Distributed Data Plane Verification HLD #948
Conversation
|
|
|
@baiwei0427 Could you also help review this HLD? Thanks! |
yxieca
force-pushed
the
master
branch
2 times, most recently
from
8498931
to
8837dc2
Compare
.gitignore
Outdated
|
|
||
|
|
||
|
|
||
| .DS_Store |
There was a problem hiding this comment.
This file should not be included
| issues (e.g., software bugs, faulty hardware, protocol misconfigurations, and oversight negligence). They can happen in | ||
| all types of networks (e.g., enterprise networks, wide area networks and data center networks), and have both disastrous | ||
| financial and social consequences. Data plane verification (DPV) is important for finding such network errors. | ||
| Current DPV tools employ a centralized architecture, where a server collects the data planes of all devices and verifies them. |
There was a problem hiding this comment.
Give some references to "Current DPV tools"
| The picture below demonstrates the architecture and workflow of distributed data plane verification. | ||
|
|
||
|
|
||
|  |
There was a problem hiding this comment.
The system-diagram.jpg should give more details. For example, what container to add? How do new containers interact with existing components?
| A series of demos of the proposed feature can be found at [distributeddpvdemo.tech](DDPV-Demos). All demos are conducted on a small testbed of commodity switches installed with SONiC or ONL. A technical report of the detailed design of DDPV can be found at [https://arxiv.org/abs/2205.07808](arXiv). | ||
|
|
||
| # Requirements | ||
| * The ddpv container needs to have access to the device data plane (i.e., FIB and ACL) stored in the database container. |
There was a problem hiding this comment.
It is better to mention names of concrete tables that store those information
|
|
||
| # Requirements | ||
| * The ddpv container needs to have access to the device data plane (i.e., FIB and ACL) stored in the database container. | ||
| * The ddpv container at neighboring switches needs to use sockets to exchange verification messages. |
There was a problem hiding this comment.
Do you assume that all the switches run SONiC with ddpv container?
|
|
|
@baiwei0427 We have updated the HLD document based on your feedback. Could you help take a look to see if we have addressed all your comments? Thanks. |
We propose a distributed data plane verification feature. This feature allows commodity network switches to perform data plane checking by running lightweight computation tasks with its own FIB/ACL and neighbor messages as input.