Scalable Verification of Networks With Packet Transformers Using Atomic Predicates

Packet transformers are widely used in ISPs, datacenter infrastructures, and layer-2 networks. Existing network verification tools do not scale to large networks with transformers (e.g., MPLS, IP-in-IP, and NAT). Toward scalable verification, we conceived a novel packet equivalence relation. For networks with packet transformers, we first present a formal definition of the packet equivalence relation. Our transformer model is general, including most transformers used in real networks. We also present a new definition of atomic predicates that specify the coarsest equivalence classes of packets in the packet space. We designed an algorithm for computing these atomic predicates. We built a verifier, named Atomic Predicates for Transformers, and evaluated its performance using four network data sets with MPLS tunnels, IP-in-IP tunnels, and NATs. For a provider cone data set with 11.6 million forwarding rules, 92 routers, 1920 duplex ports, and 40 MPLS tunnels which use 170 transformers, APT used only 0.065 s, on average, to compute the reachability tree from a source port to all other ports for all packets and perform loop detection as well. For the Stanford and Internet2 data sets with NATs, APT is faster than HSA (Hassel in C implementation) by two to three orders of magnitude. By working with atomic predicates instead of individual packets, APT achieves verification performance gains by orders of magnitude.

[1]  Samuel T. King,et al.  Debugging the data plane with anteater , 2011, SIGCOMM 2011.

[2]  Albert G. Greenberg,et al.  On static reachability analysis of IP networks , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[3]  Brian Zill,et al.  Constructing optimal IP routing tables , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[4]  Ehab Al-Shaer,et al.  Network configuration in a box: towards end-to-end verification of network reachability and security , 2009, 2009 17th IEEE International Conference on Network Protocols.

[5]  George Varghese,et al.  Checking Beliefs in Dynamic Networks , 2015, NSDI.

[6]  Costin Raiciu,et al.  SymNet: Scalable symbolic execution for modern networks , 2016, SIGCOMM.

[7]  Olaf Maennel,et al.  Internet optometry: assessing the broken glasses in internet reachability , 2009, IMC '09.

[8]  George Varghese,et al.  Scaling network verification using symmetry and surgery , 2016, POPL.

[9]  Ehab Al-Shaer,et al.  FlowChecker: configuration analysis and verification of federated openflow infrastructures , 2010, SafeConfig '10.

[10]  Alex X. Liu,et al.  Quantifying and Verifying Reachability for Access Controlled Networks , 2013, IEEE/ACM Transactions on Networking.

[11]  Hongkun Yang,et al.  Real-time verification of network properties using Atomic Predicates , 2013, 2013 21st IEEE International Conference on Network Protocols (ICNP).

[12]  George Varghese,et al.  Usenix Association 10th Usenix Symposium on Networked Systems Design and Implementation (nsdi '13) 99 Real Time Network Policy Checking Using Header Space Analysis , 2022 .

[13]  E. Allen Emerson,et al.  Temporal and Modal Logic , 1991, Handbook of Theoretical Computer Science, Volume B: Formal Models and Sematics.

[14]  Hongkun Yang,et al.  Collaborative Verification of Forward and Reverse Reachability in the Internet Data Plane , 2014, 2014 IEEE 22nd International Conference on Network Protocols.

[15]  Brighten Godfrey,et al.  VeriFlow: verifying network-wide invariants in real time , 2012, HotSDN '12.

[16]  Antonio Manzalini,et al.  Formal Verification of Virtual Network Function Graphs in an SP-DevOps Context , 2015, ESOCC.

[17]  Sofia Cassel,et al.  Graph-Based Algorithms for Boolean Function Manipulation , 2012 .

[18]  Paul Barford,et al.  On the prevalence and characteristics of MPLS deployments in the open internet , 2011, IMC '11.

[19]  Jitendra Padhye,et al.  Duet: cloud scale load balancing with hardware and software , 2015, SIGCOMM.

[20]  George Varghese,et al.  Header Space Analysis: Static Checking for Networks , 2012, NSDI.