Network-wide configuration synthesis
A El-Hassany, P Tsankov, L Vanbever… - … Aided Verification: 29th …, 2017 - Springer
Computer Aided Verification: 29th International Conference, CAV 2017 …, 2017•Springer
Computer networks are hard to manage. Given a set of high-level requirements (eg,
reachability, security), operators have to manually figure out the individual configuration of
potentially hundreds of devices running complex distributed protocols so that they,
collectively, compute a compatible forwarding state. Not surprisingly, operators often make
mistakes which lead to downtimes. To address this problem, we present a novel synthesis
approach that automatically computes correct network configurations that comply with the …
reachability, security), operators have to manually figure out the individual configuration of
potentially hundreds of devices running complex distributed protocols so that they,
collectively, compute a compatible forwarding state. Not surprisingly, operators often make
mistakes which lead to downtimes. To address this problem, we present a novel synthesis
approach that automatically computes correct network configurations that comply with the …
Abstract
Computer networks are hard to manage. Given a set of high-level requirements (e.g., reachability, security), operators have to manually figure out the individual configuration of potentially hundreds of devices running complex distributed protocols so that they, collectively, compute a compatible forwarding state. Not surprisingly, operators often make mistakes which lead to downtimes.
To address this problem, we present a novel synthesis approach that automatically computes correct network configurations that comply with the operator’s requirements. We capture the behavior of existing routers along with the distributed protocols they run in stratified Datalog. Our key insight is to reduce the problem of finding correct input configurations to the task of synthesizing inputs for a stratified Datalog program.
To solve this synthesis task, we introduce a new algorithm that synthesizes inputs for stratified Datalog programs. This algorithm is applicable beyond the domain of networks.
We leverage our synthesis algorithm to construct the first network-wide configuration synthesis system, called SyNET, that support multiple interacting routing protocols (OSPF and BGP) and static routes. We show that our system is practical and can infer correct input configurations, in a reasonable amount time, for networks of realistic size ( routers) that forward packets for multiple traffic classes.
Springer