Batfish is open source, visit us on GitHub

Welcome!

Batfish is a network configuration analysis tool developed jointly by researchers at Intentionet, Inc.; University of California, Los Angeles; University of Southern California; and Microsoft Research. Though its individual modules have various applications, its primary purpose is to detect bugs in network configurations.

Batfish supports a wide variety of analyses

1. Compliance and best-practices guidelines
  • Flag undefined-but-referenced or defined-but-unreferenced structures (e.g., ACLs, route maps)
  • Ensure that all interface MTUs are per the network's standard
2. Checks on data flow
  • Path (shape) between two devices is as expected (e.g., traverses a firewall, valley-free routing)
  • Number of paths between two devices is as expected (i.e., correct multi-path configuration)
3. Fault tolerance
  • End-to-end reachability is not impacted for any flow after any single-link or single-device failure
  • Traffic correctly fails over after a failure
4. Differential analysis of two sets of configurations
  • End-to-end reachability is identical across new and old configurations
  • Two configurations, potentially from different vendors, are semantically equivalent

Tutorials and Talks

Tutorial 01 : Getting Started With Batfish

NANOG 65 : Proactive Network Configuration Validation with Batfish

Ari Fogel, Ratul Mahajan, Todd Millstein

NANOG 70 : Minesweeper and Propane: Two Tools for Improving Network Reliability

Ryan Beckett

Primary publications that describe the technology

A General Approach to Network Configuration Analysis

Ari Fogel, Stanley Fung, Luis Pedrosa, Meg Walraed-Sullivan, Ramesh Govindan, Ratul Mahajan, Todd Millstein

USENIX Symposium on Networked Systems Design and Implementation (NSDI) 2015

ddNF: An efficient data structure for header spaces

Nikolaj Bjørner and Garvit Juniwal and Ratul Mahajan and Sanjit A. Seshia and George Varghese

Haifa Verification Conference (HVC) 2016

A General Approach to Network Configuration Verification

Ryan Beckett, Aarti Gupta, Ratul Mahajan, David Walker

ACM SIGCOMM 2017

Control Plane Compression

Ryan Beckett, Aarti Gupta, Ratul Mahajan, David Walker

ACM SIGCOMM 2018

Other publications that build on Batfish

Fast Control Plane Analysis Using an Abstract Representation

Aaron Gember-Jacobson, Raajay Viswanathan, Aditya Akella, Ratul Mahajan

ACM SIGCOMM 2016

Efficient Network Reachability Analysis Using a Succinct Control Plane Representation

Seyed K. Fayaz, Tushar Sharma, Ari Fogel, Ratul Mahajan, Todd Millstein, Vyas Sekar, George Varghese

USENIX Symposium on Operating Systems Design and Implementation (OSDI) 2016

Automatically Repairing Network Control Planes Using an Abstract Representation

Aaron Gember-Jacobson and Aditya Akella and Ratul Mahajan and Hongqiang Harry Liu

ACM SOSP 2017

Development of Batfish benefits from the use of the Java profiler JProfiler.