ABSTRACT
Configuration changes are a common source of instability in networks, leading to outages, performance disruptions, and security vulnerabilities. Even when the initial and final configurations are correct, the update process itself often steps through intermediate configurations that exhibit incorrect behaviors. This paper introduces the notion of consistent network updates---updates that are guaranteed to preserve well-defined behaviors when transitioning mbetween configurations. We identify two distinct consistency levels, per-packet and per-flow, and we present general mechanisms for implementing them in Software-Defined Networks using switch APIs like OpenFlow. We develop a formal model of OpenFlow networks, and prove that consistent updates preserve a large class of properties. We describe our prototype implementation, including several optimizations that reduce the overhead required to perform consistent updates. We present a verification tool that leverages consistent updates to significantly reduce the complexity of checking the correctness of network control software. Finally, we describe the results of some simple experiments demonstrating the effectiveness of these optimizations on example applications.
Supplemental Material
- P. Francois and O. Bonaventure, "Avoiding transient loops during the convergence of link-state routing protocols," IEEE/ACM Trans. on Networking, Dec 2007. Google ScholarDigital Library
- P. Francois, P.-A. Coste, B. Decraene, and O. Bonaventure, "Avoiding disruptions during maintenance operations on BGP sessions," IEEE Trans. on Network and Service Management, Dec 2007. Google ScholarDigital Library
- S. Raza, Y. Zhu, and C.-N. Chuah, "Graceful network state migrations," IEEE/ACM Trans. on Networking, vol. 19, Aug 2011. Google ScholarDigital Library
- D. Erickson et al., "A demonstration of virtual machine mobility in an OpenFlow network," Aug 2008. Demo at ACM SIGCOMM.Google Scholar
- L. Vanbever, S. Vissicchio, C. Pelsser, P. Francois, and O. Bonaventure, "Seamless network-wide IGP migration," in ACM SIGCOMM, Aug 2011. Google ScholarDigital Library
- N. Handigol, S. Seetharaman, M. Flajslik, N. McKeown, and R. Johari, "Plug-n-Serve: Load-balancing web traffic using OpenFlow," Aug 2009. Demo at ACM SIGCOMM.Google Scholar
- R. Wang, D. Butnariu, and J. Rexford, "OpenFlow-based server load balancing gone wild," in Hot-ICE, Mar 2011. Google ScholarDigital Library
- P. Francois, M. Shand, and O. Bonaventure, "Disruption-free topology reconfiguration in OSPF networks," in IEEE INFOCOM, May 2007.Google Scholar
- J. P. John, E. Katz-Bassett, A. Krishnamurthy, T. Anderson, and A. Venkataramani, "Consensus routing: The Internet as a distributed system," in NSDI, Apr 2008. Google ScholarDigital Library
- N. McKeown, T. Anderson, H. Balakrishnan, G. Parulkar, L. Peterson, J. Rexford, S. Shenker, and J. Turner, "Openflow: Enabling innovation in campus networks," SIGCOMM CCR, vol. 38, no. 2, pp. 69--74, 2008. Google ScholarDigital Library
- M. Canini, D. Venzano, P. Peresini, D. Kostic, and J. Rexford, "A NICE way to test OpenFlow applications," in NSDI, Apr 2012. Google ScholarDigital Library
- Y. Bertot and P. Casteran, "Interactive theorem proving and program development: Coq'Art the calculus of inductive constructions," in EATCS Texts in Theoretical Computer Science, Springer-Verlag, 2004. Google ScholarDigital Library
- A. Cimatti, E. Clarke, E. Giunchiglia, F. Giunchiglia, M. Pistore, M. Roveri, R. Sebastiani, and A. Tacchella, "NuSMV 2: An opensource tool for symbolic model checking," pp. 359--364, Springer, 2002. Google ScholarDigital Library
- P. Kazemian, G. Varghese, and N. McKeown, "Header space analysis: Static checking for networks," in NSDI, Apr 2012. Google ScholarDigital Library
- E. M. Clarke, E. A. Emerson, and A. P. Sistla, "Automatic verification of finite-state concurrent systems using temporal logic specifications," ACM Transactions on Programming Languages and Systems, vol. 8, pp. 244--263, 1986. Google ScholarDigital Library
- B. M. Waxman, "Broadband switching," ch. Routing of Multipoint Connections, pp. 347--352, IEEE Computer Society Press, 1991. Google ScholarDigital Library
- J. Mogul, J. Tourrilhes, P. Yalagandula, P. Sharma, A. Curtis, and S. Banerjee, "DevoFlow: Scaling flow management for high-performance networks," in ACM SIGCOMM, Aug 2011. Google ScholarDigital Library
- N. Gude, T. Koponen, J. Pettit, B. Pfaff, M. Casado, N. McKeown, and S. Shenker, "NOX: Towards an operating system for networks," SIGCOMM CCR, vol. 38, no. 3, 2008. Google ScholarDigital Library
- B. Lantz, B. Heller, and N. McKeown, "A network in a laptop: Rapid prototyping for software-defined networks," in HotNets, Oct 2010. Google ScholarDigital Library
- M. Reitblatt, N. Foster, J. Rexford, and D. Walker, "Consistent updates for software-defined networks: Change you can believe in!," in HotNets, Nov 2011. Google ScholarDigital Library
- D. Katabi, N. Kushman, and J. Wrocklawski, "A Consistency Management Layer for Inter-Domain Routing," Tech. Rep. MIT-CSAIL-TR-2006-006, Cambridge, MA, Jan 2006.Google Scholar
- S. Ajmani, B. Liskov, and L. Shrira, "Modular software upgrades for distributed systems," in Proceedings of the 20th European conference on Object-Oriented Programming, ECOOP'06, (Berlin, Heidelberg), pp. 452--476, Springer-Verlag, 2006. Google ScholarDigital Library
- C. C. Zhang, M. Winslett, and C. A. Gunter, "On the safety and efficiency of firewall policy deployment," in IEEE Symp. on Security and Privacy, 2007. Google ScholarDigital Library
- N. Feamster and H. Balakrishnan, "Detecting BGP configuration faults with static analysis," in NSDI, May 2005. Google ScholarDigital Library
Index Terms
- Abstractions for network update
Recommendations
Abstractions for network update
Special october issue SIGCOMM '12Configuration changes are a common source of instability in networks, leading to outages, performance disruptions, and security vulnerabilities. Even when the initial and final configurations are correct, the update process itself often steps through ...
Incremental consistent updates
HotSDN '13: Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networkingA consistent update installs a new packet-forwarding policy across the switches of a software-defined network in place of an old policy. While doing so, such an update guarantees that every packet entering the network either obeys the old policy or the ...
Consistent updates for software-defined networks: change you can believe in!
HotNets-X: Proceedings of the 10th ACM Workshop on Hot Topics in NetworksConfiguration changes are a common source of instability in networks, leading to broken connectivity, forwarding loops, and access control violations. Even when the initial and final states of the network are correct, the update process often steps ...
Comments