ABSTRACT
Ternary Content Addressable Memory (TCAM), although widely used for general packet classification, is an expensive and high power-consuming device. Algorithmic solutions which rely on commodity memory chips are relatively inexpensive and power-efficient but have not been able to match the generality and performance of TCAMs. Therefore, the development of fast and power-efficient algorithmic packet classification techniques continues to be a research subject.In this paper we propose a new approach to packet classification which combines architectural and algorithmic techniques. Our starting point is the well-known crossproduct algorithm which is fast but has significant memory overhead due to the extra rules needed to represent the crossproducts. We show how to modify the crossproduct method in a way that drastically reduces the memory requirement without compromising on performance. Unnecessary accesses to the off-chip memory are avoided by filtering them through on-chip Bloom filters. For packets that match p rules in a rule set, our algorithm requires just 4 + p + ε independent memory accesses to return all matching rules, where ε << 1 is a small constant that depends on the false positive rate of the Bloom filters. Using two commodity SRAM chips, a throughput of 38 Million packets per second can be achieved. For rule set sizes ranging from a few hundred to several thousand filters, the average rule set expansion factor attributable to the algorithm is just 1.2 to 1.4. The average memory consumption per rule is 32 to 45 bytes.
- IDT Generic Part: 71P72604 http://www.idt.com/?catID=58745&genID=71P72604.Google Scholar
- IDT Generic Part: 75K72100 http://www.idt.com/?catID=58523&genID=75K72100.Google Scholar
- Florin Baboescu and George Varghese. Scalable Packet Classification. In ACM SIGCOMM, 2001. Google ScholarDigital Library
- Sarang Dharmapurikar, P. Krishnamurthy, and Dave Taylor. Longest Prefix Matching using Bloom Filters. In ACM SIGCOMM, August 2003. Google ScholarDigital Library
- Pankaj Gupta and Nick McKeown. Packet classification on multiple fields. In ACM SIGCOMM, 1999. Google ScholarDigital Library
- T. V. Lakshman and D. Stiliadis. High-speed policy-based packet forwarding using efficient multi-dimensional range matching. In ACM SIGCOMM, 1998. Google ScholarDigital Library
- K. Lakshminarayanan, Anand Rangarajan, and Srinivasan Venkatachary. Algorithms for Advanced Packet Classification using Ternary CAM. In ACM SIGCOMM, 2005. Google ScholarDigital Library
- Haoyu Song, Sarang Dharmarpurikar, Jonathan Turner, and John Lockwood. Fast Hash Table Lookup Using Extended Bloom Filter: An Aid to Network Processing. In ACM SIGCOMM, 2005. Google ScholarDigital Library
- V. Srinivasan, George Varghese, Subhash Suri, and Marcel Waldvogel. Fast and Scalable Layer Four Switching. In ACM SIGCOMM, 1998. Google ScholarDigital Library
- David Taylor and Jon Turner. Scalable Packet Classification Using Distributed Crossproducting of Field Labels. In IEEE INFOCOM, July 2005.Google ScholarCross Ref
- David E. Taylor. Survey and taxonomy of packet classification techniques. Washington University Technical Report, WUCSE-2004, 2004.Google Scholar
- George Varghese. Network Algorithmics: An Interdisciplinary Approach to Designing Fast Networked Devices. 2005. Google ScholarDigital Library
- Fang Yu and Randy H. Katz. Efficient Multi-Match Packet Classification with TCAM. In IEEE Hot Interconnects, August 2003. Google ScholarDigital Library
- Fang Yu, T. V. Lakshman, Martin Austin Motoyama, and Randy H. Katz. Ssa: a power and memory efficient scheme to multi-match packet classification. In ANCS '05: Proceedings of the 2005 symposium on Architecture for networking and communications systems, 2005. Google ScholarDigital Library
Index Terms
- Fast packet classification using bloom filters
Recommendations
A Comparison of Ruleset Feature Independent Packet Classification Engines on FPGA
IPDPSW '13: Proceedings of the 2013 IEEE 27th International Symposium on Parallel and Distributed Processing Workshops and PhD ForumPacket classification is used in network firewalls to identify and filter threats or unauthorized network access at the application level. This is realized by comparing incoming packet headers against a predefined rule set. Many solutions to packet ...
SAX-PAC (Scalable And eXpressive PAcket Classification)
SIGCOMM'14Efficient packet classification is a core concern for network services. Traditional multi-field classification approaches, in both software and ternary content-addressable memory (TCAMs), entail tradeoffs between (memory) space and (lookup) time. TCAMs ...
Three different designs for packet classification
If we analyze real life filter sets (classifiers) and also packet classification requirements, it seems that distribution of rule scope is non-uniform and in some sub spaces is denser inside the total space of classifiers. These features guided us to ...
Comments