polynomial-time what-if analysis for communication ...chen avin (ben gurion university) patent...
TRANSCRIPT
![Page 1: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/1.jpg)
Polynomial-time what-if analysis for communication networks: An automata-theoretic approach
Stefan Schmid et al.*
* most importantly: Jiri Srba (Aalborg University) and Chen Avin (Ben Gurion University)
![Page 2: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/2.jpg)
Polynomial-time what-if analysis for communication networks: An automata-theoretic approach
Stefan Schmid et al.*
Nice to meet you!
* most importantly: Jiri Srba (Aalborg University) and Chen Avin (Ben Gurion University)
![Page 3: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/3.jpg)
Polynomial-time what-if analysis for communication networks: An automata-theoretic approach
Stefan Schmid et al.*
New in Austria, looking for collaborations etc.
Nice to meet you!
* most importantly: Jiri Srba (Aalborg University) and Chen Avin (Ben Gurion University)
Patent pending, INFOCOM 2018
G.I.F. project
![Page 4: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/4.jpg)
Polynomial-time what-if analysis for communication networks: An automata-theoretic approach
Stefan Schmid et al.*
Formal methods are the hot topic in networking! And your expertise may be one of the most
urgently required ones…
![Page 5: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/5.jpg)
Communication Technologies (CT) @ Uni Vie
• Vision and mission: Make networked systems self-*– Self-repairing
– Self-stabilizing
– Self-adjusting
– Self-”driving”
• Using different methodologies– Algorithms and analysis (LPs, online/approx. algorithms, etc.)
– Formal methods (e.g., automata theory and synthesis)
– Machine-learning (e.g., data-driven optimizations)
1
![Page 6: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/6.jpg)
Communication Technologies (CT) @ Uni Vie
• Vision and mission: Make networked systems self-*– Self-repairing
– Self-stabilizing
– Self-adjusting
– Self-”driving”
• Using different methodologies– Algorithms and analysis (LPs, online/approx. algorithms, etc.)
– Formal methods (e.g., automata theory and synthesis)
– Machine-learning (e.g., data-driven optimizations)
1
Uwe Nestmann (CONCUR 2016)
![Page 7: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/7.jpg)
Communication Technologies (CT) @ Uni Vie
• Vision and mission: Make networked systems self-*– Self-repairing
– Self-stabilizing
– Self-adjusting
– Self-”driving”
• Using different methodologies– Algorithms and analysis (LPs, online/approx. algorithms, etc.)
– Formal methods (e.g., automata theory and synthesis)
– Machine-learning (e.g., data-driven optimizations)
1
![Page 8: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/8.jpg)
Why Self-*? Complexity and Human Errors!
We discovered a misconfiguration on this pair of switches that caused what's called a“bridge loop” in the network.
A network change was […] executed incorrectly […] more “stuck” volumes and added more requests to the re-mirroring storm.
Service outage was due to a series of internal network events that corrupted router data tables.
Experienced a network connectivity issue […] interrupted the airline's flight departures, airport processing and reservations systems
Credits: Nate Foster
Datacenter, enterprise, carrier networks: mission-critical infrastructures.But even techsavvy companies struggle to provide reliable operations.
![Page 9: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/9.jpg)
Why Self-*? Lack of Good Debugging Tools!
The Wall Street bank anecdote: datacenter outage of a Wall Street investment bank led to revenue loss measured in USD 106 / min!
The compute team: quickly came armed with reams of logs, showing how and when the applications failed, and had already written experiments to reproduce and isolate the error, along with candidate prototype programs to workaround the failure.
The storage team: similarly equipped, showing which file system logs were affected, and already progressing with workaround programs.
The networking team: All the networking team had were two tools invented over twenty years ago [pingand traceroute] to merely test end-to-end connectivity. Neither tool could reveal problems with the switches, the congestion experienced by individual packets, or provide any means to create experiments to identify, quarantine and resolve the problem.
Quickly, assembled emergency team:
Source: «The world’s fastest and most programmable networks»White Paper Barefoot Networks
![Page 10: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/10.jpg)
Why Self-*? Lack of Good Debugging Tools!
The Wall Street bank anecdote: datacenter outage of a Wall Street investment bank led to revenue loss measured in USD 106 / min!
The compute team: quickly came armed with reams of logs, showing how and when the applications failed, and had already written experiments to reproduce and isolate the error, along with candidate prototype programs to workaround the failure.
The storage team: similarly equipped, showing which file system logs were affected, and already progressing with workaround programs.
The networking team: All the networking team had were two tools invented over twenty years ago [pingand traceroute] to merely test end-to-end connectivity. Neither tool could reveal problems with the switches, the congestion experienced by individual packets, or provide any means to create experiments to identify, quarantine and resolve the problem.
Quickly, assembled emergency team:
Source: «The world’s fastest and most programmable networks»White Paper Barefoot Networks
Who was blamed?
![Page 11: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/11.jpg)
Why Self-*? Flexibility!
Communication networks are becoming more flexible (general) and software-defined.
Traditional networks: distributed and fixed algorithms and functionality, blackbox
Ctrl
Software-Defined Networks (SDNs): centralized control, bring-your-own-algorithm, passive match-action rules (verifiable)
Ctrl
Ctrl
Ctrl
Ctrl
Ctrl
![Page 12: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/12.jpg)
Why Self-*? Flexibility!
Communication networks are becoming more flexible (general) and software-defined.
Traditional networks: distributed and fixed algorithms and functionality, blackbox
Ctrl
Software-Defined Networks (SDNs): centralized control, bring-your-own-algorithm, passive match-action rules (verifiable)
Ctrl
Ctrl
Ctrl
Ctrl
Ctrl
One reason for Google’s move to SDN early on. And a reason why Vint Cerf envies young researchers…
Innovation in software
![Page 13: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/13.jpg)
Software-Defined Networks (SDNs)
Ctrl
Asynchronous!
