-path conditions in LEO constellations.
  • It abstracts physical path characteristics into end-to-end propagation and bottleneck data rate.
  • Evaluation using IPERF with Starlink topology parameters was presented, and Reno, Cubic, and BBR were compared.
  • Discussions explored differences compared to existing simulators and the consideration of packet loss.
• Browse: Model-Based Website Loading Emulation (Kilian Holzinger):
  • Browseum is an emulator for reproducible website loading activity, replacing browser dependencies with requests and network path emulation.
  • It simplifies setup and allows for modifying protocol implementations.
  • The approach involves scraping websites, building models, and emulating the loading process.
  • Discussions focused on prioritization of requests.
• Network Tomography Using Explicit Flow Measurements (Aik Kunz):
  • The presentation explored using explicit flow measurements (EFM) for network tomography, an approach usually done by active probing.
  • Compared network tomography performance with active ping measurements, TCP probing, and several EFM techniques.
  • EFM is done via production traffic with no extra traffic overhead.
  • Demonstrated the use of path segmentation to improve EFM accuracy for network tomography.
  • Highlighted challenges in practical application, including the need for path segmentation or a more general tomography methodology.

Decisions and Action Items

• Action Item (Juan Sosa): Consider comparing Phantom Link with Hypatia and other existing simulators.
• Action Item (Junze Way): Consider comparing test case coverage with that of existing open source implementations.

Next Steps

• Continue research and development on LLM-based tools to assist IETF collaboration.
• Explore smarter test case generation and establish test case evaluation metrics for automated protocol testing.
• Further develop and evaluate Phantom Link for various satellite communication scenarios.
• Improve the quality of parameter estimation in website load emulation.
• Investigate solutions that doesn't need pass segmentation to apply this EFM technique.

Session Date/Time: 22 Jul 2025 12:30

anrw

Summary

This session covered a range of topics related to transport protocols and network performance, including congestion control mechanisms, measurements of TCP performance over satellite internet, performance variability in QUIC implementations, acknowledgement cascades in multi-hop masking, and a fallback issue in TCP Prague. The session included presentations from researchers and engineers followed by Q&A and concluded with one minute pitches from poster authors and a poster session.

Key Discussion Points

• Careful Resume (Nico):
  • Explored a mechanism to reuse knowledge from previous connections to speed up the initial ramp-up of congestion windows.
  • Employs a reconnaissance phase with RTT comparison to ensure path consistency.
  • Safe Retreat mechanism to handle situations where network conditions have changed.
  • Discussion on the fairness of Kaffir Resume compared to slow start.
  • The flow completion time for background flows doesn't change dramatically.
• TCP Performance over Starlink:
  • Measurements of TCP congestion control performance using various TCP variants over Starlink.
  • Observed limitations in single-flow TCP performance due to the microscopic behavior of Starlink resource allocation.
  • BBRv3 showed promising fairness characteristics compared to BBRv1.
  • Performance variations over time suggest changes in Starlink's network configuration or resource allocation.
  • Microscopic behaviour of Starlink in terms of resource allocation and delay impacts congestion control.
• QUIC Throughput Speed Bumps:
  • Investigated performance variability among different QUIC implementations.
  • Identified protocol implementation choices, I/O, and cryptography as key bottlenecks.
  • Demonstrated that Linux UDP is not a significant bottleneck with proper optimizations.
  • Suggested pipelining as a means to improve QUIC performance without compromising flexibility.
  • There is a performance improvement if we provide some guidance on how to design and accelerate the implementations
• Cascades of Nested Acknowledgments in Multi-Hop Mask:
  • Examined the phenomenon of cascading acknowledgments in multi-hop masking.
  • Encapsulation and masking may elicit additional acknowledgments.
  • Analyzed that this could potentially be exponential based on the number of proxies.
  • Increasing acknowledgement delay and aggregation can mitigate the overhead.
  • Potential privacy implications due to traffic analysis based on distinct packet sizes from encapsulated acknowledgments.
• Reproducing and Solving a Fallback Issue in TCP Prague:
  • Reproduced contradictory results on TCP Prague's fallback mechanism's performance.
  • Identified a bug in the implementation related to mismatched scaling factors.
  • Demonstrated improved performance with the bug fixed.
  • Fallback mechanism now correctly works.
• Poster Session Pitches:
  • Africa infrastructure measurement and suboptimal routing minimisation.
  • DNS security analysis.
  • "Switch Homing" approach that utilises mobile devices and multipath protocols to seamlessly switch providers.
  • Decentralized social applications and a lack of application-independent namespaces for user identities.
  • Traffic prioritization generating unexpected traffic in some schedulers.
  • Tools finding unstandardised TTL results.
  • Sampling prefixes.

