 Welcome to my talk My name is Teresa and I'm going to present you my research prototype which is about Managing multiple network interfaces in user space on Linux so I am a researcher and PhD student at TU Berlin and I'm at the internet network architecture group with professor Anja Feldman and this research that I'm presenting now Has like is joint work with my colleague Phillip Tiesel We have been developing the prototype for about four to five years So yeah, it's it's all research code But yeah The scenario that I want to talk about is about a multi-access client So we got an end device like a notebook that is running Linux and it has multiple network interfaces And it's connected to Different access networks over these interfaces like for example one is LTE and one is Wi-Fi like with an LTE stick It could also be Ethernet and Wi-Fi Yeah, but the point is that the client can now reach the internet or some server on the internet over both these interfaces So usually like if you're on a smartphone usually Wi-Fi would be preferred over LTE It's usually the default, but actually it's not always better in terms of performance So there has already been a research paper from 2014 where these researchers have measured the Wi-Fi and LTE performance in terms of download bandwidth and also like latency and They found that in about 40% of the cases LTE was actually better than Wi-Fi like Where they just had lots of samples from some smartphones that were connected to Wi-Fi and LTE and basically in the same place at the same time comparing their performance so Yeah, they found that LTE is often actually better than Wi-Fi in terms of performance and so it suggests that Maybe there is not always just one default interface that we should use while Ignoring the other one So my research is basically in the scenario which one would you pick? How do you pick the better one? What is even the better one or maybe can you use both at the same time? So right now, let's yeah, let's say we have this laptop It has an interface called WLAN zero connected to a Wi-Fi network. It has a PPP zero connected to some cellular network and Now one of them is going to be the default interface and the other one basically never used Which one is the default? I guess it depends on the routing configuration of the system and There is some system-wide static default route usually like it's very simple you look at the routing table and then there's the default route and you just use it and So one way where you could make use of the other interface as well is that you configure policy routing so you You configure two routing tables one over the WLAN interface one over the PPP interface and then You can configure routing rules, so For example, if the application explicitly specifies one IP address of your Configured addresses as a source then it would go over this particular interface So for several applications you could say please always bind to that IP address And then it would go over this interface. So The problem with this is okay. So first let's see Let's take a look at the socket API Which is what many applications are using when they are accessing the internet. So Yeah, first they would resolve a name with get other info Just putting in a host name and getting back one or more IP addresses of the server that they are trying to connect to Then they set up a socket with the socket call And then optionally they can bind the socket to one of their local IP addresses. So here they could At this point they could make a decision as an application. Okay, I got this and this IP address So which interface would I actually prefer and then it would connect to the server Over this IP address and then close the socket like after doing whatever the application wants to wants to do So this is all good, but now we have many applications on the client and if we think about that every application would have to implement its own decision logic to differentiate between the interfaces and to Pick one of the interfaces or the other and then also sometimes it's important What is the current performance of the interface? And so imagine that every application would have to Periodically like monitor the interfaces get us some statistics on it. Which one is currently used the most or maybe did I lose my Like that I lose performance as the wife. I congested something like this. So One problem would be that a lot of code would have to be duplicated within all the applications and it would also get really complicated and the other one is that So if we then try to Unify this in some way, which is what we are doing with the socket intense framework Then you on the other hand you have the problem that the applications do have different Requirements like if you just provide one single API and you say okay, so now at one central library We always make the decision which interface would be better in this case then Maybe the same default interface doesn't always work for the different applications with their different needs and different kinds of traffic that they have and so in the socket intense framework, we are trying to basically Substitute this socket interface by a more enhanced API and provide a framework that Managers different network interfaces and that's That can make decisions for the applications which of the available Interfaces to use for for example the next connection So I'm going to explain how this works in a little more detail. So first socket intense Is a concept about the different requirements and needs of the applications So By default through the socket interface the application can only basically say okay, I want a TCP connection I want the UDP connection which is nice But over this connection they can they can be lots of different things right it can just be like some Small and short queries that just have to be finished like as fast as possible it could also be a huge file transfer and It could also be like a long-lived video streaming session So one socket intent that we introduce which is a piece of additional information that the application can give to the library And to the socket intense libraries through the enhanced socket API is about the category Category of the traffic. So for