Ordered lookup with bypass matching for scalable per-flow classification in layer 4 routers

https://doi.org/10.1016/S0140-3664(00)00305-4Get rights and content

Abstract

In order to provide different service treatments to individual or aggregated flows, layer 4 routers in Integrated Services networks need to classify packets into different queues. The classification module of layer 4 routers must be fast enough to support gigabit links at a rate of millions of packets per second. In this work, we present a new software method OLBM to lookup multiple fields of a packet, in a dynamically pre-defined order, against the classification database. This algorithm also uses a technique called bypass matching and can classify packets at a rate of well over one million packets per second while scaling to support more than 300k flows. Complexity analysis and experiment measurements are also presented in this study.

Introduction

In order to support QoS in Integrated Services (IntServ) [1], [2], [3] networks, several traffic control modules need to be added into the layer 4 routers that examine not only IP headers but also transport-layer headers. The admission control, in the control-plane, and the classifier and the scheduler, in the user-plane, are three basic modules for QoS traffic control. The classifier, which distinguishes an incoming packet into different flows, becomes essential. Besides QoS processing, firewall and VPN, [4] for example, also need the classifier to classify packets based on multiple fields. In this work, we focus on the classification for per-flow QoS processing.

There are three key components in the classification module: the filter database, the classification database, and the classifier. The filter database consists of filtering rules updated by the admission control module at run-time. Then the filter database inserts its information to the classification database as search indexes for the classifier to refer. Fig. 1shows the role of the classification module and its process. Once a packet comes to a classifier, the classifier checks the five fields against the existing classification database. A packet is said to match a filtering rule if the values of all the five fields in the packet are exactly the same as those specified by the filtering rule. If a matched filtering rule is found, the packet is put into the corresponding queue for special processing.

Three methods have been proposed for fast classification. One is hardware based, which uses the hardware parallel processing power for multi-dimension range matching [5], and the other two are software based. The one of Ref. [6] combines destination–source tries and cross-producting, while that of Ref. [7] take TSS (Tuple Space Search) as its main technique. Table 1is a summary comparing these three methods.

All these methods lookup all the five fields of a packet against each filtering rule. In addition, they do not seem to be scalable enough to meet the high scalability requirement. Thus, we provide a scalable method: Ordered Lookup with Bypass Matching (OLBM). Ordered Lookup (OL) may save unnecessary work without looking up all the five fields. Bypass Matching (BM) can help to finish the OL more quickly.

The rest of this work is organized as follows. We give our design objectives and motivation in Section 2. Section 3 presents the OLBM algorithm. Section 4 draws the analytical results of the worst case. Experimental performance studies, in terms of memory usage, throughput, sensitivity to locality, lookup order, scalability, and extensibility, are presented in Section 5. Finally, a conclusion and future work are given in Section 6.

Section snippets

The design objectives of a classification algorithm

There are three objectives for designing a classification algorithm:

  • 1.

    Throughput. The algorithm must be able to process at least one million packets per second. For an OC-3 link of 155 Mbps, considering that all incoming packets are as small as 64 bytes, the classifier must process 317,440 packets in 1 s. Thus, for a router with multiple interfaces, the processing rate of over one million packets per second is required.

  • 2.

    Scalability. The algorithm must be scalable. Recent studies have shown that an

Data structures of the classification database

The date structures of our classification database are constructed by two primitive tables, named 64k-table and 256-table, as shown in Fig. 2. The detailed data structures for each field are shown in Fig. 3. The index of the tables corresponds to the value of the field. Each table entry stores a list of 3-byte pointers to the filtering rules in the filter database.

The data structures for the fields of src/dest IP address require more explanations. The index value of each entry in the first

Complexity analysis: time and space

Our Ordered Lookup with Bypass Matching algorithm is concerned with five fields. It has at most five lookups for the five fields in the classification process. Because each field is basically the same, we show the time and space complexity of this algorithm by analyzing one field.

Let us look at Fig. 3(a) and (b). The lookup operation in the figure is where the classifier takes the port number as an index and retrieves the field-matched filtering rules. This operation takes O(N) in the worst

Performance study

We have implemented and experimented our algorithm on two platforms. One is the Intel Pentium-II 350 Mhz CPU platform and the other is the Sun UltraSparc 300 Mhz CPU platform. The hit ratio for arriving packets is 80%, i.e. 80% of arriving packets will hit one filtering rule and the remaining 20% will not. The default strategy for deciding lookup order is MAF. In this section we show the numerical results on these two platforms plus some implementation issues.

Conclusions

In this work we presented a new multi-field classification algorithm. Our Ordered Lookup with Bypass Matching algorithm can dynamically determine the lookup order according to the length distribution of filtering rules in the table entries for each field. Following the pre-defined lookup order the classifier lookups tables for a packet and may find the matching filtering rule without looking up tables for all the five fields. It also uses bypass matching to terminate the lookup process when

References (9)

  • J. Wroclawski, The use of RSVP with IETF integrated services, RFC 2210, September...
  • J. Wroclawski, Specification of the controlled-load network element service, RFC 2211, September...
  • S. Shenker, C. Partridge, R. Guerin, Specification of guaranteed quality of service, RFC 2212, September...
  • B. Gleeson, A. Lin, J. Heinanen, G. Armitage, A. Malis, A framework for IP based virtual private networks, Internet...
There are more references available in the full text version of this article.

Cited by (3)

View full text