research-article

Public Access

Consistent and Secure Network Updates Made Practical

Authors:

Srivatsan Ravi,

Pierre-Louis Roman,

Patrick EugsterAuthors Info & Claims

Middleware '20: Proceedings of the 21st International Middleware Conference

Pages 149 - 162

https://doi.org/10.1145/3423211.3425694

Published: 11 December 2020 Publication History

Abstract

Software-defined wide area networking (SD-WAN) enables dynamic network policy control over a large distributed network via network updates. To be practical, network updates must be both consistent, i.e., free of transient errors caused by updates to multiple switches, and secure, i.e., free of errors caused by faulty or malicious members of the control plane. Besides, these properties must incur minimal overhead to controllers and switches.

We present Cicero: a ConsIstent seCurE pRactical cOntroller for SD-WAN updates. Consistency is provided through a novel update scheduler in conjunction with a distributed transactional protocol while security is preserved by replicating the control plane and authenticating updates with an adaptive threshold cryptographic scheme. We ensure practicality by providing a mechanism for scalability through the definition of independent network domains and exploiting parallelism of network updates both within and across domains. Extensive experiments show Cicero imposes minimal switch burden and scales to large networks running multiple network applications all requiring concurrent network updates imposing at worst a 16% overhead on short-lived flow completion and negligible overhead on anticipated normal workloads.

References

[1]

Ratul Mahajan and Roger Wattenhofer. On consistent updates in software defined networks. In Proceedings of the Twelfth ACM Workshop on Hot Topics in Networks, HotNets-XII, pages 20:1-20:7, 2013.

Digital Library

[2]

Mark Reitblatt, Nate Foster, Jennifer Rexford, Cole Schlesinger, and David Walker. Abstractions for network update. SIGCOMM Compututer Communication Review, 42(4):323--334, 2012.

Digital Library

[3]

Sebastian Brandt, Klaus-Tycho Foerster, and Roger Wattenhofer. Augmenting flows for the consistent migration of multi-commodity single-destination flows in SDNs. Pervasive and Mobile Computing, 36:134--150, 2017.

[4]

Long Luo, Hongfang Yu, Shouxi Luo, and Mingui Zhang. Fast lossless traffic migration for SDN updates. In 2015 IEEE International Conference on Communications (ICC), pages 5803--5808. IEEE, 2015.

[5]

Klaus-Tycho Foerster and Roger Wattenhofer. The Power of Two in Consistent Network Updates: Hard Loop Freedom, Easy Flow Migration. In 2016 25th International Conference on Computer Communication and Networks (ICCCN), pages 1--9, 2016.

[6]

Pankaj Berde, Matteo Gerola, Jonathan Hart, Yuta Higuchi, Masayoshi Kobayashi, Toshio Koide, Bob Lantz, Brian O'Connor, Pavlin Radoslavov, and William Snow. ONOS: Towards an Open, Distributed SDN OS. In Proceedings of the third workshop on Hot topics in software defined networking (HotNets), pages 1--6, 2014.

Digital Library

[7]

Teemu Koponen, Martin Casado, Natasha Gude, Jeremy Stribling, Leon Poutievski, Min Zhu, Rajiv Ramanathan, Yuichiro Iwata, Hiroaki Inoue, Takayuki Hama, and Scott Shenker. Onix: A distributed control platform for large-scale production networks. In Proceedings of the 9th USENIX Conference on Operating Systems Design and Implementation, OSDI'10, pages 351--364, 2010.

[8]

Naga Katta, Haoyu Zhang, Michael Freedman, and Jennifer Rexford. Ravana: Controller fault-tolerance in software-defined networking. In Proceedings of the 1st ACM SIGCOMM Symposium on Software Defined Networking Research, SOSR '15, pages 4:1--4:12, 2015.

Digital Library

[9]

He Li, Peng Li, Song Guo, and Amiya Nayak. Byzantine-Resilient Secure Software-Defined Networks with Multiple Controllers in Cloud. IEEE Transactions on Cloud Computing, 2(4):436--447, 2014.

[10]

Ermin Sakic, Nemanja Deric, and Wolfgang Kellerer. MORPH: An Adaptive Framework for Efficient and Byzantine Fault-Tolerant SDN Control Plane. IEEE Journal on Selected Areas in Communications, 36(10):2158--2174, 2018.

Digital Library

[11]

Leslie Lamport, Robert Shostak, and Marshall Pease. The byzantine generals problem. ACM Transactions Programming Languages and Systems (TOPLAS), 4(3):382--401, July 1982.

[12]

Miguel Castro and Barbara Liskov. Practical byzantine fault tolerance. In Proceedings of the Third Symposium on Operating Systems Design and Implementation, OSDI '99, pages 173--186, 1999.

