Scaling Network Verification using Symmetry and Surgery

Gordon D. Plotkin, Nikolaj Bjørner, Nuno P. Lopes, Andrey Rybalchenko, George Varghese

 

Abstract:

On the surface, large data centers with about 100,000 stations and nearly a million routing rules are complex and hard to verify. However, these networks are highly regular by design; for example they employ fat tree topologies with backup routers interconnected by redundant patterns. To exploit these regularities, we introduce network transformations: given a reachability formula and a network, we transform the network into a simpler to verify network and a corresponding transformed formula, such that the original formula is valid in the network if and only if the transformed formula is valid in the transformed network.
Our network transformations exploit network surgery (in which irrelevant or redundant sets of nodes, headers, ports, or rules are “sliced” away) and network symmetry (say between backup routers). The validity of these transformations is established using a formal theory of networks. In particular, using Van Benthem-Hennessy-Milner style bisimulation, we show that one can generally associate bisimulations to transformations connecting networks and formulas with their transforms. Our work is a development in an area of current wide interest: applying programming language techniques (in our case bisimulation and modal logic) to problems in switching networks.
We provide experimental evidence that our network transformations can speed up by 65x the task of verifying the communication between all pairs of Virtual Machines in a large datacenter network with about 100,000 VMs. An all-pair reachability calculation, which formerly took 5.5 days, can be done in 2 hours, and can be easily parallelized to complete in minutes.

 

Published:

G. D. Plotkin, N. Bjørner, N. P. Lopes, A. Rybalchenko, G. Varghese. Scaling Network Verification using Symmetry and Surgery. In Proc. of the 43rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL), Jan. 2016.

 

Download:

 

Bibtex:

@inproceedings{popl16,
  title =	{Scaling Network Verification using Symmetry and Surgery},
  author =	{Gordon D. Plotkin and Nikolaj Bj{\o}rner and Nuno P. Lopes and Andrey Rybalchenko and George Varghese},
  booktitle =	{Proc. of the 43rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL)},
  doi =		{10.1145/2837614.2837657},
  month =	jan,
  year =	2016
}

 

Copyright notice:

© ACM, 2016. This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution.

 

<-- Return