Abstract
Packet Classification is the enabling function for performing many networking applications like Integrated Services, Differentiated Services, Access Control/Firewalls, and Intrusion Detection. To cope with high-speed links and ever-increasing bandwidth requirements, time-efficient solutions are needed for which Ternary Content Addressable Memories (TCAMs) are popularly used. However, high cost, heavy power consumption, and poor scalability limit their use in many commercial switches. In this work, an efficient framework for caching the packet classification rules on TCAMs in accordance with traffic characteristics is proposed. The proposed design will have a two-level classification engine in which level-1 is a TCAM classifier with a smaller rule capacity and level-2 is a software classifier. The classifiers are assisted by a rule update engine that monitors the rule temporal behavior and performs timely updates of the rules onto level-1. Crucial challenges with respect to the proposed framework design are defined and addressed effectively in this work. Simulation results shows that the architecture can achieve a throughput of 250 Gbps on average by caching only 10% of the total rules for rule databases of sizes 10,000. The proposed architecture, to the best of our knowledge, is the only traffic-aware architecture using TCAMs that provides a completely deployable framework and also can scale for speeds beyond 250 Gbps (OC-1920 and beyond).
- 2019. WITS: Waikato Internet Traffic Storage. Retrieved 2019 from https://wand.net.nz/wits.Google Scholar
- Banit Agrawal and Timothy Sherwood. 2008. Ternary CAM power and delay model: Extensions and uses. IEEE Trans. VLSI Syst. 16, 5 (2008), 554--564.Google Scholar
Digital Library
- Florin Baboescu and George Varghese. 2001. Scalable packet classification. ACM SIGCOMM Comput. Commun. Rev. 31, 4 (2001), 199--210.Google Scholar
Digital Library
- Rajeev Balasubramonian, Andrew B. Kahng, Naveen Muralimanohar, Ali Shafiee, and Vaishnav Srinivas. 2017. CACTI 7: New tools for interconnect exploration in innovative off-chip memories. ACM Trans. Arch. Code Optimiz. 14, 2 (2017), 1--25.Google Scholar
Digital Library
- Tania Banerjee, Sartaj Sahni, and Gunasekaran Seetharaman. 2015. PC-TRIO: A power efficient TCAM architecture for packet classifiers. IEEE Trans. Comput. 64, 4 (2015), 1104--1118.Google Scholar
Digital Library
- Anat Bremler-Barr and Danny Hendler. 2012. Space-efficient TCAM-based classification using gray coding. IEEE Trans. Comput. 61, 1 (2012), 18--30.Google Scholar
Digital Library
- Pankaj Gupta and Nick McKeown. 1999. Packet classification on multiple fields. ACM SIGCOMM Comput. Commun. Rev. 29, 4 (1999), 147--160.Google Scholar
Digital Library
- Pankaj Gupta and Nick McKeown. 2000. Classifying packets with hierarchical intelligent cuttings. IEEE Micro 20, 1 (2000), 34--41.Google Scholar
Digital Library
- Pankaj Gupta, Balaji Prabhakar, and Stephen Boyd. 2000. Near-optimal routing lookups with bounded worst case performance. In Proceedings of the 19th Annual IEEE Conference on Computer Communications (INFOCOM’00), Vol. 3. IEEE, 1184--1192.Google Scholar
Cross Ref
- Hazem Hamed, Adel El-Atawy, and Ehab Al-Shaer. 2006. On dynamic optimization of packet matching in high-speed firewalls. IEEE J. Select. Areas Commun. 24, 10 (2006), 1817--1830.Google Scholar
Digital Library
- Kirill Kogan, Sergey Nikolenko, Ori Rottenstreich, William Culhane, and Patrick Eugster. 2014. SAX-PAC (scalable and expressive packet classification). In Proceedings of the 2014 ACM Conference on SIGCOMM. 15--26.Google Scholar
Digital Library
- T. V. Lakshman and Dimitrios Stiliadis. 1998. High-speed policy-based packet forwarding using efficient multi-dimensional range matching. In ACM SIGCOMM Computer Communication Review, Vol. 28. ACM, 203--214.Google Scholar
Digital Library
- Kun-chan Lan and John Heidemann. 2006. A measurement study of correlations of internet flow characteristics. Comput. Netw. 50, 1 (2006), 46--62.Google Scholar
Cross Ref
- Kang Li, Francis Chang, Damien Berger, and Wu-chang Feng. 2003. Architectures for packet classification caching. In Proceedings of the 11th IEEE International Conference on Networks 2003 (ICON’03). IEEE, 111--117.Google Scholar
- Xianfeng Li and Yuanxin Lin. 2016. TaPaC: A TCAM-assisted algorithmic packet classification with bounded worst-case performance. In Proceedings of the 2016 IEEE Global Communications Conference (GLOBECOM’16). IEEE, 1--6.Google Scholar
Cross Ref
- Xianfeng Li, Yuanxin Lin, and Wenjun Li. 2016. GreenTCAM: A memory-and energy-efficient TCAM-based packet classification. In Proceedings of the 2016 International Conference on Computing, Networking and Communications (ICNC’16). IEEE, 1--6.Google Scholar
Cross Ref
