ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Scalable packet classification
Full text PdfPdf (243 KB)
Source Applications, Technologies, Architectures, and Protocols for Computer Communication archive
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications table of contents
San Diego, California, United States
Pages: 199 - 210  
Year of Publication: 2001
ISBN:1-58113-411-8
Also published in ...
Authors
Florin Baboescu  Dept. of Computer Science and Engineering, University of California, San Diego, 9500 Gilman Drive, La Jolla, CA
George Varghese  Dept. of Computer Science and Engineering, University of California, San Diego, 9500 Gilman Drive, La Jolla, CA
Sponsor
SIGCOMM: ACM Special Interest Group on Data Communication
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 8,   Downloads (12 Months): 46,   Citation Count: 41
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/383059.383075
What is a DOI?

ABSTRACT

Packet classification is important for applications such as firewalls, intrusion detection, and differentiated services. Existing algorithms for packet classification reported in the literature scale poorly in either time or space as filter databases grow in size. Hardware solutions such as TCAMs do not scale to large classifiers. However, even for large classifiers (say 100,000 rules), any packet is likely to match a few (say 10) rules. Our paper seeks to exploit this observation to produce a scalable packet classification scheme called Aggregated Bit Vector (ABV). Our paper takes the bit vector search algorithm (BV) described in [11] (which takes linear time) and adds two new ideas, recursive aggregation of bit maps and filter rearrangement, to create ABV (which can take logarithmic time for many databases). We show that ABV outperforms BV by an order of magnitude using simulations on both industrial firewall databases and synthetically generated databases.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
IETF - Differentiated Services (di .serv)Working Group http://www.ietf.org/html.charters/diffservcharter.html.
 
2
Cisco - ArrowPoint Communications . http://www.arrowpoint.com,2000.
 
3
IPMA Statistics. MeritInc.- http://nic.merit.edu/ipma, 2000.
 
4
Memory-memory. http://www.memorymemory.com, 2000.
 
5
Florin Baboescu , George Varghese, Aggregated Bit Vector Search Algorithms for Packet Filter Lookups, University of California at San Diego, La Jolla, CA, 2001
 
6
G.Banga,J.C.Mogul,and P.Druschel.A scalable and explicit event delivery echanism for UNIX.In Proc.USENIX Annual T chnical Conf.,June 1999.
 
7
Milind M. Buddhikot , Subhash Suri , Marcel Waldvogel, Space Decomposition Techniques for Fast Layer-4 Switching, Proceedings of the IFIP TC6 WG6.1 & WG6.4 / IEEE ComSoc TC on on Gigabit Networking Sixth International Workshop on Protocols for High Speed Networks VI, p.25-42, August 25-27, 1999
 
8
A.Feldman and S.Muthukrishnan.Tradeoffs for packet classi .cation.In Proc.Infocom ,vol.1,pages 397 - 413,March 2000.
9
Pankaj Gupta , Nick McKeown, Packet classification on multiple fields, Proceedings of the conference on Applications, technologies, architectures, and protocols for computer communication, p.147-160, August 30-September 03, 1999, Cambridge, Massachusetts, United States
 
10
P.Gupta and N.McKeown.Packet classi .cation using hierarchical intelligent cuttings.In Proc.Hot Interconnects VII ,Aug.1999.
11
T. V. Lakshman , D. Stiliadis, High-speed policy-based packet forwarding using efficient multi-dimensional range matching, Proceedings of the ACM SIGCOMM '98 conference on Applications, technologies, architectures, and protocols for computer communication, p.203-214, August 31-September 04, 1998, Vancouver, British Columbia, Canada
12
Robert Morris , Eddie Kohler , John Jannotti , M. Frans Kaashoek, The Click modular router, Proceedings of the seventeenth ACM symposium on Operating systems principles, p.217-231, December 12-15, 1999, Charleston, South Carolina, United States
13
Marcel Waldvogel , George Varghese , Jon Turner , Bernhard Plattner, Scalable high speed IP routing lookups, Proceedings of the ACM SIGCOMM '97 conference on Applications, technologies, architectures, and protocols for computer communication, p.25-36, September 14-18, 1997, Cannes, France
 
14
C.Partridge.Locality and route caches.In Proc.of NSF Workshop,Internet Statistics Measurement and Analysis ,Feb.1999.
15
V. Srinivasan , G. Varghese , S. Suri , M. Waldvogel, Fast and scalable layer four switching, Proceedings of the ACM SIGCOMM '98 conference on Applications, technologies, architectures, and protocols for computer communication, p.191-202, August 31-September 04, 1998, Vancouver, British Columbia, Canada
16
V. Srinivasan , S. Suri , G. Varghese, Packet classification using tuple space search, Proceedings of the conference on Applications, technologies, architectures, and protocols for computer communication, p.135-146, August 30-September 03, 1999, Cambridge, Massachusetts, United States
 
17
J.Xu,M.Singhal,and J.Degroat.A novel cache architecture to support layer-four packet classi .cation at memory access speeds.In Proc.Infocom ,March 2000.

