Rethinking the design of the Internet: The end to end arguments vs. the brave new world"

[Steve Schear]

"Rethinking the design of the Internet:
The end to end arguments vs. the brave new world"

Marjory S. Blumenthal Computer Science & Telecommunications Board, NRC
mblument at nas.edu
David D. Clark M.I.T. Lab for Computer Science ddc at lcs.mit.edu

A version of this paper to appear in the ACM Transactions on Internet
Technology
A version also to appear in Communications Policy in Transition: The
Internet and Beyond,
edited by Benjamin Compaine and Shane Greenstein, MIT Press, Sept. 2001

Abstract

This paper looks at the Internet and the changing set of requirements
for the Internet that are emerging as it becomes more commercial, more
oriented towards the consumer, and used for a wider set of purposes. We
discuss a set of principles that have guided the design of the Internet,
called the end to end arguments, and we conclude that there is a risk
that the range of new requirements now emerging could have the
consequence of compromising the Internet's original design principles.
Were this to happen, the Internet might lose some of its key features,
in particular its ability to support new and unanticipated applications.
We link this possible outcome to a number of trends: the rise of new
stakeholders in the Internet, in particular Internet Service Providers;
new government interests; the changing motivations of the growing user
base; and the tension between the demand for trustworthy overall
operation and the inability to trust the behavior of individual users.

Introduction

The end to end arguments are a set of design principles that
characterize (among other things) how the Internet has been designed.
These principles were first articulated in the early 1980s, and they
have served as an architectural model in countless design debates for
almost 20 years.

The end to end arguments concern how application requirements should be
met in a system. When a general purpose system (for example, a network
or an operating system) is built, and specific applications are then
built using this system (for example, e-mail or the World Wide Web over
the Internet), there is a question of how these specific applications
and their required supporting services should be designed. The end to
end arguments suggest that specific application-level functions usually
cannot, and preferably should not, be built into the lower levels of the
system-the core of the network. The reason why was stated as follows in
the original paper:

"The function in question can completely and correctly be implemented
only with the knowledge and help of the application standing at the
endpoints of the communications system. Therefore, providing that
questioned function as a feature of the communications systems itself is
not possible."

In the original paper, the primary example of this end to end reasoning
about application functions is the assurance of accurate and reliable
transfer of information across the network. Even if any one lower level
subsystem, such as a network, tries hard to ensure reliability, data can
be lost or corrupted after it leaves that subsystem. The ultimate check
of correct execution has to be at the application level, at the
endpoints of the transfer. There are many examples of this observation
in practice.

Even if parts of an application-level function can potentially be
implemented in the core of the network, the end to end arguments state
that one should resist this approach if possible. There are a number of
advantages of moving application-specific functions up out of the core
of the network and providing only general-purpose system services there.

o The complexity of the core network is reduced, which reduces costs and
facilitates future upgrades to the network.

o Generality in the network increases the chances that a new application
can be added without having to change the core of the network.

o Applications do not have to depend on the successful implementation
and operation of application-specific services in the network, which may
increase their reliability.

Of course, the end to end arguments are not offered as an absolute.
There are functions that can only be implemented in the core of the
network, and issues of efficiency and performance may motivate
core-located features. Features that enhance popular applications can be
added to the core of the network in such a way that they do not prevent
other applications from functioning. But the bias toward movement of
function "up" from the core and "out" to the edge node has served very
well as a central Internet design principle.

As a consequence of the end to end arguments, the Internet has evolved
to have certain characteristics. The functions implemented "in" the
Internet-by the routers that forward packets-have remained rather simple
and general. The bulk of the functions that implement specific
applications, such as e-mail, the World Wide Web, multi-player games,
and so on, have been implemented in software on the computers attached
to the "edge" of the Net. The edge-orientation for applications and
comparative simplicity within the Internet together have facilitated the
creation of new applications, and they are part of the context for
innovation on the Internet.

Moving away from end to end

For its first 20 years, much of the Internet's design has been shaped by
the end to end arguments. To a large extent, the core of the network
provides a very general data transfer service, which is used by all the
different applications running over it. The individual applications have
been designed in different ways, but mostly in ways that are sensitive
to the advantages of the end to end design approach. However, over the
last few years, a number of new requirements have emerged for the
Internet and its applications. To certain stakeholders, these various
new requirements might best be met through the addition of new mechanism
in the core of the network. This perspective has, in turn, raised
concerns among those who wish to preserve the benefits of the original
Internet design.

[One particularly civil liberty oriented except--]

The rise of third-party involvement: An increasingly visible issue is the 
demand by third
parties to interpose themselves between communicating end-points, 
irrespective of the desires of
the ends. Third parties may include officials of organizations (e.g., 
corporate network or ISP
administrators implementing organizational policies or other oversight) or 
officials of
governments, whose interests may range from taxation to law enforcement and 
public safety.
When end-points want to communicate, but some third party demands to 
interpose itself into the
path without their agreement, the end to end arguments do not provide an 
obvious framework to
reason about this situation. We must abandon the end to end arguments, 
reject the demand of a
third party because it does not "fit" our technical design principles, or 
find another design
approach that preserves the power of the end to end arguments as much as 
possible.


Continued at:

http://www.ana.lcs.mit.edu/anaweb/PDF/Rethinking_2001.pdf