CN109725925B - Method for detecting conflicts between multiple software-defined networking SDN applications - Google Patents

Method for detecting conflicts between multiple software-defined networking SDN applications Download PDF

Info

Publication number
CN109725925B
CN109725925B CN201811504826.6A CN201811504826A CN109725925B CN 109725925 B CN109725925 B CN 109725925B CN 201811504826 A CN201811504826 A CN 201811504826A CN 109725925 B CN109725925 B CN 109725925B
Authority
CN
China
Prior art keywords
output
openflow message
openflow
sdn
message set
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811504826.6A
Other languages
Chinese (zh)
Other versions
CN109725925A (en
Inventor
王之梁
李亚慧
尹霞
施新刚
吴建平
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tsinghua University
Original Assignee
Tsinghua University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tsinghua University filed Critical Tsinghua University
Priority to CN201811504826.6A priority Critical patent/CN109725925B/en
Publication of CN109725925A publication Critical patent/CN109725925A/en
Application granted granted Critical
Publication of CN109725925B publication Critical patent/CN109725925B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

本发明公开了一种用于检测多个软件定义网络SDN应用之间的冲突的方法。该方法通过利用符号执行工具对待测的多个SDN应用中的每个SDN应用的每个输入OpenFlow消息进行处理,并基于处理结果来检测多个SDN应用两两之间是否存在冲突,从而可以实现在部署多个SDN应用之前预先检测多个SDN应用之间是否存在冲突,具有很好的应用前景。

Figure 201811504826

The present invention discloses a method for detecting conflicts between multiple software-defined network SDN applications. The method uses a symbolic execution tool to process each input OpenFlow message of each SDN application in the multiple SDN applications to be tested, and based on the processing result, detects whether there is a conflict between the multiple SDN applications, so as to realize Before deploying multiple SDN applications, it is possible to detect in advance whether there is a conflict between multiple SDN applications, which has a good application prospect.

Figure 201811504826

Description

用于检测多个软件定义网络SDN应用之间的冲突的方法Method for detecting conflicts between multiple software-defined networking SDN applications

技术领域technical field

本发明涉及软件定义网络(Software Defined Network,SDN)验证技术领域,尤其涉及一种用于检测多个软件定义网络SDN应用之间的冲突的方法。The invention relates to the technical field of software defined network (Software Defined Network, SDN) verification, in particular to a method for detecting conflicts between multiple software defined network SDN applications.

背景技术Background technique

软件定义网络SDN是由Emulex提出的一种新型网络创新架构,其通过将网络设备控制面与数据面解耦,来简化数据面的转发并为控制面提供可编程性,从而大大地方便了新型网络功能的开发与部署。用户可以通过开发部署SDN应用来实现各种各样的策略以保证网络的可用性和安全性。随着各种SDN开源控制器(例如,ONOS,Floodlight)的发展,越来越多的SDN应用被开发部署。Software Defined Network SDN is a new network innovation architecture proposed by Emulex. It simplifies the forwarding of the data plane and provides programmability for the control plane by decoupling the control plane and the data plane of the network device, which greatly facilitates the new Development and deployment of network functions. Users can implement various strategies to ensure network availability and security by developing and deploying SDN applications. With the development of various SDN open source controllers (eg ONOS, Floodlight), more and more SDN applications are developed and deployed.

OpenFlow协议定义了控制器(Controller)和交换机(Switch)通信过程的消息类型和格式。控制器通过OpenFlow协议与交换机建立安全通道,SDN应用通过控制器对交换机下发或删除用于定义报文转发规则的流表来管理网络的不同方面。为了实现各种各样的网络策略,许多SDN应用(例如,防火墙(Firewall),负载均衡(Load Balancer)等)被部署到同一个控制器上。事实上,来自不同方的SDN应用将使网络的控制逻辑变得复杂,且可能有意或无意地在同一台交换机上安装具有相同匹配域(match)和冲突的动作域(action)的规则,从而导致多个SDN应用之间产生冲突,致使网络故障或网络性能下降。目前,这个问题在SDN领域比较普遍,一些SDN控制器系统依赖于各SDN应用之间的优先级来避免冲突。然而,即使各SDN应用具有明确的优先级,如何利用优先级处理各SDN应用的输出仍然是棘手的问题。因此,为了避免在部署多个SDN应用之后出现用户所不期待的行为,预先检测多个SDN应用之间的冲突是唯一的解决方案。The OpenFlow protocol defines the message type and format of the communication process between the controller (Controller) and the switch (Switch). The controller establishes a secure channel with the switch through the OpenFlow protocol, and the SDN application manages different aspects of the network through the controller delivering or deleting the flow table used to define packet forwarding rules to the switch. To implement various network policies, many SDN applications (eg, Firewall, Load Balancer, etc.) are deployed on the same controller. In fact, SDN applications from different parties will complicate the control logic of the network, and may intentionally or unintentionally install rules with the same match domain (match) and conflicting action domain (action) on the same switch, thereby This leads to conflicts between multiple SDN applications, resulting in network failure or network performance degradation. At present, this problem is more common in the SDN field, and some SDN controller systems rely on the priority between various SDN applications to avoid conflicts. However, even if each SDN application has a clear priority, how to use the priority to process the output of each SDN application is still a difficult problem. Therefore, in order to avoid behaviors that users do not expect after deploying multiple SDN applications, pre-detecting conflicts between multiple SDN applications is the only solution.

之前,研究者们提出了一些验证SDN应用的正确性的方案。例如,1)以NICE和Vericon为代表的验证工具,该验证工具是基于模型检测或定理证明等形式化方法来验证网络的正确性属性是否被违反,但是,该验证工具仅针对单一SDN应用进行验证,不能验证多个SDN应用之间的正确性;2)以VMN和HSA为代表的验证工具,该验证工具用于验证数据面的流表是否违反网络的正确性属性,但是,其并不能在部署SDN应用之前预先检测多个SDN应用之间的冲突;3)利用以Netcore和Frenetic为代表的新型控制器进行验证,该控制器在编译器中利用模型检测等形式化方法来避免SDN应用在交换机上安装可能导致冲突的规则,但是,这种验证方法只能支持某一种北向接口语言,无法支持现有控制器(例如,ONOS,Floodlight等)在编译器上的应用。由此可见,以上这些方法都不能预先检测多个SDN应用之间的冲突。Previously, researchers have proposed some schemes to verify the correctness of SDN applications. For example, 1) Verification tools represented by NICE and Vericon, which are based on formal methods such as model checking or theorem proving to verify whether the correctness property of the network is violated, however, this verification tool is only for a single SDN application. Verification, can not verify the correctness between multiple SDN applications; 2) The verification tool represented by VMN and HSA, the verification tool is used to verify whether the flow table of the data plane violates the correctness attribute of the network, but it cannot Detect conflicts between multiple SDN applications in advance before deploying SDN applications; 3) Validate using a novel controller represented by Netcore and Frenetic, which uses formal methods such as model checking in the compiler to avoid SDN applications The rules that may cause conflicts are installed on the switch. However, this verification method can only support a certain northbound interface language, and cannot support the application of existing controllers (for example, ONOS, Floodlight, etc.) on the compiler. It can be seen that none of the above methods can detect conflicts between multiple SDN applications in advance.

为了解决上述技术问题,本发明提供了一种用于检测多个软件定义网络SDN应用之间的冲突的方法,该方法无需改动控制器内核即可以在部署多个SDN应用之前预先检测多个SDN应用之间的冲突。In order to solve the above technical problems, the present invention provides a method for detecting conflicts between multiple software-defined network SDN applications, which can pre-detect multiple SDN applications before deploying multiple SDN applications without changing the controller kernel conflicts between applications.

发明内容SUMMARY OF THE INVENTION

本发明所要解决的技术问题是:现有技术中的方法不能在部署多个SDN应用之前预先检测多个SDN应用之间的冲突。The technical problem to be solved by the present invention is that the methods in the prior art cannot detect conflicts between multiple SDN applications in advance before deploying multiple SDN applications.

为了解决上述技术问题,本发明提供了一种用于检测多个软件定义网络SDN应用之间的冲突的方法,包括:In order to solve the above technical problems, the present invention provides a method for detecting conflicts between multiple software-defined network SDN applications, including:

针对待测的多个SDN应用中的每个SDN应用,均执行以下操作:For each of the multiple SDN applications under test, do the following:

获取该SDN应用的源代码和所有输入OpenFlow消息;Get the source code of the SDN application and all incoming OpenFlow messages;

根据该SDN应用的源代码包含的各事件处理器的属性信息,确定各事件处理器所要处理的输入OpenFlow消息,其中,各事件处理器所要处理的输入OpenFlow消息的总和构成所有输入OpenFlow消息;According to the attribute information of each event processor included in the source code of the SDN application, determine the input OpenFlow message to be processed by each event processor, wherein the sum of the input OpenFlow messages to be processed by each event processor constitutes all input OpenFlow messages;

针对每个输入OpenFlow消息均执行以下操作:The following actions are performed for each incoming OpenFlow message:

利用与所述源代码的语言类型对应的符号执行工具,对该输入OpenFlow消息进行处理,得到与该输入OpenFlow消息对应的多条可执行路径、与该多条可执行路径中的每条可执行路径对应的路径约束条件、以及与每条可执行路径对应的第一输出OpenFlow消息集,所述第一输出OpenFlow消息集为与每条可执行路径对应的输出OpenFlow消息的集合;Using a symbolic execution tool corresponding to the language type of the source code, the input OpenFlow message is processed to obtain multiple executable paths corresponding to the input OpenFlow message, and each executable path in the multiple executable paths is obtained. Path constraints corresponding to the paths, and a first output OpenFlow message set corresponding to each executable path, where the first output OpenFlow message set is a set of output OpenFlow messages corresponding to each executable path;

利用约束求解器分别对与每条可执行路径对应的路径约束条件进行求解,并基于求解结果,对与每条可执行路径对应的第一输出OpenFlow消息集中的各输出OpenFlow消息进行处理,得到与每条可执行路径对应的第二输出OpenFlow消息集,所述第二输出OpenFlow消息集为对所述第一输出OpenFlow消息集中的各输出OpenFlow消息进行处理后得到的输出OpenFlow消息的集合;The constraint solver is used to solve the path constraints corresponding to each executable path, and based on the solution results, each output OpenFlow message in the first output OpenFlow message set corresponding to each executable path is processed to obtain the A second output OpenFlow message set corresponding to each executable path, where the second output OpenFlow message set is a set of output OpenFlow messages obtained after processing each output OpenFlow message in the first output OpenFlow message set;

对与每条可执行路径对应的第二输出OpenFlow消息集中的各输出OpenFlow消息进行处理,得到与每条可执行路径对应的第三输出OpenFlow消息集,所述第三输出OpenFlow消息集为对所述第二输出OpenFlow消息集中的各输出OpenFlow消息进行处理后得到的输出OpenFlow消息的集合;Each output OpenFlow message in the second output OpenFlow message set corresponding to each executable path is processed to obtain a third output OpenFlow message set corresponding to each executable path, where the third output OpenFlow message set is for all the executable paths. The set of output OpenFlow messages obtained after each output OpenFlow message in the second output OpenFlow message set is processed;

利用与每个SDN应用的每个输入OpenFlow消息对应的每条可执行路径对应的第三输出OpenFlow消息集中的各输出OpenFlow消息,检测多个SDN应用两两之间是否存在冲突。Using each output OpenFlow message in the third output OpenFlow message set corresponding to each executable path corresponding to each input OpenFlow message of each SDN application, it is detected whether there is a conflict between multiple SDN applications.

在本发明一优选实施例中,利用与所述源代码的语言类型对应的符号执行工具,对输入OpenFlow消息进行处理,得到与该输入OpenFlow消息对应的多条可执行路径、与该多条可执行路径中的每条可执行路径对应的路径约束条件、以及与每条可执行路径对应的第一输出OpenFlow消息集,包括:In a preferred embodiment of the present invention, a symbolic execution tool corresponding to the language type of the source code is used to process an input OpenFlow message to obtain a plurality of executable paths corresponding to the input OpenFlow message, and a plurality of executable paths corresponding to the input OpenFlow message. The path constraints corresponding to each executable path in the execution path, and the first output OpenFlow message set corresponding to each executable path, including:

利用与SDN应用的源代码的语言类型对应的符号执行工具,将该SDN应用的各输入OpenFlow消息包含的相关变量指定为符号变量,其中,所述相关变量为在检测多个SDN应用之间的冲突的过程中所需使用的变量;Using a symbolic execution tool corresponding to the language type of the source code of the SDN application, the relevant variables contained in each input OpenFlow message of the SDN application are designated as symbolic variables, wherein the relevant variables are used for detecting the relationship between multiple SDN applications. Variables to be used in the conflicting process;

利用所述符号执行工具运行该SDN应用的源代码包含的各事件处理器,得到与该SDN应用的各输入OpenFlow消息对应的多条可执行路径、与该多条可执行路径中的每条可执行路径对应的路径约束条件、以及与每条可执行路径对应的第一输出OpenFlow消息集。Use the symbolic execution tool to run each event handler included in the source code of the SDN application, and obtain multiple executable paths corresponding to each input OpenFlow message of the SDN application, and each executable path in the multiple executable paths is obtained. Path constraints corresponding to the execution paths, and a first output OpenFlow message set corresponding to each executable path.

在本发明一优选实施例中,该方法还包括:将SDN应用的各输入OpenFlow消息包含的无关变量赋予具体值,其中,所述无关变量为在检测多个SDN应用之间的冲突的过程中无需使用的变量。In a preferred embodiment of the present invention, the method further includes: assigning specific values to irrelevant variables included in each input OpenFlow message of the SDN application, wherein the irrelevant variables are in the process of detecting conflicts between multiple SDN applications Variables not needed.

在本发明一优选实施例中,该方法还包括:根据与SDN应用的各输入OpenFlow消息包含的流表的各个域在软件定义网络SDN中的具体含义,将与该SDN应用的各输入OpenFlow消息包含的各符号变量的取值范围限定在预设范围内。In a preferred embodiment of the present invention, the method further includes: according to the specific meaning in the software-defined network SDN of each field of the flow table included in each input OpenFlow message of the SDN application, comparing each input OpenFlow message of the SDN application with each other. The value range of each included symbol variable is limited to the preset range.

