packet classification using rule caching author: nitesh b. guinde, roberto rojas-cessa, sotirios g....
TRANSCRIPT
![Page 1: Packet Classification using Rule Caching Author: Nitesh B. Guinde, Roberto Rojas-Cessa, Sotirios G. Ziavras Publisher: IISA, 2013 Fourth International](https://reader035.vdocuments.site/reader035/viewer/2022062423/56649e4d5503460f94b43a37/html5/thumbnails/1.jpg)
Packet Classification using Rule Caching
Author: Nitesh B. Guinde, Roberto Rojas-Cessa, Sotirios G. Ziavras
Publisher: IISA, 2013 Fourth International Conference
Presenter: Chih-Hsun Wang
Date: 2014/12/10
Department of Computer Science and Information Engineering National Cheng Kung University, Taiwan R.O.C.
![Page 2: Packet Classification using Rule Caching Author: Nitesh B. Guinde, Roberto Rojas-Cessa, Sotirios G. Ziavras Publisher: IISA, 2013 Fourth International](https://reader035.vdocuments.site/reader035/viewer/2022062423/56649e4d5503460f94b43a37/html5/thumbnails/2.jpg)
Introduction
Different packet classification schemes have been developed but they require a number of memory accesses as classification is complex and memory is slow.
We propose a scheme based on memory cache to support packet classification.
We present various packet classification caching schemes for performing classification and provide the cache hit ratio results for various traffic models generated with Class bench.
National Cheng Kung University CSIE Computer & Internet Architecture Lab
2
![Page 3: Packet Classification using Rule Caching Author: Nitesh B. Guinde, Roberto Rojas-Cessa, Sotirios G. Ziavras Publisher: IISA, 2013 Fourth International](https://reader035.vdocuments.site/reader035/viewer/2022062423/56649e4d5503460f94b43a37/html5/thumbnails/3.jpg)
Method (1/9)
Use the concept of caching of rules using the least-recently used (LRU) policy to replace information in the cache.
Create two tries, one for the source IP and the other one for the destination IP
Priority Bit• (1) there does not exist any rule which could be matched if r is
matched. • (2) there exists no rule of higher precedence which could be matched
if rule r is matched.
National Cheng Kung University CSIE Computer & Internet Architecture Lab
3
![Page 4: Packet Classification using Rule Caching Author: Nitesh B. Guinde, Roberto Rojas-Cessa, Sotirios G. Ziavras Publisher: IISA, 2013 Fourth International](https://reader035.vdocuments.site/reader035/viewer/2022062423/56649e4d5503460f94b43a37/html5/thumbnails/4.jpg)
Method (2/9)
National Cheng Kung University CSIE Computer & Internet Architecture Lab
4
![Page 5: Packet Classification using Rule Caching Author: Nitesh B. Guinde, Roberto Rojas-Cessa, Sotirios G. Ziavras Publisher: IISA, 2013 Fourth International](https://reader035.vdocuments.site/reader035/viewer/2022062423/56649e4d5503460f94b43a37/html5/thumbnails/5.jpg)
Method (3/9)
National Cheng Kung University CSIE Computer & Internet Architecture Lab
5
R1,R2,R3,R4,R5,R6
R1,R2,R6
R4,R6
R5,R6
R3,R5,R6
R5,R6
R5,R6
R6
R6
R6
R6R6
![Page 6: Packet Classification using Rule Caching Author: Nitesh B. Guinde, Roberto Rojas-Cessa, Sotirios G. Ziavras Publisher: IISA, 2013 Fourth International](https://reader035.vdocuments.site/reader035/viewer/2022062423/56649e4d5503460f94b43a37/html5/thumbnails/6.jpg)
Method (4/9)
National Cheng Kung University CSIE Computer & Internet Architecture Lab
6
R1,R2,R3,R4,R5,R6
R1,R2,R6
R4,R6
R4,R6
R5,R6
R5,R6
R5,R6
R3,R5,R6
![Page 7: Packet Classification using Rule Caching Author: Nitesh B. Guinde, Roberto Rojas-Cessa, Sotirios G. Ziavras Publisher: IISA, 2013 Fourth International](https://reader035.vdocuments.site/reader035/viewer/2022062423/56649e4d5503460f94b43a37/html5/thumbnails/7.jpg)
Method (5/9)
We can decrease the number of steps in trie traversing by directly checking the rules that could be matched and those that have a priority higher than the rules in the cache.
To achieve this, we need to store two address pointers, the source IP trie address pointer and the destination IP trie address pointer.