Exploiting flexibilities introduces novel algorithmic problems!
4
• Networks become programmable, open and more general– “the Linux of networking”
– Support expressive forwarding: match-action on Layer-2 to Layer-4
– Programmatic, adaptive control
• But also introduces new challenges:– More general = harder?
– E.g., decoupling (remote controller)
![Page 14: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/14.jpg)
Software-Defined Networks (SDNs)
Ctrl
Asynchronous!
Exploiting flexibilities introduces novel algorithmic problems!
4
Gives raise to non-trivial inconsistencies: A distributed system!And case for automated verification…
• Networks become programmable, open and more general– “the Linux of networking”
– Support expressive forwarding: match-action on Layer-2 to Layer-4
– Programmatic, adaptive control
• But also introduces new challenges:– More general = harder?
– E.g., decoupling (remote controller)
![Page 15: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/15.jpg)
• Traditional traffic engineering: routes can only be influenced indirectly, using link weights as knobs, only shortest paths
• SDN: direct control over forwarding rules and hence routing paths
• Routes also do not have to be destination-based orconfluent (but can depend on other header fields)
• Routes may even contain loops (not a simple pathbut a walk): steered through network functions toprovide complex network service (service chain)
What’s new? Examples.
D
R
A
B
R can use different routes to D!
A
BA
B
service
realization “waypoint”
![Page 16: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/16.jpg)
1
2
2
1 1
1
1
w
s t
u v
Example: Consistent Network Updates
6
![Page 17: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/17.jpg)
1
2
2
1 1
1
1
w
s t
u v
Example: Consistent Network Updates
Flow 1
6
![Page 18: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/18.jpg)
1
2
2
1 1
1
1
Flow 2
w
s t
u v
Example: Consistent Network Updates
Flow 1
6
![Page 19: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/19.jpg)
1
2
2
1 1
1
1
Flow 2
(Short) congestion-free update schedule?
w
s t
u v
Example: Consistent Network Updates
Flow 1
6
![Page 20: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/20.jpg)
1
2
2
1 1
1
1
w
s t
u v
e.g., cannot update red: congestion! Need toupdate blue first!
Example: Consistent Network Updates
Flow 2
(Short) congestion-free update schedule?
Flow 1
6
![Page 21: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/21.jpg)
1
2
2
1 1
1
1
w
s t
u v
1 1
1
Prepare!
No flow! No flow!
No flow!
Example: Consistent Network Updates
Schedule:
1. red@w,blue@u,blue@v
Round 1:
![Page 22: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/22.jpg)
1
2
2
1 1
1
1
w
s t
u v
1 1
1
2
flow! No flow!
No flow!
Example: Consistent Network Updates
Round 2:
Schedule:
1. red@w,blue@u,blue@v
2. blue@s
![Page 23: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/23.jpg)
1
2
2
1 1
1
1
w
s t
u v
1 1
1
2
Capacity 2: ok!
3
No flow!
Example: Consistent Network Updates
Round 3:
Schedule:
1. red@w,blue@u,blue@v
2. blue@s
3. red@s
![Page 24: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/24.jpg)
1
2
2
1 1
1
1
w
s t
u v
1 1
1
2
Capacity 2: ok!
3
4
Example: Consistent Network Updates
Round 4:
Schedule:
1. red@w,blue@u,blue@v
2. blue@s
3. red@s
4. blue@w
![Page 25: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/25.jpg)
1
2
2
1 1
1
1
w
s t
u v
1 1
1
2
3
4
Note: this (non-trivial) example was just a DAG,
without loops!
Example: Consistent Network Updates
Round 4:
Schedule:
1. red@w,blue@u,blue@v
2. blue@s
3. red@s
4. blue@w
![Page 26: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/26.jpg)
1
2
2
1 1
1
1
Block for a given flow: subgraph between two
consecutive nodes whereold and new route meet. w
s t
u v
Block Decomposition andDependency Graph
Flow 2
Flow 1
7
![Page 27: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/27.jpg)
1
2
2
1 1
1
1
w
s t
u v
Just one red block: r1
r1
Block Decomposition andDependency Graph
Flow 2
Flow 1
Block for a given flow: subgraph between two
consecutive nodes whereold and new route meet.
7
![Page 28: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/28.jpg)
1
2
2
1 1
1
1
w
s t
u v
Two blue blocks: b1 and b2
b1 b2
Block Decomposition andDependency Graph
Flow 2
Flow 1
Block for a given flow: subgraph between two
consecutive nodes whereold and new route meet.
7
![Page 29: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/29.jpg)
1
2
2
1 1
1
1
w
s t
u v
Dependencies: update b2 after r1 after b1.
b1 b2r1
Block Decomposition andDependency Graph
Flow 2
Flow 1
Block for a given flow: subgraph between two
consecutive nodes whereold and new route meet.
7
![Page 30: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/30.jpg)
Many Open Problems• Instance of combinatorial reconfiguration theory (known from games)
• We know for flow graphs forming a DAG:• For k=2 flows, polynomial-time algorithm to compute schedule with minimal
number of rounds! For general k, NP-hard.• For general constant k flows, polynomial-time algorithm to compute feasible update
• Some results for other transient properties besides congestion-freedom:• Transient loop-freedom• Waypoint enforcement
• Everything else: unkown!• In particular: what if flow graph is not a DAG?
Further reading:ACM PODC 2015
ACM SIGMETRICS 2016ICALP 2018
Etc.
8
![Page 31: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/31.jpg)
Many Open Problems• Instance of combinatorial reconfiguration theory (known from games)
• We know for flow graphs forming a DAG:• For k=2 flows, polynomial-time algorithm to compute schedule with minimal
number of rounds! For general k, NP-hard.• For general constant k flows, polynomial-time algorithm to compute feasible update
• Some results for other transient properties besides congestion-freedom:• Transient loop-freedom• Waypoint enforcement
• Everything else: unkown!• In particular: what if flow graph is not a DAG?