在本发明一优选实施例中,利用约束求解器分别对与每条可执行路径对应的路径约束条件进行求解,并基于求解结果,对与每条可执行路径对应的第一输出OpenFlow消息集中的各输出OpenFlow消息进行处理,得到与每条可执行路径对应的第二输出OpenFlow消息集,包括:In a preferred embodiment of the present invention, a constraint solver is used to solve the path constraints corresponding to each executable path, and based on the solution results, the first output OpenFlow message set corresponding to each executable path is Each output OpenFlow message is processed to obtain a second output OpenFlow message set corresponding to each executable path, including:

针对与每个SDN应用的每个输入OpenFlow消息对应的每条可执行路径,均执行以下操作:For each executable path corresponding to each incoming OpenFlow message for each SDN application, the following actions are performed:

利用约束求解器对与该条可执行路径对应的路径约束条件进行求解;Use the constraint solver to solve the path constraints corresponding to the executable path;

在约束求解器返回结果为有解的情况下,为与该条可执行路径对应的第一输出OpenFlow消息集中的各输出OpenFlow消息包含的各符号变量赋予求解得到的具体值,得到与该条可执行路径对应的第二输出OpenFlow消息集;In the case that the result returned by the constraint solver is that there is a solution, each symbolic variable contained in each output OpenFlow message in the first output OpenFlow message set corresponding to the executable path is assigned the specific value obtained by the solution, and the corresponding value of the executable path is obtained. the second output OpenFlow message set corresponding to the execution path;

在约束求解器返回结果为无解的情况下,去除与该条可执行路径对应的第一输出OpenFlow消息集,得到与该条可执行路径对应的第二输出OpenFlow消息集,其中,该第二输出OpenFlow消息集为空集。In the case that the result returned by the constraint solver is no solution, remove the first output OpenFlow message set corresponding to the executable path, and obtain a second output OpenFlow message set corresponding to the executable path, wherein the second output OpenFlow message set corresponds to the executable path. The output OpenFlow message set is an empty set.

在本发明一优选实施例中,所述输出OpenFlow消息包含的流表的动作域中含有重置动作或者不含有重置动作。In a preferred embodiment of the present invention, the action field of the flow table included in the output OpenFlow message contains a reset action or does not contain a reset action.

在本发明一优选实施例中,对与每条可执行路径对应的第二输出OpenFlow消息集中的各输出OpenFlow消息进行处理,得到与每条可执行路径对应的第三输出OpenFlow消息集,包括:In a preferred embodiment of the present invention, each output OpenFlow message in the second output OpenFlow message set corresponding to each executable path is processed to obtain a third output OpenFlow message set corresponding to each executable path, including:

针对与每个SDN应用的每个输入OpenFlow消息对应的每条可执行路径对应的第二输出OpenFlow消息集,均执行以下操作:For the second output OpenFlow message set corresponding to each executable path corresponding to each input OpenFlow message of each SDN application, the following operations are performed:

根据该第二输出OpenFlow消息集中的各输出OpenFlow消息的属性信息,对该第二输出OpenFlow消息集中的各输出OpenFlow消息进行分类;classifying each output OpenFlow message in the second output OpenFlow message set according to the attribute information of each output OpenFlow message in the second output OpenFlow message set;

根据分类结果,对该第二输出OpenFlow消息集中的各输出OpenFlow消息进行处理,得到与该第二输出OpenFlow消息集所属的可执行路径对应的第三输出OpenFlow消息集。According to the classification result, each output OpenFlow message in the second output OpenFlow message set is processed to obtain a third output OpenFlow message set corresponding to the executable path to which the second output OpenFlow message set belongs.

在本发明一优选实施例中,根据分类结果,对第二输出OpenFlow消息集中的各输出OpenFlow消息进行处理,得到与该第二输出OpenFlow消息集所属的可执行路径对应的第三输出OpenFlow消息集,包括:In a preferred embodiment of the present invention, according to the classification result, each output OpenFlow message in the second output OpenFlow message set is processed to obtain a third output OpenFlow message set corresponding to the executable path to which the second output OpenFlow message set belongs ,include:

在第二输出OpenFlow消息集中的各输出OpenFlow消息包含的流表的动作域中都不含有重置动作的情况下,该第二输出OpenFlow消息集中的各输出OpenFlow消息保持不变,则与该第二输出OpenFlow消息集所属的可执行路径对应的第三输出OpenFlow消息集包含的各输出OpenFlow消息与该第二输出OpenFlow消息集包含的各输出OpenFlow消息保持一致;If the action field of the flow table included in each output OpenFlow message in the second output OpenFlow message set does not contain a reset action, and each output OpenFlow message in the second output OpenFlow message set remains unchanged, it is the same as the first output OpenFlow message in the second output OpenFlow message set. Each output OpenFlow message included in the third output OpenFlow message set corresponding to the executable path to which the second output OpenFlow message set belongs is consistent with each output OpenFlow message included in the second output OpenFlow message set;

在第二输出OpenFlow消息集中的各输出OpenFlow消息包含的流表的动作域中都含有重置动作的情况下,去除该第二输出OpenFlow消息集中的各输出OpenFlow消息,则与该第二输出OpenFlow消息集所属的可执行路径对应的第三输出OpenFlow消息集为空集。In the case where the action fields of the flow tables included in each output OpenFlow message in the second output OpenFlow message set all contain reset actions, removing each output OpenFlow message in the second output OpenFlow message set, then the second output OpenFlow message is combined with the second output OpenFlow message. The third output OpenFlow message set corresponding to the executable path to which the message set belongs is an empty set.

在本发明一优选实施例中,根据分类结果,对第二输出OpenFlow消息集中的各输出OpenFlow消息进行处理,得到与该第二输出OpenFlow消息集所属的可执行路径对应的第三输出OpenFlow消息集,还包括:In a preferred embodiment of the present invention, according to the classification result, each output OpenFlow message in the second output OpenFlow message set is processed to obtain a third output OpenFlow message set corresponding to the executable path to which the second output OpenFlow message set belongs ,Also includes:

在第二输出OpenFlow消息集中的一部分输出OpenFlow消息包含的流表的动作域中含有重置动作、且另一部分输出OpenFlow消息包含的流表的动作域中不含有重置动作的情况下,利用预设合成规则,对该第二输出OpenFlow消息集中的各输出OpenFlow消息进行处理,得到与该第二输出OpenFlow消息集所属的可执行路径对应的第三输出OpenFlow消息集。If the action field of the flow table included in part of the output OpenFlow messages in the second output OpenFlow message set contains the reset action, and the action field of the flow table included in the other part of the output OpenFlow message does not contain the reset action, the preset A synthesis rule is set, and each output OpenFlow message in the second output OpenFlow message set is processed to obtain a third output OpenFlow message set corresponding to the executable path to which the second output OpenFlow message set belongs.

在本发明一优选实施例中,利用与每个SDN应用的每个输入OpenFlow消息对应的每条可执行路径对应的第三输出OpenFlow消息集中的各输出OpenFlow消息,检测多个SDN应用两两之间是否存在冲突,包括:In a preferred embodiment of the present invention, each outgoing OpenFlow message in the third outgoing OpenFlow message set corresponding to each executable path corresponding to each incoming OpenFlow message of each SDN application is used to detect two or more SDN applications. Whether there is a conflict between:

从待测的多个SDN应用中任取两个SDN应用,得到第一SDN应用和第二SDN应用;Two SDN applications are randomly selected from the multiple SDN applications to be tested to obtain the first SDN application and the second SDN application;

获取与第一SDN应用的每个输入OpenFlow消息对应的每条可执行路径对应的第三输出OpenFlow消息集中的各输出OpenFlow消息、以及与第二SDN应用的每个输入OpenFlow消息对应的每条可执行路径对应的第三输出OpenFlow消息集中的各输出OpenFlow消息;Obtain each output OpenFlow message in the third output OpenFlow message set corresponding to each executable path corresponding to each input OpenFlow message of the first SDN application, and each executable path corresponding to each input OpenFlow message of the second SDN application. each output OpenFlow message in the third output OpenFlow message set corresponding to the execution path;

分别从与第一SDN应用的每个输入OpenFlow消息对应的每条可执行路径对应的第三输出OpenFlow消息集中、以及从与第二SDN应用的每个输入OpenFlow消息对应的每条可执行路径对应的第三输出OpenFlow消息集中各任取一个输出OpenFlow消息,得到第一输出OpenFlow消息和第二输出OpenFlow消息;from the third set of outgoing OpenFlow messages corresponding to each executable path corresponding to each incoming OpenFlow message of the first SDN application, and from each executable path corresponding to each incoming OpenFlow message of the second SDN application, respectively The third output OpenFlow message set takes one output OpenFlow message arbitrarily to obtain the first output OpenFlow message and the second output OpenFlow message;

根据第一输出OpenFlow消息和第二输出OpenFlow消息的属性信息,利用预设判断规则,判断第一SDN应用与第二SDN应用是否存在冲突。According to the attribute information of the first output OpenFlow message and the second output OpenFlow message, and using a preset judgment rule, it is judged whether there is a conflict between the first SDN application and the second SDN application.

与现有技术相比,上述方案中的一个或多个实施例可以具有如下优点或有益效果:Compared with the prior art, one or more embodiments of the above solutions may have the following advantages or beneficial effects:

应用本发明实施例提供的用于检测多个软件定义网络SDN应用之间的冲突的方法,通过利用符号执行工具对待测的多个SDN应用中的每个SDN应用的每个输入OpenFlow消息进行处理,并基于处理结果来检测多个SDN应用两两之间是否存在冲突,从而可以实现在部署多个SDN应用之前预先检测多个SDN应用之间是否存在冲突,具有很好的应用前景。By applying the method for detecting conflicts between multiple software-defined network SDN applications provided by the embodiments of the present invention, each input OpenFlow message of each SDN application in the multiple SDN applications to be tested is processed by using a symbolic execution tool , and based on the processing results to detect whether there is a conflict between multiple SDN applications, so that it is possible to detect whether there is a conflict between multiple SDN applications before deploying multiple SDN applications, which has a good application prospect.

本发明的其它特征和优点将在随后的说明书中阐述,并且部分地从说明书中变得显而易见,或者通过实施本发明而了解。本发明的目的和其他优点可通过在说明书、权利要求书以及附图中所特别指出的结构来实现和获得。Other features and advantages of the present invention will be set forth in the description which follows, and in part will become apparent from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention may be realized and attained by the structure particularly pointed out in the description, claims and drawings.

附图说明Description of drawings

附图用来提供对本发明的进一步理解,并且构成说明书的一部分,与本发明的实施例共同用于解释本发明,并不构成对本发明的限制。在附图中:The accompanying drawings are used to provide a further understanding of the present invention, and constitute a part of the specification, and together with the embodiments of the present invention, are used to explain the present invention, and do not constitute a limitation to the present invention. In the attached image:

图1为本发明实施例的用于检测多个软件定义网络SDN应用之间的冲突的方法的具体流程示意图;FIG. 1 is a specific flowchart of a method for detecting conflicts between multiple software-defined network SDN applications according to an embodiment of the present invention;

图2为图1中步骤S103的具体流程示意图;Fig. 2 is the specific flow chart of step S103 in Fig. 1;

图3为图1中步骤S104的具体流程示意图;Fig. 3 is the specific flow chart of step S104 in Fig. 1;

图4为图1中步骤S105的具体流程示意图;Fig. 4 is the specific flow chart of step S105 in Fig. 1;

图5为图1中步骤S106的具体流程示意图;Fig. 5 is the specific flow chart of step S106 in Fig. 1;

图6为本发明的应用实例一中多个SDN应用共存的场景的示意图;6 is a schematic diagram of a scenario in which multiple SDN applications coexist in application example 1 of the present invention;

图7为利用符号执行工具运行用于处理输入OpenFlow消息为packect_in的事件处理器,并利用约束求解器分别对与每条可执行路径对应的路径约束条件进行求解得到的结果的示意图;7 is a schematic diagram of the result obtained by using a symbolic execution tool to run an event handler for processing an input OpenFlow message as packect_in, and using a constraint solver to solve the path constraints corresponding to each executable path respectively;

图8为显示图7中的具体结果的示意图;Figure 8 is a schematic diagram showing the specific results in Figure 7;

图9为显示对与每条可执行路径对应的第二输出OpenFlow消息集中的各输出OpenFlow消息进行合成的过程的示意图。FIG. 9 is a schematic diagram showing a process of synthesizing each outgoing OpenFlow message in the second outgoing OpenFlow message set corresponding to each executable path.

具体实施方式Detailed ways

以下将结合附图及实施例来详细说明本发明的实施方式,借此对本发明如何应用技术手段来解决技术问题,并达成技术效果的实现过程能充分理解并据以实施。需要说明的是,只要不构成冲突,本发明中的各个实施例以及各实施例中的各个特征可以相互结合,所形成的技术方案均在本发明的保护范围之内。The embodiments of the present invention will be described in detail below with reference to the accompanying drawings and examples, so as to fully understand and implement the implementation process of how the present invention applies technical means to solve technical problems and achieve technical effects. It should be noted that, as long as there is no conflict, each embodiment of the present invention and each feature of each embodiment can be combined with each other, and the formed technical solutions all fall within the protection scope of the present invention.

为解决现有技术中的方法不能在部署多个SDN应用之前预先检测多个SDN应用之间的冲突的技术问题,本发明实施例提供了一种用于检测多个软件定义网络SDN应用之间的冲突的方法。In order to solve the technical problem that the methods in the prior art cannot detect conflicts between multiple SDN applications in advance before deploying multiple SDN applications, the embodiments of the present invention provide a method for detecting conflicts between multiple software-defined network SDN applications. conflicting methods.

