SSA: a power and memory efficient scheme to multi-match packet classification

New network applications like intrusion detection systems and packet-level accounting require multi-match packet classification, where all matching filters need to be reported. Ternary Content Addressable Memories (TCAMs) have been adopted to solve the multi-match classification problem due to their ability to perform fast parallel matching. However, TCAM is expensive and consumes large amounts of power. None of the previously published multi-match classification schemes is both memory and power efficient. In this paper, we develop a novel scheme that meets both requirements by using a new Set Splitting Algorithm (SSA). The main idea of SSA is that it splits filters into multiple groups and performs separate TCAM lookups into these groups. It guarantees the removal of at least half the intersections when a filter set is split into two sets, thus resulting in low TCAM memory usage. SSA also accesses filters in the TCAM only once per packet, leading to low power consumption. We compare SSA with two best known schemes: MUD [1] and Geometric Intersection-based solutions [2]. Simulation results based on the SNORT filter sets show that SSA uses approximately the same amount of TCAM memory as MUD, but yields a 75% to 95% reduction in power consumption. Compared with Geometric Intersection-based solutions, SSA uses 90% less TCAM memory and power at the cost of one additional TCAM lookup per packet.

[1]  Bin Liu,et al.  An ultra high throughput and power efficient TCAM-based IP lookup engine , 2004, IEEE INFOCOM 2004.

[2]  Haoyu Song,et al.  Efficient packet classification for network intrusion detection using FPGA , 2005, FPGA '05.

[3]  Nick McKeown,et al.  Algorithms for packet classification , 2001, IEEE Netw..

[4]  Jonathan S. Turner,et al.  Packet classification using extended TCAMs , 2003, 11th IEEE International Conference on Network Protocols, 2003. Proceedings..

[5]  Tutomu Murase,et al.  A longest prefix match search engine for multi-gigabit IP processing , 2000, 2000 IEEE International Conference on Communications. ICC 2000. Global Convergence Through Communications. Conference Record.

[6]  Francis Zane,et al.  Coolcams: power-efficient TCAMs for forwarding engines , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[7]  George Varghese,et al.  Packet classification using multidimensional cutting , 2003, SIGCOMM '03.

[8]  David E. Taylor Taxonomy of Packet Classification Techniques , 2004 .

[9]  Anand Rangarajan,et al.  Algorithms for advanced packet classification with ternary CAMs , 2005, SIGCOMM '05.

[10]  David E. Taylor Survey and taxonomy of packet classification techniques , 2005, CSUR.

[11]  John W. Lockwood,et al.  Deep packet inspection using parallel bloom filters , 2004, IEEE Micro.

[12]  E TaylorDavid Survey and taxonomy of packet classification techniques , 2005 .

[13]  Pierluigi Crescenzi,et al.  A compendium of NP optimization problems , 1994, WWW Spring 1994.

[14]  Rina Panigrahy,et al.  Reducing TCAM power consumption and increasing throughput , 2002, Proceedings 10th Symposium on High Performance Interconnects.

[15]  Christopher R. Clark,et al.  Scalable pattern matching for high speed networks , 2004, 12th Annual IEEE Symposium on Field-Programmable Custom Computing Machines.

[16]  George Varghese,et al.  Fast and scalable layer four switching , 1998, SIGCOMM '98.

[17]  Viktor K. Prasanna,et al.  Time and area efficient pattern matching on FPGAs , 2004, FPGA '04.

[18]  T. V. Lakshman,et al.  Efficient multimatch packet classification and lookup with TCAM , 2005, IEEE Micro.

[19]  T. V. Lakshman,et al.  Gigabit rate packet pattern-matching using TCAM , 2004, Proceedings of the 12th IEEE International Conference on Network Protocols, 2004. ICNP 2004..

[20]  Randy H. Katz,et al.  Efficient multi-match packet classification with TCAM , 2004, Proceedings. 12th Annual IEEE Symposium on High Performance Interconnects.

[21]  George Varghese,et al.  Faster IP lookups using controlled prefix expansion , 1998, SIGMETRICS '98/PERFORMANCE '98.

[22]  H. Liu,et al.  Conference on Measurement and modeling of computer systems , 2001 .

[23]  George Varghese,et al.  Packet classification for core routers: is there an alternative to CAMs? , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[24]  Paul D. Franzon,et al.  Configurable string matching hardware for speeding up intrusion detection , 2005, CARN.

[25]  Pankaj Gupta,et al.  Packet Classification using Hierarchical Intelligent Cuttings , 1999 .

[26]  Lars Engebretsen,et al.  Better Approximation Algorithms and Tighter Analysis for Set Splitting and Not-All-Equal Sat , 1997, Electron. Colloquium Comput. Complex..

[27]  David S. Johnson,et al.  Approximation algorithms for combinatorial problems , 1973, STOC.

[28]  Nick McKeown,et al.  Packet classification on multiple fields , 1999, SIGCOMM '99.