Jennifer Rexford Princeton University MW 11:00am-12:20pm Data-Plane Verification COS 597E: Software Defined Networking.

Slides:



Advertisements
Similar presentations
Jennifer Rexford Princeton University MW 11:00am-12:20pm Logically-Centralized Control COS 597E: Software Defined Networking.
Advertisements

Openflow App Testing Chao SHI, Stephen Duraski. Motivation Network is still a complex stuff ! o Distributed mechanism o Complex protocol o Large state.
SDN Applications Jennifer Rexford Princeton University.
Programming Protocol-Independent Packet Processors
Frenetic: A High-Level Language for OpenFlow Networks Nate Foster, Rob Harrison, Matthew L. Meola, Michael J. Freedman, Jennifer Rexford, David Walker.
Jennifer Rexford Princeton University
Ryu Book Chapter 1 Speaker: Chang, Cheng-Yu Date: 25/Nov./
An Overview of Software-Defined Network Presenter: Xitao Wen.
Incremental Consistent Updates Naga Praveen Katta Jennifer Rexford, David Walker Princeton University.
VeriCon: Towards Verifying Controller Programs in SDNs (PLDI 2014) Thomas Ball, Nikolaj Bjorner, Aaron Gember, Shachar Itzhaky, Aleksandr Karbyshev, Mooly.
OpenFlow-Based Server Load Balancing GoneWild
SDN and Openflow.
Scalable Flow-Based Networking with DIFANE 1 Minlan Yu Princeton University Joint work with Mike Freedman, Jennifer Rexford and Jia Wang.
Flowspace revisited OpenFlow Basics Flow Table Entries Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot L4 sport L4 dport Rule Action.
5/31/05CS118/Spring051 twisted pair hub 10BaseT, 100BaseT, hub r T= Twisted pair (copper wire) r Nodes connected to a hub, 100m max distance r Hub: physical.
Spring 2002CS 4611 Router Construction Outline Switched Fabrics IP Routers Tag Switching.
1 Interconnecting LAN segments Repeaters Hubs Bridges Switches.
Software-Defined Networking
An Overview of Software-Defined Network
Data Plane Verification. Background: What are network policies Alice can talk to Bob Skype traffic must go through a VoIP transcoder All traffic must.
© 2002, Cisco Systems, Inc. All rights reserved..
Jennifer Rexford Princeton University MW 11:00am-12:20pm Wide-Area Traffic Management COS 597E: Software Defined Networking.
Languages for Software-Defined Networks Nate Foster, Arjun Guha, Mark Reitblatt, and Alec Story, Cornell University Michael J. Freedman, Naga Praveen Katta,
Jennifer Rexford Princeton University MW 11:00am-12:20pm SDN Software Stack COS 597E: Software Defined Networking.
An Overview of Software-Defined Network Presenter: Xitao Wen.
Jennifer Rexford Princeton University MW 11:00am-12:20pm Programmable Data Planes COS 597E: Software Defined Networking.
Enabling Innovation Inside the Network Jennifer Rexford Princeton University
Network Redundancy Multiple paths may exist between systems. Redundancy is not a requirement of a packet switching network. Redundancy was part of the.
Enabling Innovation Inside the Network Jennifer Rexford Princeton University
Composing Software Defined Networks Jennifer Rexford Princeton University With Joshua Reich, Chris Monsanto, Nate Foster, and.
Enabling Innovation Inside the Network Jennifer Rexford Princeton University
Software-Defined Networks Jennifer Rexford Princeton University.
Formal Modeling of an Openflow Switch using Alloy Natali Ruchansky and Davide Proserpio.
VeriFlow: Verifying Network-Wide Invariants in Real Time
Higher-Level Abstractions for Software-Defined Networks Jennifer Rexford Princeton University.
Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks TCP.
Chapter 4 Network Layer Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 A note on the use of these.
VeriCon: Towards Verifying Controller Programs in SDNs Thomas Ball, Nikolaj Bjorner, Aaron Gember, Shachar Itzhaky, Aleksandr Karbyshev, Mooly Sagiv, Michael.
Jennifer Rexford Princeton University MW 11:00am-12:20pm Measurement COS 597E: Software Defined Networking.
Programming Languages for Software Defined Networks Jennifer Rexford and David Walker Princeton University Joint work with the.
Sponsored by the National Science Foundation 1 GEC16, March 21, 2013 Are you ready for the tutorial? 1.Did you do the pre-work? A.Are you able to login.
1 Data Link Layer Lecture 23 Imran Ahmed University of Management & Technology.
Mininet and Openflow Labs. Install Mininet (do not do this in class) Download VirtualBox Download Xming for windows (X11) Download Mininet VM for linux-ubuntu.
Jennifer Rexford Princeton University MW 11:00am-12:20pm SDN Programming Languages COS 597E: Software Defined Networking.
Introduction to Mininet, Open vSwitch, and POX
1 Transport Layer: Basics Outline Intro to transport UDP Congestion control basics.
NetEgg: Scenario-based Programming for SDN Policies Yifei Yuan, Dong Lin, Rajeev Alur, Boon Thau Loo University of Pennsylvania 1.
Jennifer Rexford Princeton University MW 11:00am-12:20pm Testing and Debugging COS 597E: Software Defined Networking.
Header Space Analysis: Static Checking for Networks Broadband Network Technology Integrated M.S. and Ph.D. Eun-Do Kim Network Standards Research Section.
Programming Assignment 2 Zilong Ye. Traditional router Control plane and data plane embed in a blackbox designed by the vendor high-seed switching fabric.
NetEgg: Programming Network Policies by Examples 표경수
Programming SDN 1 Problems with programming with POX.
Mininet and Openflow Labs
SDN challenges Deployment challenges
SDN Network Updates Minimum updates within a single switch
Software defined networking: Experimental research on QoS
Martin Casado, Nate Foster, and Arjun Guha CACM, October 2014
Programming Assignment
Hubs Hubs are essentially physical-layer repeaters:
Software Defined Networking
SoftRing: Taming the Reactive Model for Software Defined Networks
Software Defined Networking
Programmable Networks
An Introduction to Software Defined Networking and OpenFlow
Lecture 10, Computer Networks (198:552)
Frenetic: Programming Software Defined Networks
Chapter 5 Network Layer: The Control Plane
Bridge Software A bridge connects networks and forwards frames from one network to another. PORTS A B E F BRIDGE C D G H.
Elmo Muhammad Shahbaz Lalith Suresh, Jennifer Rexford, Nick Feamster,
Chapter 4: outline 4.1 Overview of Network layer data plane
Presentation transcript:

