SDN Spotlight: A real-time OpenFlow troubleshooting framework

Abstract

Troubleshooting in SDN-based networks is still a cumbersome task that can overwhelm human attention. Various anomalies, such as installation failure, disordered rules, and loops, remain unnoticed even when the most recent detection methods are used. In this paper, we address the issue of verifying SDN policies by actively probing the data plane. SDN Spotlight is presented as an anomaly detection framework that tries to detect installation failures, rule conflicts, and loops. In contrast to recent work, such as Monocle and Pronto, SDN Spotlight verifies a chain of rules using a single probing packet. This approach also reduces the number of monitoring rules, which has a direct effect on saving TCAM memory usage and minimizing the packet matching time. SDN Spotlight addresses two problems: verifying rule installation and forwarding behavior verification. Within the SDN Spotlight framework, we introduce two different approaches for forwarding anomaly detection: Hedge-SDN Spotlight and Open-SDN Spotlight. Furthermore, we devise an efficient and fast probe generation algorithm that generates one single probing packet per chain of rules. As opposed to other related work, Hedge-SDN Spotlight does not yield false positives and false negatives when detecting loops and forwarding failures. The results of the experiment demonstrate that SDN Spotlight is much faster than the SDNProbe and SDN traceroute method, in some cases by a factor of up to seven times as fast.