Lehrstuhl Netzarchitekturen und Netzdienste Institut für Informatik Technische Universität München Formal Methods: Header Space Analysis Hauptseminar: Innovative Internettechnologien und Mobilkommunikation Benedikt Jaeger 23.5.2014
Content Header in Messages Composition of Messages Different header Header Space Analysis Headerspace, Networkspace Transfer functions Reachability Example IITM: Formal Methods: Header Space Analysis 2
Composition of Messages Header Payload Header : information about the packet Payload : actual Data IITM: Formal Methods: Header Space Analysis 3
Header IPv4-Header Version IHL TOS Total Length Identification Flags Fragment Offset TTL Protocol Header Checksum Source Address Destination Address Options / Padding (optional) IPv6-Header MAC-Header ARP Request / Reply ICMP Echo Request / Reply, TTL Exceeded TCP- / UDP-Header (Headercontent is from the script of „ Grundlagen: Rechnernetze und Verteilte Systeme “ in the SS 2013, TUM ) IITM: Formal Methods: Header Space Analysis 4
Header IPv4-Header IPv6-Header Version Traffic Class Flow Label Payload Length Next Header Hop Limit Source Address MAC-Header Destination Address ARP Request / Reply ICMP Echo Request / Reply, TTL Exceeded TCP- / UDP-Header (Headercontent is from the script of „ Grundlagen: Rechnernetze und Verteilte Systeme “ in the SS 2013, TUM) IITM: Formal Methods: Header Space Analysis 5
Header IPv4-Header IPv6-Header MAC-Header Destination Hardware Address Destination Hardware Address Source Hardware Address Source Hardware Address Type ARP Request / Reply ICMP Echo Request / Reply, TTL Exceeded TCP- / UDP-Header (Headercontent is from the script of „ Grundlagen: Rechnernetze und Verteilte Systeme “ in the SS 2013, TUM) IITM: Formal Methods: Header Space Analysis 6
Header IPv4-Header IPv6-Header MAC-Header ARP Request / Reply Hardware Type Protocol Type Hw Addr. Length P. Addr. Length Operation Sender Hardware Address Sender Hardware Address Sender Protocol Address Sender Protocol Address Target Hardware Address Target Hardware Address Target Protocol Address ICMP Echo Request / Reply, TTL Exceeded TCP- / UDP-Header (Headercontent is from the script of „ Grundlagen: Rechnernetze und Verteilte Systeme “ in the SS 2013, TUM) IITM: Formal Methods: Header Space Analysis 7