Further reading:ACM PODC 2015
ACM SIGMETRICS 2016ICALP 2018
Etc.
8Exists research on consistency checking middleware…
![Page 32: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/32.jpg)
• Routers, switches, middleboxesrun on commodity x86 hardware
• A.k.a. virtual switches
• Mainly in datacenters
• Many complex algorithms in thedataplane (e.g., parsing, flow caching): Uncharted securitylandscape!
Trend: Virtualization
Ctrl
9
![Page 33: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/33.jpg)
Virtual Switches are Complex, e.g.: (Unified) Packet Parsing
User
Kernel
VM VM VM
NIC
Virtual Switch
Ethernet
LLC
VLAN
MPLS
IPv4
ICMPv4
TCP
UDP
ARP
SCTP
IPv6
ICMPv6
IPv6 ND
GRE
LISP
VXLAN
PBB
IPv6 EXT HDR
TUNNEL-ID
IPv6 ND
IPv6 EXT HDR
IPv6HOPOPTS
IPv6ROUTING
IPv6Fragment
IPv6DESTOPT
IPv6ESP
IPv6 AH
RARP
IGMP
L2,L2.5,L3,L4
10
![Page 34: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/34.jpg)
Virtual Switches are Complex, e.g.: (Unified) Packet Parsing
User
Kernel
VM VM VM
NIC
Virtual Switch
Ethernet
LLC
VLAN
MPLS
IPv4
ICMPv4
TCP
UDP
ARP
SCTP
IPv6
ICMPv6
IPv6 ND
GRE
LISP
VXLAN
PBB
IPv6 EXT HDR
TUNNEL-ID
IPv6 ND
IPv6 EXT HDR
IPv6HOPOPTS
IPv6ROUTING
IPv6Fragment
IPv6DESTOPT
IPv6ESP
IPv6 AH
RARP
IGMP
L2,L2.5,L3,L4
10
Facing the attacker!
![Page 35: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/35.jpg)
Virtual Switches are Complex, e.g.: (Unified) Packet Parsing
User
Kernel
VM VM VM
NIC
Virtual Switch
Ethernet
LLC
VLAN
MPLS
IPv4
ICMPv4
TCP
UDP
ARP
SCTP
IPv6
ICMPv6
IPv6 ND
GRE
LISP
VXLAN
PBB
IPv6 EXT HDR
TUNNEL-ID
IPv6 ND
IPv6 EXT HDR
IPv6HOPOPTS
IPv6ROUTING
IPv6Fragment
IPv6DESTOPT
IPv6ESP
IPv6 AH
RARP
IGMP
L2,L2.5,L3,L4
10
We fuzzed only 2% of thepacket parser code!
Facing the attacker!
![Page 36: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/36.jpg)
Compromising the Cloud
User
Kernel
Ctrl
Virtual Switch
User
Kernel
VM VM VM
Virtual SwitchUser
Kernel
VM VM VM
Virtual Switch
User
Kernel
VM VM VM
Virtual Switch
11
![Page 37: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/37.jpg)
User
Kernel
Ctrl
Virtual Switch
User
Kernel
VM VM VM
Virtual SwitchUser
Kernel
VM VM VM
Virtual Switch
User
Kernel
VM VM VM
Virtual Switch
1
2
3
3
Compromising the Cloud
11
![Page 38: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/38.jpg)
10
User
Kernel
Ctrl
Virtual Switch
User
Kernel
VM VM VM
Virtual SwitchUser
Kernel
VM VM VM
Virtual Switch
User
Kernel
VM VM VM
Virtual Switch
1
2
3
3
Compromising the Cloud
Further reading:CVEs, ACM SOSR 2018 (best paper award)
ACM CCS 2017 + ACM SIGCOMM 2018 Workshops
Programmable dataplanes have backend compilers:Currently looking into compiler fuzzing!
![Page 39: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/39.jpg)
Automated Network Verification
• Recent years: growing interest in high-level languages for programming networks, some ad-hoc…
• … some with solid semantic foundations
• E.g., NetKAT: sound and complete equational theory
– Primitives for filtering, modifying and transmitting packets
– An instance of Kleene algebra with Tests (KAT)
– Can be used, e.g., for checking reachability
26
![Page 40: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/40.jpg)
Automated Network Verification
• Recent years: growing interest in high-level languages for programming networks, some ad-hoc…
• … some with solid semantic foundations
• E.g., NetKAT: sound and complete equational theory
– Primitives for filtering, modifying and transmitting packets
– An instance of Kleene algebra with Tests (KAT)
– Can be used, e.g., for checking reachability
26
Perhaps the hottest topicin networking these
days…: Nate and Dexter‘spapers highly cited.
![Page 41: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/41.jpg)
WNetKAT
• A weighted SDN programming and verification language
• Goes beyond topological aspects but account for:– actual resource availabilities, capacities, costs, or even stateful operations
27
WNetKAT. Kim G. Larsen, Stefan Schmid, and Bingtian
Xue. OPODIS 2016.
sE.g.: Can s reach t at
cost/bandwidth/latency x?t
(1,8)
(5,2)
(3,1)
(2,1)
(6,1)
(1,4)(3,3)
(2,10)
capacity cost
![Page 42: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/42.jpg)
WNetKAT
• A weighted SDN programming and verification language
• Goes beyond topological aspects but account for:– actual resource availabilities, capacities, costs, or even stateful operations
27
WNetKAT. Kim G. Larsen, Stefan Schmid, and Bingtian
Xue. OPODIS 2016.
sE.g.: Can s reach t at
cost/bandwidth/latency x?t
(1,8)
(5,2)
(3,1)
(2,1)
(6,1)
(1,4)(3,3)
(2,10)
capacity costNodes do not have to be flow-conserving:e.g., adding a packet header for tunneling!
![Page 43: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/43.jpg)
The Good News
• Networks are becoming moreprogrammable and logicallycentralized, have open interfaces, …
• … are based on formal foundations
• Enables a more automated networkoperation and verification!
28
The Bad News
• For many traditional networks (still predominant!), such benefits are not available yet
• Super-polynomial time for verification: PSPACE-hard (NetKAT) or evenundecidable (WNetKAT)
• Other limitations: e.g., fixed header size
Things get more complex when one wants to check properties under failures.
![Page 44: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/44.jpg)
Example: BGP in Datacenter
G1 G2
C
A
D
B
X Y
P1 P2
G
E
H
F
Internet
Dat
ace
nte
r
Credits: Beckett et al. (SIGCOMM 2016): Bridging Network-wide Objectives and Device-level Configurations.
A Challenge: Reachability Under Failures
29
![Page 45: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/45.jpg)
Example: BGP in Datacenter
Dat
ace
nte
r
Internet
Credits: Beckett et al. (SIGCOMM 2016): Bridging Network-wide Objectives and Device-level Configurations. 29
G1 G2
C
A
D
B
X Y
P1 P2
G
E
H
F
A Challenge: Reachability Under Failures
Cluster with services that should be globally reachable.
Cluster with services that shouldbe accessible only internally.
![Page 46: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/46.jpg)
Example: BGP in Datacenter
Dat
ace
nte
r
InternetX and Y announce to Internet what is from
G* (prefix).
X and Y block what is from P*.
Credits: Beckett et al. (SIGCOMM 2016): Bridging Network-wide Objectives and Device-level Configurations. 29
G1 G2
C
A
D
B
X Y
P1 P2
G
E
H
F
A Challenge: Reachability Under Failures
![Page 47: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/47.jpg)
Example: BGP in Datacenter
Dat
ace
nte
r
InternetX and Y announce to Internet what is from
G* (prefix).
X and Y block what is from P*.
Credits: Beckett et al. (SIGCOMM 2016): Bridging Network-wide Objectives and Device-level Configurations. 29
G1 G2
C
A
D
B
X Y
P1 P2
G
E
H
F
What can go wrong?
A Challenge: Reachability Under Failures
![Page 48: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/48.jpg)
Example: BGP in Datacenter
Dat
ace
nte
r
InternetX and Y announce to Internet what is from
G* (prefix).
X and Y block what is from P*.
Credits: Beckett et al. (SIGCOMM 2016): Bridging Network-wide Objectives and Device-level Configurations. 29
G1 G2
C
A
D
B
X Y
P1 P2
G
E
H
F
If link (G,X) fails and traffic from G is rerouted via Y and C to X: X announces (does not block) G and H
as it comes from C. (Note: BGP.)
A Challenge: Reachability Under Failures
![Page 49: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/49.jpg)
Our Contribution
Polynomial-Time What-if Analysis for Prefix Rewriting Networks
Independently of the number of failures! No need
to try combinations.
Case Study: MPLS networks or Segment
Routing networks. Widely deployed by ISPs!
Reachability, loop-freedom,
waypointing, etc.!
30
![Page 50: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/50.jpg)
MPLS and SR: Special Rules
Rules of general networks (e.g., SDN):
arbitrary header rewriting vsin x L* → out x L*
31
The clue: exploit the specific structure of MPLS rules.
(Simplified) MPLS rules:
prefix rewriting
in x L → out x OP
in out
h h’
where OP = {swap,push,pop}
Rules match the header h of packets arriving at in,
and define to which port out to forward as well as new header h’.
![Page 51: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/51.jpg)
MPLS and SR: Special Rules
Rules of general networks (e.g., SDN):
arbitrary header rewriting vsin x L* → out x L*
31
The clue: exploit the specific structure of MPLS rules.
(Simplified) MPLS rules:
prefix rewriting
in x L → out x OP
in out
h h’
where OP = {swap,push,pop}
Rules match the header h of packets arriving at in,
and define to which port out to forward as well as new header h’.
![Page 52: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/52.jpg)
How MPLS Networks Work
Default routing oftwo flows
• MPLS: forwarding based on top label of label stack
v1 v2 v3 v4
v5 v6 v7 v8
32
![Page 53: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/53.jpg)
How MPLS Networks Work
Default routing oftwo flows
• MPLS: forwarding based on top label of label stack
v1 v2 v3 v4
v5 v6 v7 v8
flow 1
32
flow 2
![Page 54: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/54.jpg)
How MPLS Networks Work
v1 v2 v3 v4
v5 v6 v7 v8
in1
in2
out1
out2
12
22
1020
1121
32
Default routing oftwo flows
• MPLS: forwarding based on top label of label stackpush swap swap pop
pop
![Page 55: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/55.jpg)
v1 v2 v3 v4
v5 v6 v7 v8
in1
in2
out1
out2
v1 v2 v3 v4
v5 v6 v7 v8
in1
in2
out1
out2
12
2230|1130|21
1121
One failure: push 30: route around (v2,v3)
32
Fast Reroute Around 1 Failure
Default routing oftwo flows
• MPLS: forwarding based on top label of label stack
• For failover: push and pop label
12
22
1020
1121
31|1131|21
1020
![Page 56: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/56.jpg)
v1 v2 v3 v4
v5 v6 v7 v8
in1
in2
out1
out2
v1 v2 v3 v4
v5 v6 v7 v8
in1
in2
out1
out2
12
2230|1130|21
1121
One failure: push 30: route around (v2,v3)
32
Fast Reroute Around 1 Failure
Default routing oftwo flows
• MPLS: forwarding based on top label of label stack
12
22
1020
1121
Pop
Normal swap
• For failover: push and pop label
If (v2,v3) failed, push 30 and
forward to v6.
