Space and Speed Tradeoffs in TCAM Hierarchical Packet Classification

Hierarchical packet classification is a crucial mechanism necessary to support many Internet services such as Quality of Service (QoS) provisioning, traffic policing, and network intrusion detection. Using Ternary Content Addressable Memories (TCAMs) to perform high-speed packet classification has become the de facto standard in industry. TCAMs compare packet headers against all rules in a classification database concurrently and thus provide high throughput unparalleled by software-based solutions. However, the complexity of packet classification policies have been growing rapidly as number of services deployed on the Internet continues to increase. High TCAM memory requirement for complex hierarchical policies is a major issue as TCAMs have very limited capacity. In this paper we consider two optimization problems of dual nature: the first problem is to minimize the number of TCAM entries subject to the constraint on the maximum number of levels in the policy hierarchy; the second problem is to minimize the number of levels in the policy hierarchy subject to the constraint on the maximum number of TCAM entries. We propose efficient dynamic programming algorithms for these problems, which reduce the TCAM memory requirement. To the best of our knowledge, this is the first work to study the fundamental tradeoff between the TCAM space and the number of lookups for hierarchical packet classification. Our algorithms do not require any modifications to existing TCAMs and are thus relatively easy to deploy.

[1]  Nick McKeown,et al.  Classifying Packets with Hierarchical Intelligent Cuttings , 2000, IEEE Micro.

[2]  George Varghese,et al.  Scalable packet classification , 2001, TNET.

[3]  Jonathan S. Turner,et al.  Scalable packet classification using distributed crossproducing of field labels , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[4]  George Varghese,et al.  Fast and scalable layer four switching , 1998, SIGCOMM '98.

[5]  George Varghese,et al.  Network Algorithmics-An Interdisciplinary Approach to Designing Fast Networked Devices , 2004 .

[6]  Thomas Y. C. Woo A modular approach to packet classification: algorithms and results , 2000, Proceedings IEEE INFOCOM 2000. Conference on Computer Communications. Nineteenth Annual Joint Conference of the IEEE Computer and Communications Societies (Cat. No.00CH37064).

[7]  Nick McKeown,et al.  Algorithms for packet classification , 2001, IEEE Netw..

[8]  Huan Liu,et al.  Efficient mapping of range classifier into ternary-CAM , 2002, Proceedings 10th Symposium on High Performance Interconnects.

[9]  Mark H. Overmars,et al.  Range Searching and Point Location among Fat Objects , 1996, J. Algorithms.

[10]  Hung-Hsiang Jonathan Chao,et al.  Next generation routers , 2002, Proc. IEEE.

[11]  George Varghese,et al.  Packet classification using multidimensional cutting , 2003, SIGCOMM '03.

[12]  George Varghese,et al.  Packet classification for core routers: is there an alternative to CAMs? , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[13]  Nick McKeown,et al.  Packet classification on multiple fields , 1999, SIGCOMM '99.

[14]  Antonius P. J. Engbersen,et al.  Fast and scalable packet classification , 2003, IEEE J. Sel. Areas Commun..

[15]  Anand Rangarajan,et al.  Algorithms for advanced packet classification with ternary CAMs , 2005, SIGCOMM '05.

[16]  Pankaj Gupta,et al.  Packet Classification using Hierarchical Intelligent Cuttings , 1999 .