Article

SSA: a power and memory efficient scheme to multi-match packet classification

Authors:

T. V. Lakshman,

Martin Austin Motoyama,

Randy H. KatzAuthors Info & Claims

ANCS '05: Proceedings of the 2005 ACM symposium on Architecture for networking and communications systems

Pages 105 - 113

https://doi.org/10.1145/1095890.1095905

Published: 26 October 2005 Publication History

Abstract

New network applications like intrusion detection systems and packet-level accounting require multi-match packet classification, where all matching filters need to be reported. Ternary Content Addressable Memories (TCAMs) have been adopted to solve the multi-match classification problem due to their ability to perform fast parallel matching. However, TCAM is expensive and consumes large amounts of power. None of the previously published multi-match classification schemes is both memory and power efficient. In this paper, we develop a novel scheme that meets both requirements by using a new Set Splitting Algorithm (SSA). The main idea of SSA is that it splits filters into multiple groups and performs separate TCAM lookups into these groups. It guarantees the removal of at least half the intersections when a filter set is split into two sets, thus resulting in low TCAM memory usage. SSA also accesses filters in the TCAM only once per packet, leading to low power consumption. We compare SSA with two best known schemes: MUD [1] and Geometric Intersection-based solutions [2]. Simulation results based on the SNORT filter sets show that SSA uses approximately the same amount of TCAM memory as MUD, but yields a 75% to 95% reduction in power consumption. Compared with Geometric Intersection-based solutions, SSA uses 90% less TCAM memory and power at the cost of one additional TCAM lookup per packet.

References

[1]

K. Lakshminarayanan, A. Rangarajan, and S. Venkatachary, "Algorithms for Advanced Packet Classification with Ternary CAMs," Proc. ACM Sigcomm, 2005.

Digital Library

[2]

F. Yu and R. H. Katz, "Efficient Multi-Match Packet Classification with TCAM," Hot Interconnects, August, 2004.

Digital Library

[3]

"SNORT Network Intrusion Detection System." http://www.snort.org.

[4]

S. Dharmapurikar, M. Attig, and J. Lockwood, "Deep packet inspection using parallel bloom filters," IEEE Micro, 2004.

Digital Library

[5]

Y. H. Cho and W. H. MangioneSmith, "A Pattern Matching Coprocessor for Network Security," Proc. DAC, 2005.

Digital Library

[6]

C. R. Clark and D. E. Schimmel, "Scalable pattern matching for high speed networks," Proc. IEEE Symposium on Field-Programmable Custom Computing Machines (FCCM), 2004.

Digital Library

[7]

Z. K. Baker and V. K. Prasanna, "Time and area efficient pattern matching on FPGAs," Proc. International Symposium on Field Programmable Gate Arrays (FPGA), 2004.

Digital Library

[8]

M. Aldwairi, T. Conte, and P. Franzon, "Configurable string matching hardware for speedup up intrusion detection," Proc. Workshop on Architectural Support for Security and Anti-virus (WASSA) Held in Cooperation with ASPLOS XI, 2004.

[9]

F. Yu, R. H. Katz, and T. V. Lakshman, "Gigabit Rate Packet Pattern Matching with TCAM," Proc. ICNP, Berlin, Germany, October, 2004.

Digital Library

[10]

F. Baboescu, S. Singh, and G. Varghese, "Packet Classification for Core Routers: Is there an alternatives to CAMs?," Proc. IEEE Infocom, 2003.

[11]

P. Gupta and N. McKeown, "Packet classification using hierarchical intelligent cuttings," Proc. Hot Interconnects, August, 1999.

[12]

E. Spitznagel, D. Taylor, and J. Turner, "Classification Using Extended TCAMs," Proc. IEEE International Conference on Network Protocols (ICNP), 2003.

Digital Library

[13]

P. Gupta and N. McKeown, "Algorithms for Packet Classification," Proc. IEEE Network, 2001.

Digital Library

[14]

D. E. Taylor, "Survey Taxonomy of Packet Classification Techniques," Proc. Tech Report, WUCSE-2004-24, May 2003.

[15]

F. Zane, G. Narlikar, and A. Basu, "CoolCAMs: Power-Efficient TCAMs for Forwarding Engines," INFOCOM, March 2003.

[16]

R. Panigrahy and S. Sharma, "Reducing TCAM Power Consumption and Increasing Throughput," Proc. Hot Interconnects, 2001.

Digital Library

[17]

K. Zheng, H. Che, Z. Wang, and B. Liu, "an ultra high throughput and power efficient TCAM based IP lookup engine," Proc. IEEE Infocom, 2004.

[18]

H. Song and J. W. Lockwood, "Efficient packet classification for network intrusion detection using FPGA," Proc. International Symposium on Field Programmable Gate Arrays (FPGA), Monterey, USA, 2005.

Digital Library

[19]

V. Srinivasan and G. Varghese, "Faster IP lookups using controlled prefix expansion," Proc. ACM SIGMETRICS joint international conference on Measurement and modeling of computer systems, 1998.

Digital Library

[20]

V. Srinivasan, G. Varghese, S. Suri, and M. Waldvogel, "Fast and Scalable Layer Four Switching," Proc. Sigcomm, Spetember 1998.

