Prelude: Ensuring Inter-Domain Loop-Freedom in SDN-Enabled Networks
Type
Conference PaperKAUST Department
Computer, Electrical and Mathematical Sciences and Engineering (CEMSE) DivisionComputer Science Program
Date
2018-07-16Online Publication Date
2018-07-16Print Publication Date
2018Permanent link to this record
http://hdl.handle.net/10754/630818
Metadata
Show full item recordAbstract
Software-Defined eXchanges (SDXes) promise to improve the inter-domain routing ecosystem through SDN deployment. Yet, the naïve deployment of SDN on the Internet raises concerns about the correctness of the inter-domain data-plane. By allowing operators to deflect traffic from default BGP routes, SDN policies can create permanent forwarding loops that are not visible to the control-plane. We propose Prelude, a system for detecting SDNinduced forwarding loops between SDXes with high accuracy without leaking private routing information of network operators. To achieve this, we leverage Secure Multi-Party Computation (SMPC) techniques to build a novel and general privacy-preserving primitive that detects whether any subset of SDN rules might affect the same portion of traffic without learning anything about those rules. We then leverage this primitive as the main building block of a distributed system tailored to detect forwarding loops among any set of SDXes. We leverage the particular nature of SDXes to further improve the efficiency of our SMPC solution. The number of valid SDN rules rejected by our solution is 100x lower than previous privacy-preserving solutions, and provides better privacy guarantees. Furthermore, our solution naturally provides network operators with some insights on the cost of the deflected paths.Citation
Dethise, A., Chiesa, M., & Canini, M. (2018). Prelude. Proceedings of the 2nd Asia-Pacific Workshop on Networking - APNet ’18. doi:10.1145/3232565.3232570ISBN
9781450363952arXiv
1806.09566ae974a485f413a2113503eed53cd6c53
10.1145/3232565.3232570