Network configuration verification acceleration method and device based on network domain knowledge
By filtering configuration information that is unrelated to network invariants and abstracting it through encoding, the search and assignment order of the SMT solver is optimized, which solves the problem of limited verification performance of SMT-based network configuration verification tools in complex networks and achieves more efficient network configuration verification.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Patents(China)
- Current Assignee / Owner
- XIAMEN UNIV
- Filing Date
- 2023-12-01
- Publication Date
- 2026-06-26
AI Technical Summary
SMT-based network configuration verification tools have limited performance in complex networks, making it difficult to efficiently handle large and complex network topologies, resulting in excessively long verification times.
By filtering configuration information unrelated to network invariants, encoding abstraction and variable sorting optimization are performed. Network domain knowledge is used to guide the search and assignment order of the SMT solver, reducing redundant searches and conflicts, and improving verification efficiency.
It significantly accelerates the network configuration verification process, reduces verification time, and improves the verification performance of complex networks.
Smart Images

Figure CN117640382B_ABST
Abstract
Description
Technical Field
[0001] This disclosure relates to the field of network configuration verification technology, and in particular to a network configuration verification acceleration method, apparatus, electronic device, and readable storage medium based on network domain knowledge. Background Technology
[0002] Network misconfiguration is common, affecting corporate networks, wide area networks (WANs), and data center networks alike. It can lead to network problems such as forwarding loops, routing black holes, and incorrect paths, resulting in significant financial losses and social impact.
[0003] To prevent network configuration errors, a popular method is network configuration verification (also known as control plane verification). It analyzes the configuration files of network devices to determine whether deploying these configurations on the network devices will result in forwarding tables that conform to pre-specified network invariants (e.g., reachability, pathpoints, and acyclicity). CPV implementations vary, including simulation-based verification, graph-based verification, and verification based on Satisfiability Modulo Theories (SMT).
[0004] SMT-based network configuration verification tools can verify network configurations under different routing protocols by searching all possible convergence states, which is an advantage over simulation-based and graph-based tools. However, their verification performance suffers a significant loss when the network topology becomes large and complex.
[0005] While there has been considerable research on network configuration verification acceleration technologies based on SMT (Surface Mount Technology), these technologies are often specific, their performance is closely related to different assumptions about the problem, and their applicability is limited. Furthermore, they often perform poorly in verifying complex network attributes. Patent document CN116582480A discloses a method for finding the fewest failed links that render a route unreachable, which can quickly and accurately find the minimum set of links to be cut, and can be used in network configuration verification tools to determine the robustness of existing networks. Patent document JP2022142909A discloses a network configuration verification device and method, which can easily verify the differences between the actual network configuration and the designed network configuration, even in large-scale networks. Summary of the Invention
[0006] To address at least one of the aforementioned technical problems, this disclosure provides a network configuration verification acceleration method, apparatus, electronic device, and readable storage medium based on network domain knowledge.
[0007] One aspect of this disclosure provides a method for accelerating network configuration verification based on network domain knowledge, which may include:
[0008] The first configuration information in the network configuration information that is irrelevant to the network invariant to be verified is obtained by filtering. The first configuration information in the network configuration information is ignored to obtain the second configuration information, so as to reduce the configuration information used for encoding.
[0009] The network invariants to be verified are encoded to obtain the first encoded information;
[0010] The second configuration information is encoded to obtain second encoded information. During the encoding process, the numerical attribute information in the second configuration information is abstracted to reduce the amount of encoded information used in the verification process.
[0011] The first encoding information and the second encoding information are combined to obtain encoding information, the encoding information including a first variable, the encoding information including at least one branch information, and the branch information including at least one of the first variables;
[0012] Determine the search order of the first variable in the encoded information, and determine the assignment order of the first variable in the encoded information, in order to reduce the number of conflicts generated during the verification process;
[0013] According to the search order, the first variable in the encoded information is selected, and then according to the assignment order, the selected first variable is assigned a value to verify the encoded information.
[0014] In some implementations, filtering out first configuration information from the network configuration information that is unrelated to the network invariant to be verified includes:
[0015] Filter the S in the network configuration information R , of which S R The set of configuration information that does not include the first IP prefix, where the first IP prefix is the IP prefix included in the network invariants;
[0016] Filter the C in the network configuration information R , where C R The first set of community attributes is a collection of attributes that are only included in the S. R The club attributes within;
[0017] Filter the S in the network configuration information R′ , of which S R′ To match C R A collection of configuration information for any community attribute.
[0018] In some implementations, during the encoding process, the numerical attribute information in the second configuration information is abstracted, including:
[0019] The first numerical attribute information is abstracted with the router as the scope, wherein the first numerical attribute information is the numerical attribute information that cannot be transmitted between routers;
[0020] The second numerical attribute information is abstracted within a domain consisting of multiple routers, wherein the second numerical attribute information is the numerical attribute information that can be transmitted between routers.
[0021] In some implementations, determining the search order of the first variable in the encoded information, and determining the assignment order of the first variable in the encoded information, includes:
[0022] The search order is stored using a queue structure q, and the assignment order is stored using a mapping table structure m.
[0023] In some implementations, determining the search order of the first variable in the encoded information includes:
[0024] The search prioritizes searching the first variable in the branch information, sorts the search order according to the distance between the router where the first variable in the branch information is located and the destination node, and sorts the search order according to the route advertisement type for the first variable in the branch information located on the same router.
[0025] In some implementations, determining the assignment order of the first variable in the encoded information includes:
[0026] The assignment order is obtained based on the data plane that contradicts the network invariants.
[0027] In some implementations, the assignment order is obtained based on a data plane that contradicts the network invariants, including:
[0028] The assignment order is obtained based on the operational intent of the network configuration information;
[0029] And / or, preferentially assign the first variable in the branch information a value that causes the network invariant to be violated.
[0030] Another aspect of this disclosure provides a network configuration verification acceleration device based on network domain knowledge, which may include:
[0031] The configuration filtering module is used to filter out the first configuration information in the network configuration information that is unrelated to the network invariant to be verified, ignore the first configuration information in the network configuration information, and obtain the second configuration information to reduce the configuration information used for encoding.
[0032] An encoding module is used to encode the network invariant to be verified to obtain first encoded information; to encode the second configuration information to obtain second encoded information, wherein, during the encoding process, the numerical attribute information in the second configuration information is abstracted to reduce the amount of encoded information used in the verification process; and to combine the first encoded information and the second encoded information to obtain encoded information, wherein the encoded information includes a first variable, and the encoded information includes at least one branch information, wherein the branch information includes at least one of the first variables;
[0033] The criteria generation module is used to determine the search order of the first variable in the encoded information and the assignment order of the first variable in the encoded information, so as to reduce the number of conflicts generated during the verification process.
