Transport Layer Systems Packet Classification

Slides:

Advertisements

Similar presentations

A Search Memory Substrate for High Throughput and Low Power Packet Processing Sangyeun Cho, Michel Hanna and Rami Melhem Dept. of Computer Science University.

Advertisements

CST Computer Networks NAT CST 415 4/10/2017 CST Computer Networks.

August 17, 2000 Hot Interconnects 8 Devavrat Shah and Pankaj Gupta

1 IP Forwarding Relates to Lab 3. Covers the principles of end-to-end datagram delivery in IP networks.

1 IP-Lookup and Packet Classification Advanced Algorithms & Data Structures Lecture Theme 08 – Part I Prof. Dr. Th. Ottmann Summer Semester 2006.

Balajee Vamanan, Gwendolyn Voskuilen, and T. N. Vijaykumar School of Electrical & Computer Engineering SIGCOMM 2010.

Delivery and Forwarding of

A Scalable and Reconfigurable Search Memory Substrate for High Throughput Packet Processing Sangyeun Cho and Rami Melhem Dept. of Computer Science University.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.

OpenFlow overview Joint Techs Baton Rouge. Classic Ethernet Originally a true broadcast medium Each end-system network interface card (NIC) received every.

Fast Firewall Implementation for Software and Hardware-based Routers Lili Qiu, Microsoft Research George Varghese, UCSD Subhash Suri, UCSB 9 th International.

© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—4-1 Implementing Inter-VLAN Routing Deploying Multilayer Switching with Cisco Express Forwarding.

Survey of Packet Classification Algorithms. Outline Background and problem definition Classification schemes – One dimensional classification – Two dimensional.

Efficient Multi-match Packet Classification with TCAM Fang Yu Randy H. Katz EECS Department, UC Berkeley {fyu,

1 Comnet 2010 Communication Networks Recitation 7 Lookups & NAT.

CSIE NCKU High-performance router architecture 高效能路由器的架構與設計.

15-744: Computer Networking L-4 Routers. L -4; © Srinivasan Seshan, Routing How do routers process IP packets Forwarding lookup algorithms.

CS 268: Lectures 13/14 (Route Lookup and Packet Classification) Ion Stoica April 1/3, 2002.

Efficient Multidimensional Packet Classification with Fast Updates Author: Yeim-Kuan Chang Publisher: IEEE TRANSACTIONS ON COMPUTERS, VOL. 58, NO. 4, APRIL.

CS 268: Route Lookup and Packet Classification Ion Stoica March 11, 2003.

Efficient Multi-Match Packet Classification with TCAM Fang Yu

Two stage packet classification using most specific filter matching and transport level sharing Authors: M.E. Kounavis *,A. Kumar,R. Yavatkar,H. Vin Presenter:

ECE 526 – Network Processing Systems Design Packet Processing II: algorithms and data structures Chapter 5: D. E. Comer.

Data Plane Verification. Background: What are network policies Alice can talk to Bob Skype traffic must go through a VoIP transcoder All traffic must.

March 1, Packet Classification and Filtering for Network Processors JC Ho.

1 IP Forwarding Relates to Lab 3. Covers the principles of end-to-end datagram delivery in IP networks.

1 © 2004, Cisco Systems, Inc. All rights reserved. Chapter 4 Routing Fundamentals and Subnets/ TCP/IP Transport and Application Layers.

1 IP Forwarding Relates to Lab 3. Covers the principles of end-to-end datagram delivery in IP networks.

CoPTUA: Consistent Policy Table Update Algorithm for TCAM without Locking Zhijun Wang, Hao Che, Mohan Kumar, Senior Member, IEEE, and Sajal K. Das.

Wire Speed Packet Classification Without TCAMs ACM SIGMETRICS 2007 Qunfeng Dong (University of Wisconsin-Madison) Suman Banerjee (University of Wisconsin-Madison)

Fast Packet Classification Using Bloom filters Authors: Sarang Dharmapurikar, Haoyu Song, Jonathan Turner, and John Lockwood Publisher: ANCS 2006 Present:

Packet Classification on Multiple Fields 참고 논문 : Pankaj Gupta and Nick McKeown SigComm 1999.

Firewall Fingerprinting Amir R. Khakpour 1, Joshua W. Hulst 1, Zhihui Ge 2, Alex X. Liu 1, Dan Pei 2, Jia Wang 2 1 Michigan State University 2 AT&T Labs.

Multi-Field Range Encoding for Packet Classification in TCAM Author: Yeim-Kuan Chang, Chun-I Lee and Cheng-Chien Su Publisher: INFOCOM 2011 Presenter:

Applied Research Laboratory Edward W. Spitznagel 24 October Packet Classification using Extended TCAMs Edward W. Spitznagel, Jonathan S. Turner,

Balajee Vamanan and T. N. Vijaykumar School of Electrical & Computer Engineering CoNEXT 2011.

Implementing Inter-VLAN Routing Describing Routing Between VLANs.

