TY - GEN
T1 - S2
T2 - ACM SIGCOMM 2025 Conference, SIGCOMM 2025
AU - Wang, Dan
AU - Zhang, Peng
AU - Sun, Wenbing
AU - Li, Wenkai
AU - Feng, Xing
AU - Li, Hao
AU - Chen, Jiawei
AU - Jiang, Weirong
AU - Tang, Yongping
N1 - Publisher Copyright:
© 2025 Copyright held by the owner/author(s).
PY - 2025/8/27
Y1 - 2025/8/27
N2 - Network configuration verifiers can proactively reason about a network’s correctness to prevent network outages. However, even recent efforts have proposed algorithms to “scale up” the verification to several thousand switches, these algorithms still cannot be used for networks with more than 10K switches or 1000M routes, which is common for large service providers. In this paper, instead of further scaling up the verification limited to a single server, we study how to “scale out” the verification using the resources of multiple servers. To achieve this, we propose S2, a distributed verifier for network configurations. S2 partitions the network model and distributes the verification tasks, i.e., control plane simulation and data plane verification, to run on multiple servers in parallel. Additionally, S2 uses prefix sharding during control plane simulation to further reduce the memory footprint on each server. We implement a prototype of S2 based on Batfish, the state-of-the-art network verifier. Based on real datacenter topologies of a large service provider and synthetic FatTree topologies, we show that S2 can verify networks with 10K routers and 1000M routes within 2 hours.
AB - Network configuration verifiers can proactively reason about a network’s correctness to prevent network outages. However, even recent efforts have proposed algorithms to “scale up” the verification to several thousand switches, these algorithms still cannot be used for networks with more than 10K switches or 1000M routes, which is common for large service providers. In this paper, instead of further scaling up the verification limited to a single server, we study how to “scale out” the verification using the resources of multiple servers. To achieve this, we propose S2, a distributed verifier for network configurations. S2 partitions the network model and distributes the verification tasks, i.e., control plane simulation and data plane verification, to run on multiple servers in parallel. Additionally, S2 uses prefix sharding during control plane simulation to further reduce the memory footprint on each server. We implement a prototype of S2 based on Batfish, the state-of-the-art network verifier. Based on real datacenter topologies of a large service provider and synthetic FatTree topologies, we show that S2 can verify networks with 10K routers and 1000M routes within 2 hours.
KW - control plane simulation
KW - data plane verification
KW - distributed system
KW - network verification
UR - https://www.scopus.com/pages/publications/105016237714
U2 - 10.1145/3718958.3750516
DO - 10.1145/3718958.3750516
M3 - 会议稿件
AN - SCOPUS:105016237714
T3 - SIGCOMM 2025 - ACM SIGCOMM 2025 Conference
SP - 796
EP - 808
BT - SIGCOMM 2025 - ACM SIGCOMM 2025 Conference
PB - Association for Computing Machinery, Inc
Y2 - 8 September 2025 through 11 September 2025
ER -