[0034] The verification module is used to select the first variable in the encoded information according to the search order, and then assign values to the selected first variable according to the assignment order to verify the encoded information.
[0035] Another aspect of this disclosure provides an electronic device comprising:
[0036] The memory stores execution instructions;
[0037] The processor executes the execution instructions stored in the memory, causing the processor to execute the aforementioned network configuration verification acceleration method based on network domain knowledge.
[0038] Another aspect of this disclosure provides a readable storage medium storing executable instructions, which, when executed by a processor, are used to implement the above-described network configuration verification acceleration method based on network domain knowledge. Attached Figure Description
[0039] The accompanying drawings illustrate exemplary embodiments of the present disclosure and, together with the description thereof, serve to explain the principles of the present disclosure. These drawings are included to provide a further understanding of the present disclosure and are incorporated in and constitute a part of this specification.
[0040] Figure 1 A flowchart of a network configuration verification acceleration method based on network domain knowledge, as one embodiment of this disclosure;
[0041] Figure 2 This is a schematic diagram of the architecture of NetSMT according to one embodiment of the present disclosure;
[0042] Figure 3 This is a schematic diagram of a simple network example of one embodiment of the present disclosure;
[0043] Figure 4 for Figure 3 A schematic diagram of SMT encoding for the incoming policy of router A in China;
[0044] Figure 5 This is a schematic diagram illustrating the experimental results of the verification time of various network invariants in a WAN under the condition that different SMT-based CPV tools can satisfy one embodiment of this disclosure.
[0045] Figure 6 This is a schematic diagram illustrating the experimental results of the verification time of various network invariants in a WAN scenario where different SMT-based CPV tools are not satisfied, as an embodiment of this disclosure.
[0046] Figure 7 (a) is a diagram showing the conflict distribution of the original z3 and the guide version z3 in a WAN for one embodiment of this disclosure. Figure 7 (b) is a schematic diagram showing the conflict quantity distribution of the original z3 and the guide version z3 in DCN for one embodiment of this disclosure;
[0047] Figure 8 A schematic diagram showing the number of variables and formulas before and after using SMT formula simplification technology based on Minesweeper, according to one embodiment of this disclosure;
[0048] Figure 9 This is a schematic diagram illustrating the experimental results of the verification time of each network invariant under the condition that different SMT-based CPV tools can satisfy the requirements of a DCN in one embodiment of this disclosure.
[0049] Figure 10 This is a schematic diagram illustrating the experimental results of the verification time of each network invariant in a different SMT-based CPV tool in a DCN where the requirement is not met in one embodiment of this disclosure.
[0050] Figure 11 This is a schematic block diagram of a network configuration verification acceleration device based on network domain knowledge, which employs a processor-based hardware implementation as an embodiment of the present disclosure.
[0051] Explanation of reference numerals in the attached figures
[0052] 1002 Configure the filtering module
[0053] 1004 Encoding Module
[0054] 1006 Criterion Generation Module
[0055] 1008 Verification Module. Detailed Implementation
[0056] The present disclosure will now be described in further detail with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are for illustrative purposes only and are not intended to limit the scope of the disclosure. Furthermore, it should be noted that, for ease of description, only the parts relevant to the present disclosure are shown in the accompanying drawings.
[0057] It should be noted that, where there is no conflict, the embodiments and features described in this disclosure can be combined with each other. The technical solutions of this disclosure will now be described in detail with reference to the accompanying drawings and embodiments.
[0058] Unless otherwise stated, the exemplary implementations / embodiments shown are to be understood as providing exemplary features of various details that provide ways in which the technical concepts of this disclosure can be implemented in practice. Therefore, unless otherwise stated, the features of various implementations / embodiments may be additionally combined, separated, interchanged and / or rearranged without departing from the technical concepts of this disclosure.
[0059] The use of crosshairs and / or shading in the accompanying drawings is generally used to clarify the boundaries between adjacent components. Thus, unless otherwise stated, the presence or absence of crosshairs or shading does not convey or indicate any preference or requirement for the specific material, material properties, dimensions, proportions, commonalities between the illustrated components, or any other characteristics, properties, etc., of the components. Furthermore, in the accompanying drawings, the dimensions and relative dimensions of components may be exaggerated for clarity and / or descriptive purposes. When exemplary embodiments can be implemented differently, a specific process sequence may be performed in a different order than that described. For example, two consecutively described processes may be performed substantially simultaneously or in the reverse order of their description. Furthermore, the same reference numerals denote the same components.
[0060] When a component is referred to as being "on" or "above" another component, "connected to," or "joined to" another component, the component may be directly on, directly connected to, or directly joined to the other component, or there may be intermediate components. However, when a component is referred to as being "directly on" another component, "directly connected to," or "directly joined to" another component, there are no intermediate components. Therefore, the term "connection" can refer to a physical connection, an electrical connection, etc., and may or may not have intermediate components.
[0061] The terminology used herein is for the purpose of describing particular embodiments and is not intended to be limiting. As used herein, unless the context clearly indicates otherwise, the singular forms “a” and “the” are intended to include the plural forms as well. Furthermore, when the terms “comprising” and / or “including” and variations thereof are used in this specification, it indicates the presence of the stated features, integrals, steps, operations, parts, components, and / or groups thereof, but does not exclude the presence or addition of one or more other features, integrals, steps, operations, parts, components, and / or groups thereof. It should also be noted that, as used herein, the terms “substantially,” “about,” and other similar terms are used as approximate terms rather than as terms of degree, thus explaining the inherent biases in measurements, calculated values, and / or provided values that would be recognized by one of ordinary skill in the art.
[0062] The following text combines Figures 1 to 10 This paper provides a detailed description of the network configuration verification acceleration method based on network domain knowledge disclosed herein.
[0063] Figure 1 This is a flowchart of a network configuration verification acceleration method based on network domain knowledge, as one embodiment of this disclosure. The following will be combined with... Figure 1 The S100 method for accelerating network configuration verification based on network domain knowledge is described in detail.
[0064] Step S102: Filter out the first configuration information in the network configuration information that is unrelated to the network invariant to be verified, ignore the first configuration information in the network configuration information, and obtain the second configuration information to reduce the configuration information used for encoding;
[0065] Step S104: Encode the network invariant to be verified to obtain the first encoded information;
[0066] Step S106: Encode the second configuration information to obtain second encoded information. During the encoding process, the numerical attribute information in the second configuration information is abstracted to reduce the amount of encoded information used in the verification process.