example, is it a query? Is it a stream? Is it a bike transfer? so we can differentiate between like Different connections that the application opens when we make our decisions later and another intent would be The object size of the transfer like if it's a transfer then are we talking about a 10 kilobyte object? Or are we talking about one megabyte or a hundred megabyte? Then also something about a duration like is it is there a fixed duration that we know this connection is gonna last and Then also about the timeliness which we named it Which is basically is it a time-critical traffic? Is it going to be something? Sorry that the user is gonna be interacting with or is it just in the background and we don't care if it's finished within five minutes or ten minutes So all these pieces of information are optional but the application can specify them as additional hints to the socket intense library and This can do this in the hope that then the library can like make a bigger better decision on which of the available Interfaces would fit the requirements of the new connection From the application. So this is not quality of service. So there are no service guarantees It's not intended that you specify. I need 10 megabit per second guaranteed bandwidth But more like okay, I would like I would like some kind of like duration of a stream transfer and maybe you can set a bit rate but it's not about Guaranteeing anything it's about the best effort of the system and also if multiple applications would set these intents then The system would have to balance their requirements in a fair way So it's not about quality of service and it's also not about prioritization that one application says okay My traffic is now the most important So yeah, this is the concept of socket intense and now we are building Oh, yeah resilience to connection loss. I forgot. So it's also a question of If this TCP connection was to be interrupted, how bad would it be? Is it just a transfer I can resume or is it like a stream that would get interrupted for the user? so our socket intense library basically is sitting on top of the usual socket library that I already showed and the application would first Use this and yeah, so then the socket library The socket intense library talks to the multi access manager which is a Standalone application. It's like a demon that runs once for the whole system and it gathers performance estimates from the Interfaces that are currently configured and Then later on it has the task to choose an interface so how it works is that there is an application that uses the socket intense library and Yeah, it makes a Request it says okay. I want to set up a new connection with these particular features or intense Or like this is my idea of what to optimize for in this connection and Then the socket intense library queries the multi access manager says okay So this is all the application that I got from the information which interface do I use for it? What do you think and then the multi access manager has a policy which is Which is a module that can be dynamically loaded so also in different environments you can use different policies for choosing your interfaces For example the multi access manager would then say okay You should use WLAN zero for this connection and it sends this information back to the socket intense library Which can then bite the connection to WLAN zero and connect the Connect the socket So this is in a little in a little more detail so the application starts up and then The policy on the right which runs within the multi access manager also starts up and Then the application can for example already the specify its intense on some Data structure that we pass to all our socket calls Which are like not on the slide, but we have to link the socket calls all together in some way And for example, you can do it by handling socket context for Like the same connection so you can do some Set sock opt-call that we extended by the socket intense and then When the application doesn't get other info to resolve a name the intense library Makes the policy resolve that name. So why do we need rainbow solution here? Well, if you have multiple multiple access networks Which you connect to then? The same server might be reachable like over both interfaces But also maybe you're talking to a content delivery network and then there is multiple servers for the same host name And then if you do a get other info over one interface You get maybe a different set of IP addresses Then if you do it over the other interface and to our knowledge there is not yet Software in linux that handles this like explicitly that you can get Different resolver responses over different interfaces, and then how do you manage it like if you then establish the connection? Later over one Interface, but you get you use the IP address that you have resolved over the other interface Maybe your performance could suffer from it. And so this is what we're trying to address here when we already Resolve the name in the policy and already to some Destination IP so basically you could issue a DNS request over both interfaces at the same time and see what which comes first or you could just Make a different like make a decision and then choose which IP address to actually give back through the library to the application and at that point the application can set up its socket and Then do a connect so the application now does not have to call bind explicitly, but it can just call connect Because the socket intense library Internally handles the connect and like sends the connect request to the policy which would then choose one of the local Interfaces or choose the IP address that the intense library then binds the socket to which already exists at that point And then the application can do something on the socket and Close the socket later So yeah, this is the rather like basic classic socket API, which is also Unfortunately blocking we also have a few non-blocking libraries or API store for applications And we for example have socket connect Which is another API that basically we developed and the idea is that here We wanted to have just one call for the application That the application can say hey, I want