Digital Library

[13]

Alysson Bessani, João Sousa, and Eduardo EP Alchieri. State Machine Replication for the Masses with BFT-SMaRt. In 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), pages 355--362, 2014.

[14]

Kuo-Feng Hsu, Ryan Beckett, Ang Chen, Jennifer Rexford, and David Walker. Contra: A programmable system for performance-aware routing. In 17th USENIX Symposium on Networked Systems Design and Implementation (NSDI 20), pages 701--721, 2020.

[15]

Xin Jin, Hongqiang Harry Liu, Rohan Gandhi, Srikanth Kandula, Ratul Mahajan, Ming Zhang, Jennifer Rexford, and Roger Wattenhofer. Dynamic Scheduling of Network Updates. In Proceedings of the 2014 ACM Conference on SIGCOMM, SIGCOMM '14, pages 539--550, 2014.

Digital Library

[16]

Huynh Tu Dang, Marco Canini, Fernando Pedone, and Robert Soulé. Paxos Made Switch-y. ACM SIGCOMM Computer Communication Review, 46(2):18--24, 2016.

Digital Library

[17]

Aniket Kate. Distributed Key Generator. https://crysp.uwaterloo.ca/software/DKG/.

[18]

Ryu SDN Framework. https://ryu-sdn.org/.

[19]

James Lembke, Srivatsan Ravi, Pierre-Louis Roman, and Patrick Eugster. Consistent and Secure Network Updates Made Practical (project website). https://gitlab.com/robust-sdn/cicero.

[20]

Open Networking Foundation. OpenFlow Switch Specification, March 2015. v1.5.1.

[21]

Balakrishnan Chandrasekaran and Theophilus Benson. Tolerating SDN Application Failures with LegoSDN. In Proceedings of the 13th ACM Workshop on Hot Topics in Networks, HotNets-XIII, pages 1--7, 2014.

[22]

Seungwon Shin, Yongjoo Song, Taekyung Lee, Sangho Lee, Jaewoong Chung, Phillip Porras, Vinod Yegneswaran, Jiseong Noh, and Brent Byunghoon Kang. Rosemary: A Robust, Secure, and High-Performance Network Operating System. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, CCS '14, pages 78--89, 2014.

[23]

Soheil Hassas Yeganeh and Yashar Ganjali. Beehive: Simple distributed programming in software-defined networks. In Proceedings of the Symposium on SDN Research, SOSR '16, 2016.

Digital Library

[24]

Mark Dargin. Secure your SDN controller. https://www.networkworld.com/article/3245173/secure-your-sdn-controller.html.

[25]

Scott Hogg. SDN Security Attack Vectors and SDN Hardening. https://www.networkworld.com/article/2840273/sdn-security-attack-vectors-and-sdn-hardening.html.

[26]

Diego Asturias. 9 Types of Software Defined Network attacks and how to protect from them. https://www.routerfreak.com/9-types-software-defined-network-attacks-protect/.

[27]

Michael Brooks and Baijian Yang. A Man-in-the-Middle attack against OpenDayLight SDN controller. In Proceedings of the 4th Annual ACM Conference on Research in Information Technology, RIIT '15, pages 45--49, 2015.

Digital Library

[28]

Jeremy M Dover. A denial of service attack against the Open Floodlight SDN controller. Dover Networks LCC, Edgewater, MD, USA, 2013.

[29]

OpenFlow PacketOut. http://flowgrammable.org/sdn/openflow/message-layer/packetout/.

[30]

Seungsoo Lee, Changhoon Yoon, and Seungwon Shin. The smaller, the shrewder: A simple malicious application can kill an entire sdn environment. In Proceedings of the 2016 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization, pages 23--28. ACM, 2016.

Digital Library

[31]

Abdelhadi Azzouni, Raouf Boutaba, Nguyen Thi Mai Trang, and Guy Pujolle. softdp: Secure and efficient openflow topology discovery protocol. In 2018 IEEE/IFIP Network Operations and Management Symposium, NOMS'18, pages 1--7. IEEE, 2018.

[32]

Policy Framework for ONOS. https://wiki.onosproject.org/display/ONOS/POLICY+FRAMEWORK+FOR+ONOS.

[33]

Pat Bosshart, Dan Daly, Glen Gibb, Martin Izzard, Nick McKeown, Jennifer Rexford, Cole Schlesinger, Dan Talayco, Amin Vahdat, George Varghese, et al. P4: Programming Protocol-Independent Packet Processors. ACM SIGCOMM Computer Communication Review, 44(3):87--95, 2014.

Digital Library

[34]

OpenDaylight Group Based Policy. https://docs.opendaylight.org/en/stable-fluorine/user-guide/group-based-policy-user-guide.html.

