Using Anonymous Datagrams
Using Interests (requests that elicit content) and maintaining per-Interest forwarding state in Pending Interest Tables (PIT) are integral to the design of the Named Data Networking (NDN) and Content-Centric Networking (CCNx) architectures. However, using PITs makes the network vulnerable to Interest-flooding attacks, and PITs can become very large. It is shown that in-network caching eliminates the need for Interest aggregation and obviates the use of PITs. A new approach to content-centric networking (CCN-GRAM) is introduced that provides all the benefits of NDN and CCNx, eliminates the use of PITs by means of anonymous datagrams, and is immune to Interest-flooding attacks. Routers maintain routes to the anonymous origins of Interests using an on-demand routing approach in the data plane that can also be used to provide native support for multicasting in the dat a plane. Simulation experiments show that the number of forwarding entries required in CCN-GRAM is orders of magnitude smaller than the number of PIT entries.
The leading approach in content-centric networking consists of: populating forwarding information bases (FIB) maintained by routers with routes to name prefixes denoting content, sending content requests (called Interests) for specific content objects (CO) over paths implied by the FIBs, and delivering data packets with content objects along the reverse paths traversed by Interests.
The main advantages that such Interest-based content-centric networking approach offers compared to the IP Internet are that: (a) content providers and caching sites do not know the identity of the consumers requesting content; (b) content can be obtained by name from those sites that are closer to consumers; (c) data packets carrying content cannot traverse loops, because they are sent over the reverse paths traversed by Interests; and (d) content-oriented security mechanisms can be implemented as part of the content delivery mechanisms.
Named data networking (NDN)  and CCNx  are the two prominent Interest-based content-centric networking approaches. Routers in NDN and CCNx maintain a “stateful forwarding plane”  (i.e., per-Interest forwarding state) by means of Pending Interest Tables (PIT). The PIT of a router maintains information regarding the incoming interfaces from which Interests for a CO were received and the interfaces where the Interest for the same CO was forwarded.
Since the inception of CCNx and NDN, PITs have been viewed as necessary in order to maintain routes to the origins of Interests while preserving the anonymity of those sources, aggregate Interests requesting the same content in order to attain efficient Interest and content forwarding, and support multicasting without additional support in the control plane.
However, using PITs at Internet scale comes at a big price. PITs grow very large [8, 21, 22] as the number of Interests from users increases, which results from PITs having to store per-Interest forwarding state. Furthermore, PITs make routers vulnerable to Interest-flooding attacks [16, 23, 25, 26] in which adversaries send malicious Interests aimed at making the size of PITs explode. Known countermeasures to these attacks  attempt to reduce the rates at which suspected routers can forward Interests. However, these solutions cannot prevent all flooding attacks and can actually be used to mount other types of denial-of-service attacks.
Section II analyzes the effectiveness of Interest aggregation in NDN by means of simulations based on the implementation of NDN in ndnSIM  without modifications. The results show that the percentage of Interests that are aggregated is negligible when in-network caching is enabled, even when Interests exhibit temporal or spatial correlation.
Given that in-network caching obviates the need for Interest aggregation, and given the vulnerability of NDN and CCNx to Interest-flooding attacks, it is clear that a new Interest forwarding approach is needed for content-centric networking.
We present CCN-GRAM (Gathering of Routes for Anonymous Messengers), which provides all the benefits of content-centric networking, including native support for multicasting in the data plane, and eliminates the need to maintain per-Interest forwarding state by forwarding Interests and responses to them using anonymous datagrams.
Section III describes the operation of CCN-GRAM. Like NDN and CCNx, CCN-GRAM uses Interests, data packets, and replies to Interests. Similar to IP datagrams, the messages sent in CCN-GRAM specify a source and a destination. For an Interest, the source of an Interest is an anonymous identifier with local context and the destination is the name of a content object. For data packets and replies to Interests, the source is the name of a content object and the destination is an anonymous identifier. A novel on-demand routing approach is used to maintain routes to the anonymous routers that originate Interests for specific content on behalf of local content consumers. Only the local router serving a user knows the identity of the user; no other router, content provider, or caching site can determine the consumer that originated an Interest, without routers collaborating along the path traversed by the Interests to establish the provenance of the Interest.
In contrast to NDN and CCNx in which Interests may traverse forwarding loops [11, 12, 14], forwarding loops cannot occur in CCN-GRAM for either Interests or responses sent to Interests, even if the FIBs maintained by routers contain inconsistent forwarding state involving routing-table loops. Furthermore, the anonymous datagram forwarding of CCN-GRAM is much simpler than the label-swapping approach we have advocated before [13, 15].
