Packet Traceback for Software-Defined Networks
Report ID: TR-978-15Author: Rexford, Jennifer / Zhang, Harvest / Reich, Joshua
Date: 2015-02-13
Pages: 7
Download Formats: |PDF|
Abstract:
Packet traceback---determining how a packet could have arrived at a point of observation---is useful for network debugging, performance testing, and network forensics. However, existing mechanisms (e.g., NetSight) require modifications to switches and introduce additional network overhead. By providing a centralized representation of the network's packet-processing behavior as a {\em policy}, Software-Defined Networking (SDN) makes it possible to compute the transformations that could lead to the observed packet. Our work leverages higher-level SDN controller languages to perform packet traceback in a provably-correct manner \emph{entirely on the controller}. Using the current policy as input, we precompute a compact symbolic representation of the {\em back policy}, which can then quickly produce all possible predecessors for any input packet. Our prototype is implemented in the Pyretic language; however, since any policy specified in low-level OpenFlow rules can be easily converted to a Pyretic representation, our method is completely general.