NDSS

Author(s): Weijie Liu, Rakesh B. Bobba, Sibin Mohan, Roy H. Campbell

Download: Paper (PDF)

Date: 7 Feb 2015

Document Type: Briefing Papers

Additional Documents: Slides

Associated Event: NDSS Symposium 2015

Abstract:

Software Defined Networks (SDN) gained a lot of attention both in industry and academia by providing flexibility in network management. With decoupled control and data plane, operators find it more convenient to configure and update their networks. However, transitional states of SDN during updates may be a combination of the old and new network configurations. This may lead to incorrectness in forwarding behaviors and security vulnerabilities. In this paper, we propose a novel abstraction for network update consistency, inter-flow consistency, that accounts for relationships and constraints among different flows during network updates. For two basic inter-flow consistency relationships, spatial isolation and version isolation, we propose an update scheduling algorithm based on dependency graphs, a data structure revealing dependency among different update operations and network elements. We also implement a prototype system with a Mininet Openflow network for spatial isolation and undertake a preliminary performance evaluation of our solution.