SDN应用用于处理各种由交换机发送的OpenFlow消息,由于相对于SDN应用而言,这些OpenFlow消息为输入,所以将这些OpenFlow消息称为SDN应用的输入OpenFlow消息。SDN应用是事件驱动模式,其通过源代码包含的各事件处理器来处理该输入OpenFlow消息,并通过输出OpenFlow消息来对交换机下发或删除流表。通常,流表包括匹配域、动作域、优先级域、计数器、超时时间、附属属性等信息。SDN应用的源代码包含的各事件处理器可以响应各种网络事件,例如,报文到达、链路、交换机故障等。The SDN application is used to process various OpenFlow messages sent by the switch. Since these OpenFlow messages are input relative to the SDN application, these OpenFlow messages are called input OpenFlow messages of the SDN application. The SDN application is an event-driven mode, which processes the input OpenFlow message through each event processor included in the source code, and issues or deletes the flow table to the switch by outputting the OpenFlow message. Usually, the flow table includes information such as matching fields, action fields, priority fields, counters, timeouts, and attached attributes. The event handlers included in the source code of the SDN application can respond to various network events, such as packet arrival, link, switch failure, etc.

本领域普通技术人员可以理解地是,SDN应用的输入OpenFlow消息包含报文等信息,SDN应用的输出OpenFlow消息包含对哪个交换机下发哪个流表等信息。Those skilled in the art can understand that the input OpenFlow message of the SDN application includes information such as packets, and the output OpenFlow message of the SDN application includes information such as which flow table is delivered to which switch.

图1为本发明实施例的用于检测多个软件定义网络SDN应用之间的冲突的方法的具体流程示意图。FIG. 1 is a specific flowchart of a method for detecting conflicts between multiple software-defined network SDN applications according to an embodiment of the present invention.

如图1所示,本发明实施例的用于检测多个软件定义网络SDN应用之间的冲突的方法,主要包括以下步骤S101至步骤S106。As shown in FIG. 1 , the method for detecting conflicts between multiple software-defined network SDN applications according to an embodiment of the present invention mainly includes the following steps S101 to S106.

针对待测的多个SDN应用中的每个SDN应用,均执行以下操作:For each of the multiple SDN applications under test, do the following:

在步骤S101中,获取该SDN应用的源代码和所有输入OpenFlow消息。In step S101, the source code of the SDN application and all input OpenFlow messages are obtained.

在步骤S102中,根据该SDN应用的源代码包含的各事件处理器的属性信息,确定各事件处理器所要处理的输入OpenFlow消息,其中,各事件处理器所要处理的输入OpenFlow消息的总和构成所有输入OpenFlow消息。In step S102, according to the attribute information of each event processor included in the source code of the SDN application, the input OpenFlow message to be processed by each event processor is determined, wherein the sum of the input OpenFlow messages to be processed by each event processor constitutes all the Enter an OpenFlow message.

针对步骤S102中的每个输入OpenFlow消息,均执行以下操作:For each input OpenFlow message in step S102, the following operations are performed:

在步骤S103中,利用与源代码的语言类型对应的符号执行工具,对该输入OpenFlow消息进行处理,得到与该输入OpenFlow消息对应的多条可执行路径、与该多条可执行路径中的每条可执行路径对应的路径约束条件、以及与每条可执行路径对应的第一输出OpenFlow消息集。该第一输出OpenFlow消息集为与每条可执行路径对应的输出OpenFlow消息的集合,该输出OpenFlow消息包含的流表的动作域中含有重置动作或者不含有重置动作。其具体过程如图2所示。In step S103, the input OpenFlow message is processed by using a symbolic execution tool corresponding to the language type of the source code to obtain a plurality of executable paths corresponding to the input OpenFlow message, and each executable path in the plurality of executable paths is obtained. Path constraints corresponding to the executable paths, and a first output OpenFlow message set corresponding to each executable path. The first output OpenFlow message set is a set of output OpenFlow messages corresponding to each executable path, and the action field of the flow table included in the output OpenFlow message contains a reset action or does not contain a reset action. The specific process is shown in Figure 2.

在步骤S1031中,利用与SDN应用的源代码的语言类型对应的符号执行工具,将该SDN应用的各输入OpenFlow消息包含的相关变量指定为符号变量。其中,该相关变量为在检测多个SDN应用之间的冲突的过程中所需使用的变量,例如,源IP地址、目的IP地址等。In step S1031, the relevant variables included in each input OpenFlow message of the SDN application are designated as symbolic variables by using a symbolic execution tool corresponding to the language type of the source code of the SDN application. The relevant variable is a variable that needs to be used in the process of detecting conflicts between multiple SDN applications, for example, a source IP address, a destination IP address, and the like.

在步骤S1032中,利用符号执行工具运行该SDN应用的源代码包含的各事件处理器,得到与该SDN应用的各输入OpenFlow消息对应的多条可执行路径、与该多条可执行路径中的每条可执行路径对应的路径约束条件、以及与每条可执行路径对应的第一输出OpenFlow消息集。In step S1032, use a symbolic execution tool to run each event handler included in the source code of the SDN application, and obtain multiple executable paths corresponding to each input OpenFlow message of the SDN application, and multiple executable paths corresponding to the multiple executable paths. Path constraints corresponding to each executable path, and a first output OpenFlow message set corresponding to each executable path.

在本发明一优选实施例中,该方法还包括:将SDN应用的各输入OpenFlow消息包含的无关变量赋予具体值。其中,该无关变量为在检测多个SDN应用之间的冲突的过程中无需使用的变量。例如,某一被测SDN应用的输入OpenFlow消息为packet_in,该输入OpenFlow消息包含的报文内容为packet header和payload,如果该被测SDN应用的功能与payload无关(即payload为无关变量),则可将payload赋予具体值。如此设置,可以有效提高符号执行效率。In a preferred embodiment of the present invention, the method further includes: assigning specific values to irrelevant variables contained in each input OpenFlow message of the SDN application. The irrelevant variable is a variable that does not need to be used in the process of detecting conflicts between multiple SDN applications. For example, the input OpenFlow message of an SDN application under test is packet_in, and the packet contents contained in the input OpenFlow message are packet header and payload. If the function of the SDN application under test has nothing to do with the payload (that is, the payload is an irrelevant variable), then The payload can be assigned a specific value. This setting can effectively improve the efficiency of symbol execution.

在本发明一优选实施例中,该方法还包括:根据与SDN应用的各输入OpenFlow消息包含的流表的各个域在软件定义网络SDN中的具体含义,将与该SDN应用的各输入OpenFlow消息包含的各符号变量的取值范围限定在预设范围内。其中,各输入OpenFlow消息包含的流表的各个域都有一个最小取值范围,该预设范围与该最小取值范围相对应,本领域普通技术人员可以根据实际情况来具体设定该最小取值范围。例如,输入OpenFlow消息包含的符号变量“eth_type”域值的最小取值范围为(0-64)。In a preferred embodiment of the present invention, the method further includes: according to the specific meaning in the software-defined network SDN of each field of the flow table included in each input OpenFlow message of the SDN application, comparing each input OpenFlow message of the SDN application with each other. The value range of each included symbol variable is limited to the preset range. Wherein, each field of the flow table included in each input OpenFlow message has a minimum value range, the preset range corresponds to the minimum value range, and those of ordinary skill in the art can specifically set the minimum value range according to the actual situation. value range. For example, the minimum value range of the field value of the symbol variable "eth_type" contained in the input OpenFlow message is (0-64).

本发明通过利用符号执行工具对每个SDN应用的每个输入OpenFlow消息进行处理,不仅可以有效避免遍历每个SDN应用状态带来的状态空间爆炸问题,而且可以保证对每个SDN应用的源代码的覆盖率。By using the symbolic execution tool to process each input OpenFlow message of each SDN application, the present invention can not only effectively avoid the problem of state space explosion caused by traversing the state of each SDN application, but also ensure that the source code of each SDN application is coverage.

在步骤S104中,利用约束求解器分别对与每条可执行路径对应的路径约束条件进行求解,并基于求解结果,对与每条可执行路径对应的第一输出OpenFlow消息集中的各输出OpenFlow消息进行处理,得到与每条可执行路径对应的第二输出OpenFlow消息集,该第二输出OpenFlow消息集为对该第一输出OpenFlow消息集中的各输出OpenFlow消息进行处理后得到的输出OpenFlow消息的集合。其具体过程如图3所示。In step S104, the constraint solver is used to solve the path constraints corresponding to each executable path, and based on the solving result, each output OpenFlow message in the first output OpenFlow message set corresponding to each executable path is solved Perform processing to obtain a second output OpenFlow message set corresponding to each executable path, where the second output OpenFlow message set is a set of output OpenFlow messages obtained by processing each output OpenFlow message in the first output OpenFlow message set . The specific process is shown in Figure 3.

针对与每个SDN应用的每个输入OpenFlow消息对应的每条可执行路径,均执行以下操作:For each executable path corresponding to each incoming OpenFlow message for each SDN application, the following actions are performed:

在步骤S1041中,利用约束求解器对与该条可执行路径对应的路径约束条件进行求解。In step S1041, a constraint solver is used to solve the path constraint corresponding to the executable path.

在约束求解器返回结果为有解的情况下,执行步骤S1042:为与该条可执行路径对应的第一输出OpenFlow消息集中的各输出OpenFlow消息包含的各符号变量赋予求解得到的具体值,得到与该条可执行路径对应的第二输出OpenFlow消息集。In the case that the result returned by the constraint solver is that there is a solution, step S1042 is executed: assign the specific value obtained by solving to each symbol variable contained in each output OpenFlow message in the first output OpenFlow message set corresponding to the executable path, to obtain A second output OpenFlow message set corresponding to the executable path.

例如,利用约束求解器对与可执行路径1对应的路径约束条件进行求解,得到λ.src=HostI。若与可执行路径1对应的第一输出OpenFlow消息集中的输出OpenFlow消息为(add,sw1,e8((p.src=λ.src,p.dst=ServerD)→fwd(3))),则为该输出OpenFlow消息包含的符号变量(p.src)赋予求解得到的具体值,得到输出OpenFlow消息(add,sw1,e8((p.src=HostI,p.dst=ServerD)→fwd(3))),该消息即为与可执行路径1对应的第二输出OpenFlow消息集中的输出OpenFlow消息。For example, using a constraint solver to solve the path constraint corresponding to executable path 1, λ.src=Host I is obtained. If the output OpenFlow message in the first output OpenFlow message set corresponding to executable path 1 is (add, sw 1 , e 8 ((p.src=λ.src, p.dst=Server D )→fwd(3)) ), then the symbolic variable (p.src) contained in the output OpenFlow message is given the specific value obtained by the solution, and the output OpenFlow message (add, sw 1 , e 8 ((p.src=Host I , p.dst=Server D )→fwd(3))), the message is the output OpenFlow message in the second output OpenFlow message set corresponding to the executable path 1.

在约束求解器返回结果为无解的情况下,执行步骤S1043:去除与该条可执行路径对应的第一输出OpenFlow消息集,得到与该条可执行路径对应的第二输出OpenFlow消息集,其中,该第二输出OpenFlow消息集为空集。In the case that the result returned by the constraint solver is no solution, step S1043 is executed: remove the first output OpenFlow message set corresponding to the executable path, and obtain the second output OpenFlow message set corresponding to the executable path, wherein , the second output OpenFlow message set is an empty set.

在步骤S105中,对与每条可执行路径对应的第二输出OpenFlow消息集中的各输出OpenFlow消息进行处理,得到与每条可执行路径对应的第三输出OpenFlow消息集,该第三输出OpenFlow消息集为对该第二输出OpenFlow消息集中的各输出OpenFlow消息进行处理后得到的输出OpenFlow消息的集合。其具体过程如图4所示。In step S105, each output OpenFlow message in the second output OpenFlow message set corresponding to each executable path is processed to obtain a third output OpenFlow message set corresponding to each executable path, the third output OpenFlow message The set is a set of output OpenFlow messages obtained by processing each output OpenFlow message in the second output OpenFlow message set. The specific process is shown in Figure 4.

针对与每个SDN应用的每个输入OpenFlow消息对应的每条可执行路径对应的第二输出OpenFlow消息集,均执行以下操作:For the second output OpenFlow message set corresponding to each executable path corresponding to each input OpenFlow message of each SDN application, the following operations are performed:

在步骤S1051中,根据该第二输出OpenFlow消息集中的各输出OpenFlow消息的属性信息,对该第二输出OpenFlow消息集中的各输出OpenFlow消息进行分类。其中,该属性信息是指各输出OpenFlow消息包含的流表的动作域中是否含有重置动作。In step S1051, according to the attribute information of each output OpenFlow message in the second output OpenFlow message set, each output OpenFlow message in the second output OpenFlow message set is classified. The attribute information refers to whether the action field of the flow table included in each output OpenFlow message contains a reset action.

在步骤S1052中,根据分类结果,对该第二输出OpenFlow消息集中的各输出OpenFlow消息进行处理,得到与该第二输出OpenFlow消息集所属的可执行路径对应的第三输出OpenFlow消息集。In step S1052, according to the classification result, each output OpenFlow message in the second output OpenFlow message set is processed to obtain a third output OpenFlow message set corresponding to the executable path to which the second output OpenFlow message set belongs.

具体地,在第二输出OpenFlow消息集中的各输出OpenFlow消息包含的流表的动作域中都不含有重置动作的情况下,该第二输出OpenFlow消息集中的各输出OpenFlow消息保持不变。也就是说,与该第二输出OpenFlow消息集所属的可执行路径对应的第三输出OpenFlow消息集包含的各输出OpenFlow消息与该第二输出OpenFlow消息集包含的各输出OpenFlow消息保持一致。Specifically, if the action field of the flow table included in each output OpenFlow message in the second output OpenFlow message set does not contain a reset action, each output OpenFlow message in the second output OpenFlow message set remains unchanged. That is, each output OpenFlow message included in the third output OpenFlow message set corresponding to the executable path to which the second output OpenFlow message set belongs is consistent with each output OpenFlow message included in the second output OpenFlow message set.