[0067] Step S108: Combine the first encoding information and the second encoding information to obtain encoding information, wherein the encoding information includes a first variable, the encoding information includes at least one branch information, and the branch information includes at least one of the first variables;
[0068] Step S110: Determine the search order of the first variable in the encoded information, and determine the assignment order of the first variable in the encoded information, so as to reduce the number of conflicts generated during the verification process.
[0069] Step S112: Select the first variable from the encoded information according to the search order, and then assign values to the selected first variable according to the assignment order to verify the encoded information.
[0070] This disclosure presents a network-aware, SMT-based network configuration verification tool, referred to as NetSMT. This disclosure does not attempt to find a specific acceleration method applicable to a particular environment (such as a specific topology, configuration, or protocol), but rather aims to fully utilize the information inherent in the network itself and use it to accelerate network configuration verification.
[0071] NetSMT architecture as follows Figure 2 As shown.
[0072] NetSMT mainly comprises two functional modules: an encoder module and a planner module. These correspond to the SMT formula simplification and SMT solution techniques guided by network domain knowledge disclosed herein, and will be described in detail later.
[0073] This disclosure utilizes NetSMT to accelerate the SMT solver in solving SMT formulas, i.e. verifying the satisfiability of network invariants, thereby accelerating the SMT-based network configuration verification process.
[0074] First, a brief introduction to SMT-based network configuration verification technology is given. SMT-based network configuration verification typically encodes network configuration information and network invariants into SMT formulas, and then uses an existing SMT solver to check the satisfiability of these formulas. Assume the network configuration is encoded as SMT formula N, and the network invariants are encoded as SMT formula P. Then, by checking... Whether it is a tautology is used to verify whether the network configuration file used can guarantee the network invariants, i.e., check Is it unsatisfactory? If This means that the network configuration file cannot guarantee the network invariant. Otherwise, the network configuration file is correct in maintaining the network invariant.
[0075] In this embodiment, consider a simple network containing 4 routers, such as Figure 3 As shown, router D connects to two subnets, 10.0.0.0 / 24 and 10.1.0.0 / 24. Some core router configuration information is also shown below. Figure 3 As shown.
[0076] Specifically, routers A and B append appropriate community attribute values to these route advertisements based on the IP prefix information they receive from router D. Then, router S sets different local preferences or performs different filtering behaviors based on these community attribute values for these route advertisements.
[0077] If we expect router S to filter all route advertisements from 10.1.0.0 / 24, then according to the network profile in the diagram, this is incorrect (router S accepts advertisements from 10.1.0.0 / 24 via B). Therefore, the error in the network profile is discovered by verifying the network invariant—that router S cannot reach 10.1.0.0 / 24.
[0078] by Figure 3 Taking the simple network shown as an example, the network configuration verification technology based on SMT generally requires the following three steps:
[0079] 1) Encoding network configuration information. To construct the configuration SMT formula N, the SMT-based configuration verification tool models the routing messages sent and received by each router (e.g., BGP routing advertisements and OSPF link-state advertisements) and their selected routes as symbolic records, and uses predicate logic to model how the network configuration file processes these symbolic records. Figure 4 Gives for Figure 3 Modeling the ingress policy configuration of router A. Wherein, outgress... DA It is a symbolic BGP route advertisement sent by router D to router A. If it is out... DA If certain basic conditions are met (i.e., it is a valid packet conforming to the outgoing policy configuration of router D, and link DA is normal), router A will process it based on its incoming policy configuration to generate another symbolic record (in). DA For example, when out DA When the destination IP prefix is 10.0.0.0 / 24, the boolean variable in... DA .valid is set to true. DA .comm910 is also set to true, indicating that router A will send to in DA Set the club's attribute value to 910.
[0080] 2) Encoding network invariants. The SMT encoding P of network invariants, i.e., the first encoded information, is also composed of multiple Boolean variables. For example, for the network invariant—S cannot reach 10.1.0.0 / 24—it can be obtained by modeling its negation—S can reach 10.1.0.0 / 24. This modeling process is related to the reachability of DA, AS, DB, BS links and the next-hop selection of each router.
[0081] 3) Solve using the SMT solver SMT-based configuration verification tools rely on readily available SMT solvers (such as Z3 and CVC5), which use the DPLL(T) algorithm to determine the satisfiability of a given SMT formula. DPLL(T) consists of a Boolean satisfiability solver and a theory solver, which takes a set of propositions as input and determines whether they are satisfiable under a predefined theory.
[0082] Next, a brief introduction to the NetSMT workflow is given. NetSMT is a network configuration verification tool that leverages network domain knowledge to accelerate the verification process. Its acceleration process mainly consists of two steps: First, using network domain knowledge, configuration information unrelated to the network invariants to be verified is filtered out. The encoder will not encode the first set of filtered configuration information; the filtered network configuration information becomes the second set of configuration information. Then, while encoding the network invariants and the second set of configuration information, the encoder also abstracts the specific variables within the second set of configuration information. The encoder encodes the network invariants as first encoded information and the second set of configuration information as second encoded information. Finally, the encoder combines the first and second encoded information to obtain the final SMT formula solvable by NetSMT. This formula is a simplified SMT formula; compared to the SMT formula obtained by directly encoding the network configuration information and the network invariants to be verified, it does not include the encoded information corresponding to the filtered first set of configuration information, and the variable information is further simplified. Next, the encoder feeds the simplified SMT formula into the SMT solver and planner. In the second step, the SMT formula, encoded by the encoder, along with network domain information, is used in the planner. Specifically, the planner generates several guidelines based on network domain knowledge, and then uses these guidelines to rearrange the search and assignment order of variables, thereby guiding the SMT solver's solution. When the SMT solver uses the simplified SMT formula as input and performs variable search and assignment in the guided order, it can reach the result state much faster, thus accelerating the entire solution process.
[0083] I. Planner Design:
[0084] In the planner, this disclosure designs and uses a first technique—SMT solving technique guided by network domain knowledge—aiming to enable the SMT solver to avoid some searches of useless space (where a satisfying solution cannot be derived).
[0085] Given a simplified network configuration verification formula And its Conjunctive Normal Form (CNF) ψ, NetSMT's guidance includes:
[0086] 1. Use the control flow information of network configuration and network topology to guide the search order of the first variable of the encoded information in its Boolean abstraction B(ψ);
[0087] 2. Utilize operational intent to prioritize assigning values to variables that are likely to generate satisfyable solutions (network errors).