CITED BY  41
Adam Johnson , Kenneth Mackenzie, Pattern matching in reconfigurable logic for packet classification, Proceedings of the 2001 international conference on Compilers, architecture, and synthesis for embedded systems, November 16-17, 2001, Atlanta, Georgia, USA
Sriram Ramabhadran , George Varghese, Efficient implementation of a statistics counter architecture, ACM SIGMETRICS Performance Evaluation Review, v.31 n.1, June 2003
Ji Li , Haiyang Liu , Karen Sollins, AFBV: a scalable packet classification algorithm, ACM SIGCOMM Computer Communication Review, v.32 n.3, p.24-24, July 2002
Sumeet Singh , Florin Baboescu , George Varghese , Jia Wang, Packet classification using multidimensional cutting, Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications, August 25-29, 2003, Karlsruhe, Germany
David V. Schuehler , John W. Lockwood, TCP Splitter: A TCP/IP Flow Monitor in Reconfigurable Hardware, IEEE Micro, v.23 n.1, p.54-59, January 2003
Xiaowei Yang, NIRA: a new Internet routing architecture, ACM SIGCOMM Computer Communication Review, v.33 n.4, October 2003
Antonio Carzaniga , Alexander L. Wolf, Forwarding in a content-based network, Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications, August 25-29, 2003, Karlsruhe, Germany
Haoyu Song , Sarang Dharmapurikar , Jonathan Turner , John Lockwood, Fast hash table lookup using extended bloom filter: an aid to network processing, ACM SIGCOMM Computer Communication Review, v.35 n.4, October 2005
Kartikeya Chandrayana , Shivkumar Kalyanaraman, Uncooperative congestion control, ACM SIGMETRICS Performance Evaluation Review, v.32 n.1, June 2004
F. Baboescu , G. Varghese, Fast and scalable conflict detection for packet classifiers, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.42 n.6, p.717-735, 21 August 2003
Zhijun Wang , Hao Che , Mohan Kumar , Sajal K. Das, CoPTUA: Consistent Policy Table Update Algorithm for TCAM without Locking, IEEE Transactions on Computers, v.53 n.12, p.1602-1614, December 2004
Yin Zhang , Sumeet Singh , Subhabrata Sen , Nick Duffield , Carsten Lund, Online identification of hierarchical heavy hitters: algorithms, evaluation, and applications, Proceedings of the 4th ACM SIGCOMM conference on Internet measurement, October 25-27, 2004, Taormina, Sicily, Italy
Haoyu Song , John W. Lockwood, Efficient packet classification for network intrusion detection using FPGA, Proceedings of the 2005 ACM/SIGDA 13th international symposium on Field-programmable gate arrays, February 20-22, 2005, Monterey, California, USA
Xuehong Sun , Sartaj K. Sahni , Yiqiang Q. Zhao, Packet classification consuming small amount of memory, IEEE/ACM Transactions on Networking (TON), v.13 n.5, p.1135-1145, October 2005
Edith Cohen , Carsten Lund, Packet classification in large ISPs: design and evaluation of decision tree classifiers, ACM SIGMETRICS Performance Evaluation Review, v.33 n.1, June 2005
Haibin Lu , Sartaj Sahni, Conflict detection and resolution in two-dimensional prefix router tables, IEEE/ACM Transactions on Networking (TON), v.13 n.6, p.1353-1363, December 2005
David E. Taylor, Survey and taxonomy of packet classification techniques, ACM Computing Surveys (CSUR), v.37 n.3, p.238-275, September 2005
Qunfeng Dong , Suman Banerjee , Jia Wang , Dheeraj Agrawal , Ashutosh Shukla, Packet classifiers in ternary CAMs can be smaller, ACM SIGMETRICS Performance Evaluation Review, v.34 n.1, June 2006
Randy Smith , Dan Gibson , Shijin Kong, To CMP or not to CMP: analyzing packet classification on modern and traditional parallel architectures, Proceedings of the 3rd ACM/IEEE Symposium on Architecture for networking and communications systems, December 03-04, 2007, Orlando, Florida, USA
Duo Liu , Bei Hua , Xianghui Hu , Xinan Tang, High-performance packet classification algorithm for many-core and multithreaded network processor, Proceedings of the 2006 international conference on Compilers, architecture and synthesis for embedded systems, October 22-25, 2006, Seoul, Korea
Derek Pao , Yiu Keung Li , Peng Zhou, Efficient packet classification using TCAMs, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.50 n.18, p.3523-3535, 21 December 2006
Sarang Dharmapurikar , Haoyu Song , Jonathan Turner , John Lockwood, Fast packet classification using bloom filters, Proceedings of the 2006 ACM/IEEE symposium on Architecture for networking and communications systems, December 03-05, 2006, San Jose, California, USA
