Approximate caches for packet classification

Many network devices such as routers and firewalls employ caches to take advantage of temporal locality of packet headers in order to speed up packet processing decisions. Traditionally, cache designs trade off time and space with the goal of balancing the overall cost and performance of the device. We examine another axis of the design space that has not been previously considered: accuracy. In particular, we quantify the benefits of relaxing the accuracy of the cache on the cost and performance of packet classification caches. Our cache design is based on the popular Bloom filter data structure. This paper provides a model for optimizing Bloom filters for this purpose, as well as extensions to the data structure to support graceful aging, bounded misclassification rates, and multiple binary predicates. Given this, we show that such caches can provide nearly an order of magnitude cost savings at the expense of misclassifying one billionth of packets for IPv6-based caches.

[1]  Raj Jain,et al.  Characteristics of Destination Address Locality in Computer Networks: A Comparison of Caching Schemes , 1990, Comput. Networks ISDN Syst..

[2]  George Varghese,et al.  Fast firewall implementations for software and hardware-based routers , 2001, Proceedings Ninth International Conference on Network Protocols. ICNP 2001.

[3]  Tzi-cker Chiueh,et al.  High-performance IP routing table lookup using CPU caching , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[4]  Nick McKeown,et al.  Algorithms for packet classification , 2001, IEEE Netw..

[5]  Craig Partridge,et al.  Hash-based IP traceback , 2001, SIGCOMM.

[6]  Jeffrey Considine,et al.  Informed content delivery across adaptive overlay networks , 2002, IEEE/ACM Transactions on Networking.

[7]  Kimberly Claffy,et al.  Internet traffic characterization , 1994 .

[8]  T. V. Lakshman,et al.  High-speed policy-based packet forwarding using efficient multi-dimensional range matching , 1998, SIGCOMM '98.

[9]  Wu-chang Fengy,et al.  BLUE: A New Class of Active Queue Management Algorithms , 1999 .

[10]  George Varghese,et al.  Fast and scalable layer four switching , 1998, SIGCOMM '98.

[11]  Andrei Broder,et al.  Network Applications of Bloom Filters: A Survey , 2004, Internet Math..

[12]  Craig Partridge,et al.  When the CRC and TCP checksum disagree , 2000, SIGCOMM.

[13]  George Varghese,et al.  Fast firewall implementations for software-based and hardware-based routers , 2001, SIGMETRICS '01.

[14]  Nick McKeown,et al.  Monitoring very high speed links , 2001, IMW '01.

[15]  Craig Partridge,et al.  Hardware support for a hash-based IP traceback , 2001, Proceedings DARPA Information Survivability Conference and Exposition II. DISCEX'01.

[16]  George Varghese,et al.  Scalable packet classification , 2001, SIGCOMM 2001.

[17]  David E. Taylor,et al.  Longest prefix matching using bloom filters , 2006, TNET.

[18]  Anja Feldmann,et al.  Tradeoffs for packet classification , 2000, Proceedings IEEE INFOCOM 2000. Conference on Computer Communications. Nineteenth Annual Joint Conference of the IEEE Computer and Communications Societies (Cat. No.00CH37064).

[19]  Christian Huitema,et al.  IPv6—the new Internet protocol (2nd ed.) , 1997 .

[20]  Cristian Estan,et al.  New directions in traffic measurement and accounting , 2001, IMW '01.

[21]  Li Fan,et al.  Summary cache: a scalable wide-area web cache sharing protocol , 2000, TNET.

[22]  Jeffrey Considine,et al.  Informed content delivery across adaptive overlay networks , 2002, IEEE/ACM Transactions on Networking.

[23]  Christian Huitema,et al.  IPv6--the new Internet protocol , 1996 .

[24]  Fouad A. Tobagi,et al.  Packet-level traffic measurements from a tier-1 ip backbone , 2001 .

[25]  Michael Mitzenmacher,et al.  Compressed bloom filters , 2001, PODC '01.

[26]  David Waitzman,et al.  A 50-Gb/s IP router , 1998, TNET.

[27]  Tzi-cker Chiueh,et al.  Cache memory design for network processors , 2000, Proceedings Sixth International Symposium on High-Performance Computer Architecture. HPCA-6 (Cat. No.PR00550).

[28]  Ben Y. Zhao,et al.  An architecture for a secure service discovery service , 1999, MobiCom.

[29]  K. Claffy,et al.  Trends in wide area IP traffic patterns - A view from Ames Internet Exchange , 2000 .

[30]  Tzi-cker Chiueh,et al.  Improving Route Lookup Performance Using Network Processor Cache , 2002, ACM/IEEE SC 2002 Conference (SC'02).

[31]  Burton H. Bloom,et al.  Space/time trade-offs in hash coding with allowable errors , 1970, CACM.

[32]  H BloomBurton Space/time trade-offs in hash coding with allowable errors , 1970 .

[33]  Larry Carter,et al.  Universal Classes of Hash Functions , 1979, J. Comput. Syst. Sci..

[34]  Mukesh Singhal,et al.  A novel cache architecture to support layer-four packet classification at memory access speeds , 2000, Proceedings IEEE INFOCOM 2000. Conference on Computer Communications. Nineteenth Annual Joint Conference of the IEEE Computer and Communications Societies (Cat. No.00CH37064).