National Cheng Kung University CSIE Computer & Internet Architecture Lab
7
![Page 8: Packet Classification using Rule Caching Author: Nitesh B. Guinde, Roberto Rojas-Cessa, Sotirios G. Ziavras Publisher: IISA, 2013 Fourth International](https://reader035.vdocuments.site/reader035/viewer/2022062423/56649e4d5503460f94b43a37/html5/thumbnails/8.jpg)
Method (6/9)
Data Structure• Source IP, Destination IP• Source port range, Destination port range• Protocol• Flags• Priority bit• Source IP trie address, Destination IP trie address
National Cheng Kung University CSIE Computer & Internet Architecture Lab
8
![Page 9: Packet Classification using Rule Caching Author: Nitesh B. Guinde, Roberto Rojas-Cessa, Sotirios G. Ziavras Publisher: IISA, 2013 Fourth International](https://reader035.vdocuments.site/reader035/viewer/2022062423/56649e4d5503460f94b43a37/html5/thumbnails/9.jpg)
Method (7/9)
National Cheng Kung University CSIE Computer & Internet Architecture Lab
9
Incoming Packet
Source IP Destination IP Source Port
Des. Port
1100* 111* 6 17
Cache
R1
R2
Search
R2 will match in cache but it’s priority bit is 0
Rule # SIP DIP SP DP PB AP
R1 1100* 111* 0:5 16:20 1 S11,D6
R2 1100* 111* 0:65535 16:20 0 S11,D6
![Page 10: Packet Classification using Rule Caching Author: Nitesh B. Guinde, Roberto Rojas-Cessa, Sotirios G. Ziavras Publisher: IISA, 2013 Fourth International](https://reader035.vdocuments.site/reader035/viewer/2022062423/56649e4d5503460f94b43a37/html5/thumbnails/10.jpg)
Method (8/9)
National Cheng Kung University CSIE Computer & Internet Architecture Lab
10
Search
Rule # SIP DIP SP DP PB AP
R1 1100* 111* 0:5 16:20 1 S11,D6
R2 1100* 111* 0:65535 16:20 0 S11,D6
![Page 11: Packet Classification using Rule Caching Author: Nitesh B. Guinde, Roberto Rojas-Cessa, Sotirios G. Ziavras Publisher: IISA, 2013 Fourth International](https://reader035.vdocuments.site/reader035/viewer/2022062423/56649e4d5503460f94b43a37/html5/thumbnails/11.jpg)
Method (9/9)
National Cheng Kung University CSIE Computer & Internet Architecture Lab
11
Search
Rule # SIP DIP SP DP PB AP
R1 1100* 111* 0:5 16:20 1 S11,D6
R2 1100* 111* 0:65535 16:20 0 S11,D6
Incoming Packet
Source IP Destination IP Source Port
Des. Port
1100* 111* 6 17
match R2
![Page 12: Packet Classification using Rule Caching Author: Nitesh B. Guinde, Roberto Rojas-Cessa, Sotirios G. Ziavras Publisher: IISA, 2013 Fourth International](https://reader035.vdocuments.site/reader035/viewer/2022062423/56649e4d5503460f94b43a37/html5/thumbnails/12.jpg)
Problem (1/3)
National Cheng Kung University CSIE Computer & Internet Architecture Lab
12
![Page 13: Packet Classification using Rule Caching Author: Nitesh B. Guinde, Roberto Rojas-Cessa, Sotirios G. Ziavras Publisher: IISA, 2013 Fourth International](https://reader035.vdocuments.site/reader035/viewer/2022062423/56649e4d5503460f94b43a37/html5/thumbnails/13.jpg)
Problem (2/3)
National Cheng Kung University CSIE Computer & Internet Architecture Lab
13
Incoming Packet
Source IP Destination IP Source Port Des. Port
69.63.137.234 81.170.248.180 750 113
Best matchR11
![Page 14: Packet Classification using Rule Caching Author: Nitesh B. Guinde, Roberto Rojas-Cessa, Sotirios G. Ziavras Publisher: IISA, 2013 Fourth International](https://reader035.vdocuments.site/reader035/viewer/2022062423/56649e4d5503460f94b43a37/html5/thumbnails/14.jpg)
Problem (3/3)
National Cheng Kung University CSIE Computer & Internet Architecture Lab
14
Incoming Packet
Source IP Destination IP Source Port Des. Port
69.63.137.234 Not 81.170.248.180 750 113
Best matchR16
![Page 15: Packet Classification using Rule Caching Author: Nitesh B. Guinde, Roberto Rojas-Cessa, Sotirios G. Ziavras Publisher: IISA, 2013 Fourth International](https://reader035.vdocuments.site/reader035/viewer/2022062423/56649e4d5503460f94b43a37/html5/thumbnails/15.jpg)
Solution (1/3)
Create additional 256-bit vector and information about the dependent rules.