Forwarding of Interests and responses to them in CCN-GRAM uses four tables: a LIGHT (Local Interests GatHered Table), a FIB, an ART (Anonymous Routing Table) and a LIST (Local Interval Set Table). The LIGHT of a router is an index listing content that is locally available and content that is remote and has been requested by local users. The FIB of each router states the next hops to each name prefix and the distance to the name prefix reported by each next hop. The ART is maintained using Interests and states the paths to destinations denoted with local identifiers from which routers cannot discern the origin of Interests. The LIST states the intervals of local identifiers that a router assigns to its neighbors and that each neighbor assigns to the router.
Section IV compares the performance of CCN-GRAM with NDN when routes to name prefixes are static and loop-free, which is the best case for NDN. The network consists of 150 routers, with 10 being connected to content producers and 50 being connected to consumers. CCN-GRAM attains similar end-to-end latencies than NDN in retrieving content. However, depending on the rate at which Interests are submitted, CCN-GRAM requires an average number of forwarding entries per router that is 5 to more than150 times smaller than the number of PIT entries needed in NDN.
Ii Interest Aggregation in NDN
Ii-a Elements of NDN Operation
Routers in NDN use Interests, data packets, and negative acknowledgments (NACK) to exchange content. An Interest is identified in NDN by the name of the CO requested and a nonce created by the origin of the Interest. A data packet includes the CO name, a security payload, and the payload itself. A NACK carries the information needed to denote an Interest and a code stating the reason for the response.
A router uses three data structures to process Interests, data packets, and NACKs: A content store (), a forwarding information base (), and a pending Interest table (). A is a cache for COs indexed by their names. With on-path caching, routers cache the content they receive in response to Interests they forward.
A is populated using content routing protocols [10, 17] or static routes and a router matches Interest names stating a specific CO to entries corresponding to prefix names using longest prefix match. The FIB entry for a given name prefix lists the interfaces that can be used to reach the prefix. In NDN, a FIB entry also contains additional information .
The entry in a for a given CO consists of one or multiple tuples stating a nonce received in an Interest for the CO, the incoming interface where it was received, and a list of the outgoing interfaces over which the Interest was forwarded.
When a router receives an Interest, it checks whether there is a match in its CS for the CO requested in the Interest. The Interest matching mechanisms used can vary, and for simplicity we focus on exact Interest matching only. If a match to the Interest is found, the router sends back a data packet over the reverse path traversed by the Interest. If no match is found in the CS, the router determines whether the PIT stores an entry for the same content.
In NDN, if the Interest states a nonce that differs from those stored in the PIT entry for the requested content, then the router “aggregates” the Interest by adding the incoming interface from which the Interest was received and the nonce to the PIT entry without forwarding the Interest. If the same nonce in the Interest is already listed in the PIT entry for the requested CO, the router sends a NACK over the reverse path traversed by the Interest. If a router does not find a match in its CS and PIT, the router forwards the Interest along a route (or routes) listed in its FIB for the best prefix match. In NDN, a router can select an interface to forward an Interest if it is known that it can bring content and its performance is ranked higher than other interfaces that can also bring content.
Ii-B Likelihood of Interest Aggregation in NDN
We analyze the likelihood that interest aggregation occurs in the presence of in-network caching in NDN using simulations carried out with the NDN implementation in ndnSIM without modifications. A more detailed analysis is presented in . Our study is independent of the Interest retransmission strategy, and uses the percentage of aggregated Interests in the network as the performance metric. For simplicity, we assume that routers use exact Interest matching to decide whether an Interest can be answered.
Ii-B1 Scenario Parameters
We consider the average latencies between routers, the capacity of caches, the Interest request rates from routers, the popularity of content, and the temporal correlation of content requests. The scenarios we use consist of random networks with 200 nodes corresponding to routers distributed uniformly in a 100m100m area. Routers with 12m or shorter distance are connected to each other with a point-to-point link, which results in a topology with 1786 edges. Each router acts as a producer of content and also has local consumers generating Interests.
Producers are assumed to publish 1,000,000 different content objects that are uniformly distributed among routers. For simplicity, we assume that all routers have the same storage capacity in their caches, which depending on the experiment ranges from 0 to up to 100,000 cache entries per router, or 10% of the published objects.
The distribution of object requests determines how many Interests from different users request the same content. It has been argued  that Internet traffic follows a Zipf distribution with a parameter () value close to 1. A smaller Zipf parameter value results in a lower Interest aggregation amount. Accordingly, we model object popularity using a Zipf distribution with values of equal to 0.7 and 1.