Header IPv4-Header IPv6-Header MAC-Header ARP Request / Reply ICMP Echo Request / Reply, TTL Exceeded Type Code Checksum Identifier Sequence Number Data (optional) TCP- / UDP-Header (Headercontent is from the script of „ Grundlagen: Rechnernetze und Verteilte Systeme “ in the SS 2013, TUM) IITM: Formal Methods: Header Space Analysis 8
Header IPv4-Header IPv6-Header MAC-Header ARP Request / Reply ICMP Echo Request / Reply, TTL Exceeded TCP- / UDP-Header Source Port Destination Port Sequence Number Acknowledgement Number Offset Reserved Window Checksum Urgent Pointer Options Source Port Destination Port Length Checksum (Headercontent is from the script of „ Grundlagen: Rechnernetze und Verteilte Systeme “ in the SS 2013, TUM) IITM: Formal Methods: Header Space Analysis 9
Header Space Analysis Represent reality in a model Reality Model Router, switch, NAT, firewall, … Middlebox (or simply switch) Packet Headerbits Position in Network Unique Ports IITM: Formal Methods: Header Space Analysis 10
Header Space Analysis 𝐼 ⊆ 0,1 𝑀 Headerspace Point in Headerspace ℎ 00110010101010100101001010010010 𝑂 ⊆ 0,1 𝑀 × 0, … , 𝑄 Networkspace Point in Networkspace (ℎ, 𝑞) 12 00110010101010100101001010010010 IITM: Formal Methods: Header Space Analysis 11
Header Space Analysis Box Transfer Function 𝑈 ℎ, 𝑞 : ℎ, 𝑞 → ℎ 1 , 𝑞 1 , ℎ 2 , 𝑞 2 , … 𝐂𝐩𝐲 𝑼𝒔𝒃𝒐𝒕𝒈𝒇𝒔 𝑮𝒗𝒐𝒅𝒖𝒋𝒑𝒐 𝑼 𝑺 𝒊 𝒒 𝑼(𝒊, 𝒒) 𝑆 1 { ℎ, 𝑆 2 } 1001xxxx 𝑆 2 { ℎ, 𝑆 1 } 1011xxxx 𝑆 1 { ℎ, 𝑆 2 , ℎ, 𝑆 3 } 1111xxxx … … … IITM: Formal Methods: Header Space Analysis 12
Header Space Analysis Box Transfer Function 𝑈 ℎ, 𝑞 : ℎ, 𝑞 → ℎ 1 , 𝑞 1 , ℎ 2 , 𝑞 2 , … Transform Subspace 𝑇 to another Subspace 𝑇 ∗ 𝑼 𝟑 𝑼 𝟐 IITM: Formal Methods: Header Space Analysis 13
Header Space Analysis Box Transfer Function 𝑈 ℎ, 𝑞 : ℎ, 𝑞 → ℎ 1 , 𝑞 1 , ℎ 2 , 𝑞 2 , … Reversible: 𝑈 −1 −𝟐 𝑼 𝟑 −𝟐 𝑼 𝟐 IITM: Formal Methods: Header Space Analysis 14
Example: IPv4-Router What must an IPv4-Router do? Rewrite source and destination Mac: 𝑈 𝑛𝑏𝑑 ( ) 𝑈 𝑢𝑢𝑚 ( ) Decrement TTL: 𝑈 𝑑ℎ𝑙𝑡𝑣𝑛 ( ) Update checksum: 𝑈 𝑔𝑥𝑒 Forward packet : 𝑈 𝐽𝑄𝑤4 . = 𝑈 𝑔𝑥𝑒 𝑈 𝑑ℎ𝑙𝑡𝑣𝑛 𝑈 𝑢𝑢𝑚 𝑈 𝑛𝑏𝑑 . IITM: Formal Methods: Header Space Analysis 15
Example: IPv4-Router Rewrite source and destination Mac: 𝑈 𝑛𝑏𝑑 ( ) ignored 𝑈 𝑢𝑢𝑚 ( ) Decrement TTL: ignored 𝑈 𝑑ℎ𝑙𝑡𝑣𝑛 ( ) Update checksum: ignored 𝑈 𝑔𝑥𝑒 Forward packet: 𝑈 𝐽𝑄𝑤4 . = 𝑈 𝑔𝑥𝑒 . IITM: Formal Methods: Header Space Analysis 16
