Directions in Packet Classification for Network Processors

Publisher Summary Network processors are generally configured with only a small amount of memory with limited access bandwidth. A key challenge is to design packet classification algorithms that can be implemented efficiently on network processor platforms. The design of such algorithms needs to exploit the structure and characteristics of packet classification rules. This chapter analyzes several databases of classification rules found in firewalls and derived their statistical properties. The rules found in access control lists (ACL) contain two types of fields, and these rules refer to many more network paths than applications. IP address pairs identify regions that overlap with one another. Only a small number of transport-level fields are sufficient to characterize ACLs of different sizes. Based on the findings, a hybrid, two-stage classification architecture is suggested.

[1]  George Varghese,et al.  Fast and scalable layer four switching , 1998, SIGCOMM '98.

[2]  Pankaj Gupta,et al.  Packet Classification using Hierarchical Intelligent Cuttings , 1999 .

[3]  Nick McKeown,et al.  Algorithms for packet classification , 2001, IEEE Netw..

[4]  T. V. Lakshman,et al.  High-speed policy-based packet forwarding using efficient multi-dimensional range matching , 1998, SIGCOMM '98.

[5]  Nick McKeown,et al.  Classifying Packets with Hierarchical Intelligent Cuttings , 2000, IEEE Micro.

[6]  Svante Carlsson,et al.  Small forwarding tables for fast routing lookups , 1997, SIGCOMM '97.

[7]  Adnan Aziz,et al.  OC-3072 packet classification using BDDs and pipelined SRAMs , 2001, HOT 9 Interconnects. Symposium on High Performance Interconnects.

[8]  K. J. Schultz,et al.  Fully Parallel 30-MHz , 2 . 5-Mb CAM , 1998 .

[9]  Paul F. Tsuchiya,et al.  A search algorithm for table entries with non-contiguous wildcarding , 1991 .

[10]  George Varghese,et al.  Packet classification for core routers: is there an alternative to CAMs? , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[11]  George Varghese,et al.  Scalable packet classification , 2001, SIGCOMM '01.

[12]  Venkatachary Srinivasan,et al.  Packet classification using tuple space search , 1999, SIGCOMM '99.

[13]  Anja Feldmann,et al.  Tradeoffs for packet classification , 2000, Proceedings IEEE INFOCOM 2000. Conference on Computer Communications. Nineteenth Annual Joint Conference of the IEEE Computer and Communications Societies (Cat. No.00CH37064).

[14]  Nick McKeown,et al.  Packet classification on multiple fields , 1999, SIGCOMM '99.

[15]  Subhash Suri,et al.  Space Decomposition Techniques for Fast Layer-4 Switching , 1999, Protocols for High-Speed Networks.