Header space analysis: static checking for networks
作者: Nick McKeown , George Varghese , Peyman Kazemian
DOI:
关键词:
摘要: Today's networks typically carry or deploy dozens of protocols and mechanisms simultaneously such as MPLS, NAT, ACLs route redistribution. Even when individual function correctly, failures can arise from the complex interactions their aggregate, requiring network administrators to be masters detail. Our goal is automatically find an important class failures, regardless running, for both operational experimental networks. To this end we developed a general protocol-agnostic framework, called Header Space Analysis (HSA). formalism allows us statically check specifications configurations identify Reachability Failures, Forwarding Loops Traffic Isolation Leakage problems. In HSA, protocol header fields are not first entities; instead look at entire packet concatenation bits without any associated meaning. Each point in {0,1}L space where L maximum length header, networking boxes transform packets one another set points (multicast). We created library tools, Hassel, implement our used it analyze variety protocols. Hassel was Stanford University backbone network, found all forwarding loops less than 10 minutes, verified reachability constraints between two subnets 13 seconds. It also large loop loose source routing 4 minutes.
stanford.edu 
princeton.edu 
acm.org 参考文章(18)
Nick McKeown, Rob Sherwood, Glen Gibb, Kok-Kiong Yap, Martin Casado, Guido Appenzeller, Guru Parulkar, Can the production network be the testbed operating systems design and implementation. pp. 365- 378 ,(2010) , 10.5555/1924943.1924969
Zvonko G. Vranesic, Stephen D. Brown, Fundamentals of Digital Logic with Verilog Design ,(1999)
Y. Bartal, A. Mayer, K. Nissim, A. Wool, Firmato: a novel firewall management toolkit ieee symposium on security and privacy. pp. 17- 31 ,(1999) , 10.1109/SECPRI.1999.766714
Franck Le, Geoffrey G. Xie, Hui Zhang, Understanding Route Redistribution international conference on network protocols. pp. 81- 92 ,(2007) , 10.1109/ICNP.2007.4375839
Nick Feamster, Hari Balakrishnan, Detecting BGP configuration faults with static analysis networked systems design and implementation. pp. 43- 56 ,(2005) , 10.5555/1251203.1251207
R.P. Draves, C. King, S. Venkatachary, B.D. Zill, Constructing optimal IP routing tables international conference on computer communications. ,vol. 1, pp. 88- 97 ,(1999) , 10.1109/INFCOM.1999.749256
T. V. Lakshman, D. Stiliadis, High-speed policy-based packet forwarding using efficient multi-dimensional range matching acm special interest group on data communication. ,vol. 28, pp. 203- 214 ,(1998) , 10.1145/285237.285283
Timothy Roscoe, Steve Hand, Rebecca Isaacs, Richard Mortier, Paul Jardetzky, Predicate routing: enabling controlled networking acm special interest group on data communication. ,vol. 33, pp. 65- 70 ,(2003) , 10.1145/774763.774773
Martin Karsten, S. Keshav, Sanjiva Prasad, Mirza Beg, An axiomatic basis for communication acm special interest group on data communication. ,vol. 37, pp. 217- 228 ,(2007) , 10.1145/1282380.1282405
Haohui Mai, Ahmed Khurshid, Rachit Agarwal, Matthew Caesar, P. Brighten Godfrey, Samuel Talmadge King, Debugging the data plane with anteater acm special interest group on data communication. ,vol. 41, pp. 290- 301 ,(2011) , 10.1145/2018436.2018470