Thumbnail Image

Towards Transiently Secure Updates in Asynchronous SDNs

Shukla, Apoorv; Schütze, André; Ludwig, Arne; Dudycz, Szymon; Schmid, Stefan; Feldmann, Anja

Software-Defined Networks (SDNs) promise to overcome the often complex and error-prone operation of tradi- tional computer networks, by enabling programmabil- ity, automation and verifiability. Yet, SDNs also in- troduce new challenges, for example due to the asyn- chronous communication channel between the logically centralized control platform and the switches in the data plane. In particular, the asynchronous commu- nication of network update commands (e.g., OpenFlow FlowMod messages) may lead to transient inconsisten- cies, such as loops or bypassed waypoints (e.g., fire- walls). One approach to ensure transient consistency even in asynchronous environments is to employ smart scheduling algorithms: algorithms which update subsets of switches in each communication round only, where each subset in itself guarantees consistency. In this demo, we show how to change routing policies in a transiently consistent manner. We demonstrate two al- gorithms, namely, Wayup [5] and Peacock [4], which partition the network updates sent from SDN controller towards OpenFlow software switches into multiple rounds as per respective algorithms. Later, the barrier mes- sages are utilized to ensure reliable network updates.
Published in: Proceedings of the 2016 ACM SIGCOMM Conference - SIGCOMM'16, 10.1145/2934872.2959083, Association for Computing Machinery (ACM)
  • © ACM 2016. This is the author's version of the work. It is posted here for your personal use. Not for redistribution. The definitive Version of Record was published in Proceedings of the 2016 Conference on ACM SIGCOMM 2016 Conference - SIGCOMM ’16, http://dx.doi.org/10.1145/2934872.2959083.