skip to main content
research-article
Open Access

Abstract interpretation of distributed network control planes

Published:20 December 2019Publication History
Skip Abstract Section

Abstract

The control plane of most computer networks runs distributed routing protocols that determine if and how traffic is forwarded. Errors in the configuration of network control planes frequently knock down critical online services, leading to economic damage for service providers and significant hardship for users. Validation via ahead-of-time simulation can help find configuration errors but such techniques are expensive or even intractable for large industrial networks. We explore the use of abstract interpretation to address this fundamental scaling challenge and find that the right abstractions can reduce the asymptotic complexity of network simulation. Based on this observation, we build a tool called ShapeShifter for reachability analysis. On a suite of 127 production networks from a large cloud provider, ShapeShifter provides an asymptotic improvement in runtime and memory over the state-of-the-art simulator. These gains come with a minimal loss in precision. Our abstract analysis accurately predicts reachability for all destinations for 95% of the networks and for most destinations for the remaining 5%. We also find that abstract interpretation of network control planes not only speeds up existing analyses but also facilitates new kinds of analyses. We illustrate this advantage through a new destination "hijacking" analysis for the border gateway protocol (BGP), the globally-deployed routing protocol.

Skip Supplemental Material Section

Supplemental Material

a42-beckett.webm

References

  1. Mohammad Al-Fares, Alexander Loukissas, and Amin Vahdat. 2008. A Scalable, Commodity Data Center Network Architecture. In SIGCOMM.Google ScholarGoogle Scholar
  2. Kalev Alpernas, Roman Manevich, Aurojit Panda, Mooly Sagiv, Scott Shenker, Sharon Shoham, and Yaron Velner. 2018. Abstract Interpretation of Stateful Networks. In Static Analysis Symposium.Google ScholarGoogle Scholar
  3. Carolyn Jane Anderson, Nate Foster, Arjun Guha, Jean-Baptiste Jeannin, Dexter Kozen, Cole Schlesinger, and David Walker. 2014. NetKAT: Semantic Foundations for Networks. In POPL.Google ScholarGoogle Scholar
  4. Thomas Ball, Rupak Majumdar, Todd D. Millstein, and Sriram K. Rajamani. 2001. Automatic Predicate Abstraction of C Programs. In PLDI. 203–213.Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. Ryan Beckett, Aarti Gupta, Ratul Mahajan, and David Walker. 2017. A General Approach to Network Configuration Verification. In SIGCOMM.Google ScholarGoogle Scholar
  6. Ryan Beckett, Aarti Gupta, Ratul Mahajan, and David Walker. 2018. Control Plane Compression. In SIGCOMM. 476–489.Google ScholarGoogle Scholar
  7. Bruno Blanchet, Patrick Cousot, Radhia Cousot, Jérôme Feret, Laurent Mauborgne, Antoine Miné, David Monniaux, and Xavier Rival. 2003. A static analyzer for large safety-critical software. In PLDI. 196–207.Google ScholarGoogle Scholar
  8. Randal E. Bryant. 1986. Graph-Based Algorithms for Boolean Function Manipulation. IEEE Trans. Computers 35, 8 (1986), 677–691.Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Edmund M. Clarke, Orna Grumberg, Somesh Jha, Yuan Lu, and Helmut Veith. 2000. Counterexample-Guided Abstraction Refinement. In Computer Aided Verification, 12th International Conference, CAV, Proceedings. 154–169.Google ScholarGoogle Scholar
  10. Clos Network 2019. Clos network. https://en .wikipedia.org/wiki/Clos n etwork .Google ScholarGoogle Scholar
  11. Patrick Cousot and Radhia Cousot. 1976. Static determination of dynamic properties of programs. In Proceedings of the 2nd International Symposium on Programming, Paris, France. Dunod, 106–130.Google ScholarGoogle Scholar
  12. Patrick Cousot and Radhia Cousot. 1977. Abstract Interpretation: A Unified Lattice Model for Static Analysis of Programs by Construction or Approximation of Fixpoints. In Conference Record of the Fourth ACM Symposium on Principles of Programming Languages. 238–252.Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Patrick Cousot and Nicolas Halbwachs. 1978. Automatic Discovery of Linear Restraints Among Variables of a Program. In POPL. 84–96.Google ScholarGoogle Scholar
