Pyretic Control Plane Composing Paper Review


Christopher Monsanto and Joshua Reich and Nate Foster and Jennifer Rexford and David Walker; Composing Software Defined Networks


How to create a modular system for control plane programs for SDN?


Existing controller platforms only allow developers to create monolithic applications. These applications are hard to develop, debug, and maintain and developers commonly have to reason about the low-level logic and constructing complex control programs in an ad-hoc way.

Previous Work

Controller composition has been proposed first in Click modular router, Maestro, Frenetic, etc. These authors have proposed to create control programs as a set of slices, which are handlers for the disjoint part of the traffic. However, previous work does not handle how slicing could be applied to the same traffic with inter-slice communication and how to automatically resolve conflicts. In the meantime, NOX, ONIX, and POX have presented the concept of distributed storage and network abstractions.


The authors have advanced state of art by introducing a programming language Pyretic allowing developers to use mathematical formulas to represent the relation between policy modules. Additionally, a network abstraction is proposed to further simplify the development of the policies. Developers could also extend such an abstraction by developing and extending upon the packet abstraction.

The authors first introduce an abstracted packet structure. Pyretic introduces 4 types of tokens: Primitive Actions (action upon the packet input), Predicates (matching packets), Policies (combination of predicates and actions), Query Policies. Specifically, a dynamic policy could be created by query policy, which allows the construction of dynamic policies by providing buckets and listener hooks. A network object abstraction is also provided, allowing developers to layer networks on another.


Firstly, the introduction of abstracted packet structure allowed the developer to both create more keys and append on keys. This is extremely helpful for hiding information for each module of the controller. Additionally, policy abstraction allows Pyretic to combine policies into a controller. Finally, network abstraction greatly simplifies the development of multi-use controller programs.


Pyretic is evaluated by creating a range of different controller programs to demonstrate its ease of use and flexibility. These programs are Hubs, MAC learner, etc. However, the performance evaluation is not provided.

Questions for Authors

  1. How is its performance compared to directly creating controller programs as a whole?
  2. How could this system be applied to distributed systems? Would it automatically work or further instrumentation is needed?