https://www.usenix.org/conference/nsdi15/technical-sessions/presentation/fogel
We present an approach to detect network configuration errors, which combines the benefits of two prior approaches. Like prior techniques that analyze configuration files, our approach can find errors proactively, before the configuration is applied, and answer “what if” questions. Like prior techniques that analyze data-plane snapshots, our approach can check a broad range of forwarding properties and produce actual packets that violate checked properties.
We accomplish this combination by faithfully deriving and then analyzing the data plane that would emerge from the configuration.
Our derivation of the data plane is fully declarative, employing a set of logical relations that represent the control plane, the data plane, and their relationship. Operators can query these relations to understand identified errors and their provenance.
We use our approach to analyze two large university networks with qualitatively different routing designs and find many misconfigurations in each. Operators have confirmed the majority of these as errors and have fixed their configurations accordingly.
… configuration errors that compromise availability, security, and performance are common [7, 21, 36]. In a recent incident, for example, a mis- configuration led to a nation-wide outage that impacted all customers of Time Warner for over an hour [3].
analysis of data plane snapshots cannot prevent errors proactively, before undesirable forwarding occurs … once a problem is flagged, the operators still need to localize the responsible snippets of configuration.
As an aside, in the SDN paradigm, which has gained significant
attention of late, the control plane is specified using a control
program instead of configuration.