Prelude: Ensuring Inter-Domain Loop-Freedom in SDN-Enabled Networks

Arnaud Dethise, Marco Chiesa, Marco Canini

Research output: Chapter in Book/Report/Conference proceedingConference contribution

6 Scopus citations

Abstract

Software-Defined eXchanges (SDXes) promise to improve the inter-domain routing ecosystem through SDN deployment. Yet, the naïve deployment of SDN on the Internet raises concerns about the correctness of the inter-domain data-plane. By allowing operators to deflect traffic from default BGP routes, SDN policies can create permanent forwarding loops that are not visible to the control-plane. We propose Prelude, a system for detecting SDNinduced forwarding loops between SDXes with high accuracy without leaking private routing information of network operators. To achieve this, we leverage Secure Multi-Party Computation (SMPC) techniques to build a novel and general privacy-preserving primitive that detects whether any subset of SDN rules might affect the same portion of traffic without learning anything about those rules. We then leverage this primitive as the main building block of a distributed system tailored to detect forwarding loops among any set of SDXes. We leverage the particular nature of SDXes to further improve the efficiency of our SMPC solution. The number of valid SDN rules rejected by our solution is 100x lower than previous privacy-preserving solutions, and provides better privacy guarantees. Furthermore, our solution naturally provides network operators with some insights on the cost of the deflected paths.
Original languageEnglish (US)
Title of host publicationProceedings of the 2nd Asia-Pacific Workshop on Networking - APNet '18
PublisherAssociation for Computing Machinery (ACM)
Pages50-56
Number of pages7
ISBN (Print)9781450363952
DOIs
StatePublished - Jul 16 2018

Bibliographical note

KAUST Repository Item: Exported on 2020-10-01

Fingerprint

Dive into the research topics of 'Prelude: Ensuring Inter-Domain Loop-Freedom in SDN-Enabled Networks'. Together they form a unique fingerprint.

Cite this