Visible to the public Enforcing Generalized Consistency Properties in Software-Defined NetworksConflict Detection Enabled

TitleEnforcing Generalized Consistency Properties in Software-Defined Networks
Publication TypeConference Paper
Year of Publication2015
AuthorsWenxuan Zhou, University of Illinois at Urbana-Champaign, Dong Jin, Illinois Institute of Technology, Jason Croft, University of Illinois at Urbana-Champaign, Matthew Caesar, University of Illinois at Urbana-Champaign, P. Brighten Godfrey, University of Illinois at Urbana-Champaign
Conference Name12th USENIX Symposium on Networked Systems Design and Implementation (NSDI 2015)
Date Published05/2015
KeywordsA Hypothesis Testing Framework for Network Security, NSA SoS Lablets Materials, science of security, UIUC
Abstract

It is critical to ensure that network policy remains consistent during state transitions. However, existing techniques impose a high cost in update delay, and/or FIB space. We propose the Customizable Consistency Generator (CCG), a fast and generic framework to support customizable consistency policies during network updates. CCG effectively reduces the task of synthesizing an update plan under the constraint of a given consistency policy to a verification problem, by checking whether an update can safely be installed in the network at a particular time, and greedily processing network state transitions to heuristically minimize transition delay. We show a large class of consistency policies are guaranteed by this greedy jeuristic alone; in addition, CCG makes judicious use of existing heavier-weight network update mechanisms to provide guarantees when necessary. As such, CCG nearly achieves the "best of both worlds": the efficiency of simply passing through updates in most cases, with the consistency guarantees of more heavyweight techniques. Mininet and physical testbed evaluations demonstrate CCG's capability to achieve various types of consistency, such as path and bandwidth properties, with zero switch memory overhead and up to a 3x delay reduction compared to previous solutions.

Citation Keynode-32592

Other available formats:

Enforcing Customizable Consistency Properties in Software-Defined Networks