EECB 473 DATA NETWORK ARCHITECTURE AND ELECTRONICS PREPARED BY JEHANA ERMY JAMALUDDIN Basic Packet Processing: Algorithms and Data Structures.

IPSec ● IP Security ● Layer 3 security architecture ● Enables VPN ● Delivers authentication, integrity and secrecy ● Implemented in Linux, Cisco, Windows.

Network Layer4-1 Datagram networks r no call setup at network layer r routers: no state about end-to-end connections m no network-level concept of “connection”

1 Packet Classification تنظیم : محمدعلی عظیمی. Classifier Example 2.

Efficient Cache Structures of IP Routers to Provide Policy-Based Services Graduate School of Engineering Osaka City University

A Smart Pre-Classifier to Reduce Power Consumption of TCAMs for Multi-dimensional Packet Classification Yadi Ma, Suman Banerjee University of Wisconsin-Madison.

High-Speed Policy-Based Packet Forwarding Using Efficient Multi-dimensional Range Matching Lakshman and Stiliadis ACM SIGCOMM 98.

CS 740: Advanced Computer Networks IP Lookup and classification Supplemental material 02/05/2007.

Packet Switch Architectures The following are (sometimes modified and rearranged slides) from an ACM Sigcomm 99 Tutorial by Nick McKeown and Balaji Prabhakar,

ECE 526 – Network Processing Systems Design Network Address Translator.

Packet Classification Using Multidimensional Cutting Sumeet Singh (UCSD) Florin Baboescu (UCSD) George Varghese (UCSD) Jia Wang (AT&T Labs-Research) Reviewed.

IP Routers – internal view

IP Forwarding Covers the principles of end-to-end datagram delivery in IP networks.

IP Forwarding Relates to Lab 3.

IP Forwarding Relates to Lab 3.

CS 31006: Computer Networks – The Routers

IP Forwarding Relates to Lab 3.

Software Defined Networking

Transport Layer Systems Firewalls and NAT

IP Forwarding Relates to Lab 3.

Implementing an OpenFlow Switch on the NetFPGA platform

Lecture 8: The Network Layer.

Packet Classification Using Coarse-Grained Tuple Spaces

Network Layer: Control/data plane, addressing, routers

IP Forwarding Relates to Lab 3.

High-performance router/switch architecture 高效能路由器/交換器的架構與設計

Ameer M.S. Abdelhadi*, Guy G.F. Lemieux+, and Lesley Shannon*

Networking and Network Protocols (Part2)

IP Forwarding Relates to Lab 3.

Review of Internet Protocols Network Layer

Packet Classification Using Binary Content Addressable Memory

Chapter 4: outline 4.1 Overview of Network layer data plane

Presentation transcript:

Transport Layer Systems Packet Classification ECE 671 – Lecture 13 Transport Layer Systems Packet Classification

Transport layer processing Router (layer 3 device) does not touch layer 4 Packet forwarding, etc. happens only based on IP header Transport layer device also reads/writes layer 4 Can distinguish connections or flows Examples of transport layer operations Block/reroute types of traffic (e.g., web traffic) Change IP addresses and port numbers (e.g., NAT) Classification of packets is key functionality in system ECE 671

5-Tuple 5-tuple identifies traffic Single connection IP addresses (src and dst) Port numbers (src and dst) Layer 4 protocol (e.g., TCP) Single connection 5-tuple fully specified “Flow classification” Classes of traffic 5-tuple partially specified “Matching” ECE 671

Flow classification How to keep track of all (active) flows in system? ECE 671

Flow classification Data structure for flow records Hash function reduces 5-tuple space to size of flow table ECE 671

Matching problem Example set of matching rules: Need to determine what rule applies to a packet What are the challenges? ECE 671

Matching problem Challenges Assumption: Very large space of potential rules Wildcards cause rules to overlap Potentially conflicting actions Assumption: Priority order of rules (lower rule index gets priority) Maintenance of rule set very difficult in practice Manual verification of “correctness” ECE 671

Matching algorithms Example rules for algorithms: Only 2 dimensions What are suitable data structures / algorithms for matching? ECE 671

Hierarchical trees One binary tree for each dimension How to look up 1010/0111? ECE 671

Hierarchical trees Lookup of 1010/0111 Need to look up all possible matches! ECE 671

Set-pruning trees Second dimension includes all rules for shorter prefixes in first dimension Lookup becomes longest prefix match ECE 671

Area-based quadtree Look up one bit from each dimension in one step Recursive cutting of areas as necessary ECE 671

Hierarchical Intelligent Cuttings Heuristically divide space by cuttings Goal is to have small set of rules in remaining area Linear search within remaining rule set ECE 671

TCAM Ternary content-addressable memory Ideal hardware component for lookups Search word (logically) divided into dimensions Priority order in TCAM matches priority order of rules ECE 671

Transport layer systems We can now perform flow classification or matching Identify connections or flows ECE 671