Abstract

In many Software-Defined Networking (SDN) deployments the control plane ends up being actually centralized, yielding a single point of failure and attack. This paper models the interaction between the data plane and a distributed control plane consisting of a set of failure-prone and potentially malicious (compromised) control devices, and implements a secure and robust controller platform that allows network administrators to integrate new network functionality as with a centralized approach. Concretely, the network administrator may program the data plane from the perspective of a centralized controller without worrying about distribution, asynchrony, failures, attacks, or coordination problems that any of these could cause. We introduce a formal SDN computation model for applying network policies and show that it is impossible to implement asynchronous non-blocking and strongly consistent SDN controller …

Date

2020

Authors

James Lembke, Srivatsan Ravi, Patrick Eugster, Stefan Schmid

Journal

IEEE Journal on Selected Areas in Communications

Volume

38

Issue

7

Pages

1352-1365

Publisher

IEEE