VeriTable: Fast Equivalence Verification of Multiple Large Forwarding Tables

Abstract Due to network practices such as traffic engineering and multi-homing, the number of routes, also known as IP prefixes, in the global forwarding tables has been increasing significantly in the last decade and continues growing in a super linear trend. One of the most promising solutions is to use Forwarding Information Base (FIB) aggregation algorithms with incremental handling of BGP updates. FIB aggregation compresses the forwarding tables by reducing the number of prefixes in an FIB. Obviously, FIB aggregation should preserve the forwarding behavior of the data plane, i.e., packets must be forwarded in the same directions as if the original FIB is applied. Failures at the control plane or an incorrect algorithm may violate this rule. Thus we pose a research question, how can we efficiently verify that the original table achieves the same forwarding behavior for a router as the aggregated one? This paper proposes VeriTable, an algorithm that addresses the problem of verification of the equivalence of forwarding tables and the challenges caused by the Longest Prefix Matching (LPM) lookups. VeriTable employs a single tree traversal to quickly check if multiple forwarding tables are equivalent, as well as if they result in network ”black-holes”. VeriTable algorithm significantly outperforms the state-of-the-art work for both IPv4 and IPv6 tables in terms of the total running time, memory access times and memory consumption.