在第二输出OpenFlow消息集中的各输出OpenFlow消息包含的流表的动作域中都含有重置动作的情况下,去除该第二输出OpenFlow消息集中的各输出OpenFlow消息,则与该第二输出OpenFlow消息集所属的可执行路径对应的第三输出OpenFlow消息集为空集。In the case where the action fields of the flow tables included in each output OpenFlow message in the second output OpenFlow message set all contain reset actions, removing each output OpenFlow message in the second output OpenFlow message set, then the second output OpenFlow message is combined with the second output OpenFlow message. The third output OpenFlow message set corresponding to the executable path to which the message set belongs is an empty set.

在第二输出OpenFlow消息集中的一部分输出OpenFlow消息包含的流表的动作域中含有重置动作、且另一部分输出OpenFlow消息包含的流表的动作域中不含有重置动作的情况下,利用预设合成规则,对该第二输出OpenFlow消息集中的各输出OpenFlow消息进行处理,得到与该第二输出OpenFlow消息集所属的可执行路径对应的第三输出OpenFlow消息集。具体处理过程如下:If the action field of the flow table included in part of the output OpenFlow messages in the second output OpenFlow message set contains the reset action, and the action field of the flow table included in the other part of the output OpenFlow message does not contain the reset action, the preset A synthesis rule is set, and each output OpenFlow message in the second output OpenFlow message set is processed to obtain a third output OpenFlow message set corresponding to the executable path to which the second output OpenFlow message set belongs. The specific processing process is as follows:

首先,将第二输出OpenFlow消息集中的各输出OpenFlow消息分为两组,第一组:输出OpenFlow消息包含的流表的动作域中含有重置动作,第二组:输出OpenFlow消息包含的流表的动作域中不含有重置动作。First, each output OpenFlow message in the second output OpenFlow message set is divided into two groups, the first group: the action field of the flow table included in the output OpenFlow message contains a reset action, and the second group: the flow table included in the output OpenFlow message does not contain a reset action in the action field.

然后,从第一组中任取一个输出OpenFlow消息,记为消息1。从第二组中任取一个输出OpenFlow消息,记为消息2。Then, take any one output OpenFlow message from the first group, denoted as message 1. Take any one output OpenFlow message from the second group, denoted as message 2.

接着,对消息1包含的流表的匹配域和动作域进行合成,得到消息1包含的流表的合成匹配域。Next, the matching field and the action field of the flow table included in the message 1 are synthesized, and the synthesized matching field of the flow table included in the message 1 is obtained.

若消息1包含的流表的动作域和消息2包含的流表的动作域中均不含有删除动作,且消息2包含的流表的匹配域属于消息1包含的流表的合成匹配域,且消息1和消息2都是对同一台交换机操作,则对消息1包含的流表和消息2包含的流表的匹配域、动作域、以及优先级域进行合成。具体过程如下:If neither the action field of the flow table included in message 1 nor the action field of the flow table included in message 2 contains a delete action, and the matching field of the flow table included in message 2 belongs to the composite matching field of the flow table included in message 1, and If both message 1 and message 2 operate on the same switch, the matching field, action field, and priority field of the flow table included in message 1 and the flow table included in message 2 are synthesized. The specific process is as follows:

消息1包含的流表和消息2包含的流表的合成匹配域:若消息1(其包含的流表的动作域中含有重置动作)包含的流表的重置动作的作用域是目的地址域,则消息1包含的流表和消息2包含的流表的合成匹配域的目的地址域是:消息1(其包含的流表的动作域中含有重置动作)包含的流表的目的地址域,消息1包含的流表和消息2包含的流表的合成匹配域的源地址域是:消息2(其包含的流表的动作域中不含有重置动作)包含的流表的源地址域。The synthetic matching field of the flow table contained in message 1 and the flow table contained in message 2: if the scope of the reset action of the flow table contained in message 1 (the action field of the flow table contained in it contains a reset action) is the destination address field, the destination address field of the synthetic matching field of the flow table included in message 1 and the flow table included in message 2 is: the destination address of the flow table included in message 1 (the action field of the flow table included in it contains a reset action) The source address field of the combined matching field of the flow table contained in message 1 and the flow table contained in message 2 is: the source address of the flow table contained in message 2 (the action field of the flow table contained in it does not contain a reset action) area.

若消息1(其包含的流表的动作域中含有重置动作)包含的流表的重置动作的作用域是源地址域,则消息1包含的流表和消息2包含的流表的合成匹配域的目的地址域是:消息2(其包含的流表的动作域中不含有重置动作)包含的流表的目的地址域,消息1包含的流表和消息2包含的流表的合成匹配域的源地址域是:消息1(其包含的流表的动作域中含有重置动作)包含的流表的源地址域。If the scope of the reset action of the flow table contained in the message 1 (the action field of the flow table contained in it contains the reset action) is the source address field, then the composition of the flow table contained in the message 1 and the flow table contained in the message 2 The destination address field of the matching field is: the destination address field of the flow table contained in the message 2 (the action field of the flow table contained in it does not contain a reset action), the synthesis of the flow table contained in the message 1 and the flow table contained in the message 2 The source address field of the matching field is: the source address field of the flow table contained in message 1 (the action field of the flow table contained in the flow table contains a reset action).

消息1包含的流表和消息2包含的流表的合成优先级域是:消息1(其包含的流表的动作域中含有重置动作)包含的流表的优先级域值与消息2(其包含的流表的动作域中不含有重置动作)包含的流表的优先级域值中较小的一个。The combined priority field of the flow table included in message 1 and the flow table included in message 2 is: the priority field value of the flow table included in message 1 (the action field of the flow table included in it contains reset action) is the same as the value of the priority field of the flow table included in message 2 ( The action field of the flow table it contains does not contain a reset action), whichever is smaller in the priority field value of the flow table contained in it.

消息1包含的流表和消息2包含的流表的合成动作域是:消息2(其包含的流表的动作域中不含有重置动作)包含的流表的动作域值。The composite action field of the flow table included in message 1 and the flow table included in message 2 is: the action field value of the flow table included in message 2 (the action field of the flow table included in the flow table does not contain a reset action).

基于此,已完成对消息1包含的流表和消息2包含的流表的匹配域、动作域、以及优先级域的合成,得到消息3,并将消息3添加至第二组中。因为消息3包含的流表已经包括了消息1包含的流表的转发逻辑,因此,将消息1从第一组中去除。Based on this, the matching field, action field, and priority field of the flow table included in message 1 and the flow table included in message 2 have been synthesized to obtain message 3, which is added to the second group. Because the flow table included in message 3 already includes the forwarding logic of the flow table included in message 1, message 1 is removed from the first group.

如此重复执行上述过程,直至第一组中的各输出OpenFlow消息包含的流表与第二组中的各输出OpenFlow消息包含的流表两两都进行过合成为止。The above process is repeated in this way until the flow tables included in the output OpenFlow messages in the first group and the flow tables included in the output OpenFlow messages in the second group are both combined.

需要说明的是,若对第一组中的各输出OpenFlow消息包含的流表和第二组中的各输出OpenFlow消息包含的流表两两都进行过合成后,第一组中还具有输出OpenFlow消息,则将该输出OpenFlow消息删除。It should be noted that, if the flow tables included in the output OpenFlow messages in the first group and the flow tables included in the output OpenFlow messages in the second group are both synthesized, the first group also has an output OpenFlow message, delete the outgoing OpenFlow message.

基于此,与第二输出OpenFlow消息集所属的可执行路径对应的第三输出OpenFlow消息集中的各输出OpenFlow消息包含的流表的动作域中都不含有重置动作。Based on this, the action field of the flow table included in each output OpenFlow message in the third output OpenFlow message set corresponding to the executable path to which the second output OpenFlow message set belongs does not contain a reset action.

需要说明的是,若消息1包含的流表的动作域和/或消息2包含的流表的动作域中含有删除动作,则删除消息1和/或消息2。在此情况下,重新从第一组和/或第二组中选择其他消息。It should be noted that, if the action field of the flow table included in the message 1 and/or the action field of the flow table included in the message 2 contains a delete action, the message 1 and/or the message 2 are deleted. In this case, other messages are reselected from the first group and/or the second group.

若消息1包含的流表的动作域和消息2包含的流表的动作域中均不含有删除动作,且消息2包含的流表的匹配域不属于消息1包含的流表的合成匹配域,则不能对消息1包含的流表和消息2包含的流表进行合成。在此情况下,需要重新从第一组和第二组中选择其他消息。此时,可以从第一组中选择消息1,从第二组中选择除消息2之外的其他消息;也可以从第一组中选择除消息1之外的其他消息,从第二组中选择消息2。If neither the action field of the flow table included in message 1 nor the action field of the flow table included in message 2 contains a delete action, and the matching field of the flow table included in message 2 does not belong to the composite matching field of the flow table included in message 1, Then the flow table contained in message 1 and the flow table contained in message 2 cannot be synthesized. In this case, other messages need to be re-selected from the first and second groups. At this time, message 1 can be selected from the first group, and other messages except message 2 can be selected from the second group; other messages other than message 1 can also be selected from the first group, and other messages can be selected from the second group. Select message 2.

若消息1包含的流表的动作域和消息2包含的流表的动作域中均不含有删除动作,且消息2包含的流表的匹配域属于消息1包含的流表的合成匹配域,且消息1和消息2不是对同一台交换机操作,则不能对消息1包含的流表和消息2包含的流表进行合成。在此情况下,需要重新从第一组和第二组中选择其他消息。此时,可以从第一组中选择消息1,从第二组中选择除消息2之外的其他消息;也可以从第一组中选择除消息1之外的其他消息,从第二组中选择消息2。If neither the action field of the flow table included in message 1 nor the action field of the flow table included in message 2 contains a delete action, and the matching field of the flow table included in message 2 belongs to the composite matching field of the flow table included in message 1, and If message 1 and message 2 do not operate on the same switch, the flow table included in message 1 and the flow table included in message 2 cannot be combined. In this case, other messages need to be re-selected from the first and second groups. At this time, message 1 can be selected from the first group, and other messages except message 2 can be selected from the second group; other messages other than message 1 can also be selected from the first group, and other messages can be selected from the second group. Select message 2.

在步骤S106中,利用与每个SDN应用的每个输入OpenFlow消息对应的每条可执行路径对应的第三输出OpenFlow消息集中的各输出OpenFlow消息,检测多个SDN应用两两之间是否存在冲突。其具体过程如图5所示。In step S106, use each output OpenFlow message in the third output OpenFlow message set corresponding to each executable path corresponding to each input OpenFlow message of each SDN application to detect whether there is a conflict between multiple SDN applications . The specific process is shown in Figure 5.

在步骤S1061中,从待测的多个SDN应用中任取两个SDN应用,得到第一SDN应用和第二SDN应用。In step S1061, two SDN applications are randomly selected from the multiple SDN applications to be tested to obtain a first SDN application and a second SDN application.

在步骤S1062中,获取与第一SDN应用的每个输入OpenFlow消息对应的每条可执行路径对应的第三输出OpenFlow消息集中的各输出OpenFlow消息、以及与第二SDN应用的每个输入OpenFlow消息对应的每条可执行路径对应的第三输出OpenFlow消息集中的各输出OpenFlow消息。In step S1062, obtain each output OpenFlow message in the third output OpenFlow message set corresponding to each executable path corresponding to each input OpenFlow message of the first SDN application, and each input OpenFlow message corresponding to the second SDN application Each output OpenFlow message in the third output OpenFlow message set corresponding to each corresponding executable path.

在步骤S1063中,分别从与第一SDN应用的每个输入OpenFlow消息对应的每条可执行路径对应的第三输出OpenFlow消息集中、以及从与第二SDN应用的每个输入OpenFlow消息对应的每条可执行路径对应的第三输出OpenFlow消息集中各任取一个输出OpenFlow消息,得到第一输出OpenFlow消息和第二输出OpenFlow消息。In step S1063, from the third output OpenFlow message set corresponding to each executable path corresponding to each input OpenFlow message of the first SDN application, and from the third output OpenFlow message set corresponding to each input OpenFlow message of the second SDN application. Each of the third output OpenFlow message sets corresponding to the executable paths randomly selects one output OpenFlow message to obtain a first output OpenFlow message and a second output OpenFlow message.

在步骤S1064中,根据第一输出OpenFlow消息和第二输出OpenFlow消息的属性信息,利用预设判断规则,判断第一SDN应用与第二SDN应用是否存在冲突。In step S1064, according to the attribute information of the first output OpenFlow message and the second output OpenFlow message, and using a preset judgment rule, it is judged whether there is a conflict between the first SDN application and the second SDN application.

具体地,若第一输出OpenFlow消息和第二输出OpenFlow消息包含的信息都是对同一台交换机下发流表,且第一输出OpenFlow消息包含的流表和第二输出OpenFlow消息包含的流表的源地址域和目的地址域分别相交,且动作域不同,则判断出第一SDN应用与第二SDN应用存在冲突。否则,判断出第一SDN应用与第二SDN应用不存在冲突。Specifically, if the information contained in the first output OpenFlow message and the second output OpenFlow message both issue flow tables to the same switch, and the flow table contained in the first output OpenFlow message and the flow table contained in the second output OpenFlow message are If the source address domain and the destination address domain intersect respectively, and the action domains are different, it is determined that the first SDN application and the second SDN application conflict. Otherwise, it is determined that there is no conflict between the first SDN application and the second SDN application.

也就是说,只有当两个SDN应用同时满足以下三个条件时,这两个SDN应用才会产生冲突:①两个SDN应用的输出OpenFlow消息包含的信息都是对同一台交换机下发流表;②两个SDN应用的输出OpenFlow消息包含的流表的源地址域和目的地址域分别相交;③两个SDN应用的输出OpenFlow消息包含的流表的动作域不同。若其不能同时满足上述三个条件中的任何一个,则这两个SDN应用不会产生冲突。That is to say, only when two SDN applications meet the following three conditions at the same time, the two SDN applications will conflict: ① The information contained in the output OpenFlow messages of the two SDN applications is the flow table issued to the same switch ; ② The source address fields and destination address fields of the flow tables contained in the output OpenFlow messages of the two SDN applications intersect respectively; ③ The action fields of the flow tables contained in the output OpenFlow messages of the two SDN applications are different. If it cannot satisfy any one of the above three conditions at the same time, the two SDN applications will not conflict.

