4,521 research outputs found
Event-Driven Network Programming
Software-defined networking (SDN) programs must simultaneously describe
static forwarding behavior and dynamic updates in response to events.
Event-driven updates are critical to get right, but difficult to implement
correctly due to the high degree of concurrency in networks. Existing SDN
platforms offer weak guarantees that can break application invariants, leading
to problems such as dropped packets, degraded performance, security violations,
etc. This paper introduces EVENT-DRIVEN CONSISTENT UPDATES that are guaranteed
to preserve well-defined behaviors when transitioning between configurations in
response to events. We propose NETWORK EVENT STRUCTURES (NESs) to model
constraints on updates, such as which events can be enabled simultaneously and
causal dependencies between events. We define an extension of the NetKAT
language with mutable state, give semantics to stateful programs using NESs,
and discuss provably-correct strategies for implementing NESs in SDNs. Finally,
we evaluate our approach empirically, demonstrating that it gives well-defined
consistency guarantees while avoiding expensive synchronization and packet
buffering
Semantic validation of affinity constrained service function chain requests
Network Function Virtualization (NFV) has been proposed as a paradigm to increase the cost-efficiency, flexibility and innovation in network service provisioning. By leveraging IT virtualization techniques in combination with programmable networks, NFV is able to decouple network functionality from the physical devices on which they
are deployed. This opens up new business opportunities for both Infrastructure Providers (InPs) as well as Service Providers (SPs), where the SP can request to deploy a chain of Virtual Network Functions (VNFs) on top of which its service can run. However, current NFV approaches lack the possibility for SPs to define location requirements and constraints on the mapping of virtual functions and paths onto physical hosts and links. Nevertheless, many scenarios
can be envisioned in which the SP would like to attach placement constraints for efficiency, resilience, legislative, privacy and economic reasons. Therefore, we propose a set of affinity and anti-affinity constraints, which can be used by SPs to define such placement restrictions. This newfound ability to add constraints to Service Function Chain (SFC) requests also introduces an additional risk that SFCs with conflicting constraints are requested or automatically
generated. Therefore, a framework is proposed that allows the InP to check the validity of a set of constraints and provide feedback to the SP. To achieve this, the SFC request and relevant information on the physical topology are modeled as an ontology of which the consistency can be checked using a semantic reasoner. Enabling semantic
validation of SFC requests, eliminates inconsistent SFCs requests from being transferred to the embedding algorithm.Peer Reviewe
Consistent SDNs through Network State Fuzzing
The conventional wisdom is that a software-defined network (SDN) operates under the premise that the logically centralized control plane has an accurate representation of the actual data plane state. Nevertheless, bugs, misconfigurations, faults or attacks can introduce inconsistencies that undermine correct operation. Previous work in this area, however, lacks a holistic methodology to tackle this problem and thus, addresses only certain parts of the problem. Yet, the consistency of the overall system is only as good as its least consistent part. Motivated by an analogy of network consistency checking with program testing, we propose to add active probe-based network state fuzzing to our consistency check repertoire. Hereby, our system, PAZZ, combines production traffic with active probes to continuously test if the actual forwarding path and decision elements (on the data plane) correspond to the expected ones (on the control plane). Our insight is that active traffic covers the inconsistency cases beyond the ones identified by passive traffic. PAZZ prototype was built and evaluated on topologies of varying scale and complexity. Our results show that PAZZ requires minimal network resources to detect persistent data plane faults through fuzzing and localize them quickly
Consistent SDNs through Network State Fuzzing
The conventional wisdom is that a software-defined network (SDN) operates
under the premise that the logically centralized control plane has an accurate
representation of the actual data plane state. Unfortunately, bugs,
misconfigurations, faults or attacks can introduce inconsistencies that
undermine correct operation. Previous work in this area, however, lacks a
holistic methodology to tackle this problem and thus, addresses only certain
parts of the problem. Yet, the consistency of the overall system is only as
good as its least consistent part. Motivated by an analogy of network
consistency checking with program testing, we propose to add active probe-based
network state fuzzing to our consistency check repertoire. Hereby, our system,
PAZZ, combines production traffic with active probes to periodically test if
the actual forwarding path and decision elements (on the data plane) correspond
to the expected ones (on the control plane). Our insight is that active traffic
covers the inconsistency cases beyond the ones identified by passive traffic.
PAZZ prototype was built and evaluated on topologies of varying scale and
complexity. Our results show that PAZZ requires minimal network resources to
detect persistent data plane faults through fuzzing and localize them quickly
while outperforming baseline approaches.Comment: Added three extra relevant references, the arXiv later was accepted
in IEEE Transactions of Network and Service Management (TNSM), 2019 with the
title "Towards Consistent SDNs: A Case for Network State Fuzzing
Applying Formal Methods to Networking: Theory, Techniques and Applications
Despite its great importance, modern network infrastructure is remarkable for
the lack of rigor in its engineering. The Internet which began as a research
experiment was never designed to handle the users and applications it hosts
today. The lack of formalization of the Internet architecture meant limited
abstractions and modularity, especially for the control and management planes,
thus requiring for every new need a new protocol built from scratch. This led
to an unwieldy ossified Internet architecture resistant to any attempts at
formal verification, and an Internet culture where expediency and pragmatism
are favored over formal correctness. Fortunately, recent work in the space of
clean slate Internet design---especially, the software defined networking (SDN)
paradigm---offers the Internet community another chance to develop the right
kind of architecture and abstractions. This has also led to a great resurgence
in interest of applying formal methods to specification, verification, and
synthesis of networking protocols and applications. In this paper, we present a
self-contained tutorial of the formidable amount of work that has been done in
formal methods, and present a survey of its applications to networking.Comment: 30 pages, submitted to IEEE Communications Surveys and Tutorial
SecSip: A Stateful Firewall for SIP-based Networks
SIP-based networks are becoming the de-facto standard for voice, video and
instant messaging services. Being exposed to many threats while playing an
major role in the operation of essential services, the need for dedicated
security management approaches is rapidly increasing. In this paper we present
an original security management approach based on a specific vulnerability
aware SIP stateful firewall. Through known attack descriptions, we illustrate
the power of the configuration language of the firewall which uses the
capability to specify stateful objects that track data from multiple SIP
elements within their lifetime. We demonstrate through measurements on a real
implementation of the firewall its efficiency and performance
Toward Synthesis of Network Updates
Updates to network configurations are notoriously difficult to implement
correctly. Even if the old and new configurations are correct, the update
process can introduce transient errors such as forwarding loops, dropped
packets, and access control violations. The key factor that makes updates
difficult to implement is that networks are distributed systems with hundreds
or even thousands of nodes, but updates must be rolled out one node at a time.
In networks today, the task of determining a correct sequence of updates is
usually done manually -- a tedious and error-prone process for network
operators. This paper presents a new tool for synthesizing network updates
automatically. The tool generates efficient updates that are guaranteed to
respect invariants specified by the operator. It works by navigating through
the (restricted) space of possible solutions, learning from counterexamples to
improve scalability and optimize performance. We have implemented our tool in
OCaml, and conducted experiments showing that it scales to networks with a
thousand switches and tens of switches updating.Comment: In Proceedings SYNT 2013, arXiv:1403.726
- …