DISTRIBUTED HOST VALIDATION ENGINE FOR NETWORKING CONTROL PLANE IN A SOFTWARE DEFINED NETWORK

Invented by GUPTA; Avijit

Today’s cloud networks are big and always changing. Making sure they work right—every time—can be tough. A new patent application describes a smart system that checks if a network is set up exactly the way a user wants, even when there are lots of moving parts. This system is called a validation engine. In this article, we’ll break down what this means, why it’s important, and how it works.
Background and Market Context
Cloud computing has changed the way we use computers. Instead of keeping everything on one computer, companies can use many computers all over the world. These computers, called hosts, can run lots of small programs called virtual machines or containers. This setup is called a virtualized computing environment. It lets companies run their apps faster and save money.
But running so many virtual machines is not easy. Network settings need to be just right, or things can break. For example, one part of the network can be set up to allow certain users, while another part might block them by accident. When this happens, important apps might stop working. In big cloud systems, even a small mistake can cause big problems.
This is where Software Defined Networking (SDN) comes in. SDN lets network managers set rules for how data moves around the network. These rules, or goal states, tell the network what it should look like and how it should behave. When a user says, “I want my app to work this way,” that’s a goal state. The network then tries to make this happen by changing settings behind the scenes.
The problem is, there are many places where things can go wrong. Sometimes, the network’s real state doesn’t match the user’s goal. Maybe a change is missed. Maybe a setting is wrong on just one host. These mistakes can be hard to find, especially when there are thousands of hosts.
Cloud providers want to make sure their customers’ networks always match the users’ wishes. If they don’t, customers might lose trust and move to another provider. So, there is a big need for a tool that can check, all the time, if the network is really set up the way the user wants.
Testing every possible network setup is impossible by hand. There are too many ways to set things up, and new apps or rules get added every day. Old ways of testing—like writing a test for every setting—take too much time and miss things. Plus, these tests are often slow and use up valuable computing power.

What’s needed is a smart, automatic way to check the network. This tool must work fast, use little computing power, and keep up as the network changes. It should be able to look at the user’s goal, see what’s really happening on every host, and make sure they match. If something is wrong, it should tell the operator right away.
That’s what this patent is about—a new validation engine that can check user goal states across many hosts and keep the network healthy.
Scientific Rationale and Prior Art
To understand why this new system matters, let’s look at how things work today and what has been done before.
In the past, network testing relied on unit tests. These are small tests written by engineers to check if a certain setting works. For example, a test might check if a server allows a certain network connection. To cover every possible network setup, engineers need to write many, many tests. But networks grow fast, and keeping up is hard. Some problems are missed, and that can lead to outages.
Another common approach is configuration management. Tools like Ansible, Puppet, or Chef help set up networks and keep them in a known state. They check if the settings match what is in a configuration file. If something is out of sync, they try to fix it. But these tools mostly focus on the setup process. They don’t always check if the end result matches what the user really wanted, especially in complex, dynamic environments.
SDN controllers have also tried to help. They let network managers set up the network from a central place. The SDN controller then pushes these settings to all the devices. But there is still a gap between what the user wants and what is actually happening on every host. Sometimes, a setting might not reach one host, or it might be applied incorrectly. The SDN controller might not notice this.
Some research has looked at automated verification. These systems try to check if the network matches its intended design. This can help find mistakes before they cause trouble. But these systems often work only in small networks, or they use a lot of computer power. They might not work well when the network is very big or changes all the time.
A big problem with all these old ways is that they are not good at covering “corner cases.” A corner case is a rare situation that only happens under special conditions. These are the kinds of problems that are easy to miss, but can cause big trouble. When networks get bigger and more complex, there are more corner cases.