进一步地,若第一输出OpenFlow消息包含的流表的优先级域和第二输出OpenFlow消息包含的流表的优先级域不同,则第一输出OpenFlow消息包含的流表和第二输出OpenFlow消息包含的流表都能安装在交换机上。但包含的流表的优先级域较高的输出OpenFlow消息产生的动作将覆盖包含的流表的优先级域较低的输出OpenFlow消息产生的动作,因此,包含的流表的优先级域较低的输出OpenFlow消息产生的动作失效。Further, if the priority field of the flow table included in the first output OpenFlow message and the priority field of the flow table included in the second output OpenFlow message are different, then the flow table included in the first output OpenFlow message and the second output OpenFlow message include. All flow tables can be installed on the switch. However, the action generated by the outgoing OpenFlow message with the higher priority field of the included flow table will override the action generated by the outgoing OpenFlow message with the lower priority field of the included flow table. Therefore, the included flow table has a lower priority field. The action generated by the outgoing OpenFlow message is invalid.

例如,假设第一输出OpenFlow消息包含的流表为流表1,该流表1的优先级域值是1,匹配域是λ.src=HostC,λ.dst=HostE,动作域是fwd(3);第二输出OpenFlow消息包含的流表为流表2,该流表2的优先级域值是2,匹配域是λ.src=HostC,λ.dst=HostE,动作域是drop。因此,流表1和流表2都能安装在交换机上。当某个输入OpenFlow消息包含的报文(该报文的源地址是HostC,目的地址是HostE)到达该交换机时,该交换机先查看优先级域值较高的流表,并查看该报文的源地址和目的地址是否满足该流表的匹配域。在本示例中,由于流表2的优先级域值高于流表1的优先级域值,因此,该交换机先查看流表2,并发现该报文的源地址和目的地址满足流表2的匹配域,则执行流表2的动作域所包含的动作,将该报文丢弃。由于流表1的优先级域值低于流表2的优先级域值,因此,该交换机不能按照流表1的动作域所包含的动作转发该报文。For example, suppose the flow table included in the first output OpenFlow message is flow table 1, the priority field value of the flow table 1 is 1, the matching field is λ.src=Host C , λ.dst=Host E , and the action field is fwd (3); the flow table included in the second output OpenFlow message is flow table 2, the priority field value of this flow table 2 is 2, the matching field is λ.src=Host C , λ.dst=Host E , and the action field is drop. Therefore, both flow table 1 and flow table 2 can be installed on the switch. When a packet contained in an incoming OpenFlow message (the source address of the packet is Host C and the destination address is Host E ) reaches the switch, the switch first checks the flow table with a higher priority field value, and checks the packet. Whether the source address and destination address of the message satisfy the matching field of the flow table. In this example, since the priority field value of flow table 2 is higher than the priority field value of flow table 1, the switch first checks flow table 2 and finds that the source and destination addresses of the packet satisfy flow table 2. match field, execute the action contained in the action field of flow table 2, and discard the packet. Since the priority field value of flow table 1 is lower than the priority field value of flow table 2, the switch cannot forward the packet according to the action included in the action field of flow table 1.

需要说明的是,根据OpenFlow协议标准,若第一输出OpenFlow消息包含的流表的优先级域值和第二输出OpenFlow消息包含的流表的优先级域值不同,则第一输出OpenFlow消息包含的流表和第二输出OpenFlow消息包含的流表都能被安装。但其安装顺序取决于第一输出OpenFlow消息和第二输出OpenFlow消息到达交换机的时间顺序,与流表的优先级域值无关。It should be noted that, according to the OpenFlow protocol standard, if the priority field value of the flow table included in the first output OpenFlow message is different from the priority field value of the flow table included in the second output OpenFlow message, the first output OpenFlow message contains the priority field value. Both the flow table and the flow table contained in the second outgoing OpenFlow message can be installed. But the installation sequence depends on the time sequence in which the first outgoing OpenFlow message and the second outgoing OpenFlow message arrive at the switch, and has nothing to do with the priority field value of the flow table.

在第一输出OpenFlow消息包含的流表的优先级域值和第二输出OpenFlow消息包含的流表的优先级域值相同、且第一输出OpenFlow消息包含的流表的匹配域和第二输出OpenFlow消息包含的流表的匹配域相同的情况下,第一输出OpenFlow消息包含的流表和第二输出OpenFlow消息包含的流表不能被安装。The priority field value of the flow table included in the first output OpenFlow message and the priority field value of the flow table included in the second output OpenFlow message are the same, and the matching field of the flow table included in the first output OpenFlow message and the second output OpenFlow If the matching fields of the flow table included in the message are the same, the flow table included in the first output OpenFlow message and the flow table included in the second output OpenFlow message cannot be installed.

进一步地,若第一输出OpenFlow消息包含的流表的优先级域值和第二输出OpenFlow消息包含的流表的优先级域值相同,则后到达交换机的输出OpenFlow消息包含的流表不能安装在交换机上。也就是说,两个SDN应用中,优先级较低的SDN应用的输出OpenFlow消息包含的流表不能安装在交换机上。Further, if the priority field value of the flow table included in the first output OpenFlow message is the same as the priority field value of the flow table included in the second output OpenFlow message, the flow table included in the output OpenFlow message that arrives at the switch cannot be installed in the on the switch. That is to say, among the two SDN applications, the flow table contained in the output OpenFlow message of the SDN application with the lower priority cannot be installed on the switch.

例如,假设第一输出OpenFlow消息包含的流表为流表1,该流表1的优先级域值是1,匹配域是λ.src=HostC,λ.dst=HostE,动作域是fwd(3);第二输出OpenFlow消息包含的流表为流表2,该流表2的优先级域值是1,匹配域是λ.src=HostC,λ.dst=HostE,动作域是drop。若第一输出OpenFlow消息先到达交换机,第二输出OpenFlow消息后到达交换机,则流表1被安装在交换机上,而流表2不能安装在交换机上。For example, suppose the flow table included in the first output OpenFlow message is flow table 1, the priority field value of the flow table 1 is 1, the matching field is λ.src=Host C , λ.dst=Host E , and the action field is fwd (3); the flow table included in the second output OpenFlow message is flow table 2, the priority field value of this flow table 2 is 1, the matching field is λ.src=Host C , λ.dst=Host E , and the action field is drop. If the first outgoing OpenFlow message arrives at the switch first, and the second outgoing OpenFlow message arrives at the switch, then flow table 1 is installed on the switch, but flow table 2 cannot be installed on the switch.

如此重复执行步骤S1063至步骤S1064,直至第一SDN应用包含的各输出OpenFlow消息和第二SDN应用包含的各输出OpenFlow消息两两之间都被取出并判断过为止。Steps S1063 to S1064 are repeatedly performed in this way, until each outgoing OpenFlow message included in the first SDN application and each outgoing OpenFlow message included in the second SDN application are both extracted and judged.

需要说明的是,若通过第一SDN应用的某一输出OpenFlow消息和第二SDN应用的某一输出OpenFlow消息可以判断出第一SDN应用与第二SDN应用存在冲突,还需要重新从第一SDN应用和第二SDN应用中选取其他输出OpenFlow消息,并利用选取的输出OpenFlow消息再进行重新判断,直至第一SDN应用的各输出OpenFlow消息和第二SDN应用的各输出OpenFlow消息两两之间都被取出并判断过为止。It should be noted that, if it can be determined that there is a conflict between the first SDN application and the second SDN application through a certain output OpenFlow message of the first SDN application and a certain output OpenFlow message of the second SDN application, it is necessary to restart the first SDN application. Select other output OpenFlow messages from the application and the second SDN application, and use the selected output OpenFlow messages to re-judge until each output OpenFlow message of the first SDN application and each output OpenFlow message of the second SDN application are between each other. taken out and judged.

如此重复执行上述步骤S1061至步骤S1064,直至待测的多个SDN应用中两两都被检测过为止。The above-mentioned steps S1061 to S1064 are repeatedly performed in this way, until both of the multiple SDN applications to be tested are detected.

为了便于更好地理解本发明,下面通过应用实例一对本发明的技术方案进行详细描述。In order to facilitate a better understanding of the present invention, the technical solutions of the present invention are described in detail below through application examples.

应用实例一Application example one

图6为本实例中多个SDN应用共存的场景的示意图。在图6中,第一SDN应用(防火墙)和第二SDN应用(不安全应用)同时运行在同一控制器上。第一SDN应用(防火墙)在交换机sw1上安装规则Rule 1,以隔离外部主机HostC到内部网络服务器(ServerD)的流量,第二SDN应用(不安全应用)在交换机sw1上安装规则Rule2、Rule3和Rule4。其中,规则Rule2的含义是:到达交换机sw1上的输入OpenFlow消息包含的报文,如果其源地址(src)为主机HostC的地址,则交换机sw1在将该输入OpenFlow消息包含的报文的源地址(src)重置为主机HostE的地址后,继续将该输入OpenFlow消息包含的报文与交换机sw1上的其他规则进行匹配。规则Rule3的含义是:到达交换机sw1上的输入OpenFlow消息包含的报文,如果其目的地址(dst)为主机HostF的地址,则交换机sw1在将该输入OpenFlow消息包含的报文的目的地址(dst)重置为网络服务器(ServerD)的地址后,继续将该输入OpenFlow消息包含的报文与交换机sw1上的其他规则进行匹配。规则Rule4的含义是:到达交换机sw1上的输入OpenFlow消息包含的报文,如果其源地址(src)为主机HostE的地址,目的地址(dst)为网络服务器(ServerD)的地址,则将该输入OpenFlow消息包含的报文通过端口3转发出去。因此,如果输入OpenFlow消息包含的报文的源地址(src)为主机HostC的地址,目的地址(dst)为主机HostF的地址,则该输入OpenFlow消息包含的报文经过规则Rule2、Rule3和Rule4后到达网络服务器(ServerD)。也就是说,主机HostC上的输入OpenFlow消息包含的报文最终都会到达网络服务器(ServerD),而这与第一SDN应用(防火墙)的规则Rule 1是冲突的。其具体检测过程如下:FIG. 6 is a schematic diagram of a scenario in which multiple SDN applications coexist in this example. In Figure 6, a first SDN application (firewall) and a second SDN application (insecure application) are running on the same controller at the same time. The first SDN application (firewall) installs the rule Rule 1 on the switch sw 1 to isolate the traffic from the external host Host C to the internal network server (Server D ), and the second SDN application (insecure application) installs the rule on the switch sw 1 Rule2, Rule3, and Rule4. The meaning of Rule 2 is: if the source address (src) of the packet included in the input OpenFlow message arriving on the switch sw 1 is the address of the host Host C , then the switch sw 1 is using the packet included in the input OpenFlow message. After the source address (src) of the host E is reset to the address of the host E, continue to match the packets contained in the input OpenFlow message with other rules on the switch sw 1 . The meaning of Rule 3 is: if the destination address (dst) of the packet contained in the input OpenFlow message arriving on the switch sw 1 is the address of the host Host F , then the switch sw 1 is in the destination of the packet contained in the input OpenFlow message. After the address (dst) is reset to the address of the network server (Server D ), the packets contained in the input OpenFlow message continue to be matched with other rules on the switch sw 1 . The meaning of Rule 4 is: if the source address (src) of the packet contained in the input OpenFlow message arriving on switch sw 1 is the address of the host Host E , and the destination address (dst) is the address of the network server (Server D ), then The packet contained in the input OpenFlow message is forwarded through port 3. Therefore, if the source address (src) of the packet included in the input OpenFlow message is the address of the host Host C , and the destination address (dst) is the address of the host Host F , then the packets included in the input OpenFlow message go through the rules Rule2, Rule3 and After Rule4 reaches the network server (Server D ). That is to say, the packets included in the incoming OpenFlow message on the host Host C will eventually reach the network server (Server D ), which conflicts with Rule 1 of the first SDN application (firewall). The specific detection process is as follows:

针对待测的第一SDN应用(防火墙)和第二SDN应用(不安全应用),均执行以下操作:For the first SDN application (firewall) and the second SDN application (insecure application) to be tested, perform the following operations:

这里,为了简便,下面以第二SDN应用(不安全应用)为例进行说明。Here, for simplicity, the second SDN application (insecure application) is taken as an example for description below.

在步骤S101中,获取该SDN应用的源代码和所有输入OpenFlow消息。In step S101, the source code of the SDN application and all input OpenFlow messages are obtained.

在步骤S102中,根据该SDN应用的源代码包含的各事件处理器的属性信息,确定各事件处理器所要处理的输入OpenFlow消息,其中,各事件处理器所要处理的输入OpenFlow消息的总和构成所有输入OpenFlow消息。In step S102, according to the attribute information of each event processor included in the source code of the SDN application, the input OpenFlow message to be processed by each event processor is determined, wherein the sum of the input OpenFlow messages to be processed by each event processor constitutes all the Enter an OpenFlow message.

针对每个输入OpenFlow消息均执行以下操作:The following actions are performed for each incoming OpenFlow message:

在步骤S103中,利用与源代码的语言类型对应的符号执行工具,对该输入OpenFlow消息进行处理,得到与该输入OpenFlow消息对应的多条可执行路径、与该多条可执行路径中的每条可执行路径对应的路径约束条件、以及与每条可执行路径对应的第一输出OpenFlow消息集,该第一输出OpenFlow消息集为与每条可执行路径对应的输出OpenFlow消息的集合。In step S103, the input OpenFlow message is processed by using a symbolic execution tool corresponding to the language type of the source code to obtain a plurality of executable paths corresponding to the input OpenFlow message, and each executable path in the plurality of executable paths is obtained. Path constraints corresponding to the executable paths, and a first output OpenFlow message set corresponding to each executable path, where the first output OpenFlow message set is a set of output OpenFlow messages corresponding to each executable path.

