Ordered lookup with bypass matching for scalable per-flow classification in layer 4 routers
Introduction
In order to support QoS in Integrated Services (IntServ) [1], [2], [3] networks, several traffic control modules need to be added into the layer 4 routers that examine not only IP headers but also transport-layer headers. The admission control, in the control-plane, and the classifier and the scheduler, in the user-plane, are three basic modules for QoS traffic control. The classifier, which distinguishes an incoming packet into different flows, becomes essential. Besides QoS processing, firewall and VPN, [4] for example, also need the classifier to classify packets based on multiple fields. In this work, we focus on the classification for per-flow QoS processing.
There are three key components in the classification module: the filter database, the classification database, and the classifier. The filter database consists of filtering rules updated by the admission control module at run-time. Then the filter database inserts its information to the classification database as search indexes for the classifier to refer. Fig. 1shows the role of the classification module and its process. Once a packet comes to a classifier, the classifier checks the five fields against the existing classification database. A packet is said to match a filtering rule if the values of all the five fields in the packet are exactly the same as those specified by the filtering rule. If a matched filtering rule is found, the packet is put into the corresponding queue for special processing.
Three methods have been proposed for fast classification. One is hardware based, which uses the hardware parallel processing power for multi-dimension range matching [5], and the other two are software based. The one of Ref. [6] combines destination–source tries and cross-producting, while that of Ref. [7] take TSS (Tuple Space Search) as its main technique. Table 1is a summary comparing these three methods.
All these methods lookup all the five fields of a packet against each filtering rule. In addition, they do not seem to be scalable enough to meet the high scalability requirement. Thus, we provide a scalable method: Ordered Lookup with Bypass Matching (OLBM). Ordered Lookup (OL) may save unnecessary work without looking up all the five fields. Bypass Matching (BM) can help to finish the OL more quickly.
The rest of this work is organized as follows. We give our design objectives and motivation in Section 2. Section 3 presents the OLBM algorithm. Section 4 draws the analytical results of the worst case. Experimental performance studies, in terms of memory usage, throughput, sensitivity to locality, lookup order, scalability, and extensibility, are presented in Section 5. Finally, a conclusion and future work are given in Section 6.
Section snippets
The design objectives of a classification algorithm
There are three objectives for designing a classification algorithm:
- 1.
Throughput. The algorithm must be able to process at least one million packets per second. For an OC-3 link of 155 Mbps, considering that all incoming packets are as small as 64 bytes, the classifier must process 317,440 packets in 1 s. Thus, for a router with multiple interfaces, the processing rate of over one million packets per second is required.
- 2.
Scalability. The algorithm must be scalable. Recent studies have shown that an
Data structures of the classification database
The date structures of our classification database are constructed by two primitive tables, named 64k-table and 256-table, as shown in Fig. 2. The detailed data structures for each field are shown in Fig. 3. The index of the tables corresponds to the value of the field. Each table entry stores a list of 3-byte pointers to the filtering rules in the filter database.
The data structures for the fields of src/dest IP address require more explanations. The index value of each entry in the first
Complexity analysis: time and space
Our Ordered Lookup with Bypass Matching algorithm is concerned with five fields. It has at most five lookups for the five fields in the classification process. Because each field is basically the same, we show the time and space complexity of this algorithm by analyzing one field.
Let us look at Fig. 3(a) and (b). The lookup operation in the figure is where the classifier takes the port number as an index and retrieves the field-matched filtering rules. This operation takes O(N) in the worst
Performance study
We have implemented and experimented our algorithm on two platforms. One is the Intel Pentium-II 350 Mhz CPU platform and the other is the Sun UltraSparc 300 Mhz CPU platform. The hit ratio for arriving packets is 80%, i.e. 80% of arriving packets will hit one filtering rule and the remaining 20% will not. The default strategy for deciding lookup order is MAF. In this section we show the numerical results on these two platforms plus some implementation issues.
Conclusions
In this work we presented a new multi-field classification algorithm. Our Ordered Lookup with Bypass Matching algorithm can dynamically determine the lookup order according to the length distribution of filtering rules in the table entries for each field. Following the pre-defined lookup order the classifier lookups tables for a packet and may find the matching filtering rule without looking up tables for all the five fields. It also uses bypass matching to terminate the lookup process when
References (9)
- J. Wroclawski, The use of RSVP with IETF integrated services, RFC 2210, September...
- J. Wroclawski, Specification of the controlled-load network element service, RFC 2211, September...
- S. Shenker, C. Partridge, R. Guerin, Specification of guaranteed quality of service, RFC 2212, September...
- B. Gleeson, A. Lin, J. Heinanen, G. Armitage, A. Malis, A framework for IP based virtual private networks, Internet...
Cited by (3)
Research roadmap driven by network benchmarking lab (NBL): Deep packet inspection, traffic forensics, embedded benchmarking, 4G LTE, and beyond
2013, Proceedings - 2013 1st International Symposium on Computing and Networking, CANDAR 2013Scalable packet classification for enabling internet differentiated services
2006, IEEE Transactions on MultimediaA fast packet classification by using enhanced tuple pruning
2002, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)