Research on network programming language and policy conflicts for SDN

Through network programmability, software defined network can simplify network control and management. Since the current software defined network southbound interface level is low and programming situation is complex, it requires a high‐level abstract programming language to simplify programming. First, this paper improves the NetCore programming language to generate NetCore‐M language, so that it can support deployment of multipolicies combination including packet drop action. This paper describes in detail the syntax, semanteme, and implementation of NetCore‐M language forwarding policy service. Secondly, this paper describes the network policy conflict systematically. Finally, this paper shows that the modified multipolicies combination algorithm can effectively detect policies conflicts based on the implementation of the Pyretic project.

[1]  David Walker,et al.  A compiler and run-time system for network programming languages , 2012, POPL '12.

[2]  Shang Gao,et al.  FloodDefender: Protecting data and control plane resources under SDN-aimed DoS attacks , 2017, INFOCOM.

[3]  Gail-Joon Ahn,et al.  FLOWGUARD: building robust firewalls for software-defined networks , 2014, HotSDN.

[4]  Nick McKeown,et al.  OpenFlow: enabling innovation in campus networks , 2008, CCRV.

[5]  Gérard Berry,et al.  The chemical abstract machine , 1989, POPL '90.

[6]  Russell J. Clark,et al.  Kinetic: Verifiable Dynamic Network Control , 2015, NSDI.

[7]  Ion Stoica,et al.  Declarative routing: extensible routing with declarative queries , 2005, SIGCOMM '05.

[8]  David Walker,et al.  Modular SDN Programming with Pyretic , 2013, login Usenix Mag..

[9]  Kostas Pentikousis,et al.  Software-Defined Networking (SDN): Layers and Architecture Terminology , 2015, RFC.

[10]  Nick Feamster,et al.  Procera: a language for high-level reactive network control , 2012, HotSDN '12.

[11]  Ivan Perez,et al.  Functional Reactive Programming , , 2017 .

[12]  Xu Chen,et al.  Declarative configuration management for complex and dynamic networks , 2010, CoNEXT.

[13]  Henrik Nilsson,et al.  Functional reactive programming, continued , 2002, Haskell '02.

[14]  Xin Jin,et al.  Incremental update for a compositional SDN hypervisor , 2014, HotSDN.

[15]  David Walker,et al.  Frenetic: a network programming language , 2011, ICFP.

[16]  Manuel M. T. Chakravarty Proceedings of the 2002 ACM SIGPLAN workshop on Haskell , 2002 .

[17]  Yau-Hwang Kuo,et al.  Flow entry conflict detection scheme for software-defined network , 2015, 2015 International Telecommunication Networks and Applications Conference (ITNAC).

[18]  Paul Francis,et al.  CONMan: a step towards network manageability , 2007, SIGCOMM 2007.

[19]  Jamal Hadi Salim,et al.  Forwarding and Control Element Separation (ForCES) Protocol Specification , 2010, RFC.

[20]  Mabry Tyson,et al.  A security enforcement kernel for OpenFlow networks , 2012, HotSDN '12.

[21]  Jason Hickey Introduction to the Objective Caml Programming Language , 2002 .