在步骤S104中,利用约束求解器分别对与每条可执行路径对应的路径约束条件进行求解,并基于求解结果,对与每条可执行路径对应的第一输出OpenFlow消息集中的各输出OpenFlow消息进行处理,得到与每条可执行路径对应的第二输出OpenFlow消息集,该第二输出OpenFlow消息集为对第一输出OpenFlow消息集中的各输出OpenFlow消息进行处理后得到的输出OpenFlow消息的集合。In step S104, the constraint solver is used to solve the path constraints corresponding to each executable path, and based on the solving result, each output OpenFlow message in the first output OpenFlow message set corresponding to each executable path is solved Perform processing to obtain a second output OpenFlow message set corresponding to each executable path, where the second output OpenFlow message set is a set of output OpenFlow messages obtained by processing each output OpenFlow message in the first output OpenFlow message set.

图7为利用符号执行工具运行用于处理输入OpenFlow消息为packect_in的事件处理器,并利用约束求解器分别对与每条可执行路径对应的路径约束条件进行求解得到的结果的示意图。7 is a schematic diagram of the result obtained by using a symbolic execution tool to run an event processor for processing an input OpenFlow message as packect_in, and using a constraint solver to solve the path constraints corresponding to each executable path.

具体地,在步骤S1031中,利用与第二SDN应用(不安全应用)的源代码的语言类型对应的符号执行工具,将该SDN应用的输入OpenFlow消息packect_in包含的相关变量p指定为符号变量λ,即用λ表示变量p。Specifically, in step S1031, using a symbolic execution tool corresponding to the language type of the source code of the second SDN application (unsafe application), the related variable p contained in the input OpenFlow message packect_in of the SDN application is designated as the symbolic variable λ , that is, use λ to represent the variable p.

在步骤S1032中,利用该符号执行工具运行用于处理输入OpenFlow消息为packect_in的事件处理器,得到与该输入OpenFlow消息packect_in对应的多条可执行路径、与该多条可执行路径中的每条可执行路径对应的路径约束条件、以及与每条可执行路径对应的第一输出OpenFlow消息集。In step S1032, use the symbolic execution tool to run an event handler for processing the input OpenFlow message as packect_in, and obtain multiple executable paths corresponding to the input OpenFlow message packect_in, and each of the multiple executable paths Path constraints corresponding to the executable paths, and a first output OpenFlow message set corresponding to each executable path.

在本示例中,当λ.src=HostC为假且λ.dst=HostF为假时,对应第一可执行路径(即图7中的左一分支)。当λ.src=HostC为假且λ.dst=HostF为真时,对应第二可执行路径(即图7中的左二分支)。当λ.src=HostC为真且λ.dst=HostF为真时,对应第三可执行路径(即图7中的右一分支)。当λ.src=HostC为真且λ.dst=HostF为假时,对应第四可执行路径(即图7中的右二分支)。其中,第一可执行路径至第四可执行路径是与该输入OpenFlow消息packect_in对应的多条可执行路径,与第一可执行路径对应的路径约束条件是:λ.src=HostC为假且λ.dst=HostF为假,与第二可执行路径对应的路径约束条件是:λ.src=HostC为假且λ.dst=HostF为真,与第三可执行路径对应的路径约束条件是:λ.src=HostC为真且λ.dst=HostF为真,与第四可执行路径对应的路径约束条件是:λ.src=HostC为真且λ.dst=HostF为假。In this example, when λ.src=Host C is false and λ.dst=Host F is false, it corresponds to the first executable path (ie, the left branch in FIG. 7 ). When λ.src=Host C is false and λ.dst=Host F is true, it corresponds to the second executable path (ie, the second left branch in FIG. 7 ). When λ.src=Host C is true and λ.dst=Host F is true, it corresponds to the third executable path (ie, the right branch in FIG. 7 ). When λ.src=Host C is true and λ.dst=Host F is false, it corresponds to the fourth executable path (ie, the second right branch in FIG. 7 ). Wherein, the first executable path to the fourth executable path are multiple executable paths corresponding to the input OpenFlow message packect_in, and the path constraints corresponding to the first executable path are: λ.src=Host C is false and λ.dst=Host F is false, the path constraint corresponding to the second executable path is: λ.src=Host C is false and λ.dst=Host F is true, the path constraint corresponding to the third executable path The conditions are: λ.src=Host C is true and λ.dst=Host F is true, and the path constraint corresponding to the fourth executable path is: λ.src=Host C is true and λ.dst=Host F is Fake.

与第一可执行路径对应的第二输出OpenFlow消息集为空集,图8中未显示。与第二可执行路径对应的第二输出OpenFlow消息集如图8中的第三行所示,与第三可执行路径对应的第二输出OpenFlow消息集如图8中的第四行所示,与第四可执行路径对应的第二输出OpenFlow消息集如图8中的第二行所示。The second output OpenFlow message set corresponding to the first executable path is an empty set, which is not shown in FIG. 8 . The second output OpenFlow message set corresponding to the second executable path is shown in the third row in FIG. 8 , and the second output OpenFlow message set corresponding to the third executable path is shown in the fourth row in FIG. 8 , The second set of outgoing OpenFlow messages corresponding to the fourth executable path is shown in the second row in FIG. 8 .

需要说明的是,第二SDN应用的源代码可能有上千行,包含switch_on,link_up等一系列事件处理器,这里仅以用于处理输入OpenFlow消息为packect_in的事件处理器作为示例进行说明。It should be noted that the source code of the second SDN application may have thousands of lines, including a series of event handlers such as switch_on, link_up, etc. Here, only the event handler for processing the input OpenFlow message as packect_in is used as an example for description.

图7下面的方框中显示的内容为上述处理过程的伪代码,其表示以下含义:The content displayed in the box below Fig. 7 is the pseudo code of the above processing process, which represents the following meanings:

若输入OpenFlow消息packect_in包含的报文的源地址(src)为主机HostC的地址,则第二SDN应用(不安全应用)通过输入OpenFlow消息packect_in对交换机sw1下发流表e4((p.src=HostC,p.dst=*)→Set(p.src=HostE),output(table))。该流表的含义为:到达交换机sw1上的输入OpenFlow消息包含的报文,如果其源地址(src)为主机HostC的地址,则交换机sw1在将该输入OpenFlow消息包含的报文的源地址(src)重置为主机HostE的地址后,继续将该输入OpenFlow消息包含的报文与交换机sw1上的其他规则进行匹配。If the source address (src) of the packet included in the input OpenFlow message packect_in is the address of the host Host C , the second SDN application (insecure application) sends the flow table e 4 ((p .src=Host C , p.dst=*)→Set(p.src=Host E ), output(table)). The meaning of the flow table is: if the source address (src) of the packet included in the input OpenFlow message arriving on the switch sw 1 is the address of the host Host C , then the switch sw 1 will use the packet in the input OpenFlow message in the After the source address (src) is reset to the address of the host Host E , continue to match the packets contained in the input OpenFlow message with other rules on the switch sw1.

若输入OpenFlow消息packect_in包含的报文的目的地址(dst)为主机HostF的地址,则第二SDN应用(不安全应用)通过输入OpenFlow消息packect_in对交换机sw1下发流表e5((p.src=*,p.dst=HostF)→Set(p.dst=ServerD),output(table))。该流表的含义为:到达交换机sw1上的输入OpenFlow消息包含的报文,如果其目的地址(dst)为主机HostF的地址,则交换机sw1在将该输入OpenFlow消息包含的报文的目的地址(dst)重置为网络服务器(ServerD)的地址后,继续将该输入OpenFlow消息包含的报文与交换机sw1上的其他规则进行匹配。If the destination address (dst) of the packet included in the input OpenFlow message packect_in is the address of the host Host F , the second SDN application (insecure application) sends the flow table e 5 ((p .src=*, p.dst=Host F )→Set(p.dst=Server D ), output(table)). The meaning of the flow table is: if the destination address (dst) of the packet included in the incoming OpenFlow message arriving on the switch sw 1 is the address of the host Host F , then the switch sw 1 will use the packet in the incoming OpenFlow message in the After the destination address (dst) is reset to the address of the network server (Server D ), the packets contained in the input OpenFlow message continue to be matched with other rules on the switch sw 1 .

若输入OpenFlow消息packect_in包含的报文的源地址(src)为主机HostE的地址,目的地址(dst)为网络服务器(ServerD)的地址,则第二SDN应用(不安全应用)通过输入OpenFlow消息packect_in对交换机sw1下发流表e6((p.src=HostE,p.dst=ServerD)→fwd(3))。该流表的含义为:到达交换机sw1上的输入OpenFlow消息包含的报文,如果其源地址(src)为主机HostE的地址,目的地址(dst)为网络服务器(ServerD)的地址,则将该输入OpenFlow消息包含的报文通过端口3转发出去。If the source address (src) of the packet included in the input OpenFlow message packect_in is the address of the host Host E , and the destination address (dst) is the address of the network server (Server D ), the second SDN application (insecure application) can pass the input OpenFlow The message packect_in delivers the flow table e 6 to the switch sw 1 ((p.src=Host E , p.dst=Server D )→fwd(3)). The meaning of the flow table is: if the source address (src) of the packet contained in the incoming OpenFlow message arriving on switch sw1 is the address of the host Host E , and the destination address (dst) is the address of the network server (Server D ), Then, the packet contained in the input OpenFlow message is forwarded through port 3.

在步骤S105中,对与每条可执行路径对应的第二输出OpenFlow消息集中的各输出OpenFlow消息进行处理,得到与每条可执行路径对应的第三输出OpenFlow消息集,该第三输出OpenFlow消息集为对第二输出OpenFlow消息集中的各输出OpenFlow消息进行处理后得到的输出OpenFlow消息的集合。In step S105, each output OpenFlow message in the second output OpenFlow message set corresponding to each executable path is processed to obtain a third output OpenFlow message set corresponding to each executable path, the third output OpenFlow message The set is a set of output OpenFlow messages obtained by processing each output OpenFlow message in the second output OpenFlow message set.

针对与第二SDN应用(不安全应用)的输入OpenFlow消息packect_in对应的每条可执行路径对应的第二输出OpenFlow消息集,均执行以下操作:For the second output OpenFlow message set corresponding to each executable path corresponding to the input OpenFlow message packect_in of the second SDN application (unsafe application), the following operations are performed:

这里,为了简便,下面以与第三条可执行路径对应的第二输出OpenFlow消息集为例进行说明。Here, for simplicity, the second output OpenFlow message set corresponding to the third executable path is taken as an example for description below.

由图8可见,与第三条可执行路径对应的第二输出OpenFlow消息集中,输出OpenFlow消息(

Figure BDA0001899177470000181
Figure BDA0001899177470000182
)包含的流表的动作域中含有重置动作,输出OpenFlow消息
Figure BDA0001899177470000183
包含的流表的动作域中不含有重置动作,因此,需要利用预设合成规则,对该第二输出OpenFlow消息集中的输出OpenFlow消息(
Figure BDA0001899177470000184
Figure BDA0001899177470000185
)进行处理。具体处理过程如图9所示。It can be seen from Figure 8 that the second output OpenFlow message set corresponding to the third executable path is set, and the output OpenFlow message (
Figure BDA0001899177470000181
and
Figure BDA0001899177470000182
) contains a reset action in the action field of the flow table, and outputs an OpenFlow message
Figure BDA0001899177470000183
The action field of the included flow table does not contain a reset action, therefore, it is necessary to use the preset synthesis rule to output OpenFlow messages in the second output OpenFlow message set (
Figure BDA0001899177470000184
and
Figure BDA0001899177470000185
) to be processed. The specific processing process is shown in Figure 9.

首先,将第二输出OpenFlow消息集中的输出OpenFlow消息(

Figure BDA0001899177470000186
Figure BDA0001899177470000187
)分为两组。第一组
Figure BDA0001899177470000188
包含的输出OpenFlow消息为
Figure BDA0001899177470000189
Figure BDA00018991774700001810
这两个输出OpenFlow消息包含的流表的动作域中含有重置动作。第二组
Figure BDA00018991774700001811
包含的输出OpenFlow消息为
Figure BDA00018991774700001812
该输出OpenFlow消息包含的流表的动作域中不含有重置动作。First, the outgoing OpenFlow messages in the second outgoing OpenFlow message set (
Figure BDA0001899177470000186
and
Figure BDA0001899177470000187
) into two groups. First group
Figure BDA0001899177470000188
The included outgoing OpenFlow message is
Figure BDA0001899177470000189
and
Figure BDA00018991774700001810
These two outgoing OpenFlow messages contain a reset action in the action field of the flow table. Second Group
Figure BDA00018991774700001811
The included outgoing OpenFlow message is
Figure BDA00018991774700001812
The action field of the flow table contained in the outgoing OpenFlow message does not contain a reset action.

然后,从第一组

Figure BDA00018991774700001813
和第二组
Figure BDA00018991774700001814
中各任取一个输出OpenFlow消息,并将取出的这两个输出OpenFlow消息进行组合。在本示例中,可以形成两个组合:组合1为:
Figure BDA00018991774700001815
Figure BDA00018991774700001816
组合2为:
Figure BDA00018991774700001817
Figure BDA00018991774700001818
Then, from the first group
Figure BDA00018991774700001813
and the second group
Figure BDA00018991774700001814
Each of the two output OpenFlow messages is selected, and the two output OpenFlow messages are combined. In this example, two combinations can be formed: Combination 1 is:
Figure BDA00018991774700001815
and
Figure BDA00018991774700001816
Combination 2 is:
Figure BDA00018991774700001817
and
Figure BDA00018991774700001818

接着,对

Figure BDA00018991774700001819
包含的流表的匹配域和动作域进行合成,得到
Figure BDA00018991774700001820
包含的流表的合成匹配域(λ.src=HostE,λ.dst=*)。对
Figure BDA00018991774700001821
包含的流表的匹配域和动作域进行合成,得到
Figure BDA00018991774700001822
包含的流表的合成匹配域(λ.src=*,λ.dst=ServerD)。Next, yes
Figure BDA00018991774700001819
The matching field and action field of the included flow table are synthesized to obtain
Figure BDA00018991774700001820
Synthetic matching field (λ.src=Host E , λ.dst=*) of the included flow table. right
Figure BDA00018991774700001821
The matching field and action field of the included flow table are synthesized to obtain
Figure BDA00018991774700001822
The composite matching field of the included flow table (λ.src=*, λ.dst=Server D ).