  14. Matthew L. Daggitt, Alexander J. T. Gurney, and Timothy G. Griffin. 2018a. Asynchronous Convergence of Policy-rich Distributed Bellman-ford Routing Protocols. In Proceedings of the 2018 Conference of the ACM Special Interest Group on Data Communication. 103–116.Google ScholarGoogle Scholar
  15. Matthew L. Daggitt, Alexander J. T. Gurney, and Timothy G. Griffin. 2018b. Asynchronous Convergence of Policy-rich Distributed Bellman-ford Routing Protocols. In SIGCOMM. 103–116.Google ScholarGoogle Scholar
  16. Xenofontas A. Dimitropoulos and George F. Riley. 2006. Efficient Large-scale BGP Simulations. Comput. Netw. 50, 12 (August 2006), 2013–2027.Google ScholarGoogle Scholar
  17. A. Fabrikant, U. Syed, and J. Rexford. 2011. There’s something about MRAI: Timing diversity can exponentially worsen BGP convergence. In INFOCOM. 2975–2983.Google ScholarGoogle Scholar
  18. Seyed K. Fayaz, Tushar Sharma, Ari Fogel, Ratul Mahajan, Todd Millstein, Vyas Sekar, and George Varghese. 2016. Efficient Network Reachability Analysis using a Succinct Control Plane Representation. In OSDI.Google ScholarGoogle Scholar
  19. Nick Feamster. 2005. Proactive Techniques for Correct and Predictable Internet Routing. Ph.D. Dissertation. Massachusetts Institute of Technology.Google ScholarGoogle Scholar
  20. Gilberto Filé and Francesco Ranzato. 1999. The powerset operator on abstract interpretations. Theoretical Computer Science 222, 1 (1999), 77 – 111.Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Ari Fogel, Stanley Fung, Luis Pedrosa, Meg Walraed-Sullivan, Ramesh Govindan, Ratul Mahajan, and Todd Millstein. 2015. A General Approach to Network Configuration Analysis. In NSDI.Google ScholarGoogle Scholar
  22. Nate Foster, Dexter Kozen, Konstantinos Mamouras, Mark Reitblatt, and Alexandra Silva. 2016. Probabilistic NetKAT. In Proceedings of the 25th European Symposium on Programming Languages and Systems - Volume 9632. 282–309.Google ScholarGoogle Scholar
  23. Lixin Gao and Jennifer Rexford. 2000. Stable Internet Routing Without Global Coordination. In SIGMETRICS.Google ScholarGoogle Scholar
  24. Aaron Gember-Jacobson, Raajay Viswanathan, Aditya Akella, and Ratul Mahajan. 2016. Fast Control Plane Analysis Using an Abstract Representation. In SIGCOMM.Google ScholarGoogle Scholar
  25. Nick Giannarakis, Ryan Beckett, Ratul Mahajan, and David Walker. 2019. Efficient Verification of Network Fault Tolerance via Counterexample-Guided Refinement. 305–323.Google ScholarGoogle Scholar
  26. Timothy G. Griffin, F. Bruce Shepherd, and Gordon Wilfong. 2002. The Stable Paths Problem and Interdomain Routing. IEEE/ACM Trans. Networking 10, 2 (2002).Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. Timothy G. Griffin and Joäo Luís Sobrinho. 2005. Metarouting. In Proceedings of the 2005 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications. 1–12.Google ScholarGoogle Scholar
  28. Peyman Kazemian, Michael Chang, Hongyi Zeng, George Varghese, Nick McKeown, and Scott Whyte. 2013. Real Time Network Policy Checking Using Header Space Analysis. In NSDI. 99–112.Google ScholarGoogle Scholar
  29. Peyman Kazemian, George Varghese, and Nick McKeown. 2012. Header Space Analysis: Static Checking for Networks. In NSDI.Google ScholarGoogle Scholar
  30. Ahmed Khurshid, Xuan Zou, Wenxuan Zhou, Matthew Caesar, and P. Brighten Godfrey. 2013. VeriFlow: Verifying NetworkWide Invariants in Real Time. In NSDI.Google ScholarGoogle Scholar
  31. Matthew L. Daggitt and Timothy Griffin. 2018. Rate of Convergence of Increasing Path-Vector Routing Protocols. In ICNP. 335–345.Google ScholarGoogle Scholar
  32. P. Lapukhov, A. Premji, and J. Mitchell. 2015. Use of BGP for routing in large-scale data centers. Internet draft.Google ScholarGoogle Scholar
  33. Olle Liljenzin. 2013. Confluently Persistent Sets and Maps. CoRR abs/1301.3388 (2013).Google ScholarGoogle Scholar
  34. Nuno Lopes, Nikolaj Bjorner, Patrice Godefroid, Karthick Jayaraman, and George Varghese. 2015. Checking Beliefs in Dynamic Networks. In NSDI.Google ScholarGoogle Scholar
  35. Nuno P. Lopes and Andrey Rybalchenko. 2019. Fast BGP Simulation of Large Datacenters. In Proc. of the 20th International Conference on Verification, Model Checking, and Abstract Interpretation (VMCAI).Google ScholarGoogle Scholar