What is missing is a way to:
- Describe the user’s goal clearly and in a standard format
- Check, in real time, what is happening on every host
- Compare the real network state with the user’s goal state
- Work at scale, across thousands or millions of hosts
- Alert the operator when something is not right
The patent described here solves these problems. It uses a new validation engine that talks to all the network parts, checks their settings, and compares them to the user’s goal. It does this in a way that works for big networks, is fast, and can keep up as things change. It uses agents on each host to check local settings, and a central engine to bring everything together. The result is a network that matches what the user wants, all the time.
Invention Description and Key Innovations
Now, let’s dive into how this new validation engine works and what makes it different.
1. The Validation Engine
The heart of the invention is the validation engine. This is a computer program that runs in the cloud. It can run on each host, or as a remote service in a data center. The engine’s job is to keep track of the user’s goal state, check what’s really happening on every host, and make sure they match.
2. User Goal State
A user goal state is a clear description of how the user wants the network to behave. It might say which apps should run, what network policies should be in place, and what settings should be used. This goal state is written in a standard way so computers can read it.

The user goal state is stored in a central place and can be updated as needed. The validation engine gets a copy of this goal state and uses it for comparison.
3. Checking the Real State
The validation engine sends out queries to the network’s control plane. The control plane is the part of the network that knows what each host is doing. By asking the control plane, the engine learns the current state of each host.
But that’s not all. Sometimes, the control plane might not know every detail. To get the full picture, the validation engine sends out small helpers called agents to each host. These agents check the settings on their own host and report back. This way, the engine gets the real, up-to-date information it needs.
4. Comparing States
When the engine has the user’s goal state and the real state from every host, it compares them. If everything matches, that means the network is set up just the way the user wants. If there is a difference, the engine finds out where it is and can tell the operator.
5. Output and Alerts
The validation engine outputs a message showing if the network matches the user’s goal. If there is a problem, it tells the operator exactly where and what is wrong. This helps operators fix problems faster, before users even notice.
6. Works at Any Scale
One of the best parts of this invention is that it works for networks of any size. Whether there are 10 hosts or a million, the validation engine can handle it. It uses a smart, distributed design that lets it work fast, even as the network grows.
7. Handles New Scenarios
Networks change all the time. New apps, new rules, and new hosts are added. The validation engine can handle these changes. When a new scenario is added to the network, it is also added to the engine. This means the engine always knows what to check for, no matter how the network changes.
8. SDN Device Abstraction Layer
The validation engine also includes a part called an SDN device abstraction layer. This lets it talk to different kinds of network devices in a standard way. It can check what is set up on each device, no matter who made it or how it works inside. This is important because cloud networks use many kinds of devices.
9. Modular and Flexible
The system is built to be flexible. It can run on each host, so checks are done close to where the work happens. Or, it can run as a central service in a data center. This lets cloud providers choose the best setup for their needs.
10. Centralized Data and Audit Logs
The engine keeps track of all its checks and results. It stores audit logs and configuration data so operators can see what happened and when. This helps with troubleshooting and proving that the network is working as it should.
Putting It All Together
Let’s say a company wants its network to allow only certain apps and block others. The operator writes this as a user goal state. The validation engine gets this goal state and sends queries and agents to all the hosts. Each agent checks what’s really running and sends back the answer. The engine compares the real state with the goal state. If everything matches, it sends a message saying all is good. If something is wrong—maybe one host is running an app it shouldn’t—the engine tells the operator right away.
This system makes it much easier to keep networks working the way users want. It finds problems early, even in rare corner cases. It works for big, fast-changing networks. And it saves time and effort by automating the whole process.
Conclusion
Cloud networks are growing bigger and more complex every day. Old ways of checking if networks are set up right don’t work well anymore. The new validation engine described in this patent solves this problem. It uses a smart design that checks every host, compares what’s really happening with what the user wants, and alerts operators if there’s a problem.
The system is flexible, works at any scale, and keeps up as networks change. It helps cloud providers keep their networks healthy, their customers happy, and their services reliable. As cloud computing continues to grow, tools like this validation engine will be key to keeping everything running smoothly.
Click here https://ppubs.uspto.gov/pubwebapp/ and search 20250217178.


