Princeton researchers have created a tool that allows small networks such as businesses and universities to improve the performance and privacy of their internet traffic.
While applications like video conferencing have significantly increased demand on the internet, the methods used to route internet traffic have largely stayed the same. This imbalance can lead to delays in data transfer that freeze live video feeds, stall online games, or deter customers from making purchases when a page loads slowly.
To avoid such problems, large internet service providers continually expand their private network infrastructure closer to their clients’ physical locations. These private networks have essentially replaced the public internet in many cases, said Maria Apostolaki, an assistant professor of electrical and computer engineering at Princeton. Small companies and institutions struggle to provide reliable service without using the infrastructure of massive private networks, and this raises concerns about privacy and consolidation of control, she said.
To address these problems, Apostolaki and her research team developed TANGO, a solution that brings internet routing control to networks such as small companies, internet service providers and universities. The technique relies on collaboration between networks and allows paired networks to optimize communication over the public internet.
TANGO discovers multiple routing paths, monitors the different paths’ performance, and enables dynamic switching between them. The researchers presented a paper describing TANGO on April 18 at the USENIX Symposium on Networked Systems Design and Implementation in Santa Clara, California. Unlike earlier proposals, TANGO allows participating networks to operate independently and create trusted paths for data without relying on large internet service providers to approve changes to their internet routing.
“It’s readily deployable,” said Apostolaki. “We just need the two collaborative networks to change the way they advertise their prefixes [to the public internet]. It doesn’t require any change in what everyone else is doing.” TANGO also provides trustworthy monitoring of the exposed paths, preventing bad actors from faking good performance of their infrastructure to attract traffic.
Internet routing is governed by the Border Gateway Protocol (BGP), a system first set up in 1994 that autonomously channels traffic to routes calculated to be the most efficient, with efficiency generally defined as minimizing the number of hops between networks.
But as the internet has grown in size and complexity, minimizing the number of hops is not always the best way to optimize performance, said Apostolaki. TANGO uses a different method: It compares the performance of the different paths to select the best one while respecting economic agreement across networks.
“The fact that we could find multiple alternative paths for most of the pairs of networks we tested was really surprising,” said Apostolaki. “What was even more surprising was that in multiple instances where the default path was experiencing deteriorated performance, the alternatives were not affected. That would mean that TANGO could protect one’s video or Zoom call from being stalled by routing the corresponding packets through an alternative path.”
“The internet is particularly slow in making improvements because it’s a distributed system of many entities with conflicting agendas,” she added. “So, we find ourselves bound by designs from decades past, created to meet the needs of that time.” But a system like TANGO “can offer a readily deployable solution that allows edge networks to take more from the current internet.”
The current internet routing system does not provide realistic alternatives to using large cloud providers for video conferencing, gaming and other applications that require consistently low latency and high reliability, said Ethan Katz-Bassett, an associate professor of electrical engineering at Columbia University who was not involved in the research. TANGO “provides a building block for an alternative architecture for performance-sensitive services,” he said.
Apostolaki and her team are now laying the groundwork to deploy TANGO at the Mpala Research Centre in Kenya, a science and conservation hub operated by Princeton University, the Smithsonian Institution and the Kenyan government.
“Unlike the U.S. or Europe, where one has a ton of paths, bandwidth is not an issue, and latency is not too bad, in many other parts of the world one is actually very limited. So, optimizing where we put internet traffic will actually have a huge impact on performance,” said Apostolaki.
In addition to this pilot project, Apostolaki and her colleagues are working to add more capabilities to TANGO aimed at enabling users to fine-tune performance preferences, boosting privacy features, and allowing three or more networks to collaborate using the tool.
The paper, “TANGO: Secure Collaborative Route Control across the Public Internet,” was presented April 18 at the 21st USENIX Symposium on Networked Systems Design and Implementation in Santa Clara, California. In addition to Apostolaki, coauthors include Henry Birge-Lee, a research software engineer in Princeton’s computer science department; Sophia Yoo, a graduate student in electrical and computer engineering; Benjamin Herber, a 2022 B.S.E. and 2023 M.Eng. graduate in electrical and computer engineering; and Jennifer Rexford, Princeton University Provost and Gordon Y.S. Wu Professor in Engineering. The research was supported in part by Protocol Labs and by the U.S. National Science Foundation.