LAUSR

A key feature of software-defined networking (SDN) is the decoupling of control pane and data plane. Although delivering huge benefits, such a decoupling also brings a new risk: the data plane states (i.e., flow tables) may deviate from the control plane policies. Existing data plane testing tools such as RuleScope check the correctness of flow tables by injecting probes. However, they are limited in four aspects: 1) are slow in generating probes due to solving SAT problems; 2) may raise false negatives when there are multiple missing rules; 3) cannot test cascaded flow tables used by OpenFlow switches; and 4) either does not support incremental update or has a slow update speed. To overcome these limitations, we present RuleChecker, a fast data plane testing tool for SDN. In contrast to previous tools that generate each probe by solving an SAT problem, the RuleChecker takes the flow table as whole and generates all probes through an iteration of simple set operations. By leveraging binary decision diagram to encode sets, we make the RuleChecker extremely fast: nearly $20\times $ faster than the RuleScope, and can update probes in less than 2 ms for 90% of the cases, based on the Stanford backbone rule set.