Middleboxes are crucial for improving network security and performance, but only if the right traffic goes through the right middleboxes at the right time. Existing traffic-steering techniques rely on a central controller to install fine-grained forwarding rules in network elements—at the expense of a large number of rules, a central point of failure, challenges in ensuring all packets of a session traverse the same middleboxes, and difficulties with middleboxes that modify the “five tuple.” We argue that a session-level protocol is a fundamentally better approach to traffic steering, while naturally supporting host mobility and multihoming in an integrated fashion. In addition, a session-level protocol can enable new capabilities like dynamic service chaining, where the sequence of middleboxes can change during the life of a session, e.g., to remove a load-balancer that is no longer needed, replace a middlebox undergoing maintenance, or add a packet scrubber when traffic looks suspicious. Our Dysco protocol steers the packets of a TCP session through a service chain, and can dynamically reconfigure the chain for an ongoing session. Dysco requires no changes to end-host and middlebox applications, host TCP stacks, or IP routing. Dysco’s distributed reconfiguration protocol handles the removal of proxies that terminate TCP connections, middleboxes that change the size of a byte stream, and concurrent requests to reconfigure different parts of a chain. Through formal verification using Spin and experiments with our prototype, we show that Dysco is provably correct, highly scalable, and able to reconfigure service chains across a range of middleboxes.

中文翻译：

---

动态服务链接的经过验证的会话协议

中间盒对于提高网络安全性和性能至关重要，但前提是正确的流量在正确的时间通过正确的中间盒。现有的流量控制技术依靠中央控制器进行安装细粒度的转发规则网络元素中的问题—以牺牲大量规则，失败的中心点，确保会话的所有数据包遍历相同的中间盒的挑战以及修改“五个元组”的中间盒的困难为代价。我们认为会话级协议是从根本上更好的流量控制方法，同时自然以集成方式支持主机移动性和多宿主。此外，会话级协议可以启用新功能，例如动态的服务链，其中中间盒的顺序可以在会话的生命周期内更改，例如，删除不再需要的负载平衡器，更换正在进行维护的中间盒或在流量可疑时添加数据包清理程序。我们的Dysco协议通过服务链引导TCP会话的数据包，并可以为正在进行的会话动态地重新配置链。Dysco不需要更改最终主机和中间盒应用程序，主机TCP堆栈或IP路由。Dysco的分布式重新配置协议可处理终止TCP连接的代理，更改字节流大小的中间盒以及并发请求以重新配置链的不同部分。通过使用Spin进行的正式验证以及对我们的原型进行的实验，我们证明Dysco是正确的，高度可扩展的，