Change the position of the bit pointed to by the value in the byte to 1.
Keep the bit vector that contains the smallest number of 1’s along with the marker signifying the byte number of the bit vector
National Cheng Kung University CSIE Computer & Internet Architecture Lab
15
![Page 16: Packet Classification using Rule Caching Author: Nitesh B. Guinde, Roberto Rojas-Cessa, Sotirios G. Ziavras Publisher: IISA, 2013 Fourth International](https://reader035.vdocuments.site/reader035/viewer/2022062423/56649e4d5503460f94b43a37/html5/thumbnails/16.jpg)
Solution (2/3)
National Cheng Kung University CSIE Computer & Internet Architecture Lab
16
R16 for example
Dependent rules:R11, R12, R13
![Page 17: Packet Classification using Rule Caching Author: Nitesh B. Guinde, Roberto Rojas-Cessa, Sotirios G. Ziavras Publisher: IISA, 2013 Fourth International](https://reader035.vdocuments.site/reader035/viewer/2022062423/56649e4d5503460f94b43a37/html5/thumbnails/17.jpg)
Solution (3/3)
National Cheng Kung University CSIE Computer & Internet Architecture Lab
17
R16 for example
Pick
![Page 18: Packet Classification using Rule Caching Author: Nitesh B. Guinde, Roberto Rojas-Cessa, Sotirios G. Ziavras Publisher: IISA, 2013 Fourth International](https://reader035.vdocuments.site/reader035/viewer/2022062423/56649e4d5503460f94b43a37/html5/thumbnails/18.jpg)
Implemented Method(1/17)
Method I• Use a simple LRU scheme.• Use a priority bit without the 256-bit vector.
Method II• Use a simple LRU scheme.• Use a priority bit and the 256-bit vector.
National Cheng Kung University CSIE Computer & Internet Architecture Lab
18
![Page 19: Packet Classification using Rule Caching Author: Nitesh B. Guinde, Roberto Rojas-Cessa, Sotirios G. Ziavras Publisher: IISA, 2013 Fourth International](https://reader035.vdocuments.site/reader035/viewer/2022062423/56649e4d5503460f94b43a37/html5/thumbnails/19.jpg)
Implemented Method(2/17)
Method III• Use the frequency-based replacement method.• Cache is divided into three sections: NEW, MID
and OLD sections.• Every rule in the cache has a reference count
associated with it.
National Cheng Kung University CSIE Computer & Internet Architecture Lab
19
![Page 20: Packet Classification using Rule Caching Author: Nitesh B. Guinde, Roberto Rojas-Cessa, Sotirios G. Ziavras Publisher: IISA, 2013 Fourth International](https://reader035.vdocuments.site/reader035/viewer/2022062423/56649e4d5503460f94b43a37/html5/thumbnails/20.jpg)
Implemented Method(3/17)
National Cheng Kung University CSIE Computer & Internet Architecture Lab
20
NEW
R1,1
MID OLD
R1 match
![Page 21: Packet Classification using Rule Caching Author: Nitesh B. Guinde, Roberto Rojas-Cessa, Sotirios G. Ziavras Publisher: IISA, 2013 Fourth International](https://reader035.vdocuments.site/reader035/viewer/2022062423/56649e4d5503460f94b43a37/html5/thumbnails/21.jpg)
Implemented Method(4/17)
National Cheng Kung University CSIE Computer & Internet Architecture Lab
21
NEW
R2,1
R1,1
MID OLD
R2 match
![Page 22: Packet Classification using Rule Caching Author: Nitesh B. Guinde, Roberto Rojas-Cessa, Sotirios G. Ziavras Publisher: IISA, 2013 Fourth International](https://reader035.vdocuments.site/reader035/viewer/2022062423/56649e4d5503460f94b43a37/html5/thumbnails/22.jpg)
Implemented Method(5/17)
National Cheng Kung University CSIE Computer & Internet Architecture Lab
22
NEW
R3,1
R2,1
R1,1
MID OLD
R3 match
![Page 23: Packet Classification using Rule Caching Author: Nitesh B. Guinde, Roberto Rojas-Cessa, Sotirios G. Ziavras Publisher: IISA, 2013 Fourth International](https://reader035.vdocuments.site/reader035/viewer/2022062423/56649e4d5503460f94b43a37/html5/thumbnails/23.jpg)
Implemented Method(6/17)
National Cheng Kung University CSIE Computer & Internet Architecture Lab
23
NEW
R4,1
R3,1
R2,1
MID
R1,1
OLD
R4 match
![Page 24: Packet Classification using Rule Caching Author: Nitesh B. Guinde, Roberto Rojas-Cessa, Sotirios G. Ziavras Publisher: IISA, 2013 Fourth International](https://reader035.vdocuments.site/reader035/viewer/2022062423/56649e4d5503460f94b43a37/html5/thumbnails/24.jpg)
Implemented Method(7/17)
National Cheng Kung University CSIE Computer & Internet Architecture Lab
24
NEW
R1,2
R4,1
R3,1
MID
R2,1
OLD
R1 match
If the rule hit is in the MID section, then its count is incremented and the rule is moved to the head of the NEW section.