We considered different values of the total Interest rate per router, corresponding to the sum of Interests from all local users. Increasing values of Interest rates can be viewed as higher request rates from a constant user population of local active users per router, or an increasing population of active users per router. For example, 50 to 500 Interests per second per router can be just 10 Interests per second per active user for a local population of 5 to 50 concurrently active users per router. The Interest rates we assume per router are not large compared to recent results on the size that PITs would have in realistic settings [8, 22, 23, 21].
The percentage of Interests that benefit from Interest aggregation is a function of the RTT between the router originating the Interest and the site with the requested content, as well as the PIT entry expiration time when the Interest is not answered with a data packet or a NACK. Recent Internet latency statistics  show that Internet traffic latency varies from 11ms for regional European traffic to 160ms for long-distance traffic. Accordingly, we consider point-to-point delays of 10ms between neighbor routers in many of our simulations, which leads to RTTs of about 200ms. We also carried experiments varying the RTT of the network below and above 200ms.
Ii-B2 Simulation Results
The following simulation results can be viewed as applicable to the steady-state behavior of a network using NDN.
Figure 1 shows the effect of the parameter and RTTs when the request rate per router is 50 Interests per second. The latencies between neighbor routers are set to 5 and 15 ms, which produce RTTs of 66 to 70 ms and 193 to 200 ms, respectively. It is clear that Interest aggregation is far less important when consumers are less likely to request similar content (). Furthermore, the benefits of Interest aggregation vanish as caches are allowed to cache more content. When caches can store up to 1% of the total number of objects published, the percentage of Interests that are aggregated is less than 2% for and less than 0.8% for .
In theory, Interest aggregation is most useful when Interests exhibit temporal correlation, such as when popular live events take place. Figure 2 shows the impact of caching on Interest aggregation when Interests have temporal correlation and either no caching is used or caches with capacity for only 0.1% of the objects published in the network are used. Interests are generated using the model proposed by Dabirmoghaddam et al  with a Zipf parameter value of and results for three total Interest rates per router and four temporal localization factors for Interests are shown. A higher temporal locality factor indicates a higher degree of popularity of objects in the same time period. The results in Figure 2 show that, without caching, Interest aggregation is very important for all values of temporal locality of Interest popularity, and is more important when Interest locality is high (large localization factor). However, once caching is allowed and even if caches can store only up to 0.1% of the published objects, the percentage of aggregated Interests is minuscule and actually decreases with the temporal correlation of Interests.
We assume that Interests are retransmitted only by the consumers that originated them. We assume that routers use exact Interest matching, and that a router that advertises being an origin of a name prefix stores all the content objects associated with that prefix at a local content store. Routers know which interfaces are neighbor routers and which are local users, and forward Interests on a best-effort basis. For convenience, it is assumed that a request for content from a local user is sent to its local router in the form of an Interest.
Iii-a Information Exchanged and Stored
The name of content object (CO) is denoted by and the name prefix that is the best match for name is denoted by . The set of neighbors of router is denoted by .
An Interest forwarded by router requesting CO is denoted by , and states the name of the requested CO (), an anonymous identifier () used to denote the origin of the Interest, and the distance from to the requested content.
A data packet sent by router in response to an Interest is denoted by , and states the name of the CO being sent (), an anonymous identifier () that states the intended recipient of the data packet, and a security payload () used optionally to validate the CO.
A reply sent by router in response to an Interest is denoted by , and states the name of a CO (), an anonymous identifier () that states the intended recipient of the reply, and a code () indicating the reason why the reply is sent. Possible reasons for sending a reply include: an Interest loop is detected, no route is found towards requested content, and no content is found.
Router maintains four tables for forwarding: an optional Local Interests Gathered Table (), a forwarding information base (), an anonymous routing table (), and a Local Interval Set Table ().
lists the names of the COs requested by router or already stored at router . It is indexed by the CO names that have been requested by the router on behalf of local customers. The entry for CO name states the name of the CO (), a pointer to the content of the CO (), and a list of zero or more identifiers of local consumers () that have requested the CO while the content is remote.
is indexed using known content name prefixes. The entry for prefix states the distance reported by each next-hop neighbor router for the prefix. The distance stored for neighbor for prefix in is denoted by . Each entry in is stored for a maximum time determined by the lifetime of the corresponding entry in the routing table of the router.
maintains the intervals of anonymous identifiers used by router . It states the local interval of identifiers accepted by router (denoted by ), and the local interval of identifiers accepted by each neighbor router (denoted by ) . Clearly, . All local intervals have the same length .
is indexed using the anonymous identifiers taken from . Each entry states an anonymous identifier of a destination (), a next hop to the destination, ), and an identifier mapping used to handle identifier collisions ). is used to denote a given entry in .
