Rule-Based Network Service Provisioning

Due to the unprecedented development of networks, manual network service provisioning is becoming increasingly risky, error-prone, expensive, and time-consuming. To solve this problem,rule-based methods can provide adequate leverage for automating various network management tasks. This paper presents a rule-based solution for automated network service provisioning. The proposed approach captures configuration data interdependencies using high-level, service-specific, user-configurable rules. We focus on the service validation task, which is illustrated by means of a case study. Based on numerical results, we analyse the influence of the network-level complexity factors and rule descriptive features on the rule efficiency. This analysis shows the operators how to increase rule efficiency while keeping the rules simple and the rule set compact. We present a technique that allows operators to increase the error coverage, and we show that high error coverage scales well when the complexity of networks and services increases. We reassess the correlation function between specific rule efficiency and rule complexity metrics found in previous work, and show that this correlation function holds for various sizes, types, and complexities of networks and services.

[1]  Khalid El-Arini,et al.  Bayesian detection of router configuration anomalies , 2005, MineNet '05.

[2]  Albert G. Greenberg,et al.  The cutting EDGE of IP router configuration , 2004, Comput. Commun. Rev..

[3]  Julio Berrocal,et al.  Ontology-Based Policy Refinement Using SWRL Rules for Management Information Definitions in OWL , 2006, DSOM.

[4]  Yakov Rekhter,et al.  A Border Gateway Protocol 4 (BGP-4) , 1994, RFC.

[5]  Albert G. Greenberg,et al.  On static reachability analysis of IP networks , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[6]  Pasi Eronen,et al.  An expert system for analyzing firewall rules , 2001 .

[7]  Yechiam Yemini,et al.  NESTOR: an architecture for network self-management and organization , 2000, IEEE Journal on Selected Areas in Communications.

[8]  Yvon Savaria,et al.  Constraint-based configuration complexity model for autonomic network configuration management , 2014, 2014 Global Information Infrastructure and Networking Symposium (GIIS).

[9]  Anupam Joshi,et al.  Utilizing Semantic Tags for Policy Based Networking , 2007, IEEE GLOBECOM 2007 - IEEE Global Telecommunications Conference.

[10]  Ivan Pepelnjak,et al.  MPLS and VPN Architectures , 2000 .

[11]  Franck Le,et al.  Minerals: using data mining to detect router misconfigurations , 2006, MineNet '06.

[12]  Jennifer Rexford,et al.  Automated provisioning of BGP customers , 2003, IEEE Netw..

[13]  F. Perich,et al.  Utilizing semantic policies for managing BGP route dissemination , 2008, IEEE INFOCOM Workshops 2008.

[14]  Randy Bush,et al.  Integrity for virtual private routed networks , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[15]  Sanjai Narain,et al.  Network Configuration Management via Model Finding , 2005, LISA.

[16]  Ratul Mahajan,et al.  Understanding BGP misconfiguration , 2002, SIGCOMM 2002.

[17]  Holger Peine,et al.  A multi-view tool for checking the security semantics of router configurations , 2003, 19th Annual Computer Security Applications Conference, 2003. Proceedings..

[18]  Sylvain Hallé Spécification, validation et satisfiabilité [i.e. satisfaisabilité] de contraintes hybrides par réduction à la logique temporelle , 2008 .

[19]  Lars Wolf,et al.  Automatic Policy Refinement Using OWLS and Semantic Infrastructure Information , 2007 .

[20]  Anja Feldmann,et al.  IP network configuration for intradomain traffic engineering , 2001, IEEE Netw..

[21]  Albert G. Greenberg,et al.  Configuration management at massive scale: system design and experience , 2007, IEEE Journal on Selected Areas in Communications.

[22]  Lixin Gao On inferring autonomous system relationships in the internet , 2001, TNET.

[23]  O. Bonaventure,et al.  Towards validated network configurations with NCGuard , 2008, 2008 IEEE Internet Network Management Workshop (INM).

[24]  Ehab Al-Shaer,et al.  Taxonomy of conflicts in network security policies , 2006, IEEE Communications Magazine.

[25]  Roger Villemaire,et al.  Self-configuration of Network Devices with Configuration Logic , 2006, Autonomic Networking.

[26]  Nick Feamster,et al.  Detecting BGP configuration faults with static analysis , 2005 .

[27]  Yakov Rekhter,et al.  BGP/MPLS VPNs , 1999, RFC.

[28]  Nick Feamster,et al.  Practical verification techniques for wide-area routing , 2004, Comput. Commun. Rev..

[29]  Antonio F. Gómez-Skarmeta,et al.  Managing semantic-aware policies in a distributed firewall scenario , 2007, Internet Res..

[30]  Yvon Savaria,et al.  Constraint-based model for network service provisioning , 2007, Ann. des Télécommunications.

[31]  A. J. Offutt A practical system for mutation testing: help for the common programmer , 1994, Proceedings., International Test Conference.