View article

Software-defined networks (SDNs) are built on the promise of consistency between control and data plane. Data plane consists of software or hardware and is subject to failures eg, hardware or software bugs. Sometimes, these failures are outside the knowledge of the control plane consisting of network operating system or the SDN controller. The current state-of-the art tools either check the network statically from the control plane or use tagging or active probe generation to check the data plane behaviour. There is a spectrum of control plane mechanisms [1],[2],[3],[4] which check for some or all of the network-wide invariants like reachability, forwarding loops, waypoint enforcement and slice isolation. While most of the control plane mechanisms cannot model ECMP or NAT, all of them, however, are unaware of the actual behaviour on the data plane and thus, assume that control plane has a consistent view. There is a panoply of data plane mechanisms involving tagging [5],[6] or active probe generation [7],[8] which either check the path or the installed flow rules to monitor the data plane. Moreover, ping and traceroute continue to be the only tools available for network debugging to the network administrators in practice. Bugs in flow table match-action logic or switch hardware can manifest in various ways which are hard to detect and thus, to localize by any of the existing approaches. Moreover, tagging comes with its own limitations. There cannot be available and sufficient space for placing tags for a big scale scenario. Some of the existing mechanisms end up placing a lot of flow rules on the scarce TCAM to take action on tagged packets [5],[9 …