Packet Classification on Multiple Fields Pankaj Gupta and Nick McKeown Stanford University {pankaj, September 2, 1999.

Slides:

Advertisements

Similar presentations

EE384Y: Packet Switch Architectures

Advertisements

A Search Memory Substrate for High Throughput and Low Power Packet Processing Sangyeun Cho, Michel Hanna and Rami Melhem Dept. of Computer Science University.

August 17, 2000 Hot Interconnects 8 Devavrat Shah and Pankaj Gupta

Packet Classification using Hierarchical Intelligent Cuttings

Balajee Vamanan, Gwendolyn Voskuilen, and T. N. Vijaykumar School of Electrical & Computer Engineering SIGCOMM 2010.

Fast Firewall Implementation for Software and Hardware-based Routers Lili Qiu, Microsoft Research George Varghese, UCSD Subhash Suri, UCSB 9 th International.

Ultra-High Throughput Low-Power Packet Classification

HybridCuts: A Scheme Combining Decomposition and Cutting for Packet Classification Author: Wenjun Li, Xianfeng Li Publisher: 2013 IEEE 21 st Annual Symposium.

Survey of Packet Classification Algorithms. Outline Background and problem definition Classification schemes – One dimensional classification – Two dimensional.

1 TCAM Razor: A Systematic Approach Towards Minimizing Packet Classifiers in TCAMs Department of Computer Science and Information Engineering National.

Efficient Multi-match Packet Classification with TCAM Fang Yu Randy H. Katz EECS Department, UC Berkeley {fyu,

1 High-performance packet classification algorithm for multithreaded IXP network processor Authors: Duo Liu, Zheng Chen, Bei Hua, Nenghai Yu, Xinan Tang.

CSIE NCKU High-performance router architecture 高效能路由器的架構與設計.

1 Energy Efficient Multi-match Packet Classification with TCAM Fang Yu

CS 268: Lectures 13/14 (Route Lookup and Packet Classification) Ion Stoica April 1/3, 2002.

CS 268: Route Lookup and Packet Classification Ion Stoica March 11, 2003.

Efficient Multi-Match Packet Classification with TCAM Fang Yu

1 Energy Efficient Packet Classification Hardware Accelerator Alan Kennedy, Xiaojun Wang HDL Lab, School of Electronic Engineering, Dublin City University.

1 ENTS689L: Packet Processing and Switching Classification Engines Classification Engines Vahid Tabatabaee Fall 2007.

Two stage packet classification using most specific filter matching and transport level sharing Authors: M.E. Kounavis *,A. Kumar,R. Yavatkar,H. Vin Presenter:

SSA: A Power and Memory Efficient Scheme to Multi-Match Packet Classification Fang Yu 1 T. V. Lakshman 2 Martin Austin Motoyama 1 Randy H. Katz 1 1 EECS.

Packet Classification George Varghese. Original Motivation: Firewalls Firewalls use packet filtering to block say ssh and force access to web and mail.

CS 268: Route Lookup and Packet Classification

Algorithms for Advanced Packet Classification with TCAMs Karthik Lakshminarayanan UC Berkeley Joint work with Anand Rangarajan and Srinivasan Venkatachary.

1 Wire Speed Packet Classiﬁcation Without TCAMs: A Few More Registers (And A Bit of Logic) Are Enough Author: Qunfeng Dong, Suman Banerjee, Jia Wang, Dheeraj.

Worst-Case TCAM Rule Expansion Ori Rottenstreich (Technion, Israel) Joint work with Isaac Keslassy (Technion, Israel)

March 1, Packet Classification and Filtering for Network Processors JC Ho.

Chapter 9 Classification And Forwarding. Outline.

Fast IP Address Lookup Algorithms 정 성 권 서울대학교 컴퓨터공학과

Cs6390 summer 2000 Tradeoffs for Packet Classification 1 Tradeoffs for Packet Classification Members: Jinxiao Song & Yan Tong.

High-Performance Packet Classification on GPU Author: Shijie Zhou, Shreyas G. Singapura and Viktor K. Prasanna Publisher: HPEC 2014 Presenter: Gang Chi.

