Finding Network Misconfigurations by Automatic Template Inference

Explore a novel approach to detecting network configuration errors without explicit specifications in this USENIX NSDI '20 conference talk. Learn about the SelfStarter tool, which uses structured generalization to automatically infer parameterized templates from configuration elements, identifying potential misconfigurations as outliers. Discover how this method was applied to datacenter networks, wide-area networks, and campus networks, uncovering 43 previously unknown bugs. Gain insights into the challenges of network verification, the importance of modeling configuration similarities and differences, and the practical applications of this automated outlier detection technique in real-world network management scenarios.

Intro
Network Misconfigurations Are Common
Network Verification
Limitation: Lack of Specifications
PROBLEM: How to find misconfigurations without an explicit specification?
Network Device Roles
PROBLEM: How to model config "similarity and define "deviance ?
Contributions
End-to-End Design
An Example: Campus Network
SelfStarter Example Output
Group 1 Template
Deviance Identification
Template Inference: Key Ideas
Results - Summary
Results - Sources of Misconfigurations
Conclusion