ABSTRACT
Future communication networks are expected to be highly automated, disburdening human operators of their most complex tasks. However, while first powerful and automated network analysis tools are emerging, existing tools provide only limited (and inefficient) support of reasoning about failure scenarios. We present P-Rex, a fast what-if analysis tool, that allows us to test important reachability and policy-compliance properties even under an arbitrary number of failures, in polynomial-time, i.e., without enumerating all failure scenarios (the usual approach today, if supported at all). P-Rex targets networks based on Multiprotocol Label Switching (MPLS) and its Segment Routing (SR) extension and comes with an expressive query language based on regular expressions. It takes into account the actual router tables, and is hence well-suited for debugging. We also report on an industrial case study and demonstrate that P-Rex supports rich queries, performing what-if analyses in less than 70 minutes in most cases, in a 24-router network with over 100,000 MPLS forwarding rules.
Supplemental Material
Available for Download
Supplemental material.
- Carolyn Jane Anderson, Nate Foster, Arjun Guha, Jean-Baptiste Jeannin, Dexter Kozen, Cole Schlesinger, and David Walker. 2014. NetKAT: Semantic Foundations for Networks. SIGPLAN Not. 49, 1 (2014), 113--126. Google ScholarDigital Library
- Alia K Atlas and Alex Zinin. 2008. Basic specification for IP fast-reroute: loop-free alternates. IETF RFC 5286.Google Scholar
- Ryan Beckett, Aarti Gupta, Ratul Mahajan, and David Walker. 2017. A General Approach to Network Configuration Verification. In Proceedings of the Conference of the ACM Special Interest Group on Data Communication ((SIGCOMM)'17). ACM, 155--168. Google ScholarDigital Library
- Ryan Beckett, Aarti Gupta, Ratul Mahajan, and David Walker. 2017. A General Approach to Network Configuration Verification. In Proc. ACM SIGCOMM. ACM, 155--168. Google ScholarDigital Library
- Ryan Beckett, Ratul Mahajan, Todd Millstein, Jitendra Padhye, and David Walker. 2016. Don't Mind the Gap: Bridging Network-Wide Objectives and Device-Level Configurations. In Proc. ACM SIGCOMM. ACM, 328--341. Google ScholarDigital Library
- J.A. Brzozowski. 1962. Canonical regular expressions and minimal state graphs for definite events. Mathematical Theory of Automata 12 (1962), 529--561.Google Scholar
- J.R. Büchi. 1964. Regular canonical systems. Arch. Math. Logik u. Grundlagenforschung 6 (1964), 91--111.Google ScholarCross Ref
- Ahmed El-Hassany, Petar Tsankov, Laurent Vanbever, and Martin Vechev. 2017. Network-wide configuration synthesis. In Proc. International Conference on Computer Aided Verification (CAV). Springer, 261--281.Google ScholarCross Ref
- Ahmed El-Hassany, Petar Tsankov, Laurent Vanbever, and Martin Vechev. 2018. NetComplete: Practical Network-Wide Configuration Synthesis with Autocompletion. In Proc. 15th USENIX Symposium on Networked Systems Design and Implementation (NSDI). USENIX Association, 579--594.Google Scholar
- Theodore Elhourani, Abishek Gopalan, and Srinivasan Ramasubramanian. 2014. IP fast rerouting for multi-link failures. In Proc. IEEE INFOCOM. ACM, 2148--2156.Google ScholarCross Ref
- J. Esparza, D. Hansel, P. Rossmanith, and S. Schwoon. 2000. Efficient Algorithms for Model Checking Pushdown Systems. In Proc. 12th International Conference on Computer Aided Verification (CAV) (LNCS), Vol. 1855. Springer, 232--247. Google ScholarDigital Library
- Seyed K Fayaz, Tushar Sharma, Ari Fogel, Ratul Mahajan, Todd Millstein, Vyas Sekar, and George Varghese. 2016. Efficient Network Reachability Analysis using a Succinct Control Plane Representation. In Proc. 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI). USENIX Association, 217--232. Google ScholarDigital Library
- Nate Foster, Dexter Kozen, Matthew Milano, Alexandra Silva, and Laure Thompson. 2015. A coalgebraic decision procedure for NetKAT. In ACM SIGPLAN Notices, Vol. 50 (1). ACM, 343--355. Google ScholarDigital Library
- Aaron Gember-Jacobson, Raajay Viswanathan, Aditya Akella, and Ratul Mahajan. 2016. Fast Control Plane Analysis Using an Abstract Representation. In Proceedings of the 2016 ACM SIGCOMM Conference ((SIGCOMM) '16). ACM, 300--313. Google ScholarDigital Library
- Juniper. 2018. Show Route Forwarding-Table. Technical Documentation https://www.juniper.net/documentation/en_US/junos/topics/reference/command-summary/show-route-forwarding-table.html.Google Scholar
