Scalable Packet Classification: Cutting or Merging?

Multi-field packet classification is a fundamental function that enables routers to support a variety of network services. Most of the existing multi-field packet classification algorithms can be divided into two classes: cutting-based and merging-based solutions. However, neither of them is scalable with respect to memory requirement for all rule sets with various characteristics. This paper makes several observations on real- life rule sets and proposes a novel hybrid scheme to leverage the desirable features of the two classes of algorithms. We propose a SRAM-based parallel multi-pipeline architecture to achieve high throughput. Several challenges in mapping the hybrid algorithm onto the architecture are addressed. Extensive simulations and FPGA implementation results show that the proposed scheme sustains 80 Gbps throughput for minimum size (40 bytes) packets while consuming a small amount of on-chip resources for large rule sets consisting of up to 10K unique entries.

[1]  Viktor K. Prasanna,et al.  Beyond TCAMs: An SRAM-Based Parallel Multi-Pipeline Architecture for Terabit IP Lookup , 2008, IEEE INFOCOM 2008 - The 27th Conference on Computer Communications.

[2]  Haoyu Song,et al.  Efficient packet classification for network intrusion detection using FPGA , 2005, FPGA '05.

[3]  Anja Feldmann,et al.  Tradeoffs for packet classification , 2000, Proceedings IEEE INFOCOM 2000. Conference on Computer Communications. Nineteenth Annual Joint Conference of the IEEE Computer and Communications Societies (Cat. No.00CH37064).

[4]  Girija J. Narlikar,et al.  Fast incremental updates for pipelined forwarding engines , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[5]  Haoyu Song,et al.  Fast packet classification using bloom filters , 2006, 2006 Symposium on Architecture For Networking And Communications Systems.

[6]  Anand Rangarajan,et al.  Algorithms for advanced packet classification with ternary CAMs , 2005, SIGCOMM '05.

[7]  Jonathan S. Turner,et al.  ClassBench: A Packet Classification Benchmark , 2005, IEEE/ACM Transactions on Networking.

[8]  George Varghese,et al.  Packet classification for core routers: is there an alternative to CAMs? , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[9]  Nick McKeown,et al.  Algorithms for packet classification , 2001, IEEE Netw..

[10]  T. V. Lakshman,et al.  High-speed policy-based packet forwarding using efficient multi-dimensional range matching , 1998, SIGCOMM '98.

[11]  Kuruvilla Varghese,et al.  A Scalable High Throughput Firewall in FPGA , 2008, 2008 16th International Symposium on Field-Programmable Custom Computing Machines.

[12]  T. V. Lakshman,et al.  Efficient multimatch packet classification and lookup with TCAM , 2005, IEEE Micro.

[13]  David E. Taylor Survey and taxonomy of packet classification techniques , 2005, CSUR.

[14]  Zhen Liu,et al.  Low power architecture for high speed packet classification , 2008, ANCS '08.

[15]  Ioannis Sourdis Designs and algorithms for packet and content inspection , 2007 .

[16]  Ioannis Papaefstathiou,et al.  A Memory-Efficient FPGA-based Classification Engine , 2008, 2008 16th International Symposium on Field-Programmable Custom Computing Machines.

[17]  Viktor K. Prasanna,et al.  Large-scale wire-speed packet classification on FPGAs , 2009, FPGA '09.

[18]  Grigore Rosu,et al.  A tree based router search engine architecture with single port memories , 2005, 32nd International Symposium on Computer Architecture (ISCA'05).

[19]  George Varghese,et al.  Packet classification using multidimensional cutting , 2003, SIGCOMM '03.

[20]  Ioannis Papaefstathiou,et al.  Memory-Efficient 5D Packet Classification At 40 Gbps , 2007, IEEE INFOCOM 2007 - 26th IEEE International Conference on Computer Communications.