Tierless Programming and Reasoning for Software-Defined Networks
Tim Nelson, Andrew D. Ferguson, Michael J. G. Scheer, Shriram Krishnamurthi
USENIX Symposium on Networked Systems Design and Implementation, 2014
We present Flowlog, a tierless language for programming SDN controllers. In contrast to languages with different abstractions for each program tier---the control-plane, data-plane, and controller state---Flowlog provides a unified abstraction for all three tiers. Flowlog is reminiscent of both SQL and rule-based languages such as Cisco IOS and JunOS; unlike these network configuration languages, Flowlog supports programming with mutable state. We intentionally limit Flowlog’s expressivity to enable built-in verification and proactive compilation despite the integration of controller state. To compensate for its limited expressive power, Flowlog enables the reuse of external libraries through callouts.
Flowlog proactively compiles essentially all forwarding behavior to switch tables. For rules that maintain controller state or generate fresh packets, the compiler instructs switches to send the minimum amount of necessary traffic to the controller. Given that Flowlog programs can be stateful, this process is non-trivial. We have successfully used Flowlog to implement real network applications. We also compile Flowlog programs to Alloy, a popular verification tool. With this we have verified several properties, including program-correctness properties that are topology-independent, and have found bugs in our own programs.
- For the software, please see http://cs.brown.edu/research/plt/dl/flowlog/.
- Watch the conference presentation (with q&a)!
- For another use of formal methods—differential analysis—see our FM 2015 paper.
- See also our policy language work for SDNs at SIGCOMM 2013.
These papers may differ in formatting from the versions that appear in print. They are made available only to support the rapid dissemination of results; the printed versions, not these, should be considered definitive. The copyrights belong to their respective owners.