[0088] Specifically, NetSMT first determines the search order of the SMT solver for each variable based on three criteria prioritizing the search order of variables in B(ψ). These criteria include prioritizing branch variables (variables within branch statements, i.e., the first variable in the branch information), prioritizing branch variables closer to the destination node, and searching the corresponding branch variables according to the order of accepting, selecting, and sending route advertisements. Then, when assigning values to branch variables, NetSMT first assigns values according to the network's operational intent, which can be achieved by assigning values based on the operator's intent. Operators are often familiar with the role and function of a router, and if this router is misconfigured, it will lead to a situation that contradicts network invariants. Therefore, prioritizing the assignment of variables in the SMT formula according to the operator's intent better reflects real data plane forwarding behavior and allows for faster error detection. These criteria significantly reduce the search for redundancy space in SMT and improve the speed of network configuration verification.
[0089] To ensure the SMT solver solves according to the planner's guidance order, the code for selecting and assigning (searchable) variables in the DPLL(T) algorithm needs modification. In short, this disclosure uses two data structures to store this guidance information: a queue structure `q` to store the search order of all branch variables and a mapping table structure `m` to store the assignment order of these branch variables. Therefore, in the modified algorithm, when the SMT solver attempts to select the next variable to be assigned, it will first select the first variable from queue `q` and assign it according to the corresponding assignment order in mapping table `m`. After all branch variables have been assigned values, the SMT solver will search and assign values to other variables according to the default strategy.
[0090] It should be noted that, similar to some current guideline-based methods, the modified algorithm only affects the search order of variables and does not affect the reasoning process for the target solution. For unsatisfiable cases, the DPLL(T) algorithm still needs to search the entire search space to obtain a result. Therefore, the guideline and planner design disclosed in this paper are correct and feasible.
[0091] The following section provides a detailed introduction to the two types of guidelines used by the planner.
[0092] The first type of guideline: Guidelines for the search order of variables.
[0093] Suppose V represents the set of all variables in the Boolean abstraction B(Ψ), V b This represents all branch variables (e.g.) Figure 4 The model shown in in DA .valid and fail DA ), then there are This holds true. Let v1 and v2 represent two variables in V, and let ≤ denote the priority of their search order. Since v1 has priority over v2, then v1≤v2.
[0094] This disclosure proposes three criteria to guide the SMT solver in the order in which variables are searched.
[0095] Rule 1: All branch variables should be searched before other variables.
[0096] This criterion can be expressed as:
[0097]
[0098] Inspired by the control flow-guided SMT solving method in program verification, the above criteria were derived. Observation and comparison revealed that network configuration verification and software program verification share many similarities, such as the presence of numerous branching statements (e.g., routing matching strategies in network configuration), which determine the program's direction and are determined by their corresponding branch variables. However, traditional SMT solvers do not utilize this; they simply treat each SMT formula variable as an independent relationship. Therefore, for an SMT formula with n variables, in the worst case, it may require 2... n A result can only be obtained through a second variable search. However, a large number of redundant searches can be avoided.
[0099] from Figure 4 The modeling shown can be seen that, in DA .comm910 or in DA .comm920 One of these two variables must be set to true. However, if the default search strategy is used, both could potentially be set to false, making it impossible to reach a satisfying state and thus having little effect on formula verification. Assigning values to the branch variables beforehand avoids this situation.
[0100] Rule 2: For branch variables, the closer the router is to the destination node, the higher the priority.
[0101] Because network configurations contain numerous branching variables, simply prioritizing branching variables over other variables is insufficient. To further reduce the search space, this disclosure proposes a second criterion, which is stated as follows:
[0102]
[0103] Here, dist(v) represents the distance between the router containing variable v and the destination node. Criterion two stems from considerations of path-vector protocols. Similar to software programs, routing protocols also have their own execution order. For example, Figure 3 In this scenario, router A can only send a routing message to router S if router S receives a routing message from router D. Therefore, the search order of variables should also be consistent with the routing behavior of the routing protocol. Thus, the priority of the search order is achieved through the topological location of the branch variables.
[0104] like Figure 3 As shown, if the SMT solver first processes the out... AS The `.valid` parameter (which records whether router A sent a route to router B) is incorrectly assigned the value `false`, and the solver might also assign `best` instead. A Setting `.valid` to `false` means that the best route recorded by router A is also considered invalid, which is obviously wrong. However, for the solver, this is not a conflict state. This error only occurs when the solver outputs `out`. DA The `.valid` parameter is only detected when it is assigned the value true. This is because `out`... DA .valid being true means in DA .valid should also be true, then it will be consistent with best. A The `.valid` flag being false creates a contradiction. Therefore, if the variable search is not performed according to rule two, a large number of invalid searches may occur, delaying the discovery of conflicts.
[0105] Rule 3: For branch variables on the same router, sort them according to the route advertisement type.
[0106] For the same router, there may still be a large number of branch variables. Therefore, this disclosure proposes a third criterion, which is stated as follows:
[0107]
[0108] Among them, type(v) represents the announcement type corresponding to the routing announcement v. The present disclosure considers three types of routing announcements: import routing (import), best route (best), and export routing (export), and defines their priorities as: import < best < export. Therefore, for the branch variables in the same router, the variables from the import routing announcement have the highest search priority, followed by those from the best route, and finally those from the export route. The formulation of criterion three is based on the consideration of the routing information exchange process and conforms to the behavior of the routing protocol, that is, the best route can only be obtained after all import routes are received and saved. Then, the router can issue the next routing announcement according to the best route. If the variables are not searched in this order, it is very likely to reach a state where a satisfiable solution cannot be achieved, that is, this state is almost useless for verifying the configuration and will slow down the completion of the verification.
[0109] The second type of guiding criterion: The criterion for guiding the variable assignment order.
[0110] Although a large number of attempts can be reduced by guiding the search order of each variable by SMT, conflicts still occur frequently during the solving process, prolonging the solving time. Since the ultimate goal of network configuration verification is to find a data plane that violates the invariant, the closer the variable assignment is to this data plane, the fewer conflicts will be encountered and the faster the solving will be.
[0111] The present disclosure also proposes two criteria to guide the SMT solver in the variable assignment order to replace the default assignment strategy for the purpose of reducing the number of conflicts. These two criteria respectively utilize the operator's intention and the characteristics of the network invariant to be verified to obtain the current optimal assignment order.
[0112] Criterion four: For branch variables, assign values that conform to the operator's intention first.
[0113] The present disclosure utilizes the operator's intention to perform assignments that conform to the expected data plane, thereby reducing the number of conflicts.
