Reachability Analysis in Dynamically Routed Networks

Abstract

In this paper, we introduce a novel approach to reach ability analysis of dynamically routed networks. The goal is to determine the network-wide reach ability using static analysis of configuration files gathered from forwarding devices. We describe a method that can compute the reach ability in networks with a mix of static routing configurations, distance vector routing protocols, filtering routing updates and redistributions. The method computes a network-wide approximation of distributed routing information using the standard graph algorithms. Thus, for any network state, we can determine a set of active paths used for packet delivery. The outcomes of the method can be, for instance, used during the conformance checking of distributed access control lists against network security policies.