![Page 25: Packet Classification using Rule Caching Author: Nitesh B. Guinde, Roberto Rojas-Cessa, Sotirios G. Ziavras Publisher: IISA, 2013 Fourth International](https://reader035.vdocuments.site/reader035/viewer/2022062423/56649e4d5503460f94b43a37/html5/thumbnails/25.jpg)
Implemented Method(8/17)
National Cheng Kung University CSIE Computer & Internet Architecture Lab
25
NEW
R4,1
R1,2
R3,1
MID
R2,1
OLD
R4 match
The reference count of the rule is not incremented in the NEW and OLD sections.
![Page 26: Packet Classification using Rule Caching Author: Nitesh B. Guinde, Roberto Rojas-Cessa, Sotirios G. Ziavras Publisher: IISA, 2013 Fourth International](https://reader035.vdocuments.site/reader035/viewer/2022062423/56649e4d5503460f94b43a37/html5/thumbnails/26.jpg)
Implemented Method(9/17)
National Cheng Kung University CSIE Computer & Internet Architecture Lab
26
NEW
R4,1
R1,2
R3,1
MID
R2,1
R5,1
R6,1
OLD
R7,1
R8,2
R9,1
R10 match
If the cache is full, then we remove from the OLD section the rule that has the least count.
![Page 27: Packet Classification using Rule Caching Author: Nitesh B. Guinde, Roberto Rojas-Cessa, Sotirios G. Ziavras Publisher: IISA, 2013 Fourth International](https://reader035.vdocuments.site/reader035/viewer/2022062423/56649e4d5503460f94b43a37/html5/thumbnails/27.jpg)
Implemented Method(10/17)
Method IV• Separate count for the rule in the main memory
and cache.• Do not cache the rule until the count for the rule
crosses a threshold.• Maintain a sampling window of T time slots (i.e.,
incoming packet counts). At every t=n*T, for n=1, 2, 3, …, we transfer into the cache the rules that have counts bigger than the chosen threshold.
National Cheng Kung University CSIE Computer & Internet Architecture Lab
27
![Page 28: Packet Classification using Rule Caching Author: Nitesh B. Guinde, Roberto Rojas-Cessa, Sotirios G. Ziavras Publisher: IISA, 2013 Fourth International](https://reader035.vdocuments.site/reader035/viewer/2022062423/56649e4d5503460f94b43a37/html5/thumbnails/28.jpg)
Implemented Method(11/17)
National Cheng Kung University CSIE Computer & Internet Architecture Lab
28
Main Memory
R1,3
R2,0
R3,0
R4,0
R5,0
R6,0Incoming Packet match R1, R1, R1
Cache
Threshold = 2, t = n*T, n = 1
![Page 29: Packet Classification using Rule Caching Author: Nitesh B. Guinde, Roberto Rojas-Cessa, Sotirios G. Ziavras Publisher: IISA, 2013 Fourth International](https://reader035.vdocuments.site/reader035/viewer/2022062423/56649e4d5503460f94b43a37/html5/thumbnails/29.jpg)
Implemented Method(13/17)
National Cheng Kung University CSIE Computer & Internet Architecture Lab
29
At every t=n*T, for n= 1, 2, 3, …, we transfer into the cache the rules that have counts bigger than the chosen threshold. F
Main Memory
R1,1
R2,0
R3,0
R4,0
R5,0
R6,0
Cache
R1,1
Threshold = 2, t = n*T, n = 1
![Page 30: Packet Classification using Rule Caching Author: Nitesh B. Guinde, Roberto Rojas-Cessa, Sotirios G. Ziavras Publisher: IISA, 2013 Fourth International](https://reader035.vdocuments.site/reader035/viewer/2022062423/56649e4d5503460f94b43a37/html5/thumbnails/30.jpg)
Implemented Method(14/17)
National Cheng Kung University CSIE Computer & Internet Architecture Lab
