Delta-net: Real-time Network Verification Using Atoms

Real-time network verification promises to automatically detect violations of network-wide reachability invariants on the data plane. To be useful in practice, these violations need to be detected in the order of milliseconds, without raising false alarms. To date, most real-time data plane checkers address this problem by exploiting at least one of the following two observations: (i) only small parts of the network tend to be affected by typical changes to the data plane, and (ii) many different packets tend to share the same forwarding behaviour in the entire network. This paper shows how to effectively exploit a third characteristic of the problem, namely: similarity among forwarding behaviour of packets through parts of the network, rather than its entirety. We propose the first provably amortized quasi-linear algorithm to do so. We implement our algorithm in a new real-time data plane checker, Delta-net. Our experiments with SDN-IP, a globally deployed ONOS software-defined networking application, and several hundred million IP prefix rules generated using topologies and BGP updates from real-world deployed networks, show that Delta-net checks a rule insertion or removal in approximately 40 microseconds on average, a more than 10X improvement over the state-of-the-art. We also show that Delta-net eliminates an inherent bottleneck in the state-of-the-art that restricts its use in answering Datalog-style "what if" queries.

[1]  Pavlin Radoslavov,et al.  ONOS: towards an open, distributed SDN OS , 2014, HotSDN.

[2]  Alan Jeffrey,et al.  Model Checking Firewall Policy Configurations , 2009, 2009 IEEE International Symposium on Policies for Distributed Systems and Networks.

[3]  Leonardo Linguaglossa Two challenges of Software Networking: Name-based Forwarding and Table Verification. (Deux défis des Réseaux Logiciels : Relayage par le Nom et Vérification des Tables) , 2016 .

[4]  Albert G. Greenberg,et al.  On static reachability analysis of IP networks , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[5]  George Varghese,et al.  Checking Beliefs in Dynamic Networks , 2015, NSDI.

[6]  Ehab Al-Shaer,et al.  Network configuration in a box: towards end-to-end verification of network reachability and security , 2009, 2009 17th IEEE International Conference on Network Protocols.

[7]  Costin Raiciu,et al.  SymNet: Scalable symbolic execution for modern networks , 2016, SIGCOMM.

[8]  Scott Shenker,et al.  Some complexity results for stateful network verification , 2016, Formal Methods in System Design.

[9]  Zhongbo Chen,et al.  Veriflow system analysis and optimization , 2014 .

[10]  Yu Luo,et al.  Simple Testing Can Prevent Most Critical Failures: An Analysis of Production Failures in Distributed Data-Intensive Systems , 2014, OSDI.

[11]  Hongkun Yang,et al.  Real-time verification of network properties using Atomic Predicates , 2013, 2013 21st IEEE International Conference on Network Protocols (ICNP).

[12]  Sharad Malik,et al.  An assertion language for debugging SDN applications , 2014, HotSDN.

[13]  Chen-Nee Chuah,et al.  FIREMAN: a toolkit for firewall modeling and analysis , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[14]  George Varghese,et al.  ddNF: An Efficient Data Structure for Header Spaces , 2016, Haifa Verification Conference.

[15]  Bruno Legeard,et al.  A taxonomy of model‐based testing approaches , 2012, Softw. Test. Verification Reliab..

[16]  Nick McKeown,et al.  A network in a laptop: rapid prototyping for software-defined networks , 2010, Hotnets-IX.

[17]  Matthew Roughan,et al.  The Internet Topology Zoo , 2011, IEEE Journal on Selected Areas in Communications.

[18]  George Varghese,et al.  Automatic Test Packet Generation , 2012, IEEE/ACM Transactions on Networking.

[19]  Junda Liu,et al.  Libra: Divide and Conquer to Verify Forwarding Tables in Huge Networks , 2014, NSDI.

[20]  Vyas Sekar,et al.  Testing stateful and dynamic data planes with FlowTest , 2014, HotSDN.

[21]  Patrick Cousot,et al.  Systematic design of program analysis frameworks , 1979, POPL.

[22]  Olivier Bonaventure,et al.  A Declarative and Expressive Approach to Control Forwarding Paths in Carrier-Grade Networks , 2015, SIGCOMM.

[23]  Ratul Mahajan,et al.  Measuring ISP topologies with Rocketfuel , 2004, IEEE/ACM Transactions on Networking.

[24]  Michael Schapira,et al.  VeriCon: towards verifying controller programs in software-defined networks , 2014, PLDI.

[25]  Nikolaj Bjørner,et al.  Automated Analysis and Debugging of Network Connectivity Policies , 2014 .

[26]  Kathi Fisler,et al.  The Margrave Tool for Firewall Analysis , 2010, LISA.

[27]  Martín Casado,et al.  The Design and Implementation of Open vSwitch , 2015, NSDI.

[28]  Ramesh Govindan,et al.  A General Approach to Network Configuration Analysis , 2015, NSDI.

[29]  George Varghese,et al.  Header Space Analysis: Static Checking for Networks , 2012, NSDI.

[30]  Nick McKeown,et al.  OpenFlow: enabling innovation in campus networks , 2008, CCRV.

[31]  George Varghese,et al.  Real Time Network Policy Checking Using Header Space Analysis , 2013, NSDI.

[32]  Jun Bi,et al.  Seamless interworking of SDN and IP , 2013, SIGCOMM.

[33]  George Varghese,et al.  Scaling network verification using symmetry and surgery , 2016, POPL.

[34]  Ehab Al-Shaer,et al.  FlowChecker: configuration analysis and verification of federated openflow infrastructures , 2010, SafeConfig '10.

[35]  Brighten Godfrey,et al.  VeriFlow: verifying network-wide invariants in real time , 2012, HotSDN '12.

[36]  Alexandra Silva,et al.  A Coalgebraic Decision Procedure for NetKAT , 2015, POPL.

[37]  Rick McGeer Verification of switching network properties using satisfiability , 2012, 2012 IEEE International Conference on Communications (ICC).

[38]  Brian A. Davey,et al.  An Introduction to Lattices and Order , 1989 .

[39]  David Walker,et al.  Compiling Path Queries , 2016, NSDI.

[40]  Brighten Godfrey,et al.  Debugging the data plane with anteater , 2011, SIGCOMM.

[41]  Tianlong Yu,et al.  BUZZ: Testing Context-Dependent Policies in Stateful Networks , 2016, NSDI.

[42]  Thierry Turletti,et al.  A Survey of Software-Defined Networking: Past, Present, and Future of Programmable Networks , 2014, IEEE Communications Surveys & Tutorials.

[43]  Marco Canini,et al.  A NICE Way to Test OpenFlow Applications , 2012, NSDI.

[44]  Peter Bailis,et al.  The network is reliable , 2014, Commun. ACM.

[45]  Nate Foster,et al.  NetKAT: semantic foundations for networks , 2014, POPL.

[46]  Vinod Yegneswaran,et al.  Model checking invariant security properties in OpenFlow , 2013, 2013 IEEE International Conference on Communications (ICC).

[47]  Ratul Mahajan,et al.  Fast Control Plane Analysis Using an Abstract Representation , 2016, SIGCOMM.

[48]  Brian A. Davey,et al.  Introduction to Lattices and Order: Frontmatter , 2002 .