Digital Library

[21]

P. Gupta and N. McKeown, "Packet classification on multiple fields," Proc. SIGCOMM, August 1999.

Digital Library

[22]

S. Singh, F. Baboescu, G. Varghese, and J. Wang, "Packet Classification Using Multidimensional Cutting," Proc. Sigcomm, August 2003.

Digital Library

[23]

P. Crescenzi and V. Kann, "A compendium of NP optimization problems." http://www.nada.kth.se/~viggo/wwwcompendium/node145.html.

[24]

G. Andersson and L. Engebretsen, "Better Approximation Algorithms and Tighter Analysis for SET SPLITTING and NOT-ALL-EQUAL SAT," Proc. technical reports, ECCCTR: Electronic Colloquium on Computational Complexity, 1998.

[25]

D. S. Johnson, "Approximation algorithms for combinatorial problems," Proc. the fifth annual ACM symposium on Theory of computing, 1973.

Digital Library

[26]

M. Hidell, P. Sjödin, and O. Hagsand, "Router Architectures," Tutorial at Networking 2004.

[27]

M. Kobayashi, T. Murase, and A. Kuriyama, "A longest prefix match search engine for multi-gigabit ip processing," Proc. International Conference on Communications (ICC 2000).

[28]

H. Liu, "conference on Measurement and modeling of computer systems," Proc. Hot Interconnects, 2001.

[29]

"Measurement & Operations Analysis Team from the National Library for Applied Network Research (NLANR) project," 2001.

Cited By

Zahwa WLahmadi ARusinowitch MAyadi M(2024)In-Network ACL Rules Placement using Deep Reinforcement Learning2024 IEEE International Mediterranean Conference on Communications and Networking (MeditCom)10.1109/MeditCom61057.2024.10621188(341-346)Online publication date: 8-Jul-2024
https://doi.org/10.1109/MeditCom61057.2024.10621188
Lin HPan WWang P(2023)Packet Classification Using TCAM of Narrow EntriesTechnologies10.3390/technologies1105014711:5(147)Online publication date: 19-Oct-2023
https://doi.org/10.3390/technologies11050147
Zahwa WLahmadi ARusinowitch MAyadi M(2023)Automated Placement of In-Network ACL Rules2023 IEEE 9th International Conference on Network Softwarization (NetSoft)10.1109/NetSoft57336.2023.10175436(486-491)Online publication date: 19-Jun-2023
https://doi.org/10.1109/NetSoft57336.2023.10175436
Show More Cited By

Index Terms

SSA: a power and memory efficient scheme to multi-match packet classification
1. Networks
  1. Network components
    1. Intermediate nodes
      1. Routers

Recommendations

Efficient Multimatch Packet Classification for Network Security Applications

New network applications like intrusion detection systems and packet-level accounting require multimatch packet classification, where all matching filters need to be reported. Ternary content addressable memories (TCAMs) have been adopted to solve the ...
Split: Optimizing Space, Power, and Throughput for TCAM-Based Classification
ANCS '11: Proceedings of the 2011 ACM/IEEE Seventh Symposium on Architectures for Networking and Communications Systems

Using Ternary Content Addressable Memories (TCAMs) to perform high-speed packet classication has become the de facto standard in industry because TCAMs facilitate constant time classication by comparing packet elds against ternary encoded rules in ...
Power efficient packet classification using cascaded bloom filter and off-the-shelf ternary CAM for WDM networks

In wavelength division multiplexing (WDM) networks, tens or hundreds of wavelengths can be transmitted over a single fiber. As transmission line speed goes to 10Gb/s and beyond, ternary CAM (TCAM) is usually employed for wire speed packet ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

ANCS '05: Proceedings of the 2005 ACM symposium on Architecture for networking and communications systems

October 2005

230 pages

ISBN:1595930825

DOI:10.1145/1095890

General Chair:
Alan Berenbaum
SMSC
,
Program Chairs:
Kai Li
Princeton University, Princeton, NJ
,
Jonathan Turner
Washington University in St. Louis

Copyright © 2005 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 26 October 2005

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

ANCS05

Sponsor:

ANCS05: Symposium on Architecture for Networking and Communications Systems 2005

October 26 - 28, 2005

NJ, Princeton, USA

Acceptance Rates

Overall Acceptance Rate 88 of 314 submissions, 28%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

42
Total Citations
View Citations
694
Total Downloads

Downloads (Last 12 months)1
Downloads (Last 6 weeks)0

Reflects downloads up to 10 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Zahwa WLahmadi ARusinowitch MAyadi M(2024)In-Network ACL Rules Placement using Deep Reinforcement Learning2024 IEEE International Mediterranean Conference on Communications and Networking (MeditCom)10.1109/MeditCom61057.2024.10621188(341-346)Online publication date: 8-Jul-2024
https://doi.org/10.1109/MeditCom61057.2024.10621188
Lin HPan WWang P(2023)Packet Classification Using TCAM of Narrow EntriesTechnologies10.3390/technologies1105014711:5(147)Online publication date: 19-Oct-2023
https://doi.org/10.3390/technologies11050147
Zahwa WLahmadi ARusinowitch MAyadi M(2023)Automated Placement of In-Network ACL Rules2023 IEEE 9th International Conference on Network Softwarization (NetSoft)10.1109/NetSoft57336.2023.10175436(486-491)Online publication date: 19-Jun-2023
https://doi.org/10.1109/NetSