Networks started with point-to-point connections, have evolved and expanded to include packet-based technologies that allow for more efficient transport, and now are headed toward a software-based paradigm in which applications can call on the network to get required resources on the fly. But while it seems clear that SDN is the way things are going, it’s a huge leap to move from the plan-ahead method of networking to the figure-it-out-as-you-go style. That has prompted researchers at the University of Illinois at Urbana-Champaign to create an SDN test bed to figure out how this all works in practice.
Researchers with the Ocean Cluster for Experimental Architectures in Networks lab at the U of I aim to leverage the SDN test bed to use what they call VeriFlow, in order to ensure correct configuration and performance, fault tolerance and security.
A paper called “VeriFlow: Verifying Network-Wide Invariants in Real Time” by Ahmed Khurshid, Xuan Zou, Wenxuan Zhou, Matthew Caesar, and P. Brighten Godfrey of the University of Illinois at Urbana-Champaign, explains that the group’s VeriFlow work addresses how to check network-wide correctness in real time.
It’s important to check network forwarding changes right away, according to the paper, so network administrators – or the network itself – will be alerted if there’s a problem. This practice would also prevent bugs by blocking changes that violate important invariants, according to the authors.
The researchers say that their VeriFlow design enables real-time verification by providing “an efficient technique for reasoning about network-wide properties using a low-level view of the network (the data plane), as close as possible to the network’s actual running behavior. This technique, which we call data plane verification, allows VeriFlow to catch bugs that other tools miss, and provides a framework for a unified analysis of heterogeneous, multi-protocol networks.”
The VeriFlow method, which sits between the SDN controller and the forwarding devices, provides network visibility to checks validity of invariants as each rule is inserted, modified or deleted.
SDN is an architecture that separates the control and data planes of the network and automatically looks at flows in the network, understanding the requirements of those different flows and using the network to provide those flows with the appropriate bandwidth and other network resources. This applications-first networking mindset is a significant change from how networks are designed and work today.
To learn more about SDN, TMC invites you to attend SDN Precon at ITEXPO Las Vegas on Aug. 26.
Edited by
Alisen Downey