Example: IPv4-Router ℎ, 𝑞 1 𝑗𝑔 𝑗𝑞_𝑒𝑡𝑢(ℎ) ∈ 𝑇 1 ℎ, 𝑞 2 𝑗𝑔 𝑗𝑞_𝑒𝑡𝑢(ℎ) ∈ 𝑇 2 𝑈 𝐽𝑄𝑤4 ℎ, 𝑞 = ℎ, 𝑞 3 𝑗𝑔 𝑗𝑞_𝑒𝑡𝑢(ℎ) ∈ 𝑇 3 𝑝𝑢ℎ𝑓𝑠𝑥𝑗𝑡𝑓 𝑻 𝟑 𝒒 𝟑 𝒒 𝟒 𝑻 𝟐 𝑻 𝟒 𝑺 𝑱𝑸𝒘𝟓 𝒒 𝟐 IITM: Formal Methods: Header Space Analysis 17
Header Space Analysis Box Transfer Function 𝑈 ℎ, 𝑞 : ℎ, 𝑞 → ℎ 1 , 𝑞 1 , ℎ 2 , 𝑞 2 , … Network Transfer Function Ψ( ) 𝑈 1 ℎ, 𝑞 𝑗𝑔 𝑞 ∈ 𝑡𝑥𝑗𝑢𝑑ℎ 1 Ψ ℎ, 𝑞 = … … 𝑈 𝑜 ℎ, 𝑞 𝑗𝑔 𝑞 ∈ 𝑡𝑥𝑗𝑢𝑑ℎ 𝑜 Topology Transfer Function Γ Γ ℎ, 𝑞 = (ℎ, 𝑞 ∗ ) 𝑗𝑔 𝑞 𝑑𝑝𝑜𝑜𝑓𝑑𝑢𝑓𝑒 𝑢𝑝 𝑞 ∗ {} 𝑗𝑔 𝑞 𝑗𝑡 𝑜𝑝𝑢 𝑑𝑝𝑜𝑜𝑓𝑑𝑢𝑓𝑒 IITM: Formal Methods: Header Space Analysis 18
Header Space Analysis Multihop Packet Traversal Φ . = Ψ(Γ (.)) Position(s) of (h,p) after k steps: Φ 𝑙 (ℎ, 𝑞) = Ψ(Γ(… (Ψ Γ ℎ, 𝑞 … = ℎ 1 , 𝑞 1 , … IITM: Formal Methods: Header Space Analysis 19
Reachability “Can Host A talk to Host B?“ Wildcard expression ∈ 0, 1, 𝑦 𝑀 E. g. 1001xxxx like 192.168.x.x Send Wildcard header from A and check if it ever reaches B 𝒚𝒚𝒚𝒚𝒚𝒚𝒚𝒚 … 𝑩 𝑪 IITM: Formal Methods: Header Space Analysis 20
Reachability Send Wildcard header from A and check if it ever reaches B 𝑏 → 𝑇 1 → … → 𝑇 𝑜−1 → 𝑇 𝑜 → 𝑐 𝑆 𝑏→𝑐 = {𝑈 𝑜 (Γ(𝑈 𝑜−1 … Γ 𝑈 1 ℎ, 𝑞 … } 𝑏→𝑐 𝑞𝑏𝑢ℎ𝑡 {𝟐𝟏𝟏𝟐𝟏𝒚𝟐𝟏, 𝟏𝟐𝟏𝟐𝟐𝒚𝟐𝟏} 𝒚𝒚𝒚𝒚𝒚𝒚𝒚𝒚 … 𝑩 𝑪 IITM: Formal Methods: Header Space Analysis 21
Reachability Use 𝑈 −1 and Γ −1 = Γ to get the original header −1 (Γ 𝑈 −1 ℎ, 𝑐 … ) −1 (Γ(… (𝑈 ℎ 𝑏 = 𝑈 1 𝑜−1 𝑜 {𝟐𝟏𝟏𝟐𝟏𝒚𝟐𝟏, 𝟐𝟏𝟏𝟐𝟐𝒚𝟐𝟏} {𝟐𝟏𝟏𝟐𝟏𝒚𝟐𝟏, 𝟏𝟐𝟏𝟐𝟐𝒚𝟐𝟏} 𝒚𝒚𝒚𝒚𝒚𝒚𝒚𝒚 … 𝑩 𝑪 IITM: Formal Methods: Header Space Analysis 22
Complexity 𝑆 𝑏→𝑐 = {𝑈 𝑜 (Γ(𝑈 𝑜−1 … Γ 𝑈 1 ℎ, 𝑞 … } 𝑏→𝑐 𝑞𝑏𝑢ℎ𝑡 Worst Case: Single box: 𝑃 𝑆 1 𝑆 2 𝑆 1 : Number of wildcard expressions 𝑆 2 : Number of rules of Transfer function Overall network: 𝑃 𝑆 1 𝑆 2 … 𝑆 𝑜 = 𝑃 𝑆 𝑒 𝑒 ∶ Diameter of Network 𝑆 ∶ Maximum number of forwarding rules IITM: Formal Methods: Header Space Analysis 23
Complexity But: Linear Fragmentation Assumption: Not 𝑆 1 𝑆 2 only 𝑑𝑆 1 and 𝑑 ≪ 𝑆 2 𝑒 ∗ 𝑃 𝑆 2 = 𝑃(𝑒𝑆 2 ) 𝑒 ∶ Diameter of Network 𝑆 ∶ Maximum number of forwarding rules IITM: Formal Methods: Header Space Analysis 24
Reachability Example Which header can reach 𝑐 from 𝑏 ? 𝑪 𝒃 𝑩 𝑬 𝒄 𝑫 IITM: Formal Methods: Header Space Analysis 25
Reachability Example 2 different paths 𝑪 𝟏 𝑪 𝟐 𝑪 𝑬 𝟏 𝑩 𝟐 𝑬 𝟐 𝒃 𝑩 𝑬 𝒄 𝑩 𝟏 𝑩 𝟑 𝑬 𝟑 𝑫 𝑫 𝟏 𝑫 𝟐 IITM: Formal Methods: Header Space Analysis 26
Reachability Example 𝒊, 𝑩 𝟏 𝒋𝒈 𝒊 = 𝟐𝟏𝟏𝟐𝒚𝒚𝒚𝒚 𝒊, 𝑩 𝟐 𝒋𝒈 𝒊 = 𝟐𝟏𝟐𝟏𝒚𝒚𝒚𝒚 𝑼 𝑩 𝒊, 𝒒 = 𝒊, 𝑩 𝟑 𝒋𝒈 𝒊 = 𝟐𝟐𝟏𝟏𝒚𝒚𝒚𝒚 𝒚𝒚𝒚𝒚 𝒚𝒚𝒚𝒚 𝟐𝟏𝟐𝟏 𝒚𝒚𝒚𝒚 𝑪 𝟏 𝑪 𝟐 𝑪 𝑩 𝟐 𝑬 𝟏 𝑬 𝟐 𝒃 𝑩 𝑬 𝒄 𝑩 𝟏 IITM: Formal Methods: Header Space Analysis 27 𝑫 𝟏 𝑫 𝟐
Recommend
More recommend