针对组合1,由于

Figure BDA00018991774700001823
包含的流表的动作域和
Figure BDA00018991774700001824
包含的流表的动作域中均不含有删除(del)动作,且
Figure BDA00018991774700001825
包含的流表的匹配域属于
Figure BDA00018991774700001826
包含的流表的合成匹配域,且
Figure BDA00018991774700001827
Figure BDA00018991774700001828
都是对交换机sw1操作,则对
Figure BDA00018991774700001829
包含的流表和
Figure BDA00018991774700001830
包含的流表的匹配域、动作域、以及优先级域进行合成。具体过程如下:For combination 1, since
Figure BDA00018991774700001823
The action field of the included flow table and
Figure BDA00018991774700001824
The action field of the included flow table does not contain a delete (del) action, and
Figure BDA00018991774700001825
The matching field of the included flow table belongs to
Figure BDA00018991774700001826
the synthetic matching field of the included flow table, and
Figure BDA00018991774700001827
and
Figure BDA00018991774700001828
All operate on switch sw 1 , then
Figure BDA00018991774700001829
contains the flow table and
Figure BDA00018991774700001830
The match field, action field, and priority field of the included flow table are synthesized. The specific process is as follows:

Figure BDA0001899177470000191
包含的流表和
Figure BDA0001899177470000192
包含的流表的合成匹配域:由于
Figure BDA0001899177470000193
包含的流表的重置动作的作用域是源地址域(src),则
Figure BDA0001899177470000194
包含的流表和
Figure BDA0001899177470000195
包含的流表的合成匹配域的目的地址域是:
Figure BDA0001899177470000196
的目的地址域,
Figure BDA0001899177470000197
包含的流表和
Figure BDA0001899177470000198
包含的流表的合成匹配域的源地址域是:
Figure BDA0001899177470000199
的源地址域。因此,
Figure BDA00018991774700001910
包含的流表和
Figure BDA00018991774700001911
包含的流表的合成匹配域为(λ.src=HostC,λ.dst=ServerD)。
Figure BDA0001899177470000191
contains the flow table and
Figure BDA0001899177470000192
Synthetic matching field for the included flow table: due to
Figure BDA0001899177470000193
The scope of the reset action of the included flow table is the source address field (src), then
Figure BDA0001899177470000194
contains the flow table and
Figure BDA0001899177470000195
The destination address field of the synthetic match field of the included flow table is:
Figure BDA0001899177470000196
the destination address field of
Figure BDA0001899177470000197
contains the flow table and
Figure BDA0001899177470000198
The source address field of the composite match field of the included flow table is:
Figure BDA0001899177470000199
source address field. therefore,
Figure BDA00018991774700001910
contains the flow table and
Figure BDA00018991774700001911
The synthetic matching field of the included flow table is (λ.src=Host C , λ.dst=Server D ).

Figure BDA00018991774700001912
包含的流表和
Figure BDA00018991774700001913
包含的流表的合成优先级域是:
Figure BDA00018991774700001914
包含的流表的优先级域值与
Figure BDA00018991774700001915
包含的流表的优先级域值中较小的一个。由于图8中未显示
Figure BDA00018991774700001916
包含的流表和
Figure BDA00018991774700001917
包含的流表的优先级域值,在此不进行说明。
Figure BDA00018991774700001912
contains the flow table and
Figure BDA00018991774700001913
The composition priority fields of the included flow table are:
Figure BDA00018991774700001914
The priority field value of the included flow table is the same as
Figure BDA00018991774700001915
The smaller of the priority field values of the included flow table. Since it is not shown in Figure 8
Figure BDA00018991774700001916
contains the flow table and
Figure BDA00018991774700001917
The priority field value of the included flow table is not described here.

Figure BDA00018991774700001918
包含的流表和
Figure BDA00018991774700001919
包含的流表的合成动作域是:
Figure BDA00018991774700001920
包含的流表的动作域值,即为fwd(3)。
Figure BDA00018991774700001918
contains the flow table and
Figure BDA00018991774700001919
The synthetic action fields for the included flow table are:
Figure BDA00018991774700001920
The action field value of the included flow table is fwd(3).

基于此,已完成对

Figure BDA00018991774700001921
包含的流表和
Figure BDA00018991774700001922
包含的流表的匹配域、动作域、以及优先级域的合成,得到
Figure BDA00018991774700001923
(add,sw1,e((λ.src=HostC,λ.dst=ServerD)→fwd(3))),并将
Figure BDA00018991774700001924
添加至第二组
Figure BDA00018991774700001925
中。因为
Figure BDA00018991774700001926
包含的流表已经包括了
Figure BDA00018991774700001927
包含的流表的转发逻辑,因此,将
Figure BDA00018991774700001928
从第一组
Figure BDA00018991774700001929
中去除。Based on this, the
Figure BDA00018991774700001921
contains the flow table and
Figure BDA00018991774700001922
The composition of the matching field, action field, and priority field of the included flow table, we get
Figure BDA00018991774700001923
(add,sw 1 ,e((λ.src=Host C ,λ.dst=Server D )→fwd(3))), and set
Figure BDA00018991774700001924
add to the second group
Figure BDA00018991774700001925
middle. because
Figure BDA00018991774700001926
The included flow table already includes
Figure BDA00018991774700001927
The forwarding logic for the included flow table, therefore, will
Figure BDA00018991774700001928
from the first group
Figure BDA00018991774700001929
removed in.

针对组合2,由于

Figure BDA00018991774700001930
包含的流表的动作域和
Figure BDA00018991774700001931
包含的流表的动作域中均不含有删除(del)动作,且
Figure BDA00018991774700001932
包含的流表的匹配域属于
Figure BDA00018991774700001933
包含的流表的合成匹配域,且
Figure BDA00018991774700001934
Figure BDA00018991774700001935
都是对交换机sw1操作,则对
Figure BDA00018991774700001936
包含的流表和
Figure BDA00018991774700001937
包含的流表的匹配域、动作域、以及优先级域进行合成。具体过程如下:For combination 2, since
Figure BDA00018991774700001930
The action field of the included flow table and
Figure BDA00018991774700001931
The action field of the included flow table does not contain a delete (del) action, and
Figure BDA00018991774700001932
The matching field of the included flow table belongs to
Figure BDA00018991774700001933
the synthetic matching field of the included flow table, and
Figure BDA00018991774700001934
and
Figure BDA00018991774700001935
All operate on switch sw 1 , then
Figure BDA00018991774700001936
contains the flow table and
Figure BDA00018991774700001937
The match field, action field, and priority field of the included flow table are synthesized. The specific process is as follows:

Figure BDA00018991774700001938
包含的流表和
Figure BDA00018991774700001939
包含的流表的合成匹配域:由于
Figure BDA00018991774700001940
包含的流表的重置动作的作用域是目的地址域(dst),则
Figure BDA00018991774700001941
包含的流表和
Figure BDA00018991774700001942
包含的流表的合成匹配域的目的地址域是:
Figure BDA00018991774700001943
包含的流表的目的地址域,
Figure BDA00018991774700001944
包含的流表和
Figure BDA00018991774700001945
包含的流表的合成匹配域的源地址域是:
Figure BDA00018991774700001946
包含的流表的源地址域。因此,
Figure BDA00018991774700001947
包含的流表和
Figure BDA0001899177470000201
包含的流表的合成匹配域是(λ.src=HostE,λ.dst=HostF)。
Figure BDA00018991774700001938
contains the flow table and
Figure BDA00018991774700001939
Synthetic matching field for the included flow table: due to
Figure BDA00018991774700001940
The scope of the reset action of the included flow table is the destination address field (dst), then
Figure BDA00018991774700001941
contains the flow table and
Figure BDA00018991774700001942
The destination address field of the synthetic match field of the included flow table is:
Figure BDA00018991774700001943
the destination address field of the included flow table,
Figure BDA00018991774700001944
contains the flow table and
Figure BDA00018991774700001945
The source address field of the composite match field of the included flow table is:
Figure BDA00018991774700001946
The source address field of the included flow table. therefore,
Figure BDA00018991774700001947
contains the flow table and
Figure BDA0001899177470000201
The composite matching field of the included flow table is (λ.src=Host E , λ.dst=Host F ).

Figure BDA0001899177470000202
包含的流表和
Figure BDA0001899177470000203
包含的流表的合成优先级域是:
Figure BDA0001899177470000204
包含的流表的优先级域值与
Figure BDA0001899177470000205
包含的流表的优先级域值中较小的一个。由于图8中未显示
Figure BDA0001899177470000206
包含的流表和
Figure BDA0001899177470000207
包含的流表的优先级域值,在此不进行说明。
Figure BDA0001899177470000202
contains the flow table and
Figure BDA0001899177470000203
The composition priority fields of the included flow table are:
Figure BDA0001899177470000204
The priority field value of the included flow table is the same as
Figure BDA0001899177470000205
The smaller of the priority field values of the included flow table. Since it is not shown in Figure 8
Figure BDA0001899177470000206
contains the flow table and
Figure BDA0001899177470000207
The priority field value of the included flow table is not described here.

Figure BDA0001899177470000208
包含的流表和
Figure BDA0001899177470000209
包含的流表的合成动作域是:
Figure BDA00018991774700002010
包含的流表的动作域值,即为fwd(3)。
Figure BDA0001899177470000208
contains the flow table and
Figure BDA0001899177470000209
The synthetic action fields for the included flow table are:
Figure BDA00018991774700002010
The action field value of the included flow table is fwd(3).

基于此,已完成对

Figure BDA00018991774700002011
包含的流表和
Figure BDA00018991774700002012
包含的流表的匹配域、动作域、以及优先级域的合成,得到
Figure BDA00018991774700002013
(add,sw1,e((λ.src=HostE,λ.dst=HostF)→fwd(3))),并将
Figure BDA00018991774700002014
添加至第二组
Figure BDA00018991774700002015
中。因为
Figure BDA00018991774700002016
包含的流表已经包括了
Figure BDA00018991774700002017
包含的流表的转发逻辑,因此,将
Figure BDA00018991774700002018
从第一组
Figure BDA00018991774700002019
中去除。Based on this, the
Figure BDA00018991774700002011
contains the flow table and
Figure BDA00018991774700002012
The composition of the matching field, action field, and priority field of the included flow table, we get
Figure BDA00018991774700002013
(add,sw 1 ,e((λ.src=Host E ,λ.dst=Host F )→fwd(3))), and set
Figure BDA00018991774700002014
add to the second group
Figure BDA00018991774700002015
middle. because
Figure BDA00018991774700002016
The included flow table already includes
Figure BDA00018991774700002017
The forwarding logic for the included flow table, therefore, will
Figure BDA00018991774700002018
from the first group
Figure BDA00018991774700002019
removed in.

基于此,与第三可执行路径对应的第三输出OpenFlow消息集中的输出OpenFlow消息为:

Figure BDA00018991774700002020
Figure BDA00018991774700002021
这些输出OpenFlow消息包含的流表的动作域中均不含有重置动作。Based on this, the output OpenFlow messages in the third output OpenFlow message set corresponding to the third executable path are:
Figure BDA00018991774700002020
and
Figure BDA00018991774700002021
These outgoing OpenFlow messages contain no reset action in the action field of the flow table.

如此重复执行上述步骤,直至完成对与第二可执行路径对应的第二输出OpenFlow消息集中的各输出OpenFlow消息的合成、以及对与第四可执行路径对应的第二输出OpenFlow消息集中的各输出OpenFlow消息的合成为止。Repeat the above steps until the synthesis of each output OpenFlow message in the second output OpenFlow message set corresponding to the second executable path and the output of each output in the second output OpenFlow message set corresponding to the fourth executable path are completed. until the synthesis of OpenFlow messages.

类似地,可以得到与第一SDN应用(防火墙)的每个输入OpenFlow消息对应的每条可执行路径对应的第三输出OpenFlow消息集中的各输出OpenFlow消息,如图8所示。Similarly, each output OpenFlow message in the third output OpenFlow message set corresponding to each executable path corresponding to each input OpenFlow message of the first SDN application (firewall) can be obtained, as shown in FIG. 8 .

在步骤S106中,利用与每个SDN应用的每个输入OpenFlow消息对应的每条可执行路径对应的第三输出OpenFlow消息集中的各输出OpenFlow消息,检测多个SDN应用两两之间是否存在冲突。In step S106, use each output OpenFlow message in the third output OpenFlow message set corresponding to each executable path corresponding to each input OpenFlow message of each SDN application to detect whether there is a conflict between multiple SDN applications .

在本示例中,由于与第二SDN应用(不安全应用)的输入OpenFlow消息packect_in对应的第三条可执行路径对应的第三输出OpenFlow消息集中含有

Figure BDA00018991774700002022
(add,sw1,e((λ.src=HostC,λ.dst=ServerD)→fwd(3))),与第一SDN应用(防火墙)的某个输入OpenFlow消息对应的某条可执行路径对应的第三输出OpenFlow消息集中含有
Figure BDA0001899177470000211
(add,sw1,e3((λ.src=HostC,λ.dst=ServerD)→drop)),而
Figure BDA0001899177470000212
Figure BDA0001899177470000213
都是对交换机sw1操作,且
Figure BDA0001899177470000214
Figure BDA0001899177470000215
的源地址域和目的地址域分别相交,且动作域不同,则判断出第一SDN应用(防火墙)与第二SDN应用(不安全应用)存在冲突,受影响的是:输入OpenFlow消息中包含的源地址为HostC、目的地址为ServerD的报文。In this example, since the third output OpenFlow message set corresponding to the third executable path corresponding to the input OpenFlow message packect_in of the second SDN application (insecure application) contains
Figure BDA00018991774700002022
(add, sw 1 , e((λ.src=Host C , λ.dst=Server D )→fwd(3))), a certain message corresponding to a certain input OpenFlow message of the first SDN application (firewall) can be The third output OpenFlow message set corresponding to the execution path contains
Figure BDA0001899177470000211
(add, sw 1 , e 3 ((λ.src=Host C ,λ.dst=Server D )→drop)), and
Figure BDA0001899177470000212
and
Figure BDA0001899177470000213
Both operate on switch sw 1 , and
Figure BDA0001899177470000214
and
Figure BDA0001899177470000215
The source address domain and the destination address domain of the source address domain and the destination address domain are respectively intersected, and the action domain is different, then it is judged that the first SDN application (firewall) and the second SDN application (unsafe application) conflict, and what is affected is: the input OpenFlow message contains the A packet whose source address is Host C and whose destination address is Server D.