to connect to this URL on this board and with this intense for the connection and then The socket intense library would give back a socket that is already connected to the application Or it would if it's non-blocking it would just give back like a placeholder that is going to be Connected later and then the application can later use the socket like by yeah, Paul and So the socket connect works Kind of similarly But the resolving and choosing of the destination IP and local IP address basically happen all in one call to the policy so When it's called the very first time then there is no existing socket. So the policy would basically Find out the parameters for the socket that the application should use And then the socket intense library sets up the socket and gives it back to the application So now the application can use the socket for read write whatever and then it does not have to Close it yet. It can also use a socket release which says, okay Let's leave this socket open, but I don't need it anymore for now and then for the next socket connect The application might get the same socket back, but it might also get back a different socket like a new socket for example so here we can have several Sockets that the socket instance library manages for the application and the application can just say okay now I want a socket that is Suitable for this intent and now there's a socket that is suitable for like a different intent And then it doesn't have to care which interface it is it can just use the socket That it gets from the intense library. So for example if we have if we have two interfaces and there is a TCP connection over one interface and there's one over the other interface then You could like you could do one HTTP request over the one TCP connection You could do the next request over the other connection and like use them in parallel and also This works when you have More streams or when you have more TCP connections So usually there would be like a number of connections open over both interfaces And then for each request like for example if you're in a web browser and you're fetching a website with different objects Then you can fetch object one over like one interface and the next object over Another connection over the same interface or maybe over a different interface So with socket connect Yeah, you manage a set of sockets and the application doesn't have to consider Which interface to use because it just always gets back a socket that it can use to read or write on Most likely just a first a write and then a read Anyway, so yeah, but the socket connect API exists in different variants and Yeah, but the details are for example in that draft that I linked on the page of the talk and I can Also give you the details if you're interested later So yeah, these are two APIs that we developed and then we also developed policies Which were the component just on the right that we saw They are they get as input the socket intense per connection or maybe per message per object what the application wants to do and Then also it gathers the interface statistics passively So right now we just observe existing traffic over the interface and we see like okay what are the round trip times of the TCP connections that already exists what is like the minimum what is the median and Try to guess something from these round trip times And also we observe the interface counters and basically see okay What is the maximum change in interface counter? Which means like used by interest like send or received bytes that we see like per hundred milliseconds And then we can have a guess about the capacity of the interface like at maximum download or upload bandwidth over the interface and From these inputs we can now choose a local interface So simple baselines to compare against would be that we use only one of the interfaces Or that we use both like one after the other in like around robin fashion so first interface one and interface two then one and two and so on like Always go back and forth and then also we could have a policy that just always picks the Interface with the lower RTT or that always picks the interface with the higher bandwidth And then one in one policy that we developed is the earliest predicted arrival time or early arrival policy and this one would now make use of the Intent called object size so The the idea behind that is that if you have a large object Then you want to prefer the interface with the high bandwidth But if you have a small object then the interface with a lower RTT if it's a different interface would be more beneficial Because for the small object you don't need a high bandwidth But you just want the download to be finished as fast as possible But for the larger objects a higher bandwidth is important because otherwise you're yeah You will have to wait longer for your object and so the policy basically tries to predict basic based on the Based on the interface statistics that it got previously it tries to predict How long will I need over one interface? How long do I need over the other interface and so which one do I prefer in this case and Then also as I said already It can choose a remote IP address among multiple resolved IP addresses and Also said arbitrary socket options actually we also have like we have the option to switch on or to enable a multi-path TCP per connection This is not something I evaluated yet, but Like we also built this into the prototypes or the prototype is still being extended with like some of these nice features So now I'm going to show you an evaluation set up that I'm currently working with It's also fairly simple So I don't use an actual LTE network But I have a Wi-Fi and then an internet connection from a laptop That is going via a traffic shaper and then to a server So the client runs a web browser and it uses the socket intense framework for its Connections and then the traffic shaper can emulate different network conditions like you can specify an RTT that is imposed on all the traffic that goes through all of these networks and you can shape the bandwidth Like you can limit the bandwidth that can go through the shaper and also You can configure a packet loss on the traffic So Yeah, I emulate