ECE 526 – Network Processing Systems Design Network Processor Architecture and Scalability Chapter 13,14: D. E. Comer.

Cross-Domain Privacy-Preserving Cooperative Firewall Optimization.

PARALLEL TABLE LOOKUP FOR NEXT GENERATION INTERNET

Applied Research Laboratory Edward W. Spitznagel 7 October Packet Classification for Core Routers: Is there an alternative to CAMs? Paper by: Florin.

Minimizing Expected Lookup Times on Binary Search Trees April 29, 2002 Pankaj Gupta Principal Architect, Cypress Semiconductor

Wire Speed Packet Classification Without TCAMs ACM SIGMETRICS 2007 Qunfeng Dong (University of Wisconsin-Madison) Suman Banerjee (University of Wisconsin-Madison)

Packet Classification on Multiple Fields 참고 논문 : Pankaj Gupta and Nick McKeown SigComm 1999.

Packet Classifiers In Ternary CAMs Can Be Smaller Qunfeng Dong (University of Wisconsin-Madison) Suman Banerjee (University of Wisconsin-Madison) Jia Wang.

Multi-Field Range Encoding for Packet Classification in TCAM Author: Yeim-Kuan Chang, Chun-I Lee and Cheng-Chien Su Publisher: INFOCOM 2011 Presenter:

Applied Research Laboratory Edward W. Spitznagel 24 October Packet Classification using Extended TCAMs Edward W. Spitznagel, Jonathan S. Turner,

Balajee Vamanan and T. N. Vijaykumar School of Electrical & Computer Engineering CoNEXT 2011.

StrideBV: Single chip 400G+ packet classification Author: Thilan Ganegedara, Viktor K. Prasanna Publisher: HPSR 2012 Presenter: Chun-Sheng Hsueh Date:

1 Packet Classification تنظیم : محمدعلی عظیمی. Classifier Example 2.

SCALABLE PACKET CLASSIFICATION USING INTERPRETING A CROSS-PLATFORM MULTI-CORE SOLUTION Author: Haipeng Cheng, Zheng Chen, Bei Hua and Xinan Tang Publisher/Conf.:

Efficient Cache Structures of IP Routers to Provide Policy-Based Services Graduate School of Engineering Osaka City University

IPv6-Oriented 4 OC768 Packet Classification with Deriving-Merging Partition and Field- Variable Encoding Scheme Mr. Xin Zhang Undergrad. in Tsinghua University,

A Smart Pre-Classifier to Reduce Power Consumption of TCAMs for Multi-dimensional Packet Classification Yadi Ma, Suman Banerjee University of Wisconsin-Madison.

Performance Analysis of Packet Classification Algorithms on Network Processors Deepa Srinivasan, IBM Corporation Wu-chang Feng, Portland State University.

High-Speed Policy-Based Packet Forwarding Using Efficient Multi-dimensional Range Matching Lakshman and Stiliadis ACM SIGCOMM 98.

CS 740: Advanced Computer Networks IP Lookup and classification Supplemental material 02/05/2007.

Address Lookup and Classification

Packet classification on Multiple Fields Authors: Pankaj Gupta and Nick McKcown Publisher: ACM 1999 Presenter: 楊皓中 Date: 2013/12/11.

Packet Switch Architectures The following are (sometimes modified and rearranged slides) from an ACM Sigcomm 99 Tutorial by Nick McKeown and Balaji Prabhakar,

Packet Classification Using Multidimensional Cutting Sumeet Singh (UCSD) Florin Baboescu (UCSD) George Varghese (UCSD) Jia Wang (AT&T Labs-Research) Reviewed.

Dynamic Algorithms with Worst-case Performance for Packet Classification Pankaj Gupta and Nick McKeown Stanford University {pankaj,

A Fast and Scalable IPv6 Packet Classification Author: Xiaoju Zhou, Xiaohong Huang, Qiong Sun, Wei Yang, Yan Ma Publisher: Network Infrastructure and Digital.

Hierarchical packet classification using a Bloom filter and rule-priority tries Source : Computer Communications Authors : A. G. Alagu Priya 、 Hyesook.