Routers can exchange local intervals with their neighbors in a number of ways. The exchange can be done in the data plane using Interests and data packets. An example would be having a router send an Interest stating a common name denoting that a local interval is requested, and an empty AID. Given the succinct way in which local intervals can be stated (an identifier denotes its interval), the exchange can also be easily done as part of the routing protocol running in the control plane. Routers could exchange interval identifiers in HELLO messages, link-state advertisements or distance updates. To simplify our description of CCN-GRAM, we assume that routers have exchanged their local intervals with one another and have populated their LISTs accordingly. We also assume that local intervals do not change for extended periods of time after they are assigned.
Iii-B Eliminating Forwarding Loops
Let denote the set of next-hop neighbors of router for prefix . The following rule is used to ensure that Interests cannot traverse routing loops, even if the routing data stored in FIBs regarding name prefixes is inconsistent and leads to routing-table loops.
Loop-Free Forwarding Rule (LFR):
Router accepts from router if:
LFR is based on the same invariants we have proposed previously to eliminate Interest looping in NDN and CCNx [11, 14] and avoid forwarding loops in more efficient forwarding planes for content-centric networks . As we explain in [11, 13, 14], the approach is a simple application of diffusing computations that ensures loop-free forwarding of Interests with or without aggregation.
Iii-C Forwarding to Anonymous Destinations
The header of a datagram needs to denote its origin and destination, so that the datagram can be forwarded to the intended destination and responses to the datagram can be forwarded back to the source. Since the introduction of datagram packet switching by Baran , the identifiers used to denote the sources and destinations of datagrams have had global scope, and routers maintain FIBs with entries towards those sources. However, this need not be the case!
It is trivial to add information in Interests about the paths they traverse (e.g., see ) to allow responses to be sent back without the need for FIBs maintaining routes to the sources of Interests. However, this would negate the anonymity of Interests advocated in NDN and CCNx.
CCN-GRAM uses local identifiers to denote the sources of Interests in a way that responses to Interests (data packets or replies) can be forwarded correctly to the sources of Interests, without their identity being revealed to relaying routers, caching sites, or content producers.
Given that all local intervals have the same length , the local interval is uniquely defined by the smallest identifier of the interval, which we denote by .
If router sends Interest to router , must be in . Similarly, if router forwards Interest to router , must be in . Hence, to forward an Interest from to , router must map the AID received in the Interest from to an AID that belongs to the local interval accepted by its neighbor . Router can accomplish this mapping with the following bijection, where is a constant known only to router :
We denote the mapping of identifiers from to by The image of identifier under is denoted by and . The reverse mapping from to is denoted by and of course .
Algorithms 1 to 4 specify the steps taken by routers to process and forward Interests, and return data packets or replies. We assume that each router is initialized properly, knows the identifiers used to denote local consumers, knows all its neighbors, and knows the local identifier intervals associated with each neighbor. We assume that a routing protocol (e.g., DCR , NLSR ) operating in the control plane updates the entries of routing tables listing one or multiple next hops towards name prefixes. Routers populate their FIBs with routes to name prefixes based on the data stored in their routing tables. How long FIB entries are maintained is determined by the operation of the routing protocol.
We assume that router uses a single anonymous identifier in to denote itself in its , and denote it by .
Algorithm 1 shows the steps taken by router to process Interests received from local consumers. For convenience, content requests from local consumers are assumed to be Interests stating the name of a CO, the name of the consumer, and an empty distance to the content assumed to denote infinite. Similarly the same format of data packets and replies used among routers is used to denote the responses a router sends to local consumers.
After receiving an Interest from a local consumer, router first searches its LIGHT to determine if the content is stored locally or a request for the same content is pending. If the content is stored locally, a data packet is sent back to the user requesting the CO. If a request for the same content is pending, the name of the user is simply added to the list of users that have requested the CO.
In our description of CCN-GRAM, a router that advertises being an origin of a prefix must have all the COs associated with the prefix stored locally. If router states that it is an origin of the name prefix and a specific CO with a name that is in that prefix is not found locally, a reply must be sent back to the consumer stating that the content does not exist. Additional steps could be taken to address the case of Interests sent maliciously for content that does not exist.
