A practical byzantine-based approach for faulty switch tolerance in software-defined networks

Over the past few years, software-defined networking (SDN) has stimulated worldwide interests in both academia and industry for its proven benefits. However, the reliability of SDN has become a significant barrier in adopting it. Many efforts have been made to enhance the reliability of SDNs. However, the research all assume a benign data plane, and overlook the fundamental question: what if the switches provide tainted network state information (controller's inputs) to the controller? To obtain a global view and produce networking decisions, SDN controllers must collect detailed and up-to-date network state information from the switches. Therefore, tainted inputs can easily disrupt the correctness of controller and reduce the reliability of SDN. In this paper, we argue that faulty switches can easily taint the controller's inputs in SDN, which would further mislead the controller. We investigate possible consequences of the existence of faulty switches with thorough analyses and practical examples. Aiming at enhancing the reliability of SDNs, we design and implement a prototype system that leverages Byzantine model to automatically tolerate faulty switches. Extensive experiments show that the proposed system can guarantee the correctness of the controller's inputs (specifically, flow statistics information) even when faulty switches exist with trivial overheads.