Tierless Programming and Reasoning for Software Defined Networks

• DSL 6
• SDN 41

Abstract. In contrast to languages with different abstractions for each program tier — the control plane, data-plane, and controller-state — Flowlog provides a unified abstraction for all three tires.

NetCore, for instance, can describe a forwarding policy, but lacks the ability to reference (let alone change) state on the controller.

It also provides abstractions for interaction with external code, via either asyn- chronous events or synchronous remote tables.

Flowlog provides interfaces and abstractions for interacting with external programs. Programmers are free to invoke existing, full-featured libraries as needed, depending on their analysis goals. This is in contrast to most policy languages: in Flowlog, the restricted language itself forms the primary program, calling the external code rather than being called by it. This has been successful with SQL, where database queries are in the “limited” language and user-defined functions are in “full” languages.

a multi-tier program: a wrapper in a general-purpose language … most SDN analyses focus on trace properties: statements about the end-to-end behavior of packets in the network

4.3 Extracting NetCore Policies

An equivalent NetCore policy for each clause is created using the Tpred (extract predicate) and Tact (extract action) functions defined in Figure 5.

6 Implementation and Performance

The current Flowlog implementation uses OpenFlow 1.0 [20] and Frenetic [5] for packet-handling, Thrift RPC () for orchestrating events and remote state, and the XSB [28] Prolog engine for evaluation. Flowlog is implemented in OCaml.

controller’s workflow

1. event arrives (1)
2. the controller converts it into a tuple and places it in the appropriate input table via XSB’s assert command (2)
3. for each outgoing and state-modification table, the controller queries XSB to obtain a set of outgoing tuples (3) which are converted to events (4)
4. each state-modification tuple is asserted or retracted to result in the new state (5)
5. proactive compilation (6) is performed on the new state, producing a NetCore policy

7 related work

FML [9] provides a stateful, rule-based idiom for forwarding policies.

NDLog [17] and OverLog [18] are declarative, distributed programming languages. In these languages, each tuple in the relational state resides on a particular switch.

reference

• [27] ROGERS, C. M. ANQL-an active networks query language. In International Working Conference on Active Networks (2002).