31|1131|21
![Page 57: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/57.jpg)
v1 v2 v3 v4
v5 v6 v7 v8
in1
in2
out1
out2
v1 v2 v3 v4
v5 v6 v7 v8
in1
in2
out1
out2
12
2230|1130|21
1121
One failure: push 30: route around (v2,v3)
32
Fast Reroute Around 1 Failure
Default routing oftwo flows
• MPLS: forwarding based on top label of label stack
12
22
1020
1121
Pop
Normal swap
• For failover: push and pop label
If (v2,v3) failed, push 30 and
forward to v6.
31|1131|21
What about multiple link failures?
![Page 58: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/58.jpg)
2 Failures: Push Recursively
v1 v2 v3 v4
v5 v6 v7 v8
in1
in2
out1
out2
v1 v2 v3 v4
v5 v6 v7 v8
in1
in2
out1
out2
v1 v2 v3 v4
v5 v6 v7 v8
in1
in2
out1
out2
12
22
1020
1121 12
22
1020
1121 12
22
30|1130|21
1121
31|1131|21
40|30|1140|30|21
30|1130|21
1121
31|1131|21
Original Routing
One failure: push 30: route around (v2,v3)
Two failures: first push 30: route
around (v2,v3)
Push recursively 40: route around (v2,v6)
Push 30
Push 40
1020
1121
33pop pop
![Page 59: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/59.jpg)
v1 v2 v3 v4
v5 v6 v7 v8
in1
in2
out1
out2
v1 v2 v3 v4
v5 v6 v7 v8
in1
in2
out1
out2
v1 v2 v3 v4
v5 v6 v7 v8
in1
in2
out1
out2
12
22
1020
1121 12
22
1020
1121 12
22
30|1130|21
1121
31|1131|21
40|30|1140|30|21
30|1130|21
1121
31|1131|21
Original Routing
One failure: push 30: route around (v2,v3)
Two failures: first push 30: route
around (v2,v3)
Push recursively 40: route around (v2,v6)
1020
1121
33
But masking links one-by-one can be inefficient:
(v7,v3,v8) could be shortcut to (v7,v8).
2 Failures: Push Recursively
![Page 60: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/60.jpg)
v1 v2 v3 v4
v5 v6 v7 v8
in1
in2
out1
out2
v1 v2 v3 v4
v5 v6 v7 v8
in1
in2
out1
out2
v1 v2 v3 v4
v5 v6 v7 v8
in1
in2
out1
out2
12
22
1020
1121 12
22
1020
1121 12
22
30|1130|21
1121
31|1131|21
40|30|1140|30|21
30|1130|21
1121
31|1131|21
Original Routing
One failure: push 30: route around (v2,v3)
Two failures: first push 30: route
around (v2,v3)
Push recursively 40: route around (v2,v6)
1020
1121
33
But masking links one-by-one can be inefficient:
(v7,v3,v8) could be shortcut to (v7,v8).
2 Failures: Push Recursively
More efficient but also more complex:Cisco does not recommend using this option!
![Page 61: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/61.jpg)
v1 v2 v3 v4
v5 v6 v7 v8
in1
in2
out1
out2
v1 v2 v3 v4
v5 v6 v7 v8
in1
in2
out1
out2
v1 v2 v3 v4
v5 v6 v7 v8
in1
in2
out1
out2
12
22
1020
1121 12
22
1020
1121 12
22
30|1130|21
1121
31|1131|21
40|30|1140|30|21
30|1130|21
1121
31|1131|21
Original Routing
One failure: push 30: route around (v2,v3)
Two failures: first push 30: route
around (v2,v3)
Push recursively 40: route around (v2,v6)
1020
1121
33
But masking links one-by-one can be inefficient:
(v7,v3,v8) could be shortcut to (v7,v8).
2 Failures: Push Recursively
More efficient but also more complex:Cisco does not recommend using this option!
Also note: due to push, header size may grow arbitrarily!
![Page 62: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/62.jpg)
Survey: MPLS Tunnels in Today‘s ISP Networks
![Page 63: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/63.jpg)
Survey: MPLS Tunnels in Today‘s ISP Networks
![Page 64: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/64.jpg)
Failover Tables
Flow Table
Protected link Alternative
linkLabel
Forwarding Tables for Our Example
34
Version which does not mask links individually!
![Page 65: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/65.jpg)
The Key Insight
We can model MPLS networks using a context-free language (push-down automaton)! Or more specifically:
A Prefix Rewriting System.
![Page 66: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/66.jpg)
MPLS configurations, Segment Routing etc.
Pushdown Automatonand Prefix Rewriting
Systems Theory
Compilation
Interpretation
pX ⇒ qXXpX ⇒ qYXqY ⇒ rYY
rY ⇒ rrX ⇒ pX
What if...?!
Polynomial-Time Verification:An Automata-Theoretic Approach
36
![Page 67: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/67.jpg)
MPLS configurations, Segment Routing etc.
Pushdown Automatonand Prefix Rewriting
Systems Theory
Compilation
Interpretation
pX ⇒ qXXpX ⇒ qYXqY ⇒ rYY
rY ⇒ rrX ⇒ pX
What if...?!
Polynomial-Time Verification:An Automata-Theoretic Approach
36
Use cases: Sysadmin issues queries to test certain properties, or do it on a regular basis automatically!
![Page 68: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/68.jpg)
Responsibilities of a Sysadmin
Sysadmin responsible for:
• Reachability: Can traffic from ingressport A reach egress port B?
• Loop-freedom: Are the routes impliedby the forwarding rules loop-free?
• Non-reachability: Is it ensured thattraffic originating from A neverreaches B?
• Waypoint ensurance: Is it ensuredthat traffic from A to B is alwaysrouted via a node C (e.g., a firewall)?
A
B
C
37
Routers and switches storelist of forwarding rules, and
conditional failover rules.