  36. Haohui Mai, Ahmed Khurshid, Rachit Agarwal, Matthew Caesar, P. Brighten Godfrey, and Samuel Talmadge King. 2011. Debugging the Data Plane with Anteater. In SIGCOMM.Google ScholarGoogle Scholar
  37. Antoine Miné. 2001. The Octagon Abstract Domain. In Proceedings of the Eighth Working Conference on Reverse Engineering, (WCRE). 310–319.Google ScholarGoogle ScholarCross RefCross Ref
  38. Raphaël Monat and Antoine Miné. 2017. Precise Thread-Modular Abstract Interpretation of Concurrent Programs Using Relational Interference Abstractions. In Verification, Model Checking, and Abstract Interpretation, Ahmed Bouajjani and David Monniaux (Eds.). Springer International Publishing, 386–404.Google ScholarGoogle Scholar
  39. Sanjay Narain, Dana Chee, Brian Coan, Ben Falchuk, Samuel Gordon, Jaewon Kang, Jonathan Kirsch, Aditya Naidu, Kaustubh Sinkar, and Simon Tsang. 2016. A Science of Network Configuration. Journal of Cyber Security and Information Systems 1, 4 (2016).Google ScholarGoogle Scholar
  40. Gordon D. Plotkin, Nikolaj Bjørner, Nuno P. Lopes, Andrey Rybalchenko, and George Varghese. 2016. Scaling Network Verification Using Symmetry and Surgery. In POPL.Google ScholarGoogle Scholar
  41. Santhosh Prabhu, Ali Kheradmand, Brighten Godfrey, and Matthew Caesar. 2017. Predicting Network Futures with Plankton. In Proceedings of the First Asia-Pacific Workshop on Networking (APNet’17). 92–98.Google ScholarGoogle ScholarDigital LibraryDigital Library
  42. Redistributing Routing Protocols 2012. Redistributing Routing Protocols. https://www .cisco.com/c/en/us/support/docs/ip/ enhanced- interior- gateway- routing- protocol- eigrp/8606- redist .html .Google ScholarGoogle Scholar
  43. D Roberts. 2018. It’s been a week and customers are still mad at BB&T. https://www .charlotteobserver.com/news/business/ banking/article202616124 .html .Google ScholarGoogle Scholar
  44. Simon Sharwood. 2016. Google cloud wobbles as workers patch wrong routers. http://www .theregister.co.uk/2016/03/01/ google c loud w obbles a s w orkers p atc w rong r outers/ .Google ScholarGoogle Scholar
  45. João Luís Sobrinho. 2005. An Algebraic Theory of Dynamic Network Routing. IEEE/ACM Trans. Netw. 13, 5 (October 2005), 1160–1173.Google ScholarGoogle ScholarDigital LibraryDigital Library
  46. Yevgenly Sverdlik. 2012. Microsoft: misconfigured network device led to Azure outage. http:// www .datacenterdynamics.com/content-tracks/servers-storage/microsoft-misconfigured-network-device-ledto- azure- outage/68312 .fullarticle .Google ScholarGoogle Scholar
  47. Y Sverdlik. 2017. United Says IT Outage Resolved, Dozen Flights Canceled Monday. https://www .datacenterknowledge.com/ archives/2017/01/23/united- says- it- outage- resolved- dozen- flights- canceled- monday .Google ScholarGoogle Scholar
  48. Dylan Tweney. 2013. 5-minute outage costs Google $545,000 in revenue. https://venturebeat .com/2013/08/16/3-minuteoutage- costs- google- 545000- in- revenue/ .Google ScholarGoogle Scholar
  49. Kannan Varadhan, Ramesh Govindan, and Deborah Estrin. 1996. Persistent route oscillations in inter-domain routing. Technical Report. Computer Networks.Google ScholarGoogle Scholar
  50. Anduo Wang, Limin Jia, Wenchao Zhou, Yiqing Ren, Boon Thau Loo, Jennifer Rexford, Vivek Nigam, Andre Scedrov, and Carolyn L. Talcott. 2012. FSR: Formal Analysis and Implementation Toolkit for Safe Inter-domain Routing. IEEE/ACM Trans. Networking 20, 6 (2012).Google ScholarGoogle ScholarDigital LibraryDigital Library
  51. Konstantin Weitz, Doug Woos, Emina Torlak, Michael D. Ernst, Arvind Krishnamurthy, and Zachary Tatlock. 2016. Formal Semantics and Automated Verification for the Border Gateway Protocol. In NetPL.Google ScholarGoogle Scholar

Index Terms

  1. Abstract interpretation of distributed network control planes

          Recommendations

          Comments

          Login options

          Check if you have access through your login credentials or your institution to get full access on this article.

          Sign in

          Full Access

          PDF Format

          View or Download as a PDF file.

          PDF

          eReader

          View online with eReader.

          eReader
          About Cookies On This Site

          We use cookies to ensure that we give you the best experience on our website.

          Learn more

          Got it!