Qunfeng Dong , Suman Banerjee , Jia Wang , Dheeraj Agrawal, Wire speed packet classification without tcams: a few more registers (and a bit of logic) are enough, ACM SIGMETRICS Performance Evaluation Review, v.35 n.1, June 2007
Derek Pao , Cutson Liu, Parallel tree search: An algorithmic approach for multi-field packet classification, Computer Communications, v.30 n.2, p.302-314, January, 2007
Haibin Lu , Sartaj Sahni, O(logW) multidimensional packet classification, IEEE/ACM Transactions on Networking (TON), v.15 n.2, p.462-472, April 2007
David E. Taylor , Jonathan S. Turner, ClassBench: a packet classification benchmark, IEEE/ACM Transactions on Networking (TON), v.15 n.3, p.499-511, June 2007
M. E. Kounavis , A. Kumar , R. Yavatkar , H. Vin, Two stage packet classification using most specific filter matching and transport level sharing, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.51 n.18, p.4951-4978, December, 2007
Pi-Chung Wang , Chun-Liang Lee , Chia-Tai Chan , Hung-Yi Chang, Performance improvement of two-dimensional packet classification by filter rephrasing, IEEE/ACM Transactions on Networking (TON), v.15 n.4, p.906-917, August 2007
Per Gustafsson , Konstantinos Sagonas, Efficient manipulation of binary data using pattern matching, Journal of Functional Programming, v.16 n.1, p.35-74, January 2006
Florin Baboescu , Dean M. Tullsen , Grigore Rosu , Sumeet Singh, A Tree Based Router Search Engine Architecture with Single Port Memories, ACM SIGARCH Computer Architecture News, v.33 n.2, p.123-133, May 2005
Luca Deri, High-Speed Dynamic Packet Filtering, Journal of Network and Systems Management, v.15 n.3, p.401-415, September 2007
Haipeng Cheng , Zheng Chen , Bei Hua , Xinan Tang, Scalable packet classification using interpreting: a cross-platform multi-core solution, Proceedings of the 13th ACM SIGPLAN Symposium on Principles and practice of parallel programming, February 20-23, 2008, Salt Lake City, UT, USA
Duo Liu , Zheng Chen , Bei Hua , Nenghai Yu , Xinan Tang, High-performance packet classification algorithm for multithreaded IXP network processor, ACM Transactions on Embedded Computing Systems (TECS), v.7 n.2, p.1-25, February 2008
Chun-Liang Lee , Pi-Chung Wang, Scalable packet classification by TCAM entry encryption algorithm, Journal of High Speed Networks, v.16 n.3, p.275-283, August 2007
Eyal Felstaine , Eldad Chai , Niv Gilboa , Avi Elisha, Distributed flow detection over multi path sessions, Proceedings of the 4th international conference on Security and privacy in communication netowrks, September 22-25, 2008, Istanbul, Turkey
Yan Luo , Ke Xiang , Sanping Li, Acceleration of decision tree searching for IP traffic classification, Proceedings of the 4th ACM/IEEE Symposium on Architectures for Networking and Communications Systems, November 06-07, 2008, San Jose, California
Yuhua Chen , Oladapo Oguntoyinbo, Power efficient packet classification using cascaded bloom filter and off-the-shelf ternary CAM for WDM networks, Computer Communications, v.32 n.2, p.349-356, February, 2009
Viktor Puš , Jan Korenek, Fast and scalable packet classification using perfect hash functions, Proceeding of the ACM/SIGDA international symposium on Field programmable gate arrays, February 22-24, 2009, Monterey, California, USA
Pi-Chung Wang, Scalable packet classification with controlled cross-producting, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.53 n.6, p.821-834, April, 2009
Hatam Abdoli, Balanced HiCuts: an optimized packet classification algorithm, Proceedings of the WSEAES 13th international conference on Computers, p.406-411, July 23-25, 2009, Rodos, Greece
Lorenzo De Carli , Yi Pan , Amit Kumar , Cristian Estan , Karthikeyan Sankaralingam, PLUG: flexible lookup modules for rapid deployment of new protocols in high-speed routers, ACM SIGCOMM Computer Communication Review, v.39 n.4, October 2009

INDEX TERMS

Primary Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.1 Network Architecture and Design
          Subjects: Packet-switching networks

Additional Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.1 Network Architecture and Design
          Subjects: Network communications; Distributed networks
          Nouns: Internet


General Terms:
Design, Experimentation, Performance

Collaborative Colleagues:
Florin Baboescu: colleagues
George Varghese: colleagues
This Article has also been published in:

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player