If the CO is remote and no FIB entry exists for a name prefix that can match , a reply is sent back stating that no route to the CO could be found. Otherwise, router forwards the Interest through the highest ranked neighbor in its FIB for the name prefix matching , which is denoted by . How such a ranking is done is left unspecified, and can be based on a distributed or local algorithm [10, 17, 19].
When router originates an Interest on behalf of a local consumer and forwards Interest to neighbor router towards name prefix , router selects an identifier that is not used to denote any other source of Interests in , sets , and stores the entry . Router can use the same anonymous identifier for all the Interests it originates on behalf of local consumers and forwards to neighbor .
If no ART entry exists with router as the origin of Interests (), is selected from the set of AIDs in that are not being used for other Interest sources, and a new ART entry is created for . The Interest is forwarded to the selected next hop for the Interest by first mapping into an AID in using the bijection in Eq. 2.
Algorithm 2 shows the steps taken by router to process an Interest received from a neighbor router . The main differences in the steps taken by router compared to Interests received from local users are that no Interest aggregation is done for Interests received from neighbor routers, and router maps the AID it receives in the Interest from the previous hop to the AID it should use in the Interest it sends to the next hop using a simple mapping function.
When router forwards Interest from predecessor router to successor router towards name prefix , router makes sure that is not listed in an entry with a next hop other than . If that is the case, router stores , and sets . Otherwise, router selects an AID that is not used to denote any other source of Interests in , stores , and sets .
If the requested content is cached locally, a data packet is sent back. If router is an origin of and the CO with name is not found locally, a reply is sent back stating that the content could not be found. Additional steps can be taken to address the case of malicious Interests requesting non-existing content. If the CO is remote and no FIB entry exists for , then router sends a reply stating that no route could be found for the CO.
Router tries to forward the Interest to a next hop for the best prefix match for that satisfies LFR. The highest-ranked router satisfying LFR is selected as the successor for the Interest and router . If no neighbor is found that satisfies LFR, a reply is sent stating that a loop was found.
Algorithm 3 outlines the processing of data packets. If local consumers requested the content in the data packet, it is sent to those consumers based on the information stored in . If the data packet is received in response to an Interest that was forwarded from router , router forwards the data packet doing the proper mapping of AIDs. Router stores the data object if edge or on-path caching is supported.
When router receives from neighbor , it obtains the AID of of the destination where the packet should be forwarded by computing . Router uses entry to determine the next-hop neighbor that should receive the data packet, and sets .
Algorithm 4 states the steps taken to handle replies, which are similar to the forwarding steps taken after receiving a data packet. Router forwards the reply to local consumers if it was the origin of the Interest, or to a neighbor router if it has an ART entry with as the next hop towards the destination denoted by the AID stated in the reply.
Figure 3 illustrates the swapping of AIDs used by routers to forward Interests and responses to them. The local intervals used in the figure are small for simplicity, and the figure focuses on the forwarding state needed to forward Interests from to name prefixes announced by router , as well as the responses to such Interests. Interests are forwarded based on FIB entries, and responses to Interests (data packets or replies) are forwarded based on ART entries.
As illustrated in Figure 3, router takes into account the possibility of collisions in the AIDs stated in Interests received from different neighbors by means of the identifier-mapping filed of ART entries. The bijection in Eq. 2 is used to map either the AID specified in the Interest received from neighbor or the AID created by router to handle collisions to the AID stated by router in the Interest it forwards to a next-hop router . In the example, router has an exiting entry when it receives Interest from router . Accordingly, router selects , creates entry , and sets before forwarding Interest to router . When router receives data packet from router , it computes . Using as the key in , router obtains the next hop , sets , and forwards to router .
It is clear from the example that a router sending an Interest is unaware of collisions of AIDs at the next hop. The identifier mapping field of ARTs allows routers to multiplex Interests from different neighbors stating the same AID values.
Even when a very small number of routers is involved, only the router that originates an Interest is able to determine that fact, because the identifiers used for Interest forwarding are assigned by the next hops.
Iii-E Native Support for Multicasting
Support of multicast communication in the data plane with no additional signaling required in the control plane is viewed as an important benefit derived from maintaining per-Interest forwarding state using PITs. In short, multicast receivers send Interests towards the multicast source. As Interests from receivers are aggregated in the PITs on their way to the multicast source, a multicast forwarding tree (MFT) is formed and maintained in the data plane. Multicast Interest are forwarded using the same FIB entries used for unicast traffic, and multicast data packets are sent using reverse path forwarding (RPF) over the paths traversed by aggregated Interests. Using PITs is appealing in this context; however, as we show below, native support of multicasting in the data plane can be easily done with no need for per-Interest forwarding state!
Iii-E1 Information Stored and Exchanged
We assume that the name stated in an Interest created to request content from a multicast source denotes a multicast source uniquely, and call such an Interest a multicast Interest. We also assume that consumers and routers differentiate between a multicast Interest and an Interest originated from a single consumer (unicast Interest).
A multicast Interest sent by router to router states: the name of a multicast group , the distance from router to the source of the multicast group , and a multicast counter () used for pacing.
A multicast data packet states the name of the multicast group , a security payload , a multicast counter , plus the content payload. A multicast reply states the reason for the reply and the current value of the multicast counter.
Router maintains a multicast anonymous routing table () that contains the forwarding state to the receivers of multicast groups. Each entry in specifies a multicast group name, the value of the multicast counter (), and a list of next hops to the group of receivers who have sent Interests for the group. If router has local receivers for group , the entry for the group in includes router as a next hop to the receivers of the group.
Router also maintains a group membership table () that lists the mappings of multicast group names to the lists of local receivers that requested to join the groups. The GMT entries allow the router to deliver multicast content to local receivers of specific groups.
Iii-E2 Multicast Content Dissemination
The key difference of the way in which CCN-GRAM forwards multicast traffic compared to NDN or CCNx is that a MART maintains per-group forwarding state, while a PIT maintains per-Interest forwarding state. Figure 4 illustrates the forwarding of multicast Interests and multicast content in CCN-GRAM. There is no need for anonymous identifiers for multicast content forwarding, because all consumers of a group must receive the same multicast COs, which are forwarded using multicast group names.
A content consumer requests to join a multicast group as a receiver by sending a multicast Interest with .
If router has multiple local receivers or neighbor routers requesting to join the same multicast group , router forwards multicast Interest only once towards the source of the multicast group based on the information in its FIB. Router simply adds new local consumers to the entry for in or new next hops to multicast receivers in .
Router forwards multicast data packets based on the group names stated in the packets and the next hop stored in its MART entries, and discards the data packet if no MART entry exists for the multicast group. A similar approach is used for replies to Interests regarding multicast groups.
The dissemination of multicast data packets over the MFT of a multicast group can be of two types. A multicast source can push multicast data towards the receivers, or the receivers can pull data from the source by submitting Interests.
Push-based dissemination: The only forwarding state needed in CCN-GRAM for push-based multicast dissemination consists of the name of a multicast group and the names of the next hops towards the group receivers. In this mode, the value of an entry in a MART is updated with each multicast data packet forwarded by the router towards the receivers.
Pull-based dissemination: CCN-GRAM can also support pull-based multicast dissemination with no need for per-Interest forwarding state. An exemplary approach consists of a source-pacing algorithm based on the values carried in Interests and data packets. Each receiver increments the value of Interests it sends for the group asking for the next piece of multicast content from the source. When router receives multicast Interest from a neighbor router or a local content consumer , it forwards the Interest only if , where is the current value stored in for the multicast group. Router updates the value in as it forwards the Interest, and subsequent Interests with the same value of are simply dropped. As a result, each router in an MFT forwards a single copy of any Interest asking for the next multicast content object towards the source. This is like aggregating Interests for a multicast group over the MFT of the group, but with no need to store per-Interest forwarding state.
Iv Performance Comparison
We compare the forwarding entries needed to forward Interests and responses in NDN and CCN-GRAM, as well as the end-to-end delays incurred, using simulation experiments based on implementations of NDN and CCN-GRAM in the ndnSIM simulation tool . The NDN implementation was used without modifications, and CCN-GRAM was implemented in the ndnSIM tool following Algorithms 1 to 4.
The network topology consists of 150 routers distributed uniformly in a 100m 100m area and routers with distance of 15m or less are connected with point-to-point links of delay 15ms. The data rates of the links are set to 1Gbps to eliminate the effects that a sub-optimal implementation of CCN-GRAM or NDN may have on the results. Only 10 routers chosen randomly are connected to local content producers of multiple name prefixes, 50 other routers are connected to local content consumers, and all routers act as relays. This choice was made to illustrate the existence of a “network edge” and the fact that only a relatively small number of sites host content producers. Interests are generated with a Zipf distribution with parameter and producers are assumed to publish 1,000,000 different COs. Each cache can store up to 1000 objects, or 0.1% of the content published in the network. This caching capacity was selected to compare on-path caching with edge caching when Interests must be forwarded in the network, rather than being answered with locally cached content.
We considered total Interest rates per router of 50, 100, 500, and 2000 objects per second corresponding to the sum of Interests from the local consumers connected to a router. The increasing values of total request rates can be viewed as higher request rates from a constant user population of local active users per router, or an increasing population of active users per router. The Interest rates we assume are actually very low according to recent results addressing the size that PITs would have under realistic Internet settings [8, 22, 23, 21].
We considered on-path caching and edge caching. For the case of on-path caching, every router on the path traversed by a data packet from the producer to the consumer caches the CO in its local cache. On the other hand, with edge caching, only the router directly connected to the requesting consumer caches the resulting CO. All caches are LRU.
Iv-a Size of Forwarding Tables
Figure 5 shows the average size and standard deviation of the sizes of PITs, ARTs and LIGHTs on a logarithmic scale as functions of Interest rates. The size of LIGHTs corresponds only to the number of local Interests pending responses. The number of entries corresponding to content cached locally can be up to 1000 for both NDN and CCN-GRAM.
As the figure shows, the size of PITs grows dramatically as the rate of content requests increases, which is expected given that PITs maintain per-Interest forwarding state. By contrast, the size of ARTs, which is the only forwarding state stored by relay routers, is only a small fraction of the total number of routers and remains fairly constant with respect to the content request rates, which is always one or multiple orders of magnitude smaller than the average PIT size. The size of LIGHTs is a function of the number of COs requested locally or cached on path, but the average size of a LIGHT is an order of magnitude smaller than the average size of a PIT. The size of a ART is independent of where content is being cached, given that an ART entry is stored independently of how many Interests traverse the route. Interestingly, edge-caching renders only slightly larger PIT sizes than on-path caching in NDN.
Iv-B Average Delays
Figure 6 shows the average end-to-end delay for NDN and CCN-GRAM as a function of content request rates for on-path caching and edge caching. As the figure shows, the average delays for NDN and CCN-GRAM are comparable for all values of the content request rates. This should be expected, given that the static, loop-free routes in the FIBs prevent Interests to “wait to infinity” in PITs, the signaling overhead incurred by NDN and CCN-GRAM is similar, and in-network caching obviates the need for Interest aggregation.
V Conclusions and Future Work
We presented simulation results showing that Interest aggregation rarely occurs when in-network caching is used. Our analysis is limited; however, our detailed characterization of Interest aggregation via analytical modeling and simulation analysis  renders the same conclusion.
We introduced CCN-GRAM to eliminate the performance limitations associated with PITs. CCN-GRAM is the first approach to Interest-based content-centric networking that supports the forwarding of Interests and responses to them using datagrams that do not reveal the identity of their origins to forwarding routers, caching sites, or content providers.
Simulation experiments were used to show that end-to-end delays incurred in CCN-GRAM and NDN are similar when either edge caching or on-path caching is used, but the storage requirements for CCN-GRAM are orders of magnitude smaller than for NDN. The results for CCN-GRAM indicate that it could be deployed with only routers at the edge maintaining LIGHTs and caches. Additional work is needed to make the forwarding of Interests in CCN-GRAM as efficient as the forwarding of responses to Interests using ARTs. The goal is to enable Interest forwarding at Internet scale that does not require routers to look up FIBs with billions of name-prefix entries as is the case in NDN and CCNx.
Both ARTs and PITs must be updated when the paths traversed by Interests and their responses must change due to congestion, topology changes, or mobility of consumers and providers. Yi et al  argue that per-Interest forwarding state enables faster response to topology changes and congestion, because local repair mechanisms can be used. However, multipath routing, and dynamic load balancing schemes based on datagram forwarding have been shown to attain results very close to optimal routing  and can be easily applied to CCN-GRAM in the future.
CCN-GRAM can use the same content security features adopted in CCNx and NDN to limit or eliminate cache poisoning attacks, because it makes no modifications to the way in which content is protected in data packets or how a name can be securely linked to the payload of a CO. However, CCN-GRAM enjoys an enormous advantage over CCNx and NDN in that it eliminates the ability for malicious users to mount Interest-flooding attacks aimed at overwhelming the forwarding tables of routers [16, 23]. An ART entry can be added only for valid local identifiers at each router and for routes that satisfy the ordering constraint imposed with LFR. Given that both conditions are managed in the control plane, mounting attacks on ARTs is much more difficult than simply having users send Interests for COs corresponding to valid name prefixes.