![Page 69: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/69.jpg)
Responsibilities of a Sysadmin
Sysadmin responsible for:
• Reachability: Can traffic from ingressport A reach egress port B?
• Loop-freedom: Are the routes impliedby the forwarding rules loop-free?
• Non-reachability: Is it ensured thattraffic originating from A neverreaches B?
• Waypoint ensurance: Is it ensuredthat traffic from A to B is alwaysrouted via a node C (e.g., a firewall)?
Reachability?
A
B
C
37
![Page 70: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/70.jpg)
Responsibilities of a Sysadmin
Sysadmin responsible for:
• Reachability: Can traffic from ingressport A reach egress port B?
• Loop-freedom: Are the routes impliedby the forwarding rules loop-free?
• Non-reachability: Is it ensured thattraffic originating from A neverreaches B?
• Waypoint ensurance: Is it ensuredthat traffic from A to B is alwaysrouted via a node C (e.g., a firewall)?
A
B
C
37
No loops?
![Page 71: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/71.jpg)
Responsibilities of a Sysadmin
Sysadmin responsible for:
• Reachability: Can traffic from ingressport A reach egress port B?
• Loop-freedom: Are the routes impliedby the forwarding rules loop-free?
• Policy: Is it ensured that traffic from A to B never goes via C?
• Waypoint ensurance: Is it ensuredthat traffic from A to B is alwaysrouted via a node C (e.g., a firewall)?
A
B
C
37
Policy ok?
E.g. NORDUnet: no traffic via Iceland (expensive!).
![Page 72: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/72.jpg)
Responsibilities of a Sysadmin
Sysadmin responsible for:
• Reachability: Can traffic from ingressport A reach egress port B?
• Loop-freedom: Are the routes impliedby the forwarding rules loop-free?
• Policy: Is it ensured that traffic from A to B never goes via C?
• Waypoint enforcement: Is it ensuredthat traffic from A to B is alwaysrouted via a node C (e.g., intrusiondetection system or a firewall)?
A
B
C
37
Waypoint?
E.g. IDS
![Page 73: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/73.jpg)
Responsibilities of a Sysadmin
Sysadmin responsible for:
• Reachability: Can traffic from ingressport A reach egress port B?
• Loop-freedom: Are the routes impliedby the forwarding rules loop-free?
• Policy: Is it ensured that traffic from A to B never goes via C?
• Waypoint enforcement: Is it ensuredthat traffic from A to B is alwaysrouted via a node C (e.g., intrusiondetection system or a firewall)?
A
B
C
37
E.g. IDS
… and everything even under multiple failures?!
k failures =
(𝑛𝑘) possibilities
![Page 74: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/74.jpg)
Queries May Also Depend on Header
Interface Connectivity Problem
• Can a packet arriving at A with header h reach B? (Similar for our other properties.)
A
B
C: with firewall
Waypoint: use!
D
Blacklisted: avoid
Push/pop/swap
Label stack:5|12|4
38
?
![Page 75: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/75.jpg)
Queries May Also Depend on Header
Interface Connectivity Problem
• Can a packet arriving at A with header h reach B? (Similar for our other properties.)
38
A
B
Label stack:
empty?Transparency
• MPLS: transit networks!
• Will all packets arriving with empty header at A leave at B also with the empty header?
Label stack:
empty!
![Page 76: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/76.jpg)
Queries May Also Depend on Header
Interface Connectivity Problem
• Can a packet arriving at A with header h reach B? (Similar for our other properties.)
38
Transparency
• MPLS: transit networks!
• Will all packets arriving with empty header at A leave at B also with the empty header?
A
B
Label stack:size?
Cyclic and repeated routing
• Will a packet traverse some node more than r-times?
• And what is the max stack size that a packet may have?
Waypoints and service chains:result in (a small number of) loops!
![Page 77: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/77.jpg)
• Network: a 7-tuple
A Network Model
Nodes
Links
Incoming interfaces
Outgoing interfaces
Set of labels in packet header
39
![Page 78: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/78.jpg)
Interface function: maps outgoing interface to next hopnode and incoming interface to previous hop node
That is: and
A Network Model
Interface function
39
• Network: a 7-tuple
![Page 79: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/79.jpg)
• Network: a 7-tuple
Routing function: for each set of failed links , therouting function
defines, for all incoming interfaces and packet headers, outgoing interfaces together with modified headers.
A Network Model
Routing function
39
![Page 80: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/80.jpg)
out2out1
Packet routing sequence can be represented using sequence of tuples:
Routing in Network
• Example: routing (in)finite sequence of tuples
Node receives…
… on interface…
… packet withheader…
… forwards it tolive next hop…
… with new header..
… given that these links are down.
40
v1
h1
v2
h2 h3
in1 in2
![Page 81: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/81.jpg)
MPLS Network Model• MPLS supports three specific operations on header sequences:
• The local routing table can then be defined as
• Local link protection function defines backup interface
protected backup typically: push
Interface + label
Maps to next hopand operation
41
![Page 82: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/82.jpg)
• Prefix rewriting system is set of rewriting rules
• We will write for :
• Prefix rewriting rules: for
generate a transition system
• We call a prefix rewriting system pushdown systemif and for all
MPLS Prefix Rewriting System
First symbol of v and w: control state of
pushdown system.
Second symbol of v: top of stack label.
pushswappop
Replace prefix
42
![Page 83: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/83.jpg)
• Control states: and
• Labels: stack symbols and at bottom
• Packet with header arriving at interface in at
represented as pushdown configuration:
• Packet to be forwarded at node to outgoing interface
represented by configuration:
How many times have we tried toreroute at this node already?