应用本发明实施例提供的用于检测多个软件定义网络SDN应用之间的冲突的方法,通过利用符号执行工具对待测的多个SDN应用中的每个SDN应用的每个输入OpenFlow消息进行处理,并基于处理结果来检测多个SDN应用两两之间是否存在冲突,从而可以实现在部署多个SDN应用之前预先检测多个SDN应用之间是否存在冲突,具有很好的应用前景。By applying the method for detecting conflicts between multiple software-defined network SDN applications provided by the embodiments of the present invention, each input OpenFlow message of each SDN application in the multiple SDN applications to be tested is processed by using a symbolic execution tool , and based on the processing results to detect whether there is a conflict between multiple SDN applications, so that it is possible to detect whether there is a conflict between multiple SDN applications before deploying multiple SDN applications, which has a good application prospect.

本领域的技术人员应该明白,上述的本发明的各模块或各步骤可以用通用的计算装置来实现,它们可以集中在单个的计算装置上,或者分布在多个计算装置所组成的网络上,可选地,它们可以用计算装置可执行的程序代码来实现,从而,可以将它们存储在存储装置中由计算装置来执行,或者将它们分别制作成各个集成电路模块,或者将它们中的多个模块或步骤制作成单个集成电路模块来实现。这样,本发明不限制于任何特定的硬件和软件结合。Those skilled in the art should understand that the above-mentioned modules or steps of the present invention can be implemented by a general-purpose computing device, and they can be concentrated on a single computing device, or distributed on a network composed of multiple computing devices, Alternatively, they can be implemented with program codes executable by a computing device, so that they can be stored in a storage device and executed by the computing device, or they can be separately fabricated into individual integrated circuit modules, or multiple of them can be combined. Each module or step is fabricated into a single integrated circuit module to implement. As such, the present invention is not limited to any particular combination of hardware and software.

虽然本发明所公开的实施方式如上,但所述的内容只是为了便于理解本发明而采用的实施方式,并非用以限定本发明。任何本发明所属技术领域内的技术人员,在不脱离本发明所公开的精神和范围的前提下,可以在实施的形式上及细节上作任何的修改与变化,但本发明的保护范围,仍须以所附的权利要求书所界定的范围为准。Although the disclosed embodiments of the present invention are as above, the content described is only an embodiment adopted to facilitate understanding of the present invention, and is not intended to limit the present invention. Any person skilled in the art to which the present invention belongs, without departing from the spirit and scope disclosed by the present invention, can make any modifications and changes in the form and details of the implementation, but the protection scope of the present invention is still The scope as defined by the appended claims shall prevail.

Claims (9)

1. A method for detecting conflicts between a plurality of Software Defined Network (SDN) applications, comprising:
for each SDN application in a plurality of SDN applications to be tested, executing the following operations:
acquiring a source code and all input OpenFlow messages of the SDN application;
determining input OpenFlow messages to be processed by each event processor according to attribute information of each event processor contained in a source code of the SDN application, wherein the sum of the input OpenFlow messages to be processed by each event processor forms all the input OpenFlow messages;
for each incoming OpenFlow message, the following operations are performed:
processing the input OpenFlow message by using a symbol execution tool corresponding to the language type of the source code to obtain a plurality of executable paths corresponding to the input OpenFlow message, path constraint conditions corresponding to each executable path in the executable paths, and a first output OpenFlow message set corresponding to each executable path, wherein the first output OpenFlow message set is a set of output OpenFlow messages corresponding to each executable path;
respectively solving the path constraint conditions corresponding to each executable path by using a constraint solver, and processing each output OpenFlow message in a first output OpenFlow message set corresponding to each executable path based on a solving result to obtain a second output OpenFlow message set corresponding to each executable path, wherein the second output OpenFlow message set is a set of output OpenFlow messages obtained after processing each output OpenFlow message in the first output OpenFlow message set;
processing each output OpenFlow message in a second output OpenFlow message set corresponding to each executable path to obtain a third output OpenFlow message set corresponding to each executable path, wherein the third output OpenFlow message set is a set of output OpenFlow messages obtained after processing each output OpenFlow message in the second output OpenFlow message set;
processing each output OpenFlow message in the second output OpenFlow message set corresponding to each executable path to obtain a third output OpenFlow message set corresponding to each executable path, including:
for a second set of output OpenFlow messages corresponding to each executable path corresponding to each input OpenFlow message of each SDN application, performing the following operations:
classifying each output OpenFlow message in the second output OpenFlow message set according to the attribute information of each output OpenFlow message in the second output OpenFlow message set;
processing each output OpenFlow message in the second output OpenFlow message set according to the classification result to obtain a third output OpenFlow message set corresponding to an executable path to which the second output OpenFlow message set belongs;
and detecting whether conflicts exist between every two SDN applications by utilizing each output OpenFlow message in a third output OpenFlow message set corresponding to each executable path corresponding to each input OpenFlow message of each SDN application.
2. The method of claim 1, wherein processing an input OpenFlow message with a symbolic execution tool corresponding to a language type of the source code to obtain a plurality of executable paths corresponding to the input OpenFlow message, a path constraint corresponding to each executable path of the plurality of executable paths, and a first output OpenFlow message set corresponding to each executable path comprises:
using a symbolic execution tool corresponding to a language type of source code of the SDN application, designating relevant variables contained in each input OpenFlow message of the SDN application as symbolic variables, wherein the relevant variables are variables required to be used in a process of detecting conflicts among a plurality of SDN applications;
and running each event processor contained in the source code of the SDN application by using the symbol execution tool to obtain a plurality of executable paths corresponding to each input OpenFlow message of the SDN application, a path constraint condition corresponding to each executable path in the executable paths and a first output OpenFlow message set corresponding to each executable path.
3. The method for detecting conflicts between software defined networking, SDN, applications of claim 2, further comprising:
and assigning specific values to independent variables contained in each input OpenFlow message of the SDN application, wherein the independent variables are variables which are not needed to be used in the process of detecting the conflict among the plurality of SDN applications.
4. Method for detecting conflicts between software defined network, SDN, applications according to claim 2 or 3, characterized in that it further comprises:
according to the specific meaning of each domain of a flow table contained in each input OpenFlow message of the SDN application in the software defined network SDN, limiting the value range of each symbol variable contained in each input OpenFlow message of the SDN application in a preset range.
5. The method according to claim 1, wherein a constraint solver is used to solve a path constraint condition corresponding to each executable path, and each output OpenFlow message in a first output OpenFlow message set corresponding to each executable path is processed based on a solution result to obtain a second output OpenFlow message set corresponding to each executable path, and the method comprises:
for each executable path corresponding to each input OpenFlow message of each SDN application, performing the following operations:
solving the path constraint condition corresponding to the executable path by using a constraint solver;
under the condition that the return result of the constraint solver is a solution, giving a specific value obtained by solving to each symbol variable contained in each output OpenFlow message in a first output OpenFlow message set corresponding to the executable path to obtain a second output OpenFlow message set corresponding to the executable path;
and under the condition that the result returned by the constraint solver is not a solution, removing the first output OpenFlow message set corresponding to the executable path to obtain a second output OpenFlow message set corresponding to the executable path, wherein the second output OpenFlow message set is an empty set.
6. The method for detecting conflicts between software defined networking, SDN, applications according to claim 1, wherein the outgoing OpenFlow message contains a flow table with or without a reset action in an action field.
7. The method according to claim 1, wherein the step of processing each output OpenFlow message in the second output OpenFlow message set according to the classification result to obtain a third output OpenFlow message set corresponding to an executable path to which the second output OpenFlow message set belongs includes:
when the action fields of the flow tables contained in the output OpenFlow messages in the second output OpenFlow message set do not contain reset actions, if the output OpenFlow messages in the second output OpenFlow message set are kept unchanged, the output OpenFlow messages contained in a third output OpenFlow message set corresponding to the executable path to which the second output OpenFlow message set belongs are kept consistent with the output OpenFlow messages contained in the second output OpenFlow message set;
when the action fields of the flow tables included in the output OpenFlow messages in the second output OpenFlow message set all contain reset actions, if the output OpenFlow messages in the second output OpenFlow message set are removed, the third output OpenFlow message set corresponding to the executable path to which the second output OpenFlow message set belongs is an empty set.
8. The method according to claim 7, wherein each output OpenFlow message in the second output OpenFlow message set is processed according to the classification result to obtain a third output OpenFlow message set corresponding to an executable path to which the second output OpenFlow message set belongs, and further comprising:
and under the condition that the action domain of the flow table contained in one part of the output OpenFlow messages in the second output OpenFlow message set contains a reset action and the action domain of the flow table contained in the other part of the output OpenFlow messages does not contain the reset action, processing each output OpenFlow message in the second output OpenFlow message set by using a preset synthesis rule to obtain a third output OpenFlow message set corresponding to the executable path to which the second output OpenFlow message set belongs.
9. The method of claim 1, wherein detecting whether a conflict exists between each of the plurality of SDN applications using respective output OpenFlow messages in a third set of output OpenFlow messages corresponding to each executable path corresponding to each input OpenFlow message for each SDN application comprises:
obtaining a first SDN application and a second SDN application from any two SDN applications in a plurality of SDN applications to be tested;
acquiring each output OpenFlow message in a third output OpenFlow message set corresponding to each executable path corresponding to each input OpenFlow message of the first SDN application, and each output OpenFlow message in the third output OpenFlow message set corresponding to each executable path corresponding to each input OpenFlow message of the second SDN application;
respectively obtaining a first output OpenFlow message and a second output OpenFlow message from a third output OpenFlow message set corresponding to each executable path corresponding to each input OpenFlow message of the first SDN application and from any output OpenFlow message set corresponding to each executable path corresponding to each input OpenFlow message of the second SDN application;
and judging whether the first SDN application and the second SDN application have conflict or not by utilizing a preset judgment rule according to the attribute information of the first output OpenFlow message and the second output OpenFlow message.
CN201811504826.6A 2018-12-10 2018-12-10 Method for detecting conflicts between multiple software-defined networking SDN applications Active CN109725925B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811504826.6A CN109725925B (en) 2018-12-10 2018-12-10 Method for detecting conflicts between multiple software-defined networking SDN applications

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811504826.6A CN109725925B (en) 2018-12-10 2018-12-10 Method for detecting conflicts between multiple software-defined networking SDN applications

Publications (2)

Publication Number Publication Date
CN109725925A CN109725925A (en) 2019-05-07
CN109725925B true CN109725925B (en) 2020-09-18

Family

ID=66294948

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811504826.6A Active CN109725925B (en) 2018-12-10 2018-12-10 Method for detecting conflicts between multiple software-defined networking SDN applications

Country Status (1)

Country Link
CN (1) CN109725925B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107809381A (en) * 2017-10-19 2018-03-16 北京邮电大学 One kind, which is realized, is based on route loop active auditing algorithm and implementation method in SDN
CN108156046A (en) * 2016-12-06 2018-06-12 中国移动通信有限公司研究院 Distributed route detecting method and device

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9973429B2 (en) * 2013-04-05 2018-05-15 Futurewei Technologies, Inc. Software defined networking (SDN) controller orchestration and network virtualization for data center interconnection
CN104283738B (en) * 2014-10-11 2018-07-17 新华三技术有限公司 A kind of chain circuit detecting method and equipment

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108156046A (en) * 2016-12-06 2018-06-12 中国移动通信有限公司研究院 Distributed route detecting method and device
CN107809381A (en) * 2017-10-19 2018-03-16 北京邮电大学 One kind, which is realized, is based on route loop active auditing algorithm and implementation method in SDN

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
动态符号执行中路径搜索策略的研究与实现;王磊;《中国优秀硕士学位论文全文库 信息科技辑》;《中国学术期刊(光盘版)电子杂志社》;20180415;第9-45页 *
软件定义网络OpenFlow流表优化技术研究;席孝强;《中国优秀硕士学位论文全文库 信息科技辑》;中国学术期刊(光盘版)电子杂志社;20180615;全文 *

Also Published As

Publication number Publication date
CN109725925A (en) 2019-05-07

Similar Documents

Publication Publication Date Title
US11902120B2 (en) Synthetic data for determining health of a network security system
US11115300B2 (en) Anomaly detection and reporting in a network assurance appliance
CN110741603B (en) Topology detector
CN110521169B (en) Policy Guarantees for Service Chaining
CN110521170B (en) Static Network Policy Analysis of Network
US7505463B2 (en) Rule set conflict resolution
CN110710161B (en) Generating device-level logical models of a network
US7760730B2 (en) Rule set verification
CN110710159B (en) Methods, systems, devices, and media for network configuration and troubleshooting
US7512071B2 (en) Distributed flow enforcement
CN112470431B (en) Synthesis of models for networks using automatic Boolean learning
CN110785963B (en) Collecting network model and node information from a network
CN110612702A (en) Intent specification checks for inconsistent
US20200204432A1 (en) Event clustering for a network assurance platform
CN110612706A (en) Guarantee of Quality of Service Configuration in Networks
CN110741602B (en) Event generation in response to network intent form peer failure
US20180351819A1 (en) Semantic analysis to detect shadowing of rules in a model of network intents
CN111684439B (en) Network assurance of database version compatibility
US10623271B2 (en) Intra-priority class ordering of rules corresponding to a model of network intents
CN110785964A (en) Validation of Layer 3 Bridge Domain Subnets in the Network
Kim et al. Formal verification of SDN-based firewalls by using TLA+
Tu et al. Linux network programming with p4
Wang et al. Rule anomalies detecting and resolving for software defined networks
CN109725925B (en) Method for detecting conflicts between multiple software-defined networking SDN applications
US20160006605A1 (en) Network control device and network setting system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant