Identifying Running Data-paths in Software Defined Networking Driven Data-planes

In Software Defined Networking (SDN), different applications may configure different coexisting forwarding rules, the resulting (running) data-paths a specific network flow traverses may not be the intended ones. Furthermore, the SDN components may be defective or compromised. In order to provide reliable communication within the SDN driven data-planes, assuring that the running data-paths are the requested (and expected) ones is necessary. In this paper, we propose an approach that relies on distributed traffic generation and monitoring to identify the running data-paths in a given SDN driven data-plane. We show that differently from the existing approaches, under certain assumptions, there exist necessary and sufficient conditions for formally guaranteeing that all running datapaths are discovered using our approach. A data-path discovery toolkit has been implemented using the proposed approach. We describe the corresponding set of tools, and showcase the obtained experimental results that reveal inconsistencies in well-known SDN applications. Additionally, we show the scalability of our approach.