-  A. Afanasyev et al., “ndnSIM: NDN simulator for ns-3”, University of California, Los Angeles, Tech. Rep, 2012.
-  A. Afanasyev et al., “Interest-flooding Attack and Countermeasures in Named Data Networking,” Proc. IFIP Networking ‘13, May 2013.
AT&T, “The Quality of Internet Service: AT&T’s Global IP Network Performance Measurements,” 2003.
-  P. Baran, “On Distributed Communications: I. Introduction fo Distributed Communication Networks,” Memorandum RM-3420-PR, The RAND Corporation, Aug. 1964.
Content Centric Networking Project (CCN) [online].
-  A. Dabirmoghaddam et al., “Understanding Optimal Caching and Opportunistic Caching at The Edge of Information Centric Networks,” Proc. ACM ICN ‘14, Sept. 2014.
-  A. Dabirmoghaddam, M. Dehghan, and J.J. Garcia-Luna-Aceves, “Characterizing Interest Aggregation in Content-Centric Networks,” Proc. IFIP Networking 2016, May 2016.
-  H. Dai el al., “On Pending Interest Table in Named Data Networking,” Proc. ACM ANCS ‘12, Oct. 2012.
-  C. Fricker et al., “Impact of traffic mix on caching performance in a content-centric network,” Proc. IEEE NOMEN Workshop ‘12, 2012.
-  J.J. Garcia-Luna-Aceves, “Name-Based Content Routing in Information Centric Networks Using Distance Information,” Proc. ACM ICN ‘14, Sept. 2014.
-  J.J. Garcia-Luna-Aceves, “A Fault-Tolerant Forwarding Strategy for Interest-based Information Centric Networks,” Proc. IFIP Networking ‘15, May 2015.
-  J.J. Garcia-Luna-Aceves and M. Mirzazad-Barijough, “Enabling Correct Interest Forwarding and Retransmissions in a Content Centric Network,” Proc. ACM ANCS ‘15, May 2015.
-  J.J. Garcia-Luna-Aceves, “A More Scalable Approach to Content Centric Networking,” Proc. IEEE ICCCN ‘15, Aug. 3-6, 2015.
-  J.J. Garcia-Luna-Aceves, “Eliminating Undetected Interest Looping in Content Centric Networks,” Proc. IEEE NOF ‘15, Sept. 30-Oct. 2, 2015.
-  J.J. Garcia-Luna-Aceves and M. Mirzazad-Barijough, “A Light-Weight Forwarding Plane for Content Centric Networks,” Proc. IEEE ICNC ‘16, Feb. 2016.
-  P. Gasti et al., “DoS and DDoS in Named Data Networking,” Proc. IEEE ICCCN ‘13, 2013.
-  A.K.M. Mahmudul-Hoque et al., “NSLR: Named-Data Link State Routing Protocol,” Proc. ACM ICN ‘13, 2013.
-  NDN Project [online]. http://www.named-data.net/
-  J. Raju et al., “System and Method for Information Object Routing in Computer Networks,” U.S. Patent 7,552,233, June 23, 2009
-  M. Spohn and J.J. Garcia-Luna-Aceves, “Neighborhood Aware Source Routing,” Proc. ACM MobiHoc 2001, Oct. 2001.
-  C. Tsilopoulos et al., “Reducing Forwarding State in Content-Centric Networks with Semi-Stateless Forwarding,” Proc. IEEE INFOCOM ‘14, April 2014.
-  M. Varvello et al., “On The Design and Implementation of a Wire-Speed Pending Interest Table,” Proc. IEEE Infocom NOMEN Workshop ‘13, April 2013.
-  M. Virgilio et al., “PIT Overload Analysis in Content Centric Networks,” Proc. ACM ICN ‘13, Aug. 2013.
-  S. Vutukury and J.J. Garcia-Luna-Aceves, “A Simple Approximation to Minimum-Delay Routing,” Proc. ACM SIGCOMM ‘99, Aug. 1999.
-  M. Wahlisch et al., “Lessons from the Past: Why Data-driven States Harm Future Information-Centric Networking,” IFIP Networking ‘13, May 2013.
-  M. Wahlisch et al., “Backscatter from The Data Plane? Threats to Stability and Security in Information-Centric Network Infrastructure,” Computer Networks, Vol. 57, No. 16, Nov. 2013.
-  C. Yi et al., “A Case for Stateful Forwarding Plane,” Computer Communications, pp. 779-791, 2013.
-  L. Zhang et al., “Named Data Networking,” ACM SIGCOMM Computer Communication Review, Vol. 44, No. 3, July 2014.