About CoVisor

A foundational principle of Software-Defined Networking (SDN) is to decouple control logic from vendor-specific hardware. Such a separation allows network administrators to deploy both the software and the hardware most suited to their needs, rather than being forced to compromise on one or both fronts because of the lack of availability of the perfect box. To fully realize this vision of freely assembling "best of breed" solutions, administrators should be able to run any combination of controller applications on their networks.

A network hypervisor is a natural solution to this problem of bringing together disparate controllers. However, existing hypervisors restrict each controller to a distinct slice of network traffic. While useful in scenarios like multi-tenancy in which each tenant controls its own traffic, they do not enable multiple applications to collaboratively process the same traffic. Thus, an SDN hypervisor must be capable of more than just slicing.

CoVisor is this more powerful SDN hypervisor. More specifically, CoVisor brings together in an efficiently implemented single, coherent system the following key features.

  1. Assembly of multiple controllers.
  2. Definition of abstract topologies.
  3. Protection against misbehaving controllers.

Policy Composition

CoVisor allows the administrator to compose data plane policies in parallel, in sequence, or in an override/default relationship.

Additional References

The semantics of the parallel and sequential operators are formally defined here. Note that this paper represents $T_1 \gg T_2$ as $T_1 \cdot T_2$.

Topology Virtualization

CoVisor allows the administrator to provide a custom virtual topology to each controller. Topology virtualization offers three benefits.

  1. Security. The administrator can protect his physical infrastructure by revealing no more detail than necessary to any given controller.
  2. Code reuse. Some applications (e.g. firewalls) do not rely on details of the physical topology. CoVisor allows the administrator reuse generic (physical) topology-independent code by abstracting the network as a "big virtual switch."
  3. Modular implementation of complex logic. Some switches, such as a gateway between an Ethernet island and the IP core, may play multiple roles in the network. With CoVisor, the administrator can create one virtual switch for each role, assign each to a controller application precisely tailored to its single task, and compile policies written for the virtual network into the physical network.

Access Control

CoVisor allows the administrator to impose fine-grained control on how a controller can process packets. This access control is important to protect against buggy or maliciously misbehaving third-party controllers.

See the documentation for more on CoVisor's architecture and API.