A Ternary Unification Framework for optimizing TCAM-based packet classification systems

Packet classification is the key mechanism for enabling many networking and security services. Ternary Content Addressable Memory (TCAM) has been the industrial standard for implementing high-speed packet classification because of its constant classification time. However, TCAM chips have small capacity, high power consumption, high heat generation, and large area size. This paper focuses on the TCAM-based Classifier Compression problem: given a classifier C, we want to construct the smallest possible list of TCAM entries T that implement C. In this paper, we propose the Ternary Unification Framework (TUF) for this compression problem and three concrete compression algorithms within this framework. The framework allows us to find more optimization opportunities and design new TCAM-based classifier compression algorithms. Our experimental results show that the TUF can speed up the prior algorithm TCAM Razor by twenty times or more and leads to new algorithms that improve compression performance over prior algorithms by an average of 13.7% on our largest real life classifiers.

[1]  Danny Hendler,et al.  Space-Efficient TCAM-Based Classification Using Gray Coding , 2007, IEEE INFOCOM 2007 - 26th IEEE International Conference on Computer Communications.

[2]  Patrick Th. Eugster,et al.  Towards efficient implementation of packet classifiers in SDN/OpenFlow , 2013, HotSDN '13.

[3]  Brian Zill,et al.  Constructing optimal IP routing tables , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[4]  Sartaj Sahni,et al.  PETCAM—A Power Efficient TCAM Architecture for Forwarding Tables , 2012, IEEE Transactions on Computers.

[5]  Jia Wang,et al.  Packet classifiers in ternary CAMs can be smaller , 2006, SIGMETRICS '06/Performance '06.

[6]  David Maier,et al.  The Complexity of Some Problems on Subsequences and Supersequences , 1978, JACM.

[7]  Panos Lekkas,et al.  Network Processors , 2003 .

[8]  H. Jonathan Chao,et al.  Block permutations in Boolean Space to minimize TCAM for packet classification , 2012, 2012 Proceedings IEEE INFOCOM.

[9]  Yuxiang Wang,et al.  Construction of Tree Network with Limited Delivery Latency in Homogeneous Wireless Sensor Networks , 2014, Wirel. Pers. Commun..

[10]  E TaylorDavid Survey and taxonomy of packet classification techniques , 2005 .

[11]  Yipeng Zhou,et al.  A Unifying Model and Analysis of P2P VoD Replication and Scheduling , 2012, IEEE/ACM Transactions on Networking.

[12]  David S. Johnson,et al.  Compressing rectilinear pictures and minimizing access control lists , 2007, SODA '07.

[13]  F. Richard Yu,et al.  Distributed denial of service attacks in software-defined networking with cloud computing , 2015, IEEE Communications Magazine.

[14]  Mohamed G. Gouda,et al.  Complete Redundancy Detection in Firewalls , 2005, DBSec.

[15]  Ling Shao,et al.  A rapid learning algorithm for vehicle classification , 2015, Inf. Sci..

[16]  Tuomas Sandholm,et al.  Compressing Two-Dimensional Routing Tables , 2003, Algorithmica.

[17]  Zhen Ji,et al.  Optimization between security and delay of quality-of-service , 2011, J. Netw. Comput. Appl..

[18]  Kirill Kogan,et al.  SAX-PAC (Scalable And eXpressive PAcket Classification) , 2015, SIGCOMM 2015.

[19]  Xingming Sun,et al.  Achieving Efficient Cloud Search Services: Multi-Keyword Ranked Search over Encrypted Cloud Data Supporting Parallel Computing , 2015, IEICE Trans. Commun..

[20]  Rami Cohen,et al.  Exact Worst Case TCAM Rule Expansion , 2013, IEEE Transactions on Computers.

[21]  Jonathan S. Turner,et al.  Packet classification using extended TCAMs , 2003, 11th IEEE International Conference on Network Protocols, 2003. Proceedings..

[22]  Yeim-Kuan Chang,et al.  Multi-field range encoding for packet classification in TCAM , 2011, 2011 Proceedings IEEE INFOCOM.

[23]  Mohamed G. Gouda,et al.  Complete Redundancy Removal for Packet Classifiers in TCAMs , 2010, IEEE Trans. Parallel Distributed Syst..

[24]  Jian Shen,et al.  A Novel Routing Protocol Providing Good Transmission Reliability in Underwater Sensor Networks , 2015 .

[25]  Jonathan S. Turner,et al.  ClassBench: A Packet Classification Benchmark , 2005, IEEE/ACM Transactions on Networking.

[26]  Praveen Yalagandula,et al.  Minimizing Rulesets for TCAM Implementation , 2009, IEEE INFOCOM 2009.

[27]  Yang Wang,et al.  On-Demand Security Architecture for Cloud Computing , 2012, Computer.

[28]  David E. Taylor Survey and taxonomy of packet classification techniques , 2005, CSUR.

[29]  Eric Torng,et al.  Bit Weaving: A Non-Prefix Approach to Compressing Packet Classifiers in TCAMs , 2012, IEEE/ACM Transactions on Networking.

[30]  Hongbo Zhu,et al.  Network convergence: theory, architectures, and applications , 2014, IEEE Wireless Communications.

[31]  Tal Mizrahi,et al.  Compressing forwarding tables , 2013, 2013 Proceedings IEEE INFOCOM.

[32]  Timothy Sherwood,et al.  Modeling TCAM power for next generation network devices , 2006, 2006 IEEE International Symposium on Performance Analysis of Systems and Software.

[33]  Patrick Th. Eugster,et al.  Strategies for Mitigating TCAM Space Bottlenecks , 2014, 2014 IEEE 22nd Annual Symposium on High-Performance Interconnects.

[34]  Hrishikesh B. Acharya,et al.  Firewall verification and redundancy checking are equivalent , 2011, 2011 Proceedings IEEE INFOCOM.

[35]  Eric Torng,et al.  TCAM Razor: A Systematic Approach Towards Minimizing Packet Classifiers in TCAMs , 2007, 2007 IEEE International Conference on Network Protocols.

[36]  Chad R. Meiners,et al.  All-Match Based Complete Redundancy Removal for Packet Classifiers in TCAMs , 2008, IEEE INFOCOM 2008 - The 27th Conference on Computer Communications.

[37]  Danny Hendler,et al.  Layered Interval Codes for TCAM-Based Classification , 2008, IEEE INFOCOM 2009.

[38]  Mohamed G. Gouda,et al.  Firewall design: consistency, completeness, and compactness , 2004, 24th International Conference on Distributed Computing Systems, 2004. Proceedings..

[39]  Sam Kwong,et al.  Efficient Motion and Disparity Estimation Optimization for Low Complexity Multiview Video Coding , 2015, IEEE Transactions on Broadcasting.