Thomas Holterbach
PhD Student
I am a fifth year PhD student. My research aims at improving the routing convergence in the Internet. I have interests in BGP, Software-defined Networks and Internet measurements.
I received both my Bachelor and Master degrees in Computer Science from the University of Strasbourg, France. Before joining ETH, I worked six months at Internet Initiative Japan, where I was supervised by Cristel Pelsser and Randy Bush. In 2016, I worked six months at CAIDA where I was supervised by Alberto Dainotti.
Recent Publications
An Open Platform to Teach How the Internet Practically Works
arXiv preprint (December 2019).
Each year at ETH Zurich, around 100 students build and operate their very own Internet infrastructure composed of hundreds of routers and dozens of Autonomous Systems (ASes). Their goal? Enabling Internet-wide connectivity.
We find this class-wide project to be invaluable in teaching our students how the Internet practically works. Our students have gained a much deeper understanding of the various Internet mechanisms alongside with their pitfalls. Besides students tend to love the project: clearly the fact that all of them need to cooperate for the entire Internet to work is empowering.
In this paper, we describe the overall design of our teaching platform, how we use it, and interesting lessons we have learnt over the years. We also make our platform openly available.
(Self) Driving Under the Influence: Intoxicating Adversarial Network Inputs
ACM HotNets 2019. Princeton, NJ, USA (November 2019).
Traditional network control planes can be slow and require manual tinkering from operators to change their behavior. There is thus great interest in a faster, data-driven approach that uses signals from real-time traffic instead. However, the promise of fast and automatic reaction to data comes with new risks: malicious inputs designed towards negative outcomes for the network, service providers, users, and operators.
Adversarial inputs are a well-recognized problem in other areas; we show that networking applications are susceptible to them too. We characterize the attack surface of data-driven networks and examine how attackers with different privileges—from infected hosts to operator-level access—may target network infrastructure, applications, and protocols. To illustrate the problem, we present case studies with concrete attacks on recently proposed data-driven systems.
Our analysis urgently calls for a careful study of attacks and defenses in data-driven networking, with a view towards ensuring that their promise is not marred by oversights in robust design.
Blink: Fast Connectivity Recovery Entirely in the Data Plane
USENIX NSDI 2019. Boston, Massachusetts, USA (February 2019).
We present Blink, a data-driven system that leverages TCP-induced signals to detect failures directly in the data plane. The key intuition behind Blink is that a TCP flow exhibits a predictable behavior upon disruption: retransmitting the same packet over and over, at epochs exponentially spaced in time. When compounded over multiple flows, this behavior creates a strong and characteristic failure signal. Blink efficiently analyzes TCP flows to: (i) select which ones to track; (ii) reliably and quickly detect major traffic disruptions; and (iii) recover connectivity---all this, completely in the data plane. We present an implementation of Blink in P4 together with an extensive evaluation on real and synthetic traffic traces. Our results indicate that Blink: (i) achieves sub-second rerouting for large fractions of Internet traffic; and (ii) prevents unnecessary traffic shifts even in the presence of noise. We further show the feasibility of Blink by running it on an actual Tofino switch.
SWIFT: Predictive Fast Reroute.
ACM SIGCOMM 2017. Los Angeles, California, USA (August 2017).
Network operators often face the problem of remote outages in transit networks leading to significant (sometimes on the order of minutes) downtimes. The issue is that BGP, the Internet routing protocol, often converges slowly upon such outages, as large bursts of messages have to be processed and propagated router by router. In this paper, we present SWIFT, a fast-reroute framework which enables routers to restore connectivity in few seconds upon remote outages. SWIFT is based on two novel techniques. First, SWIFT deals with slow outage notification by predicting the overall extent of a remote failure out of few control-plane (BGP) messages. The key insight is that significant inference speed can be gained at the price of some accuracy. Second, SWIFT introduces a new dataplane encoding scheme, which enables quick and flexible update of the affected forwarding entries. SWIFT is deployable on existing devices, without modifying BGP.
We present a complete implementation of SWIFT and demonstrate that it is both fast and accurate. In our experiments with real BGP traces, SWIFT predicts the extent of a remote outage in few seconds with an accuracy of ?90% and can restore connectivity for 99% of the affected destinations.
Quantifying interference between measurements on the RIPE Atlas platform.
ACM IMC 2015. Tokyo, Japan (October 2015).
Lectures
Communication Networks
Spring 2020
Discrete Event Systems
Autumn 2019
Advanced Topics in Communication Networks
Autumn 2019
Communication Networks
Spring 2019
Advanced Topics in Communication Networks
Autumn 2018
Communication Networks
Spring 2018
Communication Networks
Spring 2017
Communication Networks
Spring 2016
Supervised Theses
On combining SWIFT and Blink to improve Internet convergence (M)
On Making Blink Deployable in Practice (M)
Data Plane Driven Network Convergence (M)
A Fast and Loop-Free Convergence upon Remote BGP Disruptions in Large IP Networks (S)
Boosting the convergence performance of SDX platforms (S)
