• United States

Introducing Named Data Networking

Oct 11, 20189 mins
Network SecurityNetworkingRouters

No more IP addresses.

Data matrix networking connections system
Credit: Thinkstock

While computing, storage and programming have dramatically changed and become simpler and cheaper over the last 20 years, however, IP networking has not. IP networking is still stuck in the era of mid-1990s.

Realistically, when I look at ways to upgrade or improve a network, the approach falls into two separate buckets. One is the tactical move and the other is strategic. For example, when I look at IPv6, I see this as a tactical move. There aren’t many business value-adds.

In fact, there are opposites such as additional overheads and minimal internetworking QoS between IPv4 & v6 with zero application awareness and still a lack of security. Here, I do not intend to say that one should not upgrade to IPv6, it does give you more IP addresses (if you need them) and better multicast capabilities but it’s a tactical move.

However, when I spoke to Sorell Slaymaker and researched over Named Data Networking (NDN), I found this very much as a strategic move that adds value to next-gen applications such as AR/VR, IoT, driverless cars and 5G.

Problematic landscape

The core problem of IP networking is that it is location based. Everything has an IP address that defines “where” the location is. However, we live in an information-centric world. Thence, instead of using IP addresses, which is the “where,” why not use something that describes the content; the “what.” Do you see where I’m coming from?

With Named Data Networking, the naming schema at the application data layer becomes the names at the networking layer. Therefore, there is no need for IP addresses anymore or upgrades to IPv6. We still have the open systems interconnection model (OSI) model and the protocol stack but we are just taking out the IP part.

Let’s understand it with an example. Today, when we dial phone numbers, although, they are numbers, but the physical addresses are actually the names. If I want to send a package to someone, I send it to the physical address that has a name attached to it. Those names can be descriptive and hierarchical. Just take a look at the ZIP code format. Let’s say, I want to ship a box to 100 people in the neighborhood. I can do it without having everyone’s complete address. It can be done with names based on the hierarchical structure of the ZIP code. This hierarchy naming concept is similar to that of Named Data Networking.

What is Named Data Networking?

Named Data Networking started in 2010 as an NSF research project that was used to create the architecture for the future Internet. Today, it completely changes the paradigm used by traditional networks.

Named Data Networking is a network service that has been evolving the Internet’s host-based packet delivery model. NDN directly retrieves the objects by name in a secure, reliable and efficient way. The prime objective is to secure information from the users all the way to the data and not just from the host or client-server communication, what transport layer security (TLS) normally does.

Unlike TLS, which carries users all the way to the host or container, NDN takes us to the next level and secures data from the user to the actual data. TLS only encrypts the channel and does not encrypt from the user through the application to the data.

When you are encrypting at the data level, you no longer need middleboxes. Everything is done in a single software stack that can be run everywhere.

Routers are not stateful

Today’s routers are not stateful. This is the reason why there are “middle” boxes in the network such as wide area network (WAN) optimizers, firewalls and load balancers, all of which have state.

However, NDN puts state back into the routers. You take the metadata, the data schema that is used to describe the data at the application layer and place it into the network layers. This way, at the networking layer, you are routing based on the hierarchy of names as opposed to IP addresses.

Since the metadata is cascading down into the network level, so now it can be cached and distributed. When you are routing a datagram, you are using the metadata for routing as opposed to an IP address. This enables the use of the same name at both; the application/data layer and network layer, creating a hierarchical naming schema. Also, by creating routers that have state, you can cache the data and provide additional features across disparate networks such as multipath networking.

Essentially, with IP you have a single path. Although there are mechanisms like equal-cost multi-path routing (ECMP), that’s only within a single network. BGP multipath can be used but not across multiple AS’s. Therefore, the chances are likely that you are going to hit limitations here.

Whereas, NDN allows you to use multiple networks concurrently. Today, your mobile phone can only use one network at any given time. If it changes to another, it will result in an IP address change with the sessions dropping every time you switch. However, with NDN, your mobile phone can use multiple networks concurrently in the future.

How does it work?

Instead of using IP and domain name system (DNS), you are embedding name into the routing. Today all the naming is done through DNS. DNS translates a name into an IP address and routing is done based on IP addresses.

With NDN, you are managing the routing and security natively with names while getting rid of the IP addresses. It uses its own routing protocol which has similar properties to the OSPF link state protocol.

One of its routing protocols is named as link state routing. It’s an open source code that you can download as an instance to run on a virtual server, IOS, and Android device. At the same time, it’s still possible to have IP with NDN. You can have IP in the middle and NDN can run on top of IP. So if you have an IP network and you run NDN as the overlay, it could run on a Kubernetes container, or open source Linux stack but not on proprietary Cisco or Juniper equipment.


Transmission control protocol (TCP) window has been around for decades, and WAN optimizer can add clever things to improve throughput, but ultimately you are still dealing with TCP and window sizes.

TCP can go in waves. For example, you could have 20 TCP sessions, while all of a sudden you start to drop packets, everyone drops down the window and slows down. Eventually, you have less traffic.

However, if you are not dropping packets anymore, the window sizes get bigger and you can begin the transmission faster again. But it’s not as simple as that because it still depends on the buffers sizes, either big or small and whether or not intelligent buffering is employed.

Contrarily, NDN removes all this complexity. It offers lower latency that empowers you with a mechanism to transfer files faster than when you are using TCP windowing.

It sends data faster over a named data pipe compared to what you can in a traditional IP/TCP world. This achieves very low latency that is useful for an AR/VR application, which needs a latency of 5ms or less. These applications must run at edge computing sites. Factually, it is complex to reach the 5ms user mark on a traditional IP network. 

Use cases

A lot of the next-gen applications are better supported with this architecture. Today’s multicast is more of a broadcast world. For example, let’s say you want to do reverse multicast where you have a video in your phone that you want it to go to 10000 people. Today you would need to go to YouTube or some other forwarding channel. However, in the future with NDM, you could do this natively in a publish & interest model.

In addition to mobility, with Named Data Networking we are getting into the “what” and not the “where” because we are IP address independent. You can have data in a lot of different locations and you don’t have to tie the application or instance to a specific IP address.


What does the future hold for Named Data Networking? Well, let’s put it this way, we grew up with IP and this breaks the paradigm. Although, I know it’s hard to think about but if you talk to devops, it’s an easy win.

Named Data Networking has many derivatives such as Information Centric Naming and Content Centric Networking. There is an open source project within the community in the Linux Foundation, called Community ICN (CICN). Besides, Cisco is also getting involved and will be contributing its own ICN software, including the CCN software acquired from PARC, to this open-source project in order to accelerate the ICN development.

Precisely, both Named Data Networking and AR are the most interesting and forward-thinking technologies to date. Intel and NSF are sponsoring the research in this area and they have some working prototypes. Object recognition and classification is really coming along.

However, there are a lot of security questions that still need to work out. One of the significant questions that still stand tall is that the names are not encrypted, it is just the data. The name might give away too much information than what it ought to be revealed. At this moment in time, there is no agreement framed on the naming/data model. For more information on NDN, please visit


Matt Conran has more than 19 years of networking industry with entrepreneurial start-ups, government organizations and others. He is a lead Architect and successfully delivered major global greenfield service provider and data center networks. Core skill set includes advanced data center, service provider, security and virtualization technologies. He loves to travel and has a passion for landscape photography.

The opinions expressed in this blog are those of Matt Conran and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.