Falcon:Differential fault localization for SDN control plane

Abstract The control plane of Software-Defined Networking (SDN) is the key component for overseeing and managing networks. As a software entity, the control plane is inevitable to involve design or logic flaws in its policy enforcement and network control, which can cause it to behave incorrectly and induce network anomalies. Existing approaches mainly focus on policy verification or fault troubleshooting, which have little fault localization capabilities for locating these flaws in production environments. In this paper, we present Falcon , the first Fa ult l ocalization tool for the SDN con trol plane. We design a novel causal inference mechanism based on differential checking , which symmetrically compares two system behaviors with similar processes and identifies the causality in related code execution paths with concrete contexts to explain why a fault happened in the SDN network. Our main contributions include (1) a lightweight rule-based hybrid tracing mechanism for recording system behaviors of the SDN control plane, (2) a context-aware modeling mechanism for modeling these behaviors, and (3) a differential checking mechanism for diagnosing controller faults according to formulated symptoms. Our evaluation shows that Falcon is capable of diagnosing faults in the SDN control plane with low overhead on performance.