Veriflow: Verifying network-wide invariants in real time

Ahmed Khurshid; Wenxuan Zhou; Matthew Caesar; P. Brighten Godfrey

doi:10.1145/2377677.2377766

Veriflow: Verifying network-wide invariants in real time

Ahmed Khurshid, Wenxuan Zhou, Matthew Caesar, P. Brighten Godfrey

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Networks are complex and prone to bugs. Existing tools that check configuration Hies and data-plane state operate offline at timescales of seconds to hours, and cannot detect or prevent bugs as they arise. Is it possible to check network-wide invariants in real time. as the network state evolves? The key challenge here is to achieve extremely low latency during the checks so that network performance is not affected. In this paper, we present a preliminary design, VeriFlow, which suggests that this goal is achievable. VeriFlow is a layer between a software-defined networking controller and network devices that checks for network-wide invariant violations dynamically as each forwarding rule is inserted. Based on an implementation using a Mininet OpenFlow network and Route Views trace data, we find that VeriFlow can perform rigorous checking within hundreds of microseconds per rule insertion.

Original language	English (US)
Title of host publication	Proceedings of the ACM SIGCOMM 2012 and Best Papers of the Co-located Workshops
Pages	467-472
Number of pages	6
Edition	4
DOIs	https://doi.org/10.1145/2377677.2377766
State	Published - 2012
Event	Annual Conference of the ACM Special Interest Group on Data Communication on the Applications, Technologies, Architectures, and Protocols for Computer Communication, ACM SIGCOMM 2012 - Helsinki, Finland Duration: Aug 13 2012 → Aug 17 2012

Publication series

Name	Computer Communication Review
Number	4
Volume	42
ISSN (Print)	0146-4833
ISSN (Electronic)	1943-5819

Other

Other	Annual Conference of the ACM Special Interest Group on Data Communication on the Applications, Technologies, Architectures, and Protocols for Computer Communication, ACM SIGCOMM 2012
Country/Territory	Finland
City	Helsinki
Period	8/13/12 → 8/17/12

Keywords

Debugging
Forwarding
Openflow
Real time
Software-defined networking

ASJC Scopus subject areas

Software
Computer Networks and Communications

Online availability

10.1145/2377677.2377766

Library availability

Discover UIUC Full Text

Cite this

Khurshid, A, Zhou, W, Caesar, M & Godfrey, PB 2012, Veriflow: Verifying network-wide invariants in real time. in Proceedings of the ACM SIGCOMM 2012 and Best Papers of the Co-located Workshops. 4 edn, Computer Communication Review, no. 4, vol. 42, pp. 467-472, Annual Conference of the ACM Special Interest Group on Data Communication on the Applications, Technologies, Architectures, and Protocols for Computer Communication, ACM SIGCOMM 2012, Helsinki, Finland, 8/13/12. https://doi.org/10.1145/2377677.2377766

@inproceedings{ad480a46f8994fe5a1a4c11a0a273829,

title = "Veriflow: Verifying network-wide invariants in real time",

abstract = "Networks are complex and prone to bugs. Existing tools that check configuration Hies and data-plane state operate offline at timescales of seconds to hours, and cannot detect or prevent bugs as they arise. Is it possible to check network-wide invariants in real time. as the network state evolves? The key challenge here is to achieve extremely low latency during the checks so that network performance is not affected. In this paper, we present a preliminary design, VeriFlow, which suggests that this goal is achievable. VeriFlow is a layer between a software-defined networking controller and network devices that checks for network-wide invariant violations dynamically as each forwarding rule is inserted. Based on an implementation using a Mininet OpenFlow network and Route Views trace data, we find that VeriFlow can perform rigorous checking within hundreds of microseconds per rule insertion.",

keywords = "Debugging, Forwarding, Openflow, Real time, Software-defined networking",

author = "Ahmed Khurshid and Wenxuan Zhou and Matthew Caesar and Godfrey, {P. Brighten}",

year = "2012",

doi = "10.1145/2377677.2377766",

language = "English (US)",

isbn = "9781450314190",

series = "Computer Communication Review",

number = "4",

pages = "467--472",

booktitle = "Proceedings of the ACM SIGCOMM 2012 and Best Papers of the Co-located Workshops",

edition = "4",

note = "Annual Conference of the ACM Special Interest Group on Data Communication on the Applications, Technologies, Architectures, and Protocols for Computer Communication, ACM SIGCOMM 2012 ; Conference date: 13-08-2012 Through 17-08-2012",

}

TY - GEN

T1 - Veriflow

T2 - Annual Conference of the ACM Special Interest Group on Data Communication on the Applications, Technologies, Architectures, and Protocols for Computer Communication, ACM SIGCOMM 2012

AU - Khurshid, Ahmed

AU - Zhou, Wenxuan

AU - Caesar, Matthew

AU - Godfrey, P. Brighten

PY - 2012

Y1 - 2012

N2 - Networks are complex and prone to bugs. Existing tools that check configuration Hies and data-plane state operate offline at timescales of seconds to hours, and cannot detect or prevent bugs as they arise. Is it possible to check network-wide invariants in real time. as the network state evolves? The key challenge here is to achieve extremely low latency during the checks so that network performance is not affected. In this paper, we present a preliminary design, VeriFlow, which suggests that this goal is achievable. VeriFlow is a layer between a software-defined networking controller and network devices that checks for network-wide invariant violations dynamically as each forwarding rule is inserted. Based on an implementation using a Mininet OpenFlow network and Route Views trace data, we find that VeriFlow can perform rigorous checking within hundreds of microseconds per rule insertion.

AB - Networks are complex and prone to bugs. Existing tools that check configuration Hies and data-plane state operate offline at timescales of seconds to hours, and cannot detect or prevent bugs as they arise. Is it possible to check network-wide invariants in real time. as the network state evolves? The key challenge here is to achieve extremely low latency during the checks so that network performance is not affected. In this paper, we present a preliminary design, VeriFlow, which suggests that this goal is achievable. VeriFlow is a layer between a software-defined networking controller and network devices that checks for network-wide invariant violations dynamically as each forwarding rule is inserted. Based on an implementation using a Mininet OpenFlow network and Route Views trace data, we find that VeriFlow can perform rigorous checking within hundreds of microseconds per rule insertion.

KW - Debugging

KW - Forwarding

KW - Openflow

KW - Real time

KW - Software-defined networking

UR - http://www.scopus.com/inward/record.url?scp=84893267876&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84893267876&partnerID=8YFLogxK

U2 - 10.1145/2377677.2377766

DO - 10.1145/2377677.2377766

M3 - Conference contribution

AN - SCOPUS:84893267876

SN - 9781450314190

T3 - Computer Communication Review

SP - 467

EP - 472

BT - Proceedings of the ACM SIGCOMM 2012 and Best Papers of the Co-located Workshops

Y2 - 13 August 2012 through 17 August 2012

ER -

Veriflow: Verifying network-wide invariants in real time

Abstract

Publication series

Other

Keywords

ASJC Scopus subject areas

Online availability

Library availability

Related links

Fingerprint

Cite this