[0114] In Figure 3 the network shown, since the packets with the expected IP prefix 10.1.0.0 / 24 are only filtered at router S. Therefore, when assigning values to the variables out DA .valid, best A .valid and out AS .valid, their values can be preferentially selected as true according to this expectation to avoid conflicts.
[0115] Furthermore, data center networks operate with the intention of ensuring connectivity, so they rarely use routing strategies to reject routing messages. In this case, because the original Z3 always tries to assign variables to false first, it is difficult to find connected paths, and using the original Z3 as an SMT solver may encounter many conflicts.
[0116] Rule 5: For branch variables, prioritize assignments that cause network invariants to be violated.
[0117] Assign values to variables that would cause the invariant to be violated, based on the network invariant to be verified.
[0118] exist Figure 3 In the simple network shown, to ensure that the network invariant to be verified—that router S cannot reach 10.1.0.0 / 24—is violated, we can first assume that the best route to router S exists, i.e., the guiding variable best. S .vaild is assigned the value true, not false.
[0119] In addition, the experience of operators can be utilized, for example, to guide the assignment of variables for those suspicious routing nodes.
[0120] Of course, using operator intent to guide the order of variable assignment requires operators to have a deep understanding of the network and be able to provide detailed information, which seems cumbersome. However, this is not the main problem. First, operators don't actually need to provide very specific information (for each router); a general description of expected network behavior is enough to reduce a lot of conflicts. Second, the expected data plane can be automatically generated using configuration resolution methods or tools (such as configuration resolution based on Gao-Rexford rules).
[0121] II. Encoder Design:
[0122] The encoder module mainly completes the encoding of network configuration and network invariants, as well as the simplification of the corresponding SMT formulas, and encodes the scaled problem into the SMT solver for solving. Its simplification process mainly includes two aspects: (1) ignoring the encoding of configuration information that is irrelevant to the network invariants to be verified; (2) abstracting long-distance specific variables into shorter-distance abstract variables.
[0123] The following section provides a detailed introduction to the two simplification methods used by the encoder.
[0124] Method 1: Ignore encoding of irrelevant configurations.
[0125] Current SMT-based verification methods simply encode all router configuration information into SMT formulas for solving, resulting in poor scalability and difficulty in handling configuration verification problems in complex networks. However, a large number of configuration statements do not contribute to the verification of network invariants and can be ignored; they do not need to be encoded into the SMT formulas being solved.
[0126] This method aims to utilize the network invariants to be verified to filter out configuration information (constraints or variables) irrelevant to verification, and then ignore them during coding. The implementation of this method consists of three steps:
[0127] 1. If the configuration statement does not contain the IP prefix from the network invariants to be verified, it can be filtered out, and these statements are denoted as S. R ;
[0128] 2. If the club's attribute is only at S R If an attribute appears in the list, it can be filtered, and these attribute values are denoted as C. R ;
[0129] This means removing these attribute values from the symbolic routing table.
[0130] 3. With C R Configuration statements that match any community attribute can be filtered.
[0131] The second configuration information is encoded to obtain SMT code N', which is the second encoding information.
[0132] Combining the first and second encoded information yields the encoded information, which is the simplified network configuration verification formula. This formula is solved using the SMT solver.
[0133] The variable in the encoded information is the first variable.
[0134] The encoded information contains branching statements, which is called branching information. The branching information in the encoded information contains at least a portion of the first variable.
[0135] exist Figure 3 In the simple network shown, since the attributes to be verified only involve the forwarding behavior of packets destined for 10.1.0.0 / 24, configuration statements for prefixes that do not intersect with the destination, such as those concerning 10.0.0.0 / 24, do not need to be encoded into the SMT formula. Ignoring these configurations not only simplifies formula constraints but also reduces a significant number of variables.
[0136] Method 2: Abstract specific variables.
[0137] Abstracting concrete variables refers to abstracting variables with a large and discrete range of values, making them smaller and more continuous variables, similar to the method in the paper "Abstract interpretation of distributed network control planes", thereby simplifying the coding of SMT formulas.
[0138] Numerical attribute information refers to the attribute values in variables. In this method, the attribute values in the second configuration information are abstracted to obtain the corresponding abstract values, which are the abstract numerical attribute information in the second encoding information.
[0139] This method targets variables in the second configuration information that contain numerical attribute information. During the encoding process of the second configuration information, the numerical attribute information is abstracted. After processing by this method, other configuration information in the second configuration information adopts the original encoding method, while the numerical attribute information in the configuration information containing numerical attribute information is abstracted during the encoding process and encoded as abstract numerical attribute information.
[0140] This method primarily targets variables used for selecting the optimal route and whose values are integers, such as variables with attributes like weight, local preference, and multiple exit authentication (MED). For variables whose attributes are not transitive (such as weight), this type of variable is abstracted for each router, meaning the range of the abstracted values depends only on the number of distinct values in that router's configuration. For variables whose attributes are transitive between routers (such as local preference), this type of variable is abstracted for routers within the same domain (such as an autonomous system).
[0141] exist Figure 3In the simple network shown, local priorities are assigned only three distinct values: 50, 200, and 100 (the default value). Therefore, they can be represented using abstract values 1, 2, and 3, i.e., using a 2-bit unsigned vector instead of the original lengthy 16-bit integer, saving storage overhead. Furthermore, this 2-bit unsigned vector can be further abstracted. First, since all routers in the network are connected to the External Border Gateway Protocol (eBGP), they do not transmit local priority values to each other, meaning each router only needs to retain the local priority value in its configuration. For example, routers A, B, and D only need a 1-bit unsigned vector to represent the default value. Second, this method can be combined with the aforementioned encoding method that ignores irrelevant configurations. Since router A's configuration of community attribute values 910 and 930 can be removed based on the network invariants to be verified, the local priority value can also be reduced accordingly, allowing router S to also use a 1-bit unsigned vector to represent its local priority.
[0142] This disclosure implements NetSMT using C++ and Java, including network-aware SMT solving techniques based on z34.12.2 (i.e., the original z3) and SMT formula simplification techniques based on Minesweeper.
[0143] In addition, this disclosure uses Batfish to parse the routing configuration and encodes the simplified SMT formula into the SMT solver for solving.
[0144] This disclosure, through research on network domain knowledge, discovers that this knowledge can assist and accelerate the SMT solver in solving SMT formulas and verifying network invariants. This includes using information such as control flow, network topology, and protocols to guide the SMT solver in the order of searching and assigning SMT variables, and simplifying the encoding of SMT formulas through analysis of network topology and network configuration. This accelerates the SMT-based network configuration verification process by avoiding invalid search space and reducing problem size.
