1 / 34

Packet Classification

Packet Classification. CSE 581 Internet Technology Winter 2002 Jeffrey Chilberto. Papers. Tradeoffs for Packet Classification AT&T Labs-Research, Ana Feldmann and S.Muthukrishnan March 2000 Packet Classification using Tuple Space Search

dsloan
Download Presentation

Packet Classification

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Packet Classification CSE 581 Internet Technology Winter 2002 Jeffrey Chilberto

  2. Papers Tradeoffs for Packet Classification AT&T Labs-Research, Ana Feldmann and S.Muthukrishnan March 2000 Packet Classification using Tuple Space Search Washington University, Srinivasan, Suri and Varghese September 1999 Algorithms for Packet Classification Stanford University, Pankaj Gupta and Nick McKeown March 2001 CSE 581 Internet Technology

  3. Content • Introduction to Packet Classification • What is Packet Classification? • Example Network and Services • Characteristics of Packet Classification • Categories of Packet Classification • Software Schemes • Geometry-based Schemes • Heuristic Schemes • Hardware Based Schemes CSE 581 Internet Technology

  4. Introduction to Packet Classification Traditional routers do not provide service differentiation because they treat all traffic going to the same Internet destination address identically. Routers with packet classification capabilities can distinguish traffic based on destination, source, and application type. Such classification allows various forms of service: • Blocking traffic sent by insecure sites (firewalls) • Preferential treatment for premium traffic (resource reservation) • Routing based on traffic type and source (QoS routing) CSE 581 Internet Technology

  5. What is Packet Classification? Informally: Identifies the flow a packet belongs to, based on one or more fields in the packet header. (Tradeoffs) The ability to match each packet against a database of rules. (Tuple Space) The process of categorizing packets into “flows” in an Internet router. (Algorithms) CSE 581 Internet Technology

  6. What is Packet Classification? Formally (from Algorithms of Packet Classification): “Each rule of a classifier has d components. R[i] is the ith component of rule R, and is a regular expression on the ith field of the packet header. A packet P is said to match rule R, if for all i, the ith field of the header of P satisfies the regular expression R[i].” Most cases we are concerned with not just a match, but a match with the lowest cost. CSE 581 Internet Technology

  7. What is Packet Classification? Formally (from Packet Classification using Tuple Space Search): “Suppose there are K header fields in each packet that are relevant to filtering. Then, each filter F[i] is either a variable length prefix bit string or a range. A filter database consists of N filters F1, F2, …, FN. Each filter F is an array of K distinct fields, where F[I] is a specification on the I-th field. We say that a packet P matches filter F if for all packet fields I, P[I] matches F[I]. The packet classification problem is to find the lowest cost filter matching a given packet P.” What about considerations of time of day or packet size? CSE 581 Internet Technology

  8. What is Packet Classification? Formally (from Tradeoffs for Packet Classification): “…given a set R = {r1,…rn} of rules over d fields (dimensions). Each rule consists of a set of ranges ri=[Fi(1),…Fi(d)], where Fi(j) is a range (interval) of values the field j may take; each rule also has a cost. The set of rules may be preprocessed. Queries are presented on line. Each query is a packet p=[f1,…,fd], where each fi is a singleton value. A rule ri applies to a packet p if for all dimensions k, the field fk of packet p lies in the range Fi(k). The problem is to determine the least cost rule that applies to the packet. CSE 581 Internet Technology

  9. Example Network CSE 581 Internet Technology

  10. Packet Filtering Service CSE 581 Internet Technology

  11. Policy Routing Service CSE 581 Internet Technology

  12. Accounting Service CSE 581 Internet Technology

  13. Traffic Rate Limiting Service CSE 581 Internet Technology

  14. Traffic Shaping Service CSE 581 Internet Technology

  15. Packet Header CSE 581 Internet Technology

  16. Example Classifier CSE 581 Internet Technology

  17. Characteristics of Packet Classification Search Speed • Faster links require faster classification (e.g., links running at 10Gbps can bring 31.25 million packets per second Storage • Small storage enable the use of fast memory technologies (e.g., SRAM for on-chip cache by a software algorithm and/or hardware algorithm) CSE 581 Internet Technology

  18. Characteristics of Packet Classification Number of Rules to be Supported • Range from hundreds to hundreds of thousands Number of fields to be used • Fields (dimensions) of IP header CSE 581 Internet Technology

  19. Characteristics of Packet Classification Nature of Rules • Prefix mask on destination IP address • General masks (e.g., arbitrary ranges) Updates to the set of rules • Packet classification must adapt gracefully and swiftly to updates without sacrificing the access performance (e.g., UDP control) CSE 581 Internet Technology

  20. Characteristics of Packet Classification Worst case vs Average Case • Typically focus is on worst case rather than average case. Wide range of solutions depending on requirements • Desirable to have a suite of solutions with a range of tradeoffs that can be tuned to particular applications. • Often filter schemes with fast lookup time do not scale to large filter databases. • Other more scalable schemes work for 2-dimensional, but performance quickly degrades with each additional dimension. CSE 581 Internet Technology

  21. Categories of Classification Algorithms CSE 581 Internet Technology

  22. Example Set of Rules CSE 581 Internet Technology

  23. Summary of Software Schemes N – Number of Rules W – Width of dimension d – Number of dimensions • Trie schemes provide a good worst case query time at the expense of storage • Set-pruning tries reduce query time by replicating rules to eliminate recursive traversals CSE 581 Internet Technology

  24. Hierarchical Trie CSE 581 Internet Technology

  25. Set-pruning Trie CSE 581 Internet Technology

  26. Summary of Geometry-based Schemes N – Number of Rules W – Width of dimension d – Number of dimensions l – levels of tree • Several standard geometry problems such as ray shooting, point location, and rectangle enclosure resemble packet classification. • Mostly used for 2 dimension classifiers • Multi-dimension classifiers may require heuristics CSE 581 Internet Technology

  27. Geometric Representation Most Geometry solutions do not match on ranges as well as prefixes. One solution is to convert all ranges to matching prefixes (thus increasing storage complexity). CSE 581 Internet Technology

  28. Summary of Heuristic Schemes N – Number of Rules W – Width of dimension d – Number of dimensions M – Number of Tuples • Based on assumption that classifiers in real networks have considerable structure and redundancy that might be exploited by a heuristic. CSE 581 Internet Technology

  29. Tuple Space Search • Based on observation that while filter databases contain many different prefixes or ranges, the number of distinct prefix lengths tends to be small. • Pruned Tuple Space is a modified approach where longest prefix matching is performed first and then only tuples compatible with matches are searched. This approach requires maintaining a tuple list for each entry (e.g., Mae-East prefix database < 6). CSE 581 Internet Technology

  30. Tuple Results Tests performed on 4 industrial firewall databases. Randomly generated filter database from prefixes randomly chosen from MaeEast database. * Both Destination and Source Address Pruned CSE 581 Internet Technology

  31. Summary of Hardware Schemes N – Number of Rules W – Width of dimension d – Number of dimensions CSE 581 Internet Technology

  32. Ternary CAM • TCAM memory is used as a gate to determine classification • Unsuitable for large classifiers • Costly • Less dense than SRAM • Dissipates more power than SRAM CSE 581 Internet Technology

  33. Ternary CAM CSE 581 Internet Technology

  34. Summary • Current routers must perform more services at faster speeds. • More sophisticated techniques need to be developed and/or implemented to meet the growing size of classifiers. • Because of the diversity of requirements, best approaches comprise multiple classification schemes and the ability to flexibly specify classifiers. CSE 581 Internet Technology

More Related