[35]

Murat Karakus and Arjan Durresi. A survey: Control plane scalability issues and approaches in software-defined networking (SDN). Computer Networks, 112:279--293, 2017.

Digital Library

[36]

Peter Thai and Jaudelice C de Oliveira. Decoupling policy from routing with software defined interdomain management: Interdomain routing for SDN-based networks. In 2013 22nd International Conference on Computer Communication and Networks (ICCCN), pages 1--6. IEEE, 2013.

[37]

Arjun Roy, Hongyi Zeng, Jasmeet Bagga, George Porter, and Alex C Snoeren. Inside the social network's (datacenter) network. In ACM SIGCOMM Computer Communication Review, volume 45, pages 123--137. ACM, 2015.

Digital Library

[38]

Natasha Gude, Teemu Koponen, Justin Pettit, Ben Pfaff, Martín Casado, Nick McKeown, and Scott Shenker. Nox: towards an operating system for networks. ACM SIGCOMM Computer Communication Review, 38(3):105--110, 2008.

Digital Library

[39]

Cisco Open SDN Controller. http://www.cisco.com/c/en/us/products/cloud-systems-management/open-sdn-controller/index.html.

[40]

OpenDaylight. https://www.opendaylight.org.

[41]

Central Office Re-architected as a Datacenter (CORD). https://opencord.org/.

[42]

Packet-Optical. https://wiki.onosproject.org/display/ONOS/Packet+Optical+Convergence.

[43]

Fábio Botelho, Tulio A. Ribeiro, Paulo Ferreira, Fernando M. V. Ramos, and Alysson Bessani. Design and Implementation of a Consistent Data Store for a Distributed SDN Control Plane. In 2016 12th European Dependable Computing Conference (EDCC), pages 169--180, 2016.

[44]

James Lembke, Srivatsan Ravi, Patrick Eugster, and Stefan Schmid. RoSCo: Robust Updates for Software-Defined Networks. IEEE Journal on Selected Areas in Communications, 38(7):1352--1365, 2020.

[45]

Jedidiah McClurg, Hossein Hojjat, Nate Foster, and Pavol Černy. Event-driven Network Programming. In SIGPLAN Notices, volume 51, pages 369--385, 2016.

Digital Library

[46]

Pavol Černy, Nate Foster, Nilesh Jagnik, and Jedidiah McClurg. Optimal consistent network updates in polynomial time. In International Symposium on Distributed Computing (DISC), pages 114--128. Springer, 2016.

[47]

Thanh Dang Nguyen, Marco Chiesa, and Marco Canini. Decentralized consistent updates in SDN. In Proceedings of the Symposium on SDN Research, SOSR '17, pages 21--33. ACM, 2017.

Digital Library

[48]

Ryan Wallner and Robert Cannistra. An SDN approach: quality of service using big switch's floodlight open-source controller. Proceedings of the Asia-Pacific Advanced Network, 35:14--19, 2013.

[49]

Belema Agborubere and Erika Sanchez-Velazquez. OpenFlow Communications and TLS Security in Software-Defined Networks. In 2017 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), pages 560--566. IEEE, 2017.

[50]

Peter Pereíni, Maciej Kuzniar, Marco Canini, and Dejan Kostić. ESPRES: transparent SDN update scheduling. In Proceedings of the Third Workshop on Hot Topics in Software Defined Networking, HotSDN '14, pages 73--78. ACM, 2014.

Digital Library

[51]

Jedidiah McClurg, Hossein Hojjat, Pavol Černy, and Nate Foster. Efficient synthesis of network updates. In ACM SIGPLAN Notices, volume 50, pages 196--207. ACM, 2015.

Digital Library

[52]

Vassos Hadzilacos and Sam Toueg. A modular approach to fault-tolerant broadcasts and related problems. Technical report, Cornell University, 1994.

Digital Library

[53]

Y.G. Desmedt. Threshold cryptography. European Transactions on Telecommunications, 5(4):449--458, 1994.

[54]

Rosario Gennaro, Stanisław Jarecki, Hugo Krawczyk, and Tal Rabin. Robust threshold dss signatures. In Advances in Cryptology --- EUROCRYPT '96, pages 354--371, 1996.

[55]

Adi Shamir. How to share a secret. Communications of the ACM, 22(11):612--613, 1979.

Digital Library

[56]

Benny Chor, Shafi Goldwasser, Silvio Micali, and Baruch Awerbuch. Verifiable secret sharing and achieving simultaneity in the presence of faults. In 26th Annual Symposium on Foundations of Computer Science (SFCS 1985), pages 383--395. IEEE, 1985.

Digital Library

[57]

Aniket Kate, Yizhou Huang, and Ian Goldberg. Distributed Key Generation in the Wild. IACR Cryptology ePrint Archive, 2012:377, 2012.