[0145] Example 2:
[0146] Experimental setup:
[0147] 1) Dataset: In this embodiment, synthetic network configurations were used to test the NetSMT of this disclosure, including a wide-area network (WAN) and a data-center network (DCN).
[0148] For WANs, the network topology size ranges from 34 to 755 nodes. These topologies are either directly extracted or synthesized using topology zoo technology. Table 1 shows the various WAN topology information.
[0149] Table 1. WAN Topology Information
[0150] Network #Nodes #Lines Network #Nodes #Lines Network #Nodes #Lines REN 34 <![CDATA[4.76×10 3 ]]> CUS 86 <![CDATA[1.15×10 4 ]]> CL 323 <![CDATA[4.41×10 4 ]]> ARN 35 <![CDATA[4.96×10 3 ]]> CLT 154 <![CDATA[2.06×10 4 ]]> LDTC 537 <![CDATA[7.43×10 4 ]]> BIC 49 <![CDATA[6.90×10 3 ]]> USC 174 <![CDATA[2.20×10 4 ]]> TCCL 621 <![CDATA[8.49×10 4 ]]> ESN 69 <![CDATA[9.20×10 3 ]]> COG 198 <![CDATA[2.71×10 4 ]]> KDL 755 <![CDATA[1.02×10 5 ]]> LAT 70 <![CDATA[9.11×10 3 ]]> CD 267 <![CDATA[371×10 4 ]]>
[0151] For DCN, this embodiment uses a fat-tree architecture and generates a basic BGP connection configuration according to RFC 7938. The fat-tree structure has between 4 and 20 ports per switch.
[0152] Furthermore, in this embodiment, a certain number of errors are introduced into the generated network configuration for both WAN and DCN to simulate a violation of network invariants.
[0153] 2) Network invariants: We tested the validation effect of NetSMT on the five network invariants shown in Table 2.
[0154] Table 2 Network Invariants
[0155] Network invariants explain Node reachability Specific node pairs can communicate with each other. Node isolation Certain nodes cannot communicate with each other. Node pair reachability when k links fail A specific pair of nodes can still communicate with each other even when any k links are disconnected. Node isolation when k links fail A specific pair of nodes cannot communicate with each other when any k links are broken. Packet forwarding Generate a stable data plane for packet forwarding
[0156] 3) Benchmark Comparison: In this embodiment, for the WAN, NetSMT is compared with the best current SMT-based CPV tool in the field—Minesweeper based on the original z3. For the DCN, BiNode was additionally selected as a comparison scheme. BiNode uses a policy-aware model to accelerate the verification time of network configurations where routing policies comply with the Gao-Rexford condition (BiNode was not selected for the WAN because the configuration in the WAN does not meet this condition).
[0157] 4) Experimental Environment: The experiments consisted of verifying network invariants for various network topologies of different sizes. For each topology, 50 node pairs (or 50 destination IPs) were randomly selected for verifying network invariants, including both satisfyable and unsatisfiable cases. These experiments were conducted on a Linux server with 128GB of memory and an Intel Xeon Silver 4210R 2.40GHz CPU.
[0158] It should be noted that due to the potential presence of outliers in the experimental data, the 90th percentile of the validation time was used as the primary measurement standard. Additionally, to understand the number of attempts made during the SMT solving process, the number of conflicts was also counted; fewer conflicts indicate fewer attempts by the SMT solver. Furthermore, to improve experimental efficiency and simplify data representation, a timeout of one hour was set for each validation process; validation would stop if this time was exceeded.
[0159] Performance in WAN:
[0160] 1) Verification time:
[0161] This experiment considers the verification time of each invariant for four CPV schemes: Minesweeper based on the original z3, NetSMT without SMT formula simplification, NetSMT without SMT solution based on network domain knowledge, and complete NetSMT.
[0162] Experimental results under satisfactory conditions are as follows: Figure 5 As shown.
[0163] Since the verification of accessibility and isolation is quite similar, their data mean is used as the final evaluation criterion. Figure 5 As can be seen, NetSMT can efficiently reduce the required verification time. Both the network domain knowledge-based SMT solution technique and the SMT formula simplification technique reduce verification time. Among them, the network domain knowledge-based SMT solution technique significantly reduces verification time. Furthermore, it can be observed that as the topology size increases, the speedup effect of NetSMT becomes more pronounced, reaching up to 285.4 times faster than Minesweeper's verification time. NetSMT with osimplification, using only the network domain knowledge-based SMT solution technique, achieves up to 159.2 times faster verification time than Minesweeper. NetSMT without guidance, using only the network domain knowledge-based SMT formula simplification technique, also reduces verification time by up to 7.16 times.
[0164] Experimental results under unsatisfactory conditions are as follows: Figure 6 As shown.
[0165] from Figure 6As can be seen, NetSMT cannot improve the verification speed of network invariants in unsatisfiable cases. This is because, for an unsatisfiable formula, whether it is the original z3 or the guided z3, the same entire search space needs to be traversed to prove its unsatisfiability.
[0166] For a CPV tool, the ideal scenario is for it to identify errors in the network configuration (i.e., find a counterexample and derive a satisfyable solution). Correspondingly, experimental results show that NetSMT can significantly accelerate the solution of satisfyable formulas.
[0167] 2) The role of SMT solution techniques based on network domain knowledge:
[0168] Figure 7 (a) shows the number of collisions across all WAN topologies. The horizontal axis represents the number of collisions encountered when using the original z3 solution, and the vertical axis represents the number of collisions encountered when using the guided z3 solution (NetSMT implements z3 by modifying and guiding it with network domain knowledge, hence the name guided z3). Each data point corresponds to a node pair example. The closer the data point is to the bottom right corner, the more significant the effect of the guided z3 solution.
[0169] from Figure 7 As shown in (a), in the satisfiable case, the number of conflicts generated by the guide version z3 is less than that of the original version z3 in most examples, and sometimes even much less. However, in the unsatisfiable case, the number of conflicts increases linearly with the network size, and the number of conflicts generated by the guide version z3 is comparable to that of the original version z3. These results demonstrate that NetSMT can utilize network domain knowledge to guide SMT solutions, enabling it to find counterexamples and obtain satisfiable solutions with fewer attempts, thereby accelerating network verification.
[0170] The role of SMT formula simplification techniques:
[0171] To verify the effectiveness of the SMT formula simplification technique, this experiment statistically analyzed the number of variables and constraints in the SMT formula solved by Minesweeper before and after simplification, such as... Figure 8 As shown, the SMT formula simplification technique effectively reduces the number of variables and constraints. This indicates that there is still a significant amount of redundancy in the SMT formula solved by Minesweeper, and the SMT formula simplification technique can provide further acceleration.
