toward synthesis of network updates
DESCRIPTION
Toward Synthesis of Network Updates. Andrew Noyes – Cornell University Todd Warszawski – Cornell University Pavol Cerny – University of Colorado Boulder Nate Foster - Cornell University Presented by: Ronen Jacobi. Introduction. Most networks are updated frequently. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Toward Synthesis of Network Updates](https://reader035.vdocument.in/reader035/viewer/2022062305/56814e45550346895dbbc054/html5/thumbnails/1.jpg)
Toward Synthesis of Network Updates
Andrew Noyes – Cornell UniversityTodd Warszawski – Cornell UniversityPavol Cerny – University of Colorado BoulderNate Foster - Cornell UniversityPresented by: Ronen Jacobi.
![Page 2: Toward Synthesis of Network Updates](https://reader035.vdocument.in/reader035/viewer/2022062305/56814e45550346895dbbc054/html5/thumbnails/2.jpg)
Introduction
Most networks are updated frequently.
Implementing network updates while traffic continues to flow is very difficult.
Bad implementing can cause severe damages.
Mechanisms that were invented are too general and hard to implement or very limited
![Page 3: Toward Synthesis of Network Updates](https://reader035.vdocument.in/reader035/viewer/2022062305/56814e45550346895dbbc054/html5/thumbnails/3.jpg)
Example: firewall
S
F1
F2F3
World
Internal
![Page 4: Toward Synthesis of Network Updates](https://reader035.vdocument.in/reader035/viewer/2022062305/56814e45550346895dbbc054/html5/thumbnails/4.jpg)
• MODULE main• VAR• port : {S_0, F1_0, F2_0, F3_0, START, WORLD, DROP};• src : {Auth, Guest};• purpose : {Web, Other};• ASSIGN• next(port) := case• port = START : S_0;• port = S_0 & src = Auth : {F1_0, F2_0};• port = S_0 & src = Guest : F3_0;• port = F1_0 : WORLD;• port = F2_0 : WORLD;• port = F3_0 & purpose = Web : WORLD;• port = F3_0 & purpose = Other : DROP;• port = WORLD : WORLD;• port = DROP : DROP;• esac;• INIT port = START;
• LTLSPEC (purpose = Other & src = Guest -> port = DROP) &• ((src = Auth | src = Guest & purpose = Web) -> F port = WORLD);
![Page 5: Toward Synthesis of Network Updates](https://reader035.vdocument.in/reader035/viewer/2022062305/56814e45550346895dbbc054/html5/thumbnails/5.jpg)
Example: firewall
S
F1
F2F3
World
Internal
g,other
![Page 6: Toward Synthesis of Network Updates](https://reader035.vdocument.in/reader035/viewer/2022062305/56814e45550346895dbbc054/html5/thumbnails/6.jpg)
Example: firewall
S
F1
F2F3
World
Internal
g,other
![Page 7: Toward Synthesis of Network Updates](https://reader035.vdocument.in/reader035/viewer/2022062305/56814e45550346895dbbc054/html5/thumbnails/7.jpg)
Example: Cycle
A
BC
N3 N2
N1
P
![Page 8: Toward Synthesis of Network Updates](https://reader035.vdocument.in/reader035/viewer/2022062305/56814e45550346895dbbc054/html5/thumbnails/8.jpg)
Example: Cycle
A
BC
N3 N2
N1
P
![Page 9: Toward Synthesis of Network Updates](https://reader035.vdocument.in/reader035/viewer/2022062305/56814e45550346895dbbc054/html5/thumbnails/9.jpg)
A New Idea
We’ll use synthesis to generate update mechanisms automatically.
Input: - Current configuration- target configuration - invariants.
Output: Sequence of modifications to the forwarding rules of individual switches
![Page 10: Toward Synthesis of Network Updates](https://reader035.vdocument.in/reader035/viewer/2022062305/56814e45550346895dbbc054/html5/thumbnails/10.jpg)
Network Model Network topology = (Sw,P,inport,outport,ingress) Sw = Switches P = Ports
for there is a unique with inport(p,s).
for there is a unique with outport(s,p). Ingress = ports that get packets from WORLD.
