Semantic analysis to detect shadowing of rules in a model of network intents
First Claim
1. A method comprising:
- obtaining one or more models of network intents, each model based at least in part on a priority-ordered listing of rules representing network intents, wherein each rule comprises a Boolean function of one or more packet characteristics and network fabric conditions, and a corresponding network action; and
for each given rule of the priority-ordered listing of rules, detecting partial and complete shadowing events, the detecting based at least in part on a semantic analysis comprising;
calculating an inverse set, the inverse set comprising the inverse of the set comprising all rules with a higher or equal priority to the given rule; and
calculating a shadowing parameter, the shadowing parameter comprising the intersection between the inverse set and the given rule, wherein;
a complete shadowing event is detected if the shadowing parameter is equal to zero; and
a partial shadowing event is detected if the shadowing parameter is not equal to zero and the shadowing parameter is not equal to the given rule.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems, methods, and computer-readable media for performing semantic analysis to identify shadowing events. One or more models of network intents, based at least in part on a priority-ordered listing of rules representing network intents, is received. Each rule comprises a Boolean function of one or more packet characteristics and network fabric conditions, and a corresponding network action. For each given rule of the priority-ordered listing of rules, partial and complete shadowing events are detected based on semantic analysis. The semantic analysis comprises calculating an inverse set that comprises the inverse of the set comprising all rules with a higher or equal priority to the given rule, and then calculating a shadowing parameter that comprises the intersection between the inverse set and the given rule. If the shadowing parameter is equal to zero, a complete shadowing event is detected. If the shadowing parameter is not equal to zero and is not equal to the given rule, a partial shadowing event is detected.
172 Citations
20 Claims
-
1. A method comprising:
-
obtaining one or more models of network intents, each model based at least in part on a priority-ordered listing of rules representing network intents, wherein each rule comprises a Boolean function of one or more packet characteristics and network fabric conditions, and a corresponding network action; and for each given rule of the priority-ordered listing of rules, detecting partial and complete shadowing events, the detecting based at least in part on a semantic analysis comprising; calculating an inverse set, the inverse set comprising the inverse of the set comprising all rules with a higher or equal priority to the given rule; and calculating a shadowing parameter, the shadowing parameter comprising the intersection between the inverse set and the given rule, wherein; a complete shadowing event is detected if the shadowing parameter is equal to zero; and a partial shadowing event is detected if the shadowing parameter is not equal to zero and the shadowing parameter is not equal to the given rule. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system comprising:
-
one or more processors; and at least one computer-readable storage medium having stored therein instructions which, when executed by the one or more processors, cause the system to; receive one or more models of network intents, each model based at least in part on a priority-ordered listing of rules representing network intents, wherein each rule comprises a Boolean function of one or more packet characteristics and network fabric conditions, and a corresponding network action; and for each given rule of the priority-ordered listing of rules, detect partial and complete shadowing events, the detecting based at least in part on a semantic analysis causing the system to; calculate an inverse set, the inverse set comprising the inverse of the set comprising all rules with a higher or equal priority to the given rule; and calculate an shadowing parameter, the shadowing parameter comprising the intersection between the inverse set and the given rule, wherein; a complete shadowing event is detected if the shadowing parameter is equal to zero; and a partial shadowing event is detected if the shadowing parameter is not equal to zero and the shadowing parameter is not equal to the given rule. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory computer-readable storage medium comprising:
-
instructions stored therein instructions which, when executed by one or more processors, cause the one or more processors to; receive one or more models of network intents, each model based at least in part on a priority-ordered listing of rules representing network intents, wherein each rule comprises a Boolean function of one or more packet characteristics and network fabric conditions, and a corresponding network action; and for each given rule of the priority-ordered listing of rules, detect partial and complete shadowing events, the detecting based at least in part on a semantic analysis causing the system to; calculate an inverse set, the inverse set comprising the inverse of the set comprising all rules with a higher or equal priority to the given rule; and calculate an shadowing parameter, the shadowing parameter comprising the intersection between the inverse set and the given rule, wherein; a complete shadowing event is detected if the shadowing parameter is equal to zero; and a partial shadowing event is detected if the shadowing parameter is not equal to zero and the shadowing parameter is not equal to the given rule. - View Dependent Claims (16, 17, 18, 19)
-
-
20. A method comprising:
-
obtaining a listing of shadowed rules, where the shadowed rules are associated with a priority-ordered listing of rules representing network intents of a network intent model, wherein each rule comprises a Boolean function of one or more packet characteristics or network fabric conditions, and a corresponding network action; and for each given rule of the listing of shadowed rules, determining whether a given shadowed rule is partially shadowed or completely shadowed, the determining based at least in part on a semantic analysis comprising calculating the intersection between the given shadowed rule and each individual higher priority rule of the priority-ordered listing of rules, wherein; the given shadowed rule is completely shadowed by the higher priority rule if the intersection is equal to the given shadowed rule, such that the higher priority rule is flagged as a complete shadower and the analysis exits; and the given shadowed rule is partially shadowed by the higher priority rule if the intersection is not equal to zero, such that the higher priority rule is flagged as a partial shadower and the analysis proceeds to the next of the higher priority rules; for each given rule of the listing of shadowed rules, determining whether a given shadowed rule and its complete shadower or partial shadowers form a conflict pair, such that the shadowed rule stipulates a first action for a given set of conditions and the complete shadower or partial shadowers stipulate a second action for a given set of conditions, where the second action is different from the first action.
-
Specification