different network conditions on both paths basically And then there's the web server which can or which hosts different web pages of different sizes and so far it's just a Static workload like just some websites with a number of images which I'm going to show you on the next slide So this is going to be the details of like a preliminary Evaluation that I'm doing right now because right now I'm still like Trying out which are the best policies and how to optimize the performance For example for web browsing so in this case the connection on the top and green is over the Wi-Fi interface and It has a shaped RTT of only 10 milliseconds, so it's quite fast But also it only has 2 megabit per second as a download bandwidth, which is like not a lot and In blue on the bottom Over the ethernet I shaped RTT of 100 milliseconds, but of 20 megabit per second downstream So here again the idea is that for very small queries very small objects you would prefer the one in green with the Wi-Fi interface with 10 milliseconds and For a larger objects for larger objects, you would prefer the one with 20 megabit per second Download because it's yeah That would be the faster one in each case so the websites I have more Websites, but these are the ones that I'm going to going to be showing in the plot on the next slide is Is There's a one static website where it's the one HTML file and then for 10 kilobyte images or 8 kilobyte 8 10 kilobyte images or 16 images or for a hundred kilobyte images and usually webpages are going to be more like more objects and of Bigger sizes, but yeah the evaluation is going to continue in that direction to more realistic workloads and websites and then the policies that I Did I use for this preliminary evaluation that I'm going to be showing is only over one interface Wlan zero only over eth0 the other interface and then both with the earliest arrival policy that for each of the Objects predicts the download time and then uses either Wlan zero or eth0 so Here is my plot yeah so on The x-axis you see the different scenarios like this is 10 kilobyte 4 images 10 kilobyte 8 images 10 kilobyte 16 and 10 hundred kilobyte 4 images And basically always the socket intense then eth0 only and then Wlan zero only and Only y-axis is the page load time in seconds and it's like between 0.3 and 1.8 or so seconds for this Particular quite small workload. So these are box plots. So they show of different of many repetitions they show you the Median basically and then in some cases like from where to where did we see values So for the very small page of only four images of 10 kilobyte eth0 was apparently quite fast because lower is better of course for page load time and Wlan zero was Slower and then socket intense used eth0 the faster interface basically Yeah, yeah eth0 is better also in this case So Wlan is slower. So socket intense uses the better interface But then as the images get more or the workload gets bigger at some point Wlan which had the Higher bandwidth becomes better Because if we are going to download Many more images then at some point The bandwidth is going to get clogged on the two megabyte interface And so here socket intense uses the Wlan zero interface because it's faster and then The last case is particularly nice because here we use a combination. So This one is up here the eth0 interface has now become Actually quite slow because it has only two megabyte per second download bandwidth and Wlan is Way faster, but then socket intense is even faster because it can make use of both interfaces And so as I said, this is only a preliminary evaluation and right now I'm working off on a like more extensive one and improving my policies and Matrix and performance estimates that I get From the interfaces so Yeah, so keeping in mind that this is a research prototype and not a production code still I'm wondering if like Okay, so for socket intense the application needs to be modified I'm aware that this is going to be quite hard like I'm not expecting that every browser is going to Support socket intense in the future But still it's a question of like how to get applications to use socket intense or something like this or how to How should the application if it should do it? communicate its needs or expectations about the traffic and then also how to come up with smarter policies to choose between network interfaces and also which I find an interesting question how to integrate this with other Linux user space software or what networking libraries exist that could inform the socket intense framework or vice versa or How does it work? So if anybody has any input or questions on this I am looking forward to that so This is my summary. So The goal of my research is to use multiple network interfaces. The prototype we developed is called socket intense It's a networking library in user space which applications can do it can specify Can use to specify what it knows about its traffic and then to get like To get its interface picked basically Through the multi access manager, which uses the best option and the code is on github and It's released under a BSD license. So you can check it out. You can play around with it And yeah, you can talk to us about it. So to for contacting me Teresa at Inet Because it's like part of my research, but I'm also on Twitter and I'm on mustard on so if you don't know mustard on already You should check it out because actually on mustard on I write more technical stuff and on Twitter. It's more like activism So it's mustard on is basically Twitter, but better Okay Enough heads. Okay, and then I'm also a LinkedIn if that's your thing or I'm also on github all right, so thank you for your Attention and now I think we have a little time for Questions if there are any Seven minutes. I see Yeah Hello, my name is Luba I work on network managers. So this sort of interests me what you what you said I do have a question. I'm wondering you said you do passive monitoring to assess the the properties of the interfaces that For the policy to take decisions and I'm wondering how does this work like from the very beginning like when you I suppose you Don't have any information then so suppose you start with a slow mobile broadband And the gigabit Ethernet do the round robin from the beginning Yeah, so what we do is that in the multi-access manager We have this callback which currently gets invoked every hundred seconds And then it basically reads out all the statistics like through netlink and from the interface counters that it can find But we assume that there is already ongoing traffic on the system and yeah, it needs to be bootstrapped somehow and I guess for the first few requests we should use a sort of round robin that like This kind of thing is what I'm like currently still working on like what is the best way to gather these statistics? I'm Yeah, I also think that this kind of thing could be like Coordinated between different processes that actually have an interest in like which interface is the best also we monitor some Wi-Fi statistics like through netlink you can get signal strength and the currently used or the last used modulation rate and Also, we are working on like looking how looking into how we can get the QBSS information Like from the access point which can insert basically the current utilization of the channel Which is really interesting because the signal strength it can like up to a point It doesn't matter so much if the signal strength is really good or not so good But the utilization of the medium like how many clients are there and how much traffic are descending is really interesting And so like we're also gathering these kinds of statistics Thanks You also had a question So did I get it right that it's for client side of the connection or it's might be also useful for server side It could also be used for a server side. So the library is not limited to that So for example, it could also be used in like in a data center where there's a multi-homed Server that wants to open like different connections for different kinds of workloads. So I haven't I Haven't explored that yet And I'm like more interested in the client side, but yeah, I think it would be possible I don't know about the exact like networking libraries that exist for the server side, but I guess it would be possible So as long as you at some point either establish a connection or you say, okay Now I have something like some traffic to send now I have something to do. Please give me a socket to do it Should be possible. Yeah, I Was wondering about If you've got a lot of interfaces, especially if you've got also open VPN interfaces this side to do interfaces It's just like we smart enough to well, basically use the right one because in If you use an open VPN, you don't want things to go over the unencrypted channel. Yeah. Yeah. Yeah, sure Yes, you could configure these things in the policy. So in the policy you can configure Which interface you want to have considered at all? So you if you have an interface that you deem insecure then you wouldn't consider it at all Maybe and we don't have a security intent so far, but we could add it I was wondering if you tested with So you did some simulation with limited bandwidth for example, do you change that limit over time? Not yet, but yeah That's also something that is planned because of course the mobile performance is all can also be very flaky But we what we did do is that we introduce a cross traffic on the wireless channel from multiple clients And then of course we see the performance drastically drop like no matter what is shaped Later on if there is many clients on your channel or if your signal gets bad Then at some point you're gonna like see the performance change but with these dynamic Network conditions, that's yeah, it's also an interesting question. So I'm I Said this framework up and now I can play around with like lots of different scenarios Have you tried to model what kind of effects in the case of the Wi-Fi and the LTE? Which is an I suspect a very common case And have you tried to model what kind of effects it would have if you turn this on because you know LTE is generally more of a scarce resource. So if everyone started acting like rationally, but selfishly Would you come, you know, do you think you'd come into a situation where the overall network is worse overall because everybody's acting rationally? yeah, I Have looked into like or like we can start at considering some Communication with the network like of course from the excess point we can have to my medium utilization But from the LTE network, I think we don't get as much information, right, but then yeah, I'm I already looked into How you could coordinate different clients, but I like don't have a ready simulation of it yet But it's also an interesting question. Also, there is one socket intent that I didn't mention that is basically about For this connection, would it be okay to use something that costs money or like that uses up your data? your data mobile data thing Or not and so this we also have like In mind Have you given it some thought how you would integrate this with applications sandboxing? Especially mobile devices. You generally don't want applications accessing through arbitrary network interface provide a wide list of one So mobile sandbox and make the mobile sandboxing we haven't done yet so far our prototype runs on the notebook with either like linux or macOS and I mostly with linux and Yeah, but you have to figure out in the policy you would have to figure out these kinds of things I think like what are the needs of the application and what are the system-wide policies and what are the users? like preference preferences, but also how much is who able to control so this kind of policy framework Like with all the different inputs to the potential policies is something that I'm also exploring right now and also My colleague and I are participating in the tabs working group at the itf which is which is about choosing between different transport protocols mostly, but there we also have like some kind of Okay, what is the policy like when do we use what kind of transport protocol and what are the different inputs? So we are also like discussing this with like the wider community like what our policies and how do they work? Yeah, thanks So I think we had one more minute, but if there's no more questions here, I'm also happy to chat about this later on Thank you