Secure Implementing a Virtual Network on the SDN Data Plane

The paper continues the investigations on the implementation of virtual networks on the SDN data plane which is modeled by a graph of physical connections between network nodes. A virtual network is defined as a set of ordered host pairs (sender, receiver), and it is implemented by a set of host-host paths that uniquely determine the switch settings. The opportunities to transmit a packet are limited by the host weights (priorities): a packet can be only transmitted from a host to a host if the sender has at most the same priority as the recipient, and thus, a set of paths is permissible if its every subset connects permissible host pairs. In the paper, it is proven that differently from the case when every host pair is permissible, in the graph with priorities a permissible path implementation does not exist for every set of permissible hosts. Moreover, it is shown that is some cases when such an implementation exists, the implementation is not possible without paths with cycles where packets can move infinite and without duplicate paths when a host can get the same packet several times. Using the notion of a perfect set of paths a criterion is established when every permissible set of hosts can be safely implemented by a set of paths without cycles but possibly with duplicate paths.

1. S. Sezer, S. Scott-Hayward, P.K. Chouhan et al. Are we ready for SDN? Implementation challenges for software-defined networks. IEEE Communications Magazine, vol. 51, no. 7, 2013, pp. 36-43.

2. J. López, N. Kushik, N. Yevtushenko, and D. Zeghlache. Analyzing and Validating Virtual Network Requests. In Proc, of the 12th International Conference on Software Technologies (ICSOFT 2017), 2017, pp. 441-446.

3. N. Yevtushenko, A. Kossatchev, J. Lopez et al. Test Derivation for the Software Defined Networking Platforms: Novel Fault Models and Test Completeness. In Proc. of the IEEE East-West Design and Test Symposium, 2018, pp 1-5.

4. И.Б. Бурдонов, Н.В. Евтушенко, А.С. Косачев. Тестирование правил настройки сетевого коммутатора программно конфигурируемой сети. Труды ИСП РАН, том 30, вып. 6, 2018 г., стр. 69-88 / I.B. Burdonov, N.V. Yevtushenko, A.S. Kossatchev. Testing switch rules in software defined networks. Trudy ISP RAN/Proc. ISP RAS, vol. 30, issue 6, 2018, pp. 69-88 (in Russian). DOI: 10.15514/ISPRAS-2018-30(6)-4.

5. I. Burdonov, A. Kossatchev, N. Yevtushenko et al. Verifying SDN Data Path Requests. arXiv:1906.03101, 2019.

6. Y. Boufkhad, R. De La Paz, L. Linguaglossa et al. Forwarding tables verification through representative header sets. arXiv:1601.07002, 2016.

7. I. Burdonov, N. Yevtushenko, and A. Kossatchev. Implementing a virtual network on the SDN data plane. In Proc. of the IEEE East-West Design and Test Symposium, 2020, pp 1-5.

8. И.Б. Бурдонов, Е.М. Винарский, Н.В. Евтушенко, А.С. Косачев. Совершенные множества путей в полном графе коммутаторов SDN-сети. Труды ИСП РАН, том 32, вып. 4, 2020 г., стр. 243–258 / I.B. Burdonov, E.M. Vinarskii, N.V. Yevtushenko, A.S. Kossatchev. Perfect sets of paths in the full graph of SDN network switches. Trudy ISP RAN/Proc. ISP RAS, vol. 32, issue 4, 2020. pp. 243–258 (in Russian). DOI: 10.15514/ISPRAS–2020–32(4)–18.