[0172] Performance in DCN:
[0173] According to RFC 7938 (Request For Comments, a series of memos issued by the Internet Engineering Task Force (IETF), the configuration of a fat-tree structure does not include redundancy strategies. Therefore, SMT formula simplification techniques are not effective for DCN, and no corresponding experimental analysis will be conducted in this section.
[0174] 1) Verification time:
[0175] In this experiment, the verification time of each invariant was considered for four CPV schemes: Minesweeper, NetSMT without SMT formula simplification (NetSMT w / osimplification), BiNode based on the original z3, and BiNode based on network domain knowledge guidance.
[0176] Experimental results under satisfactory conditions are as follows: Figure 9 As shown.
[0177] from Figure 9 As can be seen, the data performance in a fat-tree network structure is similar to that of a WAN. Furthermore, guiding the BiNode improves its solution speed. Particularly for verifying invariants when k links are disconnected, the guided SMT solver can obtain results up to 144.2 times faster. It's also worth noting that when the number of ports in the fat-tree network reaches 20, the unguided BiNode triggers a timeout during verification, while the guided BiNode can still obtain results within 30 seconds. Minesweeper, on the other hand, cannot complete verification in time when the number of ports in the fat-tree network reaches 10, while the guided Minesweeper consistently maintains a reasonable verification time.
[0178] Experimental results under unsatisfactory conditions are as follows: Figure 10 As shown.
[0179] BiNode has already made very efficient optimizations for reachability, isolation, and packet forwarding invariants, so there is little room for further acceleration.
[0180] like Figure 10 As shown, the verification time for these schemes in unsatisfiable scenarios in various DCN topologies is similar to the experimental results in WAN. The guidance based on network domain knowledge cannot improve the verification speed of network invariants in unsatisfiable scenarios.
[0181] 2) The role of SMT solution based on network domain knowledge:
[0182] exist Figure 7As can be seen in (b), the number of conflicts is greatly reduced when using the solver of guide version z3, which shows that the network domain knowledge-based SMT solving technique disclosed herein is equally efficient for DCN.
[0183] In addition, the number of collisions in DCN is less than the number of collisions in WAN.
[0184] Furthermore, in all types of DCN topologies, the number of conflicts using the z3 guide version solver does not exceed 10, thus enabling faster solving.
[0185] Example 3:
[0186] Figure 11 This is a schematic block diagram of a network configuration verification acceleration device based on network domain knowledge, which employs a processor-based hardware implementation as an embodiment of the present disclosure.
[0187] The network configuration verification acceleration device based on network domain knowledge may include corresponding modules that perform one or more steps in the flowchart above. Therefore, each or more steps in the flowchart above can be performed by a corresponding module, and the device may include one or more of these modules. A module may be one or more hardware modules specifically configured to perform a corresponding step, or implemented by a processor configured to perform a corresponding step, or stored in a computer-readable medium for implementation by a processor, or implemented through some combination thereof.
[0188] The hardware architecture of the network configuration verification acceleration device based on network domain knowledge disclosed herein can be implemented using a bus architecture. The bus architecture can include any number of interconnect buses and bridges, depending on the specific application of the hardware and overall design constraints. Bus 1100 connects various circuits including one or more processors 1200, memory 1300, and / or hardware modules. Bus 1100 can also connect various other circuits 1400 such as peripheral devices, voltage regulators, power management circuits, external antennas, etc.
[0189] Bus 1100 can be an Industry Standard Architecture (ISA) bus, a Peripheral Component Interconnect (PCI) bus, or an Extended Industry Standard Component (EISA) bus, etc. Buses can be categorized as address buses, data buses, control buses, etc. For ease of representation, only one connection line is used in this diagram, but this does not imply that there is only one bus or only one type of bus.
[0190] Any process or method description in the flowcharts or otherwise herein can be understood as representing a module, segment, or portion of code comprising one or more executable instructions for implementing a particular logical function or process, and the scope of the preferred embodiments of this disclosure includes additional implementations in which functions may be performed not in the order shown or discussed, including substantially simultaneously or in reverse order depending on the functions involved, as will be understood by those skilled in the art to which embodiments of this disclosure pertain. The processor performs the various methods and processes described above. For example, the method embodiments of this disclosure may be implemented as software programs tangibly contained in a machine-readable medium, such as memory. In some embodiments, part or all of the software program may be loaded and / or installed via memory and / or a communication interface. When the software program is loaded into memory and executed by the processor, one or more steps of the methods described above may be performed. Alternatively, in other embodiments, the processor may be configured to perform one of the methods described above by any other suitable means (e.g., by means of firmware).
[0191] The logic and / or steps represented in the flowchart or otherwise described herein may be specifically implemented in any readable storage medium for use by, or in conjunction with, an instruction execution system, apparatus or device (such as a computer-based system, a processor-based system or other system that can fetch and execute instructions from, an instruction execution system, apparatus or device).
[0192] For the purposes of this specification, a "readable storage medium" can be any means capable of containing, storing, communicating, propagating, or transmitting a program for use by or in conjunction with an instruction execution system, apparatus, or device. More specific examples (a non-exhaustive list) of readable storage media include: an electrical connection having one or more wires (electronic device), a portable computer disk drive (magnetic device), random access memory (RAM), read-only memory (ROM), erasable and programmable read-only memory (EPROM or flash memory), fiber optic devices, and portable read-only memory (CDROM). Furthermore, a readable storage medium can even be paper or other suitable media on which a program can be printed, since a program can be obtained electronically, for example, by optically scanning the paper or other medium, followed by editing, interpreting, or otherwise processing as necessary, and then stored in memory.
[0193] It should be understood that various parts of this disclosure can be implemented in hardware, software, or a combination thereof. In the above embodiments, multiple steps or methods can be implemented in software stored in memory and executed by a suitable instruction execution system. For example, if implemented in hardware, as in another embodiment, it can be implemented using any one or a combination of the following techniques known in the art: discrete logic circuits having logic gates for implementing logical functions on data signals, application-specific integrated circuits (ASICs) having suitable combinational logic gates, programmable gate arrays (PGAs), field-programmable gate arrays (FPGAs), etc.
[0194] Those skilled in the art will understand that all or part of the steps of the methods described above can be implemented by a program instructing related hardware. The program can be stored in a readable storage medium, and when executed, the program includes one or a combination of the steps of the method implementation.