- Alex X. Liu, Chad R. Meiners, and Eric Torng. 2010. TCAM Razor: A systematic approach towards minimizing packet classifiers in TCAMs. IEEE/ACM Trans. Netw. 18, 2 (2010), 490--500.Google Scholar
Digital Library
- Alex X. Liu, Chad R. Meiners, and Yun Zhou. 2008. All-match based complete redundancy removal for packet classifiers in TCAMs. In Proceedings of the 27th Conference on Computer Communications (INFOCOM’08). IEEE. IEEE, 111--115.Google Scholar
Cross Ref
- Huan Liu. 2002. Efficient mapping of range classifier into ternary-CAM. In Proceedings of the 10th Symposium on High Performance Interconnects, 2002. IEEE, 95--100.Google Scholar
- Yadi Ma and Suman Banerjee. 2012. A smart pre-classifier to reduce power consumption of TCAMs for multi-dimensional packet classification. In Proceedings of the ACM SIGCOMM 2012 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication. ACM, 335--346.Google Scholar
Digital Library
- Chad R. Meiners, Alex X. Liu, and Eric Torng. 2010. Hardware Based Packet Classification for High Speed Internet Routers. Springer Science 8 Business Media.Google Scholar
- Chad R. Meiners, Alex X. Liu, and Eric Torng. 2011. Topological transformation approaches to TCAM-based packet classification. IEEE/ACM Trans. Network. 19, 1 (2011), 237--250.Google Scholar
Digital Library
- Yaxuan Qi, Lianghong Xu, Baohua Yang, Yibo Xue, and Jun Li. 2009. Packet classification algorithms: From theory to practice. In Proceedings of the IEEE Conference on Computer Communications (INFOCOM’09). IEEE, 648--656.Google Scholar
Cross Ref
- Ori Rottenstreich, Rami Cohen, Danny Raz, and Isaac Keslassy. 2013. Exact worst case TCAM rule expansion. IEEE Trans. Comput. 62, 6 (2013), 1127--1140.Google Scholar
Digital Library
- Ori Rottenstreich, Isaac Keslassy, Avinatan Hassidim, Haim Kaplan, and Ely Porat. 2016. Optimal in/out TCAM encodings of ranges. IEEE/ACM Trans. Netw. 24, 1 (2016), 555--568.Google Scholar
Digital Library
- Sumeet Singh, Florin Baboescu, George Varghese, and Jia Wang. 2003. Packet classification using multidimensional cutting. In Proceedings of the 2003 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications. ACM, 213--224.Google Scholar
Digital Library
- David E. Taylor and Jonathan S. Turner. 2005. Scalable packet classification using distributed crossproducing of field labels. In Proceedings of the 24th Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM’05), Vol. 1. IEEE, 269--280.Google Scholar
- David E. Taylor and Jonathan S. Turner. 2007. Classbench: A packet classification benchmark. IEEE/ACM Trans. Network. 15, 3 (2007), 499--511.Google Scholar
Digital Library
- Zouheir Trabelsi, Liren Zhang, and Safaa Zeidan. 2014. Dynamic rule and rule-field optimisation for improving firewall performance and security. IET Inf. Secur. 8, 4 (2014), 250--257.Google Scholar
Digital Library
- Jan Van Lunteren and Ton Engbersen. 2003. Fast and scalable packet classification. IEEE J. Select. Areas Commun. 21, 4 (2003), 560--571.Google Scholar
Digital Library
- Rihua Wei, Yang Xu, and H. Jonathan Chao. 2016. Finding nonequivalent classifiers in Boolean space to reduce TCAM usage. IEEE/ACM Trans. Network. 24, 2 (2016), 968--981.Google Scholar
Digital Library
- Thomas Y. C. Woo. 2000. A modular approach to packet classification: Algorithms and results. In Proceedings of the 19th IEEE Conference on Computer Communications (INFOCOM’00), Vol. 3. IEEE, 1213--1222.Google Scholar
Cross Ref
- Bo Xu, Dongyi Jiang, and Jun Li. 2005. HSM: A fast packet classification algorithm. In Proceedings of the 19th International Conference on Advanced Information Networking and Applications (AINA’05) Volume 1 (AINA papers), Vol. 1. IEEE, 987--992.Google Scholar
Index Terms
A TCAM-based Caching Architecture Framework for Packet Classification
Recommendations
TCAM-based packet classification for many-field rules of SDNs
AbstractSoftware-defined networking (SDN) provides an emerging paradigm for future network architectures. OpenFlow is a widely deployed south-bound protocol for SDN. It uses rule-based packet forwarding and each rule may support many header ...
Tcam-based multi-match packet classification using multidimensional rule layering
Ternary content addressable memory (TCAM) has superior performance for single-match packet classification but not the case for multi-match packet classification. The limitation is caused by TCAM architecture that reports only the first matching rule. To ...
Hardware-based multi-match packet classification in NIDS: an overview and novel extensions for improving the energy efficiency of TCAM-based classifiers
AbstractNetwork intrusion detection systems (NIDS) require all the header matching rules to be reported which is termed as multi-match packet classification. Ternary content-addressable memories (TCAMs) are the preferred choice for performing hardware-...






Comments