Visible to the public Mind the Gap: Monitoring the Control-Data Plane Consistency in Software Defined Networks

TitleMind the Gap: Monitoring the Control-Data Plane Consistency in Software Defined Networks
Publication TypeConference Paper
Year of Publication2016
AuthorsZhang, Peng, Li, Hao, Hu, Chengchen, Hu, Liujia, Xiong, Lei, Wang, Ruilong, Zhang, Yuemei
Conference NameProceedings of the 12th International on Conference on Emerging Networking EXperiments and Technologies
Conference LocationNew York, NY, USA
ISBN Number978-1-4503-4292-6
Keywordsconsistency, forward error correction, Forward Error Correction and Security, pubcrawl, Resiliency, Scalability, security, Software Defined Network, verification

How to debug large networks is always a challenging task. Software Defined Network (SDN) offers a centralized con- trol platform where operators can statically verify network policies, instead of checking configuration files device-by-device. While such a static verification is useful, it is still not enough: due to data plane faults, packets may not be forwarded according to control plane policies, resulting in network faults at runtime. To address this issue, we present VeriDP, a tool that can continuously monitor what we call control-data plane consistency, defined as the consistency between control plane policies and data plane forwarding behaviors. We prototype VeriDP with small modifications of both hardware and software SDN switches, and show that it can achieve a verification speed of 3 ms per packet, with a false negative rate as low as 0.1%, for the Stanford backbone and Internet2 topologies. In addition, when verification fails, VeriDP can localize faulty switches with a probability as high as 96% for fat tree topologies.

Citation Keyzhang_mind_2016