Identifying Operational Data-paths in Software Defined Networking Driven Data-planes
share
In this paper, we propose an approach that relies on distributed traffic generation and monitoring to identify the operational data-paths in a given Software Defined Networking (SDN) driven data-plane. We show that under certain assumptions, there exist necessary and sufficient conditions for formally guaranteeing that all operational data-paths are discovered using our approach. In order to provide reliable communication within the SDN driven data-planes, assuring that the implemented data-paths are the requested (and expected) ones is necessary. This requires discovering the actual operational (running) data-paths in the data-plane. In SDN, different applications may configure different coexisting data-paths, the resulting data-paths a specific network flow traverses may not be the intended ones. Furthermore, the SDN components may be defected or compromised. We focus on discovering the operational data-paths on SDN driven data-planes. However, the proposed approach is applicable to any data-plane where the operational data-paths must be verified and / or certified. A data-path discovery toolkit has been implemented. We describe the corresponding set of tools, and showcase the obtained experimental results that reveal inconsistencies in well-known SDN applications.
READ FULL TEXT