* You are viewing the archive for May, 2009

CoralCDN Lesson: Accepting conservatively and serving liberally

Mike Freedman May 24, 2009 Content Distribution, Experiences Comments

Tags:

coralcdn-lesson-accepting-conservatively-and-serving-liberally

At its heart, CoralCDN provides a caching serving, not a persistent data store.  Thus, it ultimately requires that a URL’s origin server is initially available, so that it can pull in content to some CoralCDN proxy and make it available across the network.   While traditional web proxies normally interact with sufficiently-provisioned or otherwise well-behaved origin webservers, CoralCDN experiences a different norm.  Given its very design goals, its proxies typically interact with overloaded or poorly-behaving servers; it therefore needs to react to (non-crash) failures as the rule, not the exception.  Thus, one design philosophy that has come to govern CoralCDN … Continue Reading

Postdocs and the CIFellows program

Mike Freedman May 18, 2009 Research Opportunities Comments

Tags:

postdocs-and-the-cifellows-program

Some of you might have heard about the Computing Innovation Fellows program, which is a new funding opportunity for recent PhDs interested in pursuing a 1-2 year postdoc.  Realistically, this program was a response to the terrible job market (both in academia and at research labs) that graduates are facing this year.  It’s pretty impressive that the CCC and CRA were able to put together the plan, funding, and organizing so quickly!  For those not aware of the program and interested in a postdoc next year, check it out.  Applications are due June 9, 2009.

I also just … Continue Reading

CoralCDN Lesson: Fixing overlooked assumptions in DHTs

Mike Freedman May 13, 2009 DHTs, Experiences, Peer-to-peer Comments

Tags:

coralcdn-lesson-fixing-overlooked-assumptions-in-dhts

So let’s start with the first of seven lessons from CoralCDN’s deployment:

  • How all published distributed hash table (DHT) algorithms are susceptible to race conditions and routing errors for non-transitive network connectivity, and what can be done to mitigate these problems.

Some challenges with deploying DHTs
slashdot-data

CoralCDN’s primary goal was to enable websites to survive spikes in traffic.  We can see examples of such so-called flash crowds through CoralCDN: The figure on the left shows a spike to Coralized slashdot.org URLs that occurred in mid-2005.  Requests grew from nothing to … Continue Reading

Security mechanisms in CoralCDN (and some attacks)

Mike Freedman May 01, 2009 Content Distribution, Experiences, Security Comments

Tags:

security-mechanisms-in-coralcdn-and-some-attacks

Before finally getting to some experiences, I wanted to touch on some of the security mechanisms that CoralCDN proxies incorporate to curtail misuse, especially important given their deployment at PlanetLab-affiliated universities.

Limited functionality

CoralCDN proxies only support GET and HEAD requests.  Many of the attacks for which “open” proxies are infamous are simply not feasible.  For example, clients cannot use CoralCDN to POST passwords for brute-force cracking.  It does not support SSL and thus risk carry more confidential data.  CoralCDN proxies do not support CONNECT requests, and thus they cannot be used to send spam as SMTP relays or forge From: addresses … Continue Reading