![Page 11: Toward Synthesis of Network Updates](https://reader035.vdocument.in/reader035/viewer/2022062305/56814e45550346895dbbc054/html5/thumbnails/11.jpg)
Policies
A switch policy (switch’s forwarding rules) is a policy of switch s if:p,pt) = (p’,pt’) s.t. - pt is a packet- (p,s) inport- (s,p’)
A netwprk policy (network’s forwarding rules) is a functionNetPol:S →SwitchPol s.tNetPol(s) = SwitchPol SwitchPol is the switch policy of s.
![Page 12: Toward Synthesis of Network Updates](https://reader035.vdocument.in/reader035/viewer/2022062305/56814e45550346895dbbc054/html5/thumbnails/12.jpg)
Updates
An update is a pair (s,SwitchPol) s.t. SwitchPol is a policy of s.
and for all , NetPol’(s’)=NetPol(s’).
S1
S2
S3 S2,SwitchPol S3
S2
S1
![Page 13: Toward Synthesis of Network Updates](https://reader035.vdocument.in/reader035/viewer/2022062305/56814e45550346895dbbc054/html5/thumbnails/13.jpg)
Commands
A command is either an update or a wait command.
A wait command:• Disables the ability to update network policy• Limits the network to one update while there’e
a packet in it.
![Page 14: Toward Synthesis of Network Updates](https://reader035.vdocument.in/reader035/viewer/2022062305/56814e45550346895dbbc054/html5/thumbnails/14.jpg)
Why Wait is Important?N0
N2
N3N1
S0
S1
S2
Auth
Guest/Auth
S3
S3 checks whether it’s Auth or guest before sending to N3
![Page 15: Toward Synthesis of Network Updates](https://reader035.vdocument.in/reader035/viewer/2022062305/56814e45550346895dbbc054/html5/thumbnails/15.jpg)
Why Wait is Important?N0
N2
N3N1
S0
S1
S2
Auth
Guest/Auth
S3
Guest
S3 checks whether it’s Auth or guest before sending to N3
![Page 16: Toward Synthesis of Network Updates](https://reader035.vdocument.in/reader035/viewer/2022062305/56814e45550346895dbbc054/html5/thumbnails/16.jpg)
Why Wait is Important?N0
N3N1
S0
S1
S2
Auth
Guest
S3
S3 checks whether it’s Auth or guest before sending to N3
Guest/Auth
![Page 17: Toward Synthesis of Network Updates](https://reader035.vdocument.in/reader035/viewer/2022062305/56814e45550346895dbbc054/html5/thumbnails/17.jpg)
Why Wait is Important?N0
N3N1
S0
S1
S2
Auth
S3Guest
S3 does not check Packet’s src before sending to N3
Guest/Auth
![Page 18: Toward Synthesis of Network Updates](https://reader035.vdocument.in/reader035/viewer/2022062305/56814e45550346895dbbc054/html5/thumbnails/18.jpg)
Network States & Transition A network state ns = ((p,pt),NetPol,wait-flag,comSeq) A network transition is a relation . There are 4 types of transitions:
1. A packet move:ns = ((p,pt),NetPol,wait-flag,comSeq)ns’ = ((p’,pt’),NetPol,wait-flag,comSeq)
2. An update transition:ns = ((p,pt),NetPol, false, (s, SwitchPol).comSeq)ns’ = ((p,pt),,NetPol[],false,comSeq)
3. A wait transition:ns = ((p,pt),NetPol,wait-flag,wait.comSeq)ns’ = ((p,pt),NetPol,true,comSeq)
![Page 19: Toward Synthesis of Network Updates](https://reader035.vdocument.in/reader035/viewer/2022062305/56814e45550346895dbbc054/html5/thumbnails/19.jpg)
Network Transition
4. A new packet transition:ns = ((p,pt),NetPol,wait-flag,comSeq)ns’= ((p’,pt’),NetPol,false,comSeq)where .
![Page 20: Toward Synthesis of Network Updates](https://reader035.vdocument.in/reader035/viewer/2022062305/56814e45550346895dbbc054/html5/thumbnails/20.jpg)
Network Trace
A network trace nt is an infinite sequence s.t. for all is a network transition.
A network state ns is wait-correct if there are no loops in its network policy.
![Page 21: Toward Synthesis of Network Updates](https://reader035.vdocument.in/reader035/viewer/2022062305/56814e45550346895dbbc054/html5/thumbnails/21.jpg)
Update Synthesis Problem
Given:- an initial network policy ,- a final network policy - specification ,construct a sequence of commands comSeq such that:
• comSeq is correct with respect to and .
![Page 22: Toward Synthesis of Network Updates](https://reader035.vdocument.in/reader035/viewer/2022062305/56814e45550346895dbbc054/html5/thumbnails/22.jpg)
![Page 23: Toward Synthesis of Network Updates](https://reader035.vdocument.in/reader035/viewer/2022062305/56814e45550346895dbbc054/html5/thumbnails/23.jpg)
![Page 24: Toward Synthesis of Network Updates](https://reader035.vdocument.in/reader035/viewer/2022062305/56814e45550346895dbbc054/html5/thumbnails/24.jpg)
Running ExampleN0
N2
N3N1
S0
S1
S2
Auth
Guest/Auth
S3
Guest
S3 checks whether it’s Auth or guest before sending to N3
![Page 25: Toward Synthesis of Network Updates](https://reader035.vdocument.in/reader035/viewer/2022062305/56814e45550346895dbbc054/html5/thumbnails/25.jpg)
Running ExampleN0
N3N1
S0
S1
S2
Auth
Guest
S3
S3 checks whether it’s Auth or guest before sending to N3
Guest/Auth
![Page 26: Toward Synthesis of Network Updates](https://reader035.vdocument.in/reader035/viewer/2022062305/56814e45550346895dbbc054/html5/thumbnails/26.jpg)
Running ExampleN0
N3N1
S0
S1
S2
Auth
S3Guest
S3 checks whether it’s Auth or guest before sending to N3
Guest/Auth
DROP!
![Page 27: Toward Synthesis of Network Updates](https://reader035.vdocument.in/reader035/viewer/2022062305/56814e45550346895dbbc054/html5/thumbnails/27.jpg)
Running ExampleN0
N3N1
S0
S1
S2
Auth
S3
Guest/Auth
S3 does not check Packet’s src before sending to N3
![Page 28: Toward Synthesis of Network Updates](https://reader035.vdocument.in/reader035/viewer/2022062305/56814e45550346895dbbc054/html5/thumbnails/28.jpg)
Example: Cycle
A
BC
N3 N2
N1
![Page 29: Toward Synthesis of Network Updates](https://reader035.vdocument.in/reader035/viewer/2022062305/56814e45550346895dbbc054/html5/thumbnails/29.jpg)
Experiments
![Page 30: Toward Synthesis of Network Updates](https://reader035.vdocument.in/reader035/viewer/2022062305/56814e45550346895dbbc054/html5/thumbnails/30.jpg)
Time of updating with varying number of switches in network
![Page 31: Toward Synthesis of Network Updates](https://reader035.vdocument.in/reader035/viewer/2022062305/56814e45550346895dbbc054/html5/thumbnails/31.jpg)
Time of updating with varying number of switches to update
![Page 32: Toward Synthesis of Network Updates](https://reader035.vdocument.in/reader035/viewer/2022062305/56814e45550346895dbbc054/html5/thumbnails/32.jpg)
Impossible updates
![Page 33: Toward Synthesis of Network Updates](https://reader035.vdocument.in/reader035/viewer/2022062305/56814e45550346895dbbc054/html5/thumbnails/33.jpg)
Summary
• The running times are too large for online use.• The purpose was to build a prototype tool to
confirm the feasibility of the new approach.• The counterexample analysis has great
influence on the running times, though.• If there is no way of safe update it takes much
longer to finish running, because there is a large number of update sequences possible
![Page 34: Toward Synthesis of Network Updates](https://reader035.vdocument.in/reader035/viewer/2022062305/56814e45550346895dbbc054/html5/thumbnails/34.jpg)
The End