Algorithms for advanced packet classification with ternary CAMs

Ternary content-addressable memories (TCAMs) have gained wide acceptance in the industry for storing and searching Access Control Lists (ACLs). In this paper, we propose algorithms for addressing two important problems that are encountered while using TCAMs: reducing range expansion and multi-match classification.Our first algorithm addresses the problem of expansion of rules with range fields¿to represent range rules in TCAMs, a single range rule is mapped to multiple TCAM entries, which reduces the utilization of TCAMs. We propose a new scheme called Database Independent Range PreEncoding (DIRPE) that, in comparison to earlier approaches, reduces the worst-case number of TCAM entries a single rule maps on to. DIRPE works without prior knowledge of the database, scales when a large number of ranges is present, and has good incremental update properties.Our second algorithm addresses the problem of finding multiple matches in a TCAM. When searched, TCAMs return the first matching entry; however, new applications require either the first few or all matching entries. We describe a novel algorithm, called Multi-match Using Discriminators (MUD), that finds multiple matches without storing any per-search state information in the TCAM, thus making it suitable for multi-threaded environments. MUD does not increase the number of TCAM entries needed, and hence scales to large databases.Our algorithms do not require any modifications to existing TCAMs and are hence relatively easy to deploy. We evaluate the algorithms using real-life and random databases.

[1]  Paul F. Tsuchiya,et al.  A search algorithm for table entries with non-contiguous wildcarding , 1991 .

[2]  George Varghese,et al.  Fast and scalable layer four switching , 1998, SIGCOMM '98.

[3]  George Varghese,et al.  Faster IP lookups using controlled prefix expansion , 1998, SIGMETRICS '98/PERFORMANCE '98.

[4]  Gunnar Karlsson,et al.  Fast address look-up for internet routers , 1998, Broadband Communications.

[5]  V. Srinivasan,et al.  Fast address lookups using controlled prefix expansion , 1999, TOCS.

[6]  Nick McKeown,et al.  Packet classification on multiple fields , 1999, SIGCOMM '99.

[7]  Thomas Y. C. Woo A modular approach to packet classification: algorithms and results , 2000, Proceedings IEEE INFOCOM 2000. Conference on Computer Communications. Nineteenth Annual Joint Conference of the IEEE Computer and Communications Societies (Cat. No.00CH37064).

[8]  George Varghese,et al.  Fast firewall implementations for software and hardware-based routers , 2001, Proceedings Ninth International Conference on Network Protocols. ICNP 2001.

[9]  Huan Liu,et al.  Efficient mapping of range classifier into ternary-CAM , 2002, Proceedings 10th Symposium on High Performance Interconnects.

[10]  Antonius P. J. Engbersen,et al.  Fast and scalable packet classification , 2003, IEEE J. Sel. Areas Commun..

[11]  George Varghese,et al.  Packet classification using multidimensional cutting , 2003, SIGCOMM '03.

[12]  Jonathan S. Turner,et al.  Packet classification using extended TCAMs , 2003, 11th IEEE International Conference on Network Protocols, 2003. Proceedings..

[13]  George Varghese,et al.  Packet classification for core routers: is there an alternative to CAMs? , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[14]  George Varghese,et al.  Network Algorithmics-An Interdisciplinary Approach to Designing Fast Networked Devices , 2004 .

[15]  Andrew R. Baker,et al.  Snort 2.1 intrusion detection , 2004 .

[16]  Randy H. Katz,et al.  Efficient multi-match packet classification with TCAM , 2004, Proceedings. 12th Annual IEEE Symposium on High Performance Interconnects.

[17]  Jay Beale,et al.  Snort 2.1 Intrusion Detection, Second Edition , 2004 .

[18]  David E. Taylor Survey and taxonomy of packet classification techniques , 2005, CSUR.

[19]  Jonathan S. Turner,et al.  Scalable packet classification using distributed crossproducing of field labels , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[20]  戴维·保罗·霍夫,et al.  A content addressable memory , 2007 .