Abstract:
Automatically distributing Access Control Lists (ACLs) within a software-defined network plays a critical role in ensuring seamless connectivity, security, and reliabilit...Show MoreMetadata
Abstract:
Automatically distributing Access Control Lists (ACLs) within a software-defined network plays a critical role in ensuring seamless connectivity, security, and reliability for internal services and hosts. Typically implemented in switches using Ternary Content-Addressable Memory (TCAM), ACLs placement face challenges due to the limited capacity of TCAM memory. To address this, large ACLs must be divided and distributed across multiple switches, ensuring that each packet traveling from source to destination undergoes the necessary match-action rules. In this paper, we propose a novel approach that combines graph-embedding neural networks (GNN) with deep Q-learning (DQN) to automate the distribution of ACLs across network switches while minimizing TCAM memory usage. By allowing additional constraints and evaluating our trained models on both synthetic and real-world network topologies, we show that our approach has a placement success score up to \mathbf{9 9 \%} on unseen graphs.
Published in: 2024 IEEE International Mediterranean Conference on Communications and Networking (MeditCom)
Date of Conference: 08-11 July 2024
Date Added to IEEE Xplore: 12 August 2024
ISBN Information: