Scalable Packet Classification Through Rulebase Partitioning Using the Maximum Entropy Hashing

In this paper, we introduce a new packet classification algorithm, which can substantially improve the performance of a classifier. The algorithm is built on the observation that a given packet matches only a few rules even in large classifiers, which suggests that most of rules are independent in any given rulebase. The algorithm hierarchically partitions the rulebase into smaller independent subrulebases based on hashing. By using the same hash key used in the partitioning a classifier only needs to look up the relevant subrulebase to which an incoming packet belongs. For an optimal partitioning of rulebases, we apply the notion of maximum entropy to the hash key selection. We performed the detailed simulations of our proposed algorithm on synthetic rulebases of size 1 K to 500 K entries using real-life packet traces. The results show that the algorithm can significantly outperform existing classifiers by reducing the size of a rulebase by more than four orders of magnitude with just two-levels of partitioning. Both the time complexity and the space complexity of the algorithm exhibit linearity in terms of the size of a rulebase. This suggests that the algorithm can be a good scalable solution for medium to large rulebases.

[1]  Elizabeth D. Zwicky,et al.  Building internet firewalls , 1995 .

[2]  Huan Liu,et al.  Efficient mapping of range classifier into ternary-CAM , 2002, Proceedings 10th Symposium on High Performance Interconnects.

[3]  Anja Feldmann,et al.  Tradeoffs for packet classification , 2000, Proceedings IEEE INFOCOM 2000. Conference on Computer Communications. Nineteenth Annual Joint Conference of the IEEE Computer and Communications Societies (Cat. No.00CH37064).

[4]  C. Macian,et al.  An evaluation of the key design criteria to achieve high update rates in packet classifiers , 2001, IEEE Netw..

[5]  Nick McKeown,et al.  Classifying Packets with Hierarchical Intelligent Cuttings , 2000, IEEE Micro.

[6]  L. Goddard Information Theory , 1962, Nature.

[7]  Ehab Al-Shaer,et al.  Adaptive Statistical Optimization Techniques for Firewall Packet Filtering , 2006, Proceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications.

[8]  T. V. Lakshman,et al.  High-speed policy-based packet forwarding using efficient multi-dimensional range matching , 1998, SIGCOMM '98.

[9]  Elizabeth D. Zwicky,et al.  Building Internet firewalls (2nd ed.) , 2000 .

[10]  Yi Ge,et al.  Gear up the Classifier: Scalable Packet Classification Optimization Framework via Rule Set Pre-Processing , 2006, 11th IEEE Symposium on Computers and Communications (ISCC'06).

[11]  Nick McKeown,et al.  Packet classification on multiple fields , 1999, SIGCOMM '99.

[12]  Venkatachary Srinivasan,et al.  Packet classification using tuple space search , 1999, SIGCOMM '99.

[13]  Subhash Suri,et al.  Space Decomposition Techniques for Fast Layer-4 Switching , 1999, Protocols for High-Speed Networks.

[14]  Marco Pellegrini,et al.  Packet classification via improved space decomposition techniques , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[15]  Hyogon Kim,et al.  Scalable Packet Classification through Maximum Entropy Hashing , 2004, NETWORKING.

[16]  George Varghese,et al.  Scalable packet classification , 2001, SIGCOMM '01.

[17]  Ke Xu,et al.  A fast IP classification algorithm applying to multiple fields , 2001, ICC 2001. IEEE International Conference on Communications. Conference Record (Cat. No.01CH37240).

[18]  Thomas Y. C. Woo A modular approach to packet classification: algorithms and results , 2000, Proceedings IEEE INFOCOM 2000. Conference on Computer Communications. Nineteenth Annual Joint Conference of the IEEE Computer and Communications Societies (Cat. No.00CH37064).

[19]  Pankaj Gupta,et al.  Packet Classification using Hierarchical Intelligent Cuttings , 1999 .

[20]  George Varghese,et al.  Fast and scalable layer four switching , 1998, SIGCOMM '98.

[21]  Antonius P. J. Engbersen,et al.  Fast and scalable packet classification , 2003, IEEE J. Sel. Areas Commun..

[22]  Hyogon Kim,et al.  Taming Large Classifiers with Rule Reference Locality , 2003, ICOIN.