Summary
Asia-Pacific Network Operations and Management Symposium
2016
Session Number:P1
Session:
Number:P1-20
Policy-based Verification Method for Configurations of Large Network with Header-Space Analyses
Toshio Tonouchi,
pp.-
Publication Date:2016/10/5
Online ISSN:2188-5079
Summary:
Configuration of network is getting complex because the network has been equipped with much functionality. Meanwhile, the network should satisfy many requirements for sophisticated multi-tenancy, high-level security and so on. For example, a flow which should be secure has to go through a firewall. However, it is difficult for an operator to verify whether the configuration in large network can satisfy these requirements. The verification takes a lot of time and a lot of human work. In addition, the human operator may inherently overlook an erroneous configuration. In this paper, we propose a policy language, which can specify the requirements. We also propose two implementation designs of the policy language. The one of the methods is estimated to verify the configuration of larg network.