Author : Lynn Choi, Hyogon Kim, Sunil Kim, Moon Hae Kim Publisher/Conf : IEEE/ACM TRANSACTIONS ON NETWORKING Speaker : De yu Chen Data :

Packet Classification Using Multi- Iteration RFC Author: Chun-Hui Tsai, Hung-Mao Chu, Pi-Chung Wang Publisher: 2013 IEEE 37th Annual Computer Software.

A Classification for Access Control List To Speed Up Packet-Filtering Firewall CHEN FAN, LONG TAN, RAWAD FELIMBAN and ABDELSHAKOUR ABUZNEID Department.

IP Address Lookup Masoud Sabaei Assistant professor Computer Engineering and Information Technology Department, Amirkabir University of Technology.

By: Yaron Levy Supervisors: Dr. Shlomo Greenberg Mr. Hagai David.

Data Streaming in Computer Networking

Transport Layer Systems Packet Classification

Implementing an OpenFlow Switch on the NetFPGA platform

Packet Classification Using Coarse-Grained Tuple Spaces

Towards Effective Packet Classification

Author: Xianghui Hu, Xinan Tang, Bei Hua Lecturer: Bo Xu

Authors: Duo Liu, Bei Hua, Xianghui Hu and Xinan Tang

Presentation transcript:

Packet Classification on Multiple Fields Pankaj Gupta and Nick McKeown Stanford University {pankaj, September 2, 1999

Multi-field Packet Classification Given a classifier with N rules, find the action associated with the highest priority rule matching an incoming packet. Example: A packet ( , , …, TCP) would have action A2 applied to it.

Performance Metrics of a Classification Algorithm l Data structure storage requirements l Packet classification time l Preprocessing time l Incremental Update time

Background Grid of Tries (V. Srinivasan et al [Sigcomm 98]) Bit-level Parallelism (D. Stiliadis et al [Sigcomm 98]) Hierarchical Cuttings (P. Gupta et al [Hot Interconnects 99])

Space-time tradeoff Point Location among N non-overlapping regions in k dimensions: either O(log N) time with O(N k ) space, or O(log k-1 N) time with O(N) space Need help: exploit structure in real-life classifiers.

Our Dataset l 793 classifiers from 101 ISP and enterprise networks with a total of rules. l 40 classifiers: more than 100 rules. Biggest classifier had 1733 rules. l Maximum of 4 fields per rule: source IP address, destination IP address, protocol and destination port number.

Structure of the Classifiers R1 R2 R3 4 regions

Structure of the Classifiers R1 R2 R3 {R1, R2} {R2, R3}{R1, R2, R3} 7 regions Our dataset: 1733 rule classifier = 4316 distinct regions (worst case is !)

One-Step Classification

Recursive Flow Classification (RFC)

Chunking of a packet Source L3 Address Destination L3 Address L4 protocol and flags Source L4 port Destination L4 port Type of Service Packet Header Chunk #0 Chunk #7

Packet Flow Phase 0Phase 1Phase 2Phase 3 index action Header Combination Reduction

Example Classifier

Formation of regions {20-21, HTTP, > 1023, *} 21

Reduction indexeqID

162 2 Protocol L4 port 43 Combination

Regions/Equivalence Classes Successive reduction + combination: final action

Packet Flow Phase 0Phase 1Phase 2Phase 3 index action Header Reduction

Choice of Reduction Tree Number of phases = P = 3 10 memory accesses Number of phases = P = 4 11 memory acceses

Storage Requirements Number of Rules Memory in Mbytes

Preprocessing Time Number of Rules Time in seconds 333Mhz Pentium-II with 96MB RAM running Linux.

Classification Time l Pipelined hardware: 30 Mpps (worst case OC192) using two 4Mb SRAMs and two 64Mb SDRAMs at 125MHz. l Software: (3 phases)1 Mpps in the worst case and Mpps in the average case. (average case OC48) [performance measured using Intel Vtune simulator on a windows NT platform]

Larger classifiers Number of Rules Memory in Kbytes

Conclusions l Difficult to achieve both high classification rate and reasonable storage in the worst case. l Real classifiers exhibit structure and redundancy. l The proposed classification scheme, RFC, seems to be of practical use where classifiers do not change very frequently.