Decisions and Action Items

• Action Item: Lucas Pardue to investigate the possibility of an option to eliminate data acknowledgments due to results shown by Katrin Hymnhorst in the cascades of nested acknowledgements talk.
• Action Item: Janai Anghar mentioned there is definitely interest in figuring out how to treat these datagrams differently.

Next Steps

• Further investigate the fairness impact of Careful Resume with more detailed measurements.
• Characterize loss for further understanding.
• Evaluate impact on real world deployments.
• Encourage QUIC implementers to focus on optimized crypto.
• Explore the potential traffic analysis attacks from encapsulated acknowledgments.
• Look at quick aware proxying draft in Mask.

Session Date/Time: 22 Jul 2025 15:00

anrw

Summary

This document contains the minutes for the anrw session, covering a variety of topics related to network research. The session included presentations on anycast geolocation, MPLS network action stack management, predictable traffic in virtual switches, internet background radiation analysis, secure eBPF deployments, a QUIC protocol vulnerability, and DNSSEC post-quantum cryptography considerations.

Key Discussion Points

• Anycast Geolocation:
  • Discussion on the limitations of latency-based anycast geolocation methods.
  • Presentation of a trace route-based approach for improved accuracy.
  • Analysis of overcounting issues in the trace route method due to router configuration.
• MPLS Network Actions (MNA):
  • Explanation of the MNA framework and its use of reserved label values.
  • Identification of challenges in HBH NAS preservation due to readable label depth (RLD) constraints.
  • Proposal of an HBH preservation mechanism using a stack management network action to avoid parsing irrelevant LSEs.
  • Proof-of-concept implementation on a hardware switching ASIC.
  • Discussion on the compatibility of the mechanism with brownfield networks.
• Predictable Traffic in Virtual Switches:
  • Discussion of the bottleneck of a slow path in SDN environments
  • Benefits of pre-installing rules to reduce latency
  • Proposal to predict traffic in Open vSwitch (OVS) in OpenShift
  • Discussions on the use of "coflows" to find a type of cluster traffic that could be generalized
  • Tests using CPU, latency, and up call statistics on OVS
• Internet Background Radiation (IBR) Analysis:
  • Definition of IBR and the limitations of traditional network telescopes (darknets).
  • Introduction of the "refractive telescope" concept utilizing ICMP error messages.
  • Discussion of the capability to detect reflection DDoS attacks.
  • Experiment results from a transit ISP network.
  • Mention of the need to filter out low-activity IBR sources and classify malicious IP addresses.
• Secure eBPF Deployments:
  • Challenges in eBPF deployments, including verifier vulnerabilities and lack of provenance tracking.
  • Proposal of a framework using manifests and signed byte identity verification.
  • Description of the manifest structure containing metadata, attach rules, and permissions.
  • Discussion of the loader component for policy enforcement before eBPF program execution.
• QUIC Protocol Vulnerability (Optimistic Ack Attack):
  • Explanation of the optimistic hack attack where clients acknowledge packets they haven't received.
  • Demonstration of the ability to exploit the attack against multiple QUIC server implementations.
  • Discussion on the difficulty of middleboxes detecting the attack due to end-to-end encryption.
  • Real-network experiment results showing increased bandwidth from a CDN despite a client-side limit.
• DNSSEC Post-Quantum Cryptography (PQC):
  • Overview of DNSSEC and the importance of signature sizes.
  • Comparison of Falcon signature sizes in compressed and padded formats.
  • Analysis of real-world data from the .NL DNSSEC-signed zone.
  • Conclusion that padded Falcon signatures offer a better trade-off due to predictable size.
• Secure Autonomic IoT Device Management
  • Proposed framework using Chic Zero and Brusky to enable scalable and secure onboarding for constrained IoT devices
  • Use of Chic Zero to compress messages required for onboarding defined in Bruski
  • Experiment Setup using MathLab to test if the framework is feasible

Decisions and Action Items

• IBR Analysis: Marwan Fed suggested exploring the potential for open-sourcing or sharing IBR data collection and analysis methods within the community, possibly under the IETF or IRTF. Discussion about the term "radiation" to be discussed off-line.

Next Steps

• eBPF: Standardize manifest format and policy language for entire probability.
• QUIC: Continue to engage with QUIC maintainers regarding the optimistic hack vulnerability and potential mitigations.
• IoT Management: Implement Framework on a real LoRa, and perform deeper security analyses and performance benchmarking