Node and incoming link
43
MPLS Prefix Rewriting System
![Page 84: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/84.jpg)
Pop:
Push:
Swap:
Example Rules: Regular Forwarding on Top-Most Label
Push label on stack
Swap top of stack
Pop top of stack
44
![Page 85: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/85.jpg)
Failover-Push:
Example Failover Rules
Emumerate all rerouting options
Failover-Swap:
Failover-Pop:
Example rewriting sequence:
Try default Try first backup Try second backup 45
![Page 86: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/86.jpg)
Why Polynomial Time?!
• Arbitrary number k of failures: How can I avoidchecking all (𝑛
𝑘)many options?!
• Even if we reduce to push-down automaton: simple operations such as emptiness testing orintersection on Push-Down Automata (PDA) iscomputationally non-trivial and sometimes evenundecidable!
k failures =
(𝑛𝑘) possibilities
46
![Page 87: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/87.jpg)
Why Polynomial Time?!
46
This is not how we will use the PDA!
• Arbitrary number k of failures: How can I avoidchecking all (𝑛
𝑘)many options?!
• Even if we reduce to push-down automaton: simple operations such as emptiness testing orintersection on Push-Down Automata (PDA) iscomputationally non-trivial and sometimes evenundecidable!
k failures =
(𝑛𝑘) possibilities
![Page 88: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/88.jpg)
Why Polynomial Time?!
46
This is not how we will use the PDA!
• Arbitrary number k of failures: How can I avoidchecking all (𝑛
𝑘)many options?!
• Even if we reduce to push-down automaton: simple operations such as emptiness testing orintersection on Push-Down Automata (PDA) iscomputationally non-trivial and sometimes evenundecidable!
k failures =
(𝑛𝑘) possibilities
The words in our language are sequences of pushdown stack symbols, not the labels of transitions.
![Page 89: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/89.jpg)
Time for Automata Theory!
Julius Richard Büchi
1924-1984
Swiss logician
• Classic result by Büchi 1964: the set of all reachableconfigurations of a pushdown automaton a is regular set
• Hence, we can operate only on Nondeterministic Finite Automata (NFAs) when reasoning about the pushdown automata
• The resulting regular operations are all polynomial time
• Important result of model checking
47
![Page 90: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/90.jpg)
Preliminary Tool and Query Language
Part 1: Parses queryand constructs Push-Down System (PDS)
• In Python 3
query processing flow
Part 2: Reachability analysis of constructed PDS
• Using Moped tool
48
![Page 91: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/91.jpg)
Question: Beginning with an empty header [], can we get from s1 to s7 in any number of steps, and end with an empty header []?
Query: []s1 >> s7[]
Output: Yes and witness trace (excerpt)
Example 1: Reachability
Take multiple steps
Empty header
!
!
49
![Page 92: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/92.jpg)
YES!
2 failures
Example 2: Traversal With 2 Failures
51
Traversal test with k=2: Can traffic starting with [] go through s5, under up to k=2 failures?
push
push
stacksize!
pop
pop
Query: k=2 [] s1 >> s5 >> s7 []
![Page 93: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/93.jpg)
YES!
Example 3: Transparency Violation
52
Transparency with k=3: Can transparency be violated under up to k=3 failures?
Query: k=3 [] s1 >> s7 [+]
3 failures
empty non-empty
Root cause is a misconfiguration in s5, causing it to swap to 11 instead of popping when doing the failover on s5-s4.
![Page 94: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/94.jpg)
Preliminary EvaluationFor small queries fast: 1000s of links, within seconds
Bottleneck arelarge queries
100,000s
secs1000s
31
# failures affectsperformanceonly linearly!
![Page 95: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/95.jpg)
Summary of Contributions
• Polynomial-time verification of MPLS reachability and policy-related propertieslike waypointing
• For arbitrary number of failures (up to linear in n)!
• Supports arbitrary header sizes („infinite“)
• Also allows to compute headers which do (not) fulfill a property
• Allows to support a constant number of stateful nodes as well
• Extends to Segment Routing networks based on MPLS (SR-MPLS)
• Leveraging theory from Prefix Rewriting Systems and Büchi‘s classic result
54
![Page 96: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/96.jpg)
The Next Frontier of Flexibility: The Network Topology
Started as a theoretical project, but then:
t=112
![Page 97: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/97.jpg)
t=2
The Next Frontier of Flexibility: The Network Topology
Started as a theoretical project, but then:
12
![Page 98: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/98.jpg)
Traditional Networks:Static
• Lower bounds and undesirable trade-offs, e.g., degree vs diameter
• Usually optimized for the “worst-case” (all-to-all communication)
• Example, fat-tree topologies: provide full bisection bandwidth
Our Vision:DANs and SANs
• DAN: Demand-Aware Network
– Statically optimized toward the demand
• SAN: Self-Adjusting Network
– Dynamically optimized toward the (time-varying) demand
TOR switches
Mirrors
Lasers
![Page 99: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/99.jpg)
Our Research Vision: Demand-Aware Networks (DANs)
Demand matrix: joint distribution
Sou
rces
Destinations
DAN (of constant degree)
design
14
![Page 100: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/100.jpg)
Our Research Vision: Demand-Aware Networks (DANs)
Demand matrix: joint distribution
Sou
rces
Destinations
DAN (of constant degree)
Can be seen as a graph as well: the workload!
design
14
![Page 101: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/101.jpg)
Our Research Vision: Demand-Aware Networks (DANs)
Demand matrix: joint distribution
Sou
rces
Destinations
DAN (of constant degree)
Much from 4 to 5.
Makes sense to add link.
design
14
![Page 102: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/102.jpg)
Our Research Vision: Demand-Aware Networks (DANs)
Demand matrix: joint distribution
Sou
rces
Destinations
DAN (of constant degree)
1 communicates to many.
