Towards correct network virtualization

In SDN, the underlying infrastructure is usually abstracted for applications that can treat the network as a logical or virtual entity. Commonly, the ``mappings" between virtual abstractions and their actual physical implementations are not one-to-one, e.g., a single "big switch" abstract object might be implemented using a distributed set of physical devices. A key question is, what abstractions could be mapped to multiple physical elements while faithfully preserving their native semantics? E.g., can an application developer always expect her abstract "big switch" to act exactly as a physical big switch, despite being implemented using multiple physical switches in reality? We show that the answer to that question is "no" for existing virtual-to-physical mapping techniques: behavior can differ between the virtual "big switch" and the physical network, providing incorrect application-level behavior. We also show that that those incorrect behaviors occur despite the fact that the most pervasive and commonly-used correctness invariants, such as per-packet consistency, are preserved throughout. These examples demonstrate that for practical notions of correctness, new systems and a new analytical framework are needed. We take the first steps by defining end-to-end correctness, a correctness condition that focuses on applications only, and outline a research vision to obtain virtualization systems with correct virtual to physical mappings.

[1]  Leslie Lamport,et al.  Time, clocks, and the ordering of events in a distributed system , 1978, CACM.

[2]  Martín Casado,et al.  Rethinking Enterprise Network Control , 2009, IEEE/ACM Transactions on Networking.

[3]  David Walker,et al.  Incremental consistent updates , 2013, HotSDN '13.

[4]  Arun Venkataramani,et al.  Consensus Routing: The Internet as a Distributed System. (Best Paper) , 2008, NSDI.

[5]  Minlan Yu,et al.  Rethinking virtual network embedding: substrate support for path splitting and migration , 2008, CCRV.

[6]  Albert G. Greenberg,et al.  VL2: a scalable and flexible data center network , 2009, SIGCOMM '09.

[7]  David A. Maltz,et al.  DCTCP: Efficient Packet Transport for the Commoditized Data Center , 2010 .

[8]  Ratul Mahajan,et al.  On consistent updates in software defined networks , 2013, HotNets.

[9]  Rob Sherwood,et al.  Can the Production Network Be the Testbed? , 2010, OSDI.

[10]  Sujata Banerjee,et al.  DevoFlow: scaling flow management for high-performance networks , 2011, SIGCOMM.

[11]  David Walker,et al.  Composing Software Defined Networks , 2013, NSDI.

[12]  David Walker,et al.  Abstractions for network update , 2012, SIGCOMM '12.

[13]  Jia Wang,et al.  Scalable flow-based networking with DIFANE , 2010, SIGCOMM '10.

[14]  Angelos D. Keromytis,et al.  Implementing a distributed firewall , 2000, CCS.

[15]  George Varghese,et al.  Header Space Analysis: Static Checking for Networks , 2012, NSDI.

[16]  Martín Casado,et al.  Virtualizing the network forwarding plane , 2010, PRESTO '10.

[17]  Brighten Godfrey,et al.  Towards correct network virtualization , 2015, SIGCOMM 2015.

[18]  Martín Casado,et al.  Network Virtualization in Multi-tenant Datacenters , 2014, NSDI.

[19]  Brighten Godfrey,et al.  VeriFlow: verifying network-wide invariants in real time , 2012, HotSDN '12.

[20]  David Walker,et al.  Transparent, Live Migration of a Software-Defined Network , 2014, SoCC.