[0195] Furthermore, the functional units in the various embodiments of this disclosure can be integrated into a single processing module, or each unit can exist physically separately, or two or more units can be integrated into a single module. The integrated module can be implemented in hardware or as a software functional module. If the integrated module is implemented as a software functional module and sold or used as an independent product, it can also be stored in a readable storage medium. The storage medium can be a read-only memory, a disk, or an optical disk, etc.
[0196] refer to Figure 11 According to one embodiment of this disclosure, the network configuration verification acceleration device 1000 based on network domain knowledge may include:
[0197] The configuration filtering module 1002 is used to filter out the first configuration information in the network configuration information that is unrelated to the network invariant to be verified, ignore the first configuration information in the network configuration information, and obtain the second configuration information to reduce the configuration information used for encoding.
[0198] The encoding module 1004 is used to encode the network invariant to be verified to obtain first encoded information; to encode the second configuration information to obtain second encoded information, wherein, during the encoding process, the numerical attribute information in the second configuration information is abstracted to reduce the amount of encoded information used in the verification process; and to combine the first encoded information and the second encoded information to obtain encoded information, wherein the encoded information includes a first variable, and the encoded information includes at least one branch information, wherein the branch information includes at least one of the first variables;
[0199] The criterion generation module 1006 is used to determine the search order of the first variable in the encoded information and the assignment order of the first variable in the encoded information, so as to reduce the number of conflicts generated during the verification process.
[0200] The verification module 1008 is used to select the first variable in the encoded information according to the search order, and then assign values to the selected first variable according to the assignment order to verify the encoded information.
[0201] This disclosure also provides an electronic device, including: a memory storing execution instructions; and a processor or other hardware module executing the execution instructions stored in the memory, causing the processor or other hardware module to execute the above-described network configuration verification acceleration method based on network domain knowledge.
[0202] This disclosure also provides a readable storage medium storing executable instructions, which, when executed by a processor, are used to implement the above-described network configuration verification acceleration method based on network domain knowledge.
[0203] Those skilled in the art should understand that the above embodiments are merely for illustrating the present disclosure and are not intended to limit the scope of the disclosure. Those skilled in the art can make other changes or modifications based on the above disclosure, and these changes or modifications still fall within the scope of the present disclosure.
Claims
1. A method for accelerating network configuration verification based on network domain knowledge, characterized in that, include: The first configuration information in the network configuration information that is irrelevant to the network invariant to be verified is obtained by filtering. The first configuration information in the network configuration information is ignored to obtain the second configuration information, so as to reduce the configuration information used for encoding. The network invariants to be verified are encoded to obtain the first encoded information; The second configuration information is encoded to obtain second encoded information. During the encoding process, the numerical attribute information in the second configuration information is abstracted to reduce the amount of encoded information used in the verification process. The first encoding information and the second encoding information are combined to obtain encoding information, the encoding information including a first variable, the encoding information including at least one branch information, and the branch information including at least one of the first variables; Determine the search order of the first variable in the encoded information, and determine the assignment order of the first variable in the encoded information, in order to reduce the number of conflicts generated during the verification process; According to the search order, the first variable in the encoded information is selected, and then according to the assignment order, the selected first variable is assigned a value to verify the encoded information.
2. The network configuration verification acceleration method as described in claim 1, characterized in that, The first configuration information obtained from the network configuration information that is unrelated to the network invariants to be verified includes: Filter the S in the network configuration information R , of which S R The set of configuration information that does not include the first IP prefix, where the first IP prefix is the IP prefix included in the network invariants; Filter the C in the network configuration information R , where C R The first set of community attributes is a collection of attributes that are only included in the S. R The club attributes within; Filter the S in the network configuration information R′ , of which S R′ To match C R A collection of configuration information for any community attribute.
3. The network configuration verification acceleration method as described in claim 1, characterized in that, During the encoding process, the numerical attribute information in the second configuration information is abstracted, including: The first numerical attribute information is abstracted with the router as the scope, wherein the first numerical attribute information is the numerical attribute information that cannot be transmitted between routers; The second numerical attribute information is abstracted within a domain consisting of multiple routers, wherein the second numerical attribute information is the numerical attribute information that can be transmitted between routers.
4. The network configuration verification acceleration method as described in claim 1, characterized in that, Determining the search order of the first variable in the encoded information, and determining the assignment order of the first variable in the encoded information, includes: The search order is stored using a queue structure q, and the assignment order is stored using a mapping table structure m.
5. The network configuration verification acceleration method as described in claim 1, characterized in that, Determining the search order of the first variable in the encoded information includes: The search prioritizes searching the first variable in the branch information, sorts the search order according to the distance between the router where the first variable in the branch information is located and the destination node, and sorts the search order according to the route advertisement type for the first variable in the branch information located on the same router.
6. The network configuration verification acceleration method as described in claim 1, characterized in that, Determining the assignment order of the first variable in the encoded information includes: The assignment order is obtained based on the data plane that contradicts the network invariants.
7. The network configuration verification acceleration method as described in claim 6, characterized in that, The assignment order is obtained based on the data plane that contradicts the network invariants, including: The assignment order is obtained based on the operational intent of the network configuration information; And / or, preferentially assign the first variable in the branch information a value that causes the network invariant to be violated.
8. A network configuration verification acceleration device based on network domain knowledge, characterized in that, include: The configuration filtering module is used to filter out the first configuration information in the network configuration information that is unrelated to the network invariant to be verified, ignore the first configuration information in the network configuration information, and obtain the second configuration information to reduce the configuration information used for encoding. The encoding module is used to encode the network invariants to be verified to obtain first encoded information; The second configuration information is encoded to obtain second encoded information. During the encoding process, the numerical attribute information in the second configuration information is abstracted to reduce the amount of encoded information used in the verification process. The first encoded information and the second encoded information are combined to obtain encoded information, which includes a first variable and at least one branch information, the branch information including at least one of the first variables. The criteria generation module is used to determine the search order of the first variable in the encoded information and the assignment order of the first variable in the encoded information, so as to reduce the number of conflicts generated during the verification process. The verification module is used to select the first variable in the encoded information according to the search order, and then assign values to the selected first variable according to the assignment order to verify the encoded information.
9. An electronic device, characterized in that, include: The memory stores execution instructions; as well as A processor that executes the execution instructions stored in the memory, causing the processor to perform the network configuration verification acceleration method based on network domain knowledge as described in any one of claims 1 to 7.
10. A readable storage medium, characterized in that, The readable storage medium stores execution instructions, which, when executed by a processor, are used to implement the network configuration verification acceleration method based on network domain knowledge as described in any one of claims 1 to 7.