Abstract
Software-defined networking (SDN) is a new paradigm for operating and managing computer networks. SDN enables logically-centralized control over network devices through a "controller" --- software that operates independently of the network hardware. Network operators can run both in-house and third-party SDN programs on top of the controller, e.g., to specify routing and access control policies.
In practice, having the controller handle events limits the network scalability. Therefore, the feasibility of SDN depends on the ability to efficiently decentralize network event-handling by installing forwarding rules on the switches. However, installing a rule too early or too late may lead to incorrect behavior, e.g., (1) packets may be forwarded to the wrong destination or incorrectly dropped; (2) packets handled by the switch may hide vital information from the controller, leading to incorrect forwarding behavior. The second issue is subtle and sometimes missed even by experienced programmers.
The contributions of this paper are two fold. First, we formalize the correctness and optimality requirements for decentralizing network policies. Second, we identify a useful class of network policies which permits automatic synthesis of a controller which performs optimal forwarding rule installation.
Supplemental Material
- The Open Networking Foundation. http://opennetworking.org.Google Scholar
- OpenFlow Switch Specification, Oct. 2013. Version 1.4.0.Google Scholar
- ANDERSON, C. J., FOSTER, N., GUHA, A., JEANNIN, J.-B., KOZEN, D., SCHLESINGER, C., AND WALKER, D. NetKAT: Semantic foundations for networks. In POPL (2014), S. Jagannathan and P. Sewell, Eds., ACM, pp. 113--126. Google Scholar
Digital Library
- BALL, T., BJØRNER, N., GEMBER, A., ITZHAKY, S., KARBYSHEV, A., SAGIV, M., SCHAPIRA, M., AND VALADARSKY, A. Vericon: Towards verifying controller programs in software-defined networks. In PLDI (June 2014), SIGPLAN, ACM. Google Scholar
Digital Library
- CANINI, M., VENZANO, D., PERES, P., KOSTIC, D., AND REXFORD, J. A NICE Way to Test OpenFlow Applications. In NSDI (2012). Google Scholar
Digital Library
- FOSTER, N., GUHA, A., REITBLATT, M., STORY, A., FREEDMAN, M. J., KATTA, N. P., MONSANTO, C., REICH, J., REXFORD, J., SCHLESINGER, C., WALKER, D., AND HARRISON, R. Languages for software-defined networks. IEEE Communications Magazine 51, 2 (2013), 128--134.Google Scholar
Cross Ref
- HUANG, S. S., GREEN, T. J., AND LOO, B. T. Datalog and emerging applications: an interactive tutorial. In Proceedings of the 2011 ACM SIGMOD International Conference on Management of Data (2011), ACM, pp. 1213--1216. Google Scholar
Digital Library
- KATTA, N. P., REXFORD, J., AND WALKER, D. Logic programming for software-defined networks. In ACM SIGPLAN Workshop on Cross- model Language Design and Implementation (Sept. 2012).Google Scholar
- KAZEMIAN, P., VARGHESE, G., AND MCKEOWN, N. Header Space Analysis: Static Checking For Networks. In NSDI (2012). Google Scholar
Digital Library
- KOPONEN, T., AMIDON, K., BALLAND, P., CASADO, M., CHANDA, A., FULTON, B., GANICHEV, I., GROSS, J., GUDE, N., INGRAM, P.,JACKSON, E., LAMBETH, A., LENGLET, R., LI, S.-H., PADMANAB-HAN, A., PETTIT, J., PFAFF, B., RAMANATHAN, R., S HENKER, S., SHIEH, A., STRIBLING, J., THAKKAR, P., WENDLANDT, D., YIP, A., AND ZHANG, R. Network virtualization in multi-tenant datacenters. In NSDI (2014). Google Scholar
Digital Library
- KUPERSTEIN, M., VECHEV, M. T., AND YAHAV, E. Automatic inference of memory fences. SIGACT News 43, 2 (2012), 108--123. Google Scholar
Digital Library
- KUZNIAR, M., PERESINI, P., CANINI, M., VENZANO, D., AND KOSTIC, D. A SOFT Way for OpenFlow Switch Interoperability Testing. In CoNEXT (2012), pp. 265--276. Google Scholar
Digital Library
- MONSANTO, C., FOSTER, N., HARRISON, R., AND WALKER, D. A compiler and run-time system for network programming languages. SIGPLAN Not. 47, 1 (Jan. 2012), 217--230. Google Scholar
Digital Library
- NELSON, T., FERGUSON, A. D., SCHEER, M. J. G., AND KRISHNA-MURTHI, S. Tierless programming and reasoning for software-defined networks. In NSDI (2014), USENIX Association, pp. 519--531. Google Scholar
Digital Library
- REITBLATT, M., FOSTER, N., REXFORD, J., SCHLESINGER, C., AND WALKER , D. Abstractions for network update. In ACM SIGCOMM (2012), pp. 323--334. Google Scholar
Digital Library
- SKOWYRA, R., LAPETS, A., BESTAVROS, A., AND KFOURY, A. A verification platform for sdn-enabled applications. In HiCoNS (2013).Google Scholar
- THECOQ DEVELOPMENT TEAM. The Coq proof assistant reference manual. TypiCal Project (formerly LogiCal), 2012. Version 8.4.Google Scholar
- VOELLMY, A., WANG, J., YANG, Y. R., FORD, B., AND HUDAK, P. Maple: simplifying SDN programming using algorithmic policies. In ACM SIGCOMM (2013), pp. 87--98. Google Scholar
Digital Library
Index Terms
Decentralizing SDN Policies
Recommendations
Scenario-based programming for SDN policies
CoNEXT '15: Proceedings of the 11th ACM Conference on Emerging Networking Experiments and TechnologiesRecent emergence of software-defined networks offers an opportunity to design domain-specific programming abstractions aimed at network operators. In this paper, we propose scenario-based programming, a framework that allows network operators to program ...
VeriCon: towards verifying controller programs in software-defined networks
PLDI '14: Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and ImplementationSoftware-defined networking (SDN) is a new paradigm for operating and managing computer networks. SDN enables logically-centralized control over network devices through a "controller" software that operates independently from the network hardware, and ...
Maple: simplifying SDN programming using algorithmic policies
Software-Defined Networking offers the appeal of a simple, centralized programming model for managing complex networks. However, challenges in managing low-level details, such as setting up and maintaining correct and efficient forwarding tables on ...







Comments