Debugging the data plane with anteater-Reference-Cited by-同舟云学术

Debugging the data plane with anteater

Published:2011-10-22 Issue:4 Volume:41 Page:290-301
ISSN:0146-4833
Container-title:ACM SIGCOMM Computer Communication Review
language:en
Short-container-title:SIGCOMM Comput. Commun. Rev.

Author:

Mai Haohui¹,Khurshid Ahmed¹,Agarwal Rachit¹,Caesar Matthew¹,Godfrey P. Brighten¹,King Samuel Talmadge¹

Affiliation:

1. University of Illinois at Urbana-Champaign, Urbana, IL, USA

Abstract

Diagnosing problems in networks is a time-consuming and error-prone process. Existing tools to assist operators primarily focus on analyzing control plane configuration. Configuration analysis is limited in that it cannot find bugs in router software, and is harder to generalize across protocols since it must model complex configuration languages and dynamic protocol behavior. This paper studies an alternate approach: diagnosing problems through static analysis of the data plane. This approach can catch bugs that are invisible at the level of configuration files, and simplifies unified analysis of a network across many protocols and implementations. We present Anteater, a tool for checking invariants in the data plane. Anteater translates high-level network invariants into boolean satisfiability problems (SAT), checks them against network state using a SAT solver, and reports counterexamples if violations have been found. Applied to a large university network, Anteater revealed 23 bugs, including forwarding loops and stale ACL rules, with only five false positives. Nine of these faults are being fixed by campus network operators.

Publisher

Association for Computing Machinery (ACM)

Subject

Computer Networks and Communications,Software

Link

https://dl.acm.org/doi/pdf/10.1145/2043164.2018470

Reference44 articles.

1. JUNOS : MPLS fast reroute solutions network operations guide. 2007. JUNOS: MPLS fast reroute solutions network operations guide. 2007.

2. The all new 2010 Intel Core vPro processor family: Intelligence that adapts to your needs (whitepaper). 2010. http://www.intel.com/Assets/PDF/whitepaper/311710.pdf. The all new 2010 Intel Core vPro processor family: Intelligence that adapts to your needs (whitepaper). 2010. http://www.intel.com/Assets/PDF/whitepaper/311710.pdf.

3. Discovery of policy anomalies in distributed firewalls

4. Apple. What is lights out management? September 2010. http://support.apple.com/kb/TA24506. Apple. What is lights out management? September 2010. http://support.apple.com/kb/TA24506.

5. The role of PASTA in network measurement

Cited by 184 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. KATch: A Fast Symbolic Verifier for NetKAT;Proceedings of the ACM on Programming Languages;2024-06-20

2. Diffy: Data-Driven Bug Finding for Configurations;Proceedings of the ACM on Programming Languages;2024-06-20

3. Kirigami, the Verifiable Art of Network Cutting;IEEE/ACM Transactions on Networking;2024-06

4. P4Inv: Inferring Packet Invariants for Verification of Stateful P4 Programs;IEEE INFOCOM 2024 - IEEE Conference on Computer Communications;2024-05-20

5. CloudPlanner: Minimizing Upgrade Risk of Virtual Network Devices for Large-Scale Cloud Networks;IEEE INFOCOM 2024 - IEEE Conference on Computer Communications;2024-05-20