Bound degree: route to 7 indirectly!
design
14
![Page 103: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/103.jpg)
Our Research Vision: Demand-Aware Networks (DANs)
Demand matrix: joint distribution
Sou
rces
Destinations
DAN (of constant degree)
4 and 6 don’t communicate…
… but „extra“ link still makes
sense: not a subgraph!
design
14
![Page 104: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/104.jpg)
Our Research Vision: Or Even Self-Adjusting Networks (SANs)
t=1 t=2
1 4
2
5
7
4
7
5
2
1
adjustNew
connection!
How to minimize reconfigurations?How to keep network locally routable? 15
![Page 105: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/105.jpg)
Our Research Vision: An Analogy to Coding
16
![Page 106: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/106.jpg)
Our Research Vision: An Analogy to Coding
DANs SANs
16
![Page 107: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/107.jpg)
DAN: Relationship to…
Sparse, low-distortion graph spanners – Similar: keep distances in a „compressed
network“ (few edges)
– But: • We only care about path length between
communicating nodes, not all node pairs
• We want constant degree
• Not restricted to subgraph but can have„additional links“ (like geometric spanners)
extra link
degree
don‘t care about 4-6
17
![Page 108: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/108.jpg)
DAN: Relationship to…
Minimum Linear Arrangement (MLA)– MLA: map guest graph to line (host graph) so
that sum of distances is minimal
– DAN similar: if degree bound = 2, DAN is line orring (or sets of lines/rings)
– But unlike “graph embedding problems“• The host graph is also subject to optimization
• Does this render the problem simpler or harder?
2
31
4
5
18
![Page 109: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/109.jpg)
SAN: Relationship to…
Splay Tree
1 4
2
5
7
1 4
2
5
7comm.
• Self-adjusting datastructures like splay trees
• But: Requests are „pair-wise“, not only „from the root“
SplayNet19
![Page 110: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/110.jpg)
Many interesting research questions
• How to design static demand-aware networks?
• How much better can demand-aware networks be compared to demand-oblivious networks?
• How to design dynamic or even decentralized self-adjusting demand-aware networks?
20
![Page 111: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/111.jpg)
An Entropy Lower Bound• EPL related to entropy. Intuition:
– High entropy: e.g., uniform distribution, not much structure, long paths
– Low entropy: can exploit structure to create topologies with short paths
• Theorem: Let X, Y be the marginal distributions of the sources and destinations in demand D respectively. Then
EPL(D, Δ)≥ Ω(HΔ(Y|X) + HΔ(X|Y))
• Recall conditional entropy: Average uncertainty of X given Y
– H(X|Y)= i=1n p(xi,yj)log2(1/p(xi|yj))
21
![Page 112: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/112.jpg)
Lower Bound: Idea
• Proof idea (EPL=Ω(HΔ(Y|X))):
• Build optimal Δ-ary tree for each source i: entropy lower bound known on EPL known for binary trees (Mehlhorn 1975 for BST but proof does not need search property)
• Consider union of all trees
• Violates degree restriction but valid lower bound
22
![Page 113: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/113.jpg)
Lower Bound: Idea
Do this in both dimensions:
Ω(HΔ(X|Y))
D
EPL ≥ Ω(max{HΔ(Y|X), HΔ(X|Y)})
Ω(HΔ(Y|X))
23
![Page 114: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/114.jpg)
(Tight) Upper Bounds: Algorithm Idea
v
uw
h
u v w
high-high• Idea: construct per-node optimal tree– BST (e.g., Mehlhorn)
– Huffman tree
– Splay tree (!)
• Take union of trees but reduce degree– E.g., in sparse distribution:
leverage helper nodes between two “large” (i.e., high-degree) nodes
24
![Page 115: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/115.jpg)
(Tight) Upper Bounds: Algorithm Idea
v
uw
h
u v w
high-high• Idea: construct per-node optimal tree– BST (e.g., Mehlhorn)
– Huffman tree
– Splay tree (!)
• Take union of trees but reduce degree– E.g., in sparse distribution:
leverage helper nodes between two “large” (i.e., high-degree) nodes Further reading:
IEEE/ACM Trans. Netw. 2016, DISC 2016, DISC 2017
![Page 116: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/116.jpg)
Many Open Questions
• Demand-aware bounded doubling dimension graphs?
• Demand-aware continuous-discrete graphs? – Shannon-Fano-Elias coding
• Demand-aware skip graphs?
• …
25
![Page 117: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/117.jpg)
Conclusion & Future Work
• Communication networks are mission-critical but complex: need
for automated verification (and synthesis: future work)
• Network verification can be fast: automata-theoretic approachfor MPLS and SR networks runs in polynomial-time
55
![Page 118: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/118.jpg)
Thank You!
![Page 119: Polynomial-time what-if analysis for communication ...Chen Avin (Ben Gurion University) Patent pending, INFOCOM 2018 G.I.F. project. Polynomial-time what-if analysis for communication](https://reader030.vdocument.in/reader030/viewer/2022040900/5e6fd6074af1037c86220fda/html5/thumbnails/119.jpg)
Further ReadingPolynomial-Time What-If Analysis for Prefix-Manipulating MPLS NetworksStefan Schmid and Jiri Srba.37th IEEE Conference on Computer Communications (INFOCOM), Honolulu, Hawaii, USA, April 2018.
WNetKAT: A Weighted SDN Programming and Verification LanguageKim G. Larsen, Stefan Schmid, and Bingtian Xue.20th International Conference on Principles of Distributed Systems (OPODIS), Madrid, Spain, December 2016.
TI-MFA: Keep Calm and Reroute Segments FastKlaus-Tycho Foerster, Mahmoud Parham, Marco Chiesa, and Stefan Schmid.IEEE Global Internet Symposium (GI), Honolulu, Hawaii, USA, April 2018.
Local Fast Failover Routing With Low StretchKlaus-Tycho Foerster, Yvonne-Anne Pignolet, Stefan Schmid, and Gilles Tredan.ACM SIGCOMM Computer Communication Review (CCR), 2018.