30
Main Memory
R1,1
R2,1
R3,1
R4,1
R5,1
R6,1
Cache
R1,1
R3,1
R4,2
Threshold = 2, t = n*T, n = 1
Incoming Packet match R5, R6, R5
![Page 31: Packet Classification using Rule Caching Author: Nitesh B. Guinde, Roberto Rojas-Cessa, Sotirios G. Ziavras Publisher: IISA, 2013 Fourth International](https://reader035.vdocuments.site/reader035/viewer/2022062423/56649e4d5503460f94b43a37/html5/thumbnails/31.jpg)
Implemented Method(15/17)
National Cheng Kung University CSIE Computer & Internet Architecture Lab
31
Main Memory
R1,1
R2,1
R3,1
R4,1
R5,3
R6,2
Cache
R1,1
R3,1
R4,2
Incoming Packet match R5, R6, R5
Threshold = 2, t = n*T, n = 1
![Page 32: Packet Classification using Rule Caching Author: Nitesh B. Guinde, Roberto Rojas-Cessa, Sotirios G. Ziavras Publisher: IISA, 2013 Fourth International](https://reader035.vdocuments.site/reader035/viewer/2022062423/56649e4d5503460f94b43a37/html5/thumbnails/32.jpg)
Implemented Method(16/17)
National Cheng Kung University CSIE Computer & Internet Architecture Lab
32
Main Memory
R1,1
R2,1
R3,1
R4,1
R5,1
R6,2
Cache
R5,1
R1,1
R4,1
Threshold = 2, t = n*T, n = 1
R3 has be replaced
![Page 33: Packet Classification using Rule Caching Author: Nitesh B. Guinde, Roberto Rojas-Cessa, Sotirios G. Ziavras Publisher: IISA, 2013 Fourth International](https://reader035.vdocuments.site/reader035/viewer/2022062423/56649e4d5503460f94b43a37/html5/thumbnails/33.jpg)
Method V• This method is very similar to the method III.• Remove the MID section in the cache.• Increment counts in the OLD section.• The OLD section is very wide containing 768
locations.
National Cheng Kung University CSIE Computer & Internet Architecture Lab
33
Implemented Method(17/17)
![Page 34: Packet Classification using Rule Caching Author: Nitesh B. Guinde, Roberto Rojas-Cessa, Sotirios G. Ziavras Publisher: IISA, 2013 Fourth International](https://reader035.vdocuments.site/reader035/viewer/2022062423/56649e4d5503460f94b43a37/html5/thumbnails/34.jpg)
National Cheng Kung University CSIE Computer & Internet Architecture Lab
34
Experimental Results (1/4)
![Page 35: Packet Classification using Rule Caching Author: Nitesh B. Guinde, Roberto Rojas-Cessa, Sotirios G. Ziavras Publisher: IISA, 2013 Fourth International](https://reader035.vdocuments.site/reader035/viewer/2022062423/56649e4d5503460f94b43a37/html5/thumbnails/35.jpg)
National Cheng Kung University CSIE Computer & Internet Architecture Lab
35
Experimental Results (2/4)
![Page 36: Packet Classification using Rule Caching Author: Nitesh B. Guinde, Roberto Rojas-Cessa, Sotirios G. Ziavras Publisher: IISA, 2013 Fourth International](https://reader035.vdocuments.site/reader035/viewer/2022062423/56649e4d5503460f94b43a37/html5/thumbnails/36.jpg)
National Cheng Kung University CSIE Computer & Internet Architecture Lab
36
Experimental Results (3/4)
![Page 37: Packet Classification using Rule Caching Author: Nitesh B. Guinde, Roberto Rojas-Cessa, Sotirios G. Ziavras Publisher: IISA, 2013 Fourth International](https://reader035.vdocuments.site/reader035/viewer/2022062423/56649e4d5503460f94b43a37/html5/thumbnails/37.jpg)
National Cheng Kung University CSIE Computer & Internet Architecture Lab
37
Experimental Results (4/4)