In-Network ACL Rules Placement using Deep Reinforcement Learning - Department of Networks, Systems and Services
Communication Dans Un Congrès Année : 2024

In-Network ACL Rules Placement using Deep Reinforcement Learning

Résumé

Automatically distributing Access Control Lists (ACLs) within a software-defined network plays a critical role in ensuring seamless connectivity, security, and reliability for internal services and hosts. Typically implemented in switches using Ternary Content-Addressable Memory (TCAM), ACLs placement face challenges due to the limited capacity of TCAM memory. To address this, large ACLs must be divided and distributed across multiple switches, ensuring that each packet traveling from source to destination undergoes the necessary match-action rules. In this paper, we propose a novel approach that combines graph-embedding neural networks (GNN) with deep Q-learning (DQN) to automate the distribution of ACLs across network switches while minimizing TCAM memory usage. By allowing additional constraints and evaluating our trained models on both synthetic and real-world network topologies, we show that our approach has a placement success score up to 99\% on unseen graphs.
Fichier principal
Vignette du fichier
papier_wafik_Meditcom.pdf (357.55 Ko) Télécharger le fichier
Origine Fichiers produits par l'(les) auteur(s)

Dates et versions

hal-04703877 , version 1 (20-09-2024)

Licence

Identifiants

Citer

Wafik Zahwa, Abdelkader Lahmadi, Michael Rusinowitch, Mondher Ayadi. In-Network ACL Rules Placement using Deep Reinforcement Learning. 2024 IEEE International Mediterranean Conference on Communications and Networking (MeditCom), Jul 2024, Madrid, Spain. pp.341-346, ⟨10.1109/MeditCom61057.2024.10621188⟩. ⟨hal-04703877⟩
112 Consultations
18 Téléchargements

Altmetric

Partager

More