[58]

Assia Doudou, Benoît Garbinato, and Rachid Guerraoui. Encapsulating failure detection: From crash to byzantine failures. In Reliable Software Technologies --- Ada-Europe 2002, pages 24--50. Springer, 2002.

[59]

Tushar Deepak Chandra and Sam Toueg. Unreliable failure detectors for reliable distributed systems. Journal of the ACM (JACM), 43(2):225--267, 1996.

[60]

Naohiro Hayashibara, Adel Cherif, and Takuya Katayama. Failure detectors for large-scale distributed systems. In Proceedings of the 21st IEEE Symposium on Reliable Distributed Systems (SRDS), pages 404--409. IEEE, 2002.

[61]

Dan Boneh, Ben Lynn, and Hovav Shacham. Short signatures from the weil pairing. Journal of Cryptology, 17(4):297--319, Sep 2004.

Digital Library

[62]

Ben Lynn. The Pairing Based Cryptography Library. https://crypto.stanford.edu/pbc/.

[63]

OpenFlow Role Request Messages. https://ryu.readthedocs.io/en/latest/ofproto_v1_3_ref.html#role-request-message.

[64]

About DETERLab. https://deter-project.org/about_deterlab.

[65]

DETERLab PC3000 Node Information. https://www.isi.deterlab.net/shownodetype.php?node_type=pc3000.

[66]

OpenVz. https://openvz.org/.

[67]

Introducing data center fabric, the next-generation Facebook data center network. https://code.fb.com/production-engineering/introducing-data-center-fabric-the-next-generation-facebook-data-center-network/.

[68]

Francisco Javier Ros and Pedro Miguel Ruiz. Five nines of southbound reliability in software-defined networks. In Proceedings of the Third Workshop on Hot Topics in Software Defined Networking, HotSDN '14, pages 31--36. ACM, 2014.

Digital Library

[69]

The Internet Topology Zoo. http://www.topology-zoo.org/.

Cited By

Eugster P(2024)Toward Robust Control for 6G NetworksIEEE Network10.1109/MNET.2023.333060638:3(254-260)Online publication date: May-2024
https://doi.org/10.1109/MNET.2023.3330606
Lembke JRavi SRoman PEugster P(2022)Secure and Reliable Network UpdatesACM Transactions on Privacy and Security10.1145/355654226:1(1-41)Online publication date: 12-Aug-2022
https://dl.acm.org/doi/10.1145/3556542

Index Terms

Consistent and Secure Network Updates Made Practical

Index terms have been assigned to the content through auto-classification.

Recommendations

Secure and Reliable Network Updates
Software-defined wide area networking (SD-WAN) enables dynamic network policy control over a large distributed network via network updates. To be practical, network updates must be consistent (i.e., free of transient errors caused by updates to multiple ...
Timed consistent network updates
SOSR '15: Proceedings of the 1st ACM SIGCOMM Symposium on Software Defined Networking Research

Network updates such as policy and routing changes occur frequently in Software Defined Networks (SDN). Updates should be performed consistently, preventing temporary disruptions, and should require as little overhead as possible. Scalability is ...
Timed Consistent Network Updates in Software-Defined Networks

Network updates, such as policy and routing changes, occur frequently in software-defined networks SDNs. Updates should be performed consistently, preventing temporary disruptions, and should require as little overhead as possible. Scalability is ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

Middleware '20: Proceedings of the 21st International Middleware Conference

December 2020

455 pages

ISBN:9781450381536

DOI:10.1145/3423211

Copyright © 2020 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 11 December 2020

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Badges

Artifacts Available / v1.1

Qualifiers

Research-article
Research
Refereed limited

Funding Sources

Defense Advanced Research Projects Agency
DFG Center
SNSF
ERC Consolidator

Conference

Middleware '20

Sponsor:

ACM

Middleware '20: 21st International Middleware Conference

December 7 - 11, 2020

Delft, Netherlands

Acceptance Rates

Overall Acceptance Rate 203 of 948 submissions, 21%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
272
Total Downloads

Downloads (Last 12 months)79
Downloads (Last 6 weeks)18

Reflects downloads up to 10 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Eugster P(2024)Toward Robust Control for 6G NetworksIEEE Network10.1109/MNET.2023.333060638:3(254-260)Online publication date: May-2024
https://doi.org/10.1109/MNET.2023.3330606
Lembke JRavi SRoman PEugster P(2022)Secure and Reliable Network UpdatesACM Transactions on Privacy and Security10.1145/355654226:1(1-41)Online publication date: 12-Aug-2022
https://dl.acm.org/doi/10.1145/3556542

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Figures

Tables

Media

View Table of Conten