1 / 34

Models and techniques for verification of Software Defined Networks

Models and techniques for verification of Software Defined Networks. Applied Research Center for Computer Networks. Outline. Introduction. Software Defined Networks. SDN. Packet Forwarding Policies. PFP. Model. Policy language. FO[TC]. Verifying monitor. Vermont.

milos
Download Presentation

Models and techniques for verification of Software Defined Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Models and techniquesfor verification ofSoftware Defined Networks Applied Research Center for Computer Networks

  2. Outline Introduction Software Defined Networks SDN Packet Forwarding Policies PFP Model Policy language FO[TC] Verifying monitor Vermont Experiments & Comparison

  3. What is SDN? What is Software Defined Network? Conventional network Application Forwarding state Host Port Link Switch B A

  4. What is SDN? Conventional network Task How to forward a packet Application Topology … Forwarding state Packet Packet Packet B A

  5. What is SDN? Conventional network Application Forwarding state decentralized control non-uniformity App App FS FS B App App FS A FS

  6. What is SDN? Conventional network SDN Controller decentralized control centralized control uniformity non-uniformity App App FS FS B App App FS A FS

  7. What is SDN? SDN Controller Application centralized control uniformity Control plane OpenFlow Data plane FS FS B FS A FS

  8. What is SDN? SDN Controller Application Upd Upd centralized control uniformity Control plane OpenFlow Ok, I can do it Don’t know what to do Data plane FS FS B FS A FS

  9. What is PFP? What is Packet Forwarding Policy? Example: Requirements imposed on a network to guarantee that its behavior is safe correct secure …

  10. What is PFP? Example: Reachability Packets from the host A will eventually reach the host B B A

  11. What is PFP? Example: No topological loops Packets do not traverse the same switch twice B A

  12. What is PFP? Example: Short routes only All hosts are reached in at most 3 hops B A

  13. What is PFP? Why ? Hardware errors Software (application) errors We want to check if PFPs hold in a real SDN Static and consider PFPs Timeline w.r.t. to

  14. How to check PFPs? Policies Network Fast! M P ~ 10μs Network model Formal specification Fast! ⊧ M P ~ 10μs Model checking

  15. Packet state Switch #2 Port#1 Header #h2 Switch #1 Port#1 Header#h1 Switch #4 Port #1 Header#h3 h3 h2 B h1 h4 Switch #4 Port#3 Header #h4 A

  16. Packet state Switch #2 Port#1 Header #h2 Switch #w Port#p Header #h Switch #1 Port#1 Header#h1 Switch #4 Port #1 Header#h3 B Switch #4 Port#3 Header #h4 A

  17. Packet state Switch #w Port#p Header #h Switch #w Port#p Header #h sizew sizep sizeh S is the set of all packet states

  18. Raw model is an explicit description of key SDN components such as: (p1, h1) (p2, h2) rule (p, h) … (pk, hk)

  19. Raw model is an explicit description of key SDN components such as: table (p1, h1) rule (p2, h2) rule (p, h) rule … rule (pk, hk) default

  20. Raw model is an explicit description of key SDN components such as: Switch … (p1, h1) table table (p2, h2) … (p, h) … … (pk, hk)

  21. Relational model Step ⊆ S x S In ⊆ S Out ⊆ S

  22. Relational model Step ⊆ S x S (x, y) BDD In (x) ⊆ S BDD Out (x) ⊆ S BDD

  23. PFP Specification Language: syntax In Step Out (x) (x, y) (x) Atoms: ⌝ First order logic constructors: ⋁ & ∀ ∃ x = y x = const State equalities: x.w = y.w x.w = const x.p = y.p x.p = const x.h = y.h x.h = const Closure constructors: + F (x, y) – transitive closure [i1, i2] F (x, y) – bounded transitive closure

  24. PFP SL: semantics (Step, In, Out, …) Given a relational model F (x1, …, xn) a PFP SL formula defines a relation RF ⊆ S × … × S n times How?

  25. PFP SL: semantics (Step, In, Out, …) Given a relational model F (x1, …, xn) a PFP SL formula defines a relation RF ⊆ S × … × S n times How? Step In (x) (x, y) Obvious Out (x) … = …

  26. PFP SL: semantics (Step, In, Out, …) Given a relational model F (x1, …, xn) a PFP SL formula defines a relation RF ⊆ S × … × S n times F1 F2 (…) (…) How? Union ⋁ F1 F2 (…) (…) Intersection & F (…) ⌝ Complement

  27. PFP SL: semantics (Step, In, Out, …) Given a relational model F (x1, …, xn) a PFP SL formula defines a relation RF ⊆ S × … × S n times How? F ∀ x (…) Universal projection F ∃ x (…) Existential projection

  28. PFP SL: semantics (Step, In, Out, …) Given a relational model F (x1, …, xn) a PFP SL formula defines a relation RF ⊆ S × … × S n times + How? F (x, y) Transitive closure [i1, i2] F (x, y) Bounded transitive closure

  29. PFP SL: examples Reachability y A B Step * ∀ x (x) ∃ (y) & (x, y) No topological loops In Step * ⌝ ∃ x,y,z (x) (x, y) & & + Step (y, z) y.w = z.w & Short routes only In Out ⌝ (x) (y) ∃ x,y & & + [1, 3] Step Step ⌝ (x, y) (x, y) &

  30. What else? Network continuously changes adequate Model should be at every instant We should be able to update Model on-line Model The update rate for Network should surpass the update rate for We can do it not discussed (to some extent)

  31. How does it work? Controller Loader Main usage now: Checker Proxy Network

  32. We tested it for Stanford University Network • 16 switches • Fat Tree topology • 48 tables • 757000 forw. rules • 1500 ACL rules • >100 VLAN

  33. Tool comparison

  34. The End Me: valdus@yandex.ru

More Related