- David M Kahn. 2017. Undecidable Problems for Probabilistic Network Programming. In MFCS'17, Vol. 83. LIPIcs-Leibniz International Proceedings in Informatics, Schloss Dagstuhl-Leibniz-Zentrum fuer Informatik, 1--16.Google Scholar
- Peyman Kazemian, George Varghese, and Nick McKeown. 2012. Header Space Analysis: Static Checking for Networks. In Proc. 9th USENIX Conference on Networked Systems Design and Implementation (NSDI). USENIX Association, 113--126. Google ScholarDigital Library
- Ahmed Khurshid, Xuan Zou, Wenxuan Zhou, Matthew Caesar, and P Brighten Godfrey. 2013. Veriflow: Verifying network-wide invariants in real time. In Proc. 10th USENIX Symposium on Networked Systems Design and Implementation (NSDI). USENIX Association, 15--27. Google ScholarDigital Library
- Kim G. Larsen, Stefan Schmid, and Bingtian Xue. 2016. WNetKAT: A Weighted SDN Programming and Verification Language. In Proc. 20th International Conference on Principles of Distributed Systems (OPODIS). Schloss Dagstuhl. Leibniz-Zentrum fÃijr Informatik, 1--18.Google Scholar
- Haohui Mai, Ahmed Khurshid, Rachit Agarwal, Matthew Caesar, P Godfrey, and Samuel Talmadge King. 2011. Debugging the data plane with anteater. In ACM SIGCOMM Computer Communication Review, Vol. 41 (4). ACM, 290--301. Google ScholarDigital Library
- Michael Menth, Michael Duelli, Ruediger Martin, and Jens Milbrandt. 2009. Resilience analysis of packet-witched communication networks. IEEE/ACM transactions on Networking (ToN) 17, 6 (2009), 1950--1963. Google ScholarDigital Library
- RFC 8001. 2017. RSVP-TE Extensions for Collecting Shared Risk Link Group (SRLG). https://datatracker.ietf.org/doc/rfc8001/.Google Scholar
- Stefan Schmid and Jiří Srba. 2018. Polynomial-Time What-If Analysis for Prefix-Manipulating MPLS Networks. In IEEE International Conference on Computer Communications (INFOCOM'18). IEEE, 1--9.Google Scholar
- Stefan Schwoon. 2002. Model-Checking Pushdown Systems. Ph.D. Thesis. Technische Universität München. http://www.lsv.ens-cachan.fr/Publis/PAPERS/PDF/schwoon-phd02.pdfGoogle Scholar
- Ken Thompson. 1968. Programming techniques: Regular expression search algorithm. Commun. ACM 11, 6 (1968), 419--422. Google ScholarDigital Library
- Anduo Wang, Limin Jia, Wenchao Zhou, Yiqing Ren, Boon Thau Loo, Jennifer Rexford, Vivek Nigam, Andre Scedrov, and Carolyn Talcott. 2012. FSR: Formal analysis and implementation toolkit for safe interdomain routing. IEEE/ACM Transactions on Networking (ToN) 20, 6 (2012), 1814--1827. Google ScholarDigital Library
- Dahai Xu, Yizhi Xiong, Chunming Qiao, and Guangzhi Li. 2004. Failure protection in layered networks with shared risk link groups. IEEE Network 18, 3 (2004), 36--41. Google ScholarDigital Library
- Hongyi Zeng, Shidong Zhang, Fei Ye, Vimalkumar Jeyakumar, Mickey Ju, Junda Liu, Nick McKeown, and Amin Vahdat. 2014. Libra: Divide and conquer to verify forwarding tables in huge networks. In Proc. 11th USENIX Symposium on Networked Systems Design and Implementation (NSDI). USENIX Association, 87--99. Google ScholarDigital Library
Index Terms
- P-Rex: fast verification of MPLS networks with multiple link failures
Recommendations
A scalable QoS routing model for diffserv over MPLS networks
In this paper, we present a new Quality of Service (QoS) routing model for Differentiated Services (Diffserv) over Multiprotocol Label Switching (MPLS) networks. We use a pre-established multi-path model in which several MPLS label switching paths (LSPs)...
Policy based on-demand bandwidth provisioning and assurance in DiffServ enabled MPLS networks
PDCN'06: Proceedings of the 24th IASTED international conference on Parallel and distributed computing and networksMulti-Protocol Label Switching (MPLS) based Differentiated Services (DiffServ) architecture provides an attractive solution for IP traffic engineering to meet service quality and reliability. MPLS enables traffic engineering with protection/restoration ...
Differentiated Services and Integrated Services Use of MPLS
ISCC '00: Proceedings of the Fifth IEEE Symposium on Computers and Communications (ISCC 2000)All the new emerging QoS service architectures are motivated by the desire to improve the overall performance of IP networks. Integrated Services (Intserv), Differentiated Services (Diffserv), MultiProtocol Label Switching (MPLS) and constraint-based ...
Comments