Minesweeper and Propane: Two Tools for Improving Network Reliability
Over the past 4 decades, networks have become increasingly complex as scalability, quality of service, robustness, and fault-tolerance requirements have grown to m …
Talk Title | Minesweeper and Propane: Two Tools for Improving Network Reliability |
Speakers | Ryan Beckett (Princeton University) |
Conference | NANOG70 |
Conf Tag | |
Location | Bellevue, WA |
Date | Jun 5 2017 - Jun 7 2017 |
URL | Talk Page |
Slides | Talk Slides |
Video | Talk Video |
Over the past 4 decades, networks have become increasingly complex as scalability, quality of service, robustness, and fault-tolerance requirements have grown to meet the demands of the 21st century. Much of the complexity of networks lies in their configuration. Configuration files often have thousands of lines of assembly-like directives that control a huge variety of parameters for various protocols and their interactions. The combination of the size and low-level nature of configurations make it hard for humans to reason about individual device behaviors and even harder to reason about the network behavior that emerges through their interactions. In the first part of the talk, I will describe Minesweeper, a new network analysis tool that can check unmodified network configurations against a wide variety of desirable properties such as reachability between devices, equal or bounded path lengths for multiple devices, symmetric load balancing, local router equivalence, and more. Any property checked by Minesweeper is checked against all possible environments (i.e., collections of eBGP advertisements from peers), and for all possible k link failures. In the second part of the talk, I will describe Propane, a new high-level language for simplifying network configuration. The language allows operators to specify objectives using high-level constraints on both the shape and preference of different traffic paths. Given a Propane policy and a network topology, the Propane compiler generates router-level BGP configurations for every device in the network. The compiler guarantees that the compiled configurations will continue to correctly implement the policy under all possible combinations of failures.