Jennifer Rexford Princeton University MW 11:00am-12:20pm Data-Plane Verification COS 597E: Software Defined Networking

Writing SDN Controller Apps 2

Event-Driven Programming 3 Network OS Application Switch events commands

OpenFlow 1.0 Switch 4 Control channel Flow Table Queue of events Queue of commands ports Queue of packets awaiting controller

Receiving a Packet Switch (aka datapath) Input port Reason (no-match, action) Packet data Buffer-id for packet 5 Switch OFPPacketIn

Sending a Packet Switch (aka datapath) Actions Packet –Packet data (if any) –Buffer-id for packet (if any) 6 Switch OFPPacketOut How to create a very simple hub?

Installing a Rule Switch (aka datapath) Add, modify, delete Rule –Header fields to match –Set of actions –Hard and soft timeout Buffered packet to apply to (if any) 7 Switch OFPFlowMod OFPFlowRemoved How to create a more efficient hub?

Creating a Learning Switch Learning the sender’s location –Learn host’s location when sending a packet –Associate the source MAC with the input port Forwarding to the destination –Unknown destination: flood –Known destination: unicast 8 How to program this as a controller app?

Collecting Traffic Statistics Switch (aka datapath) Header fields to match 9 Switch OFPFlowStatsRequest OFPFlowStatsReply Byte count Packet count Duration …

Aggregate Traffic Statistics Switch (aka datapath) Header fields to match 10 Switch OFPFAggregateStatsRequest OFPAggregateStatsReply Byte count Packet count Duration …

Topology Changes Switch (aka datapath) Reason (add, delete, modify) 11 Switch OFPPortStatus

Data-Plane Verification Header-Space Analysis and VeriFlow 12

What Bugs to Catch? 13 Network OS Application Switch API

Where to Verify? 14 Network OS Application Switch API

Data-Plane Verification Input –Snapshot of the rules Output –Whether an invariant holds –Counter-example(s) Example –No loops –No blackholes –Access control 15

Packets in Multiple Dimensions Packets as points in a geometric space –A dimension for every bit in the header Policies as functions –Mapping a packet and its location –… to a new packet and location Many packets treated the same way –E.g., all packets with TCP dest port 80 16

Two Approaches Header-space analysis –Ternary symbolic execution –Follow a symbolic packet through the network –Algorithms for checking specific invariants VeriFlow –Generate equivalence classes of packets –Generate per-class forwarding graphs –Traverse graphs to check specific invariants 17

Discussion Efficiency –Usable in real time? Limitations –What invariants can(not) be checked? –How are invariants specified? 18

Next Time Get started on assignment 2 (due Oct 1) –Programming in Ryu –Use the references from assignments page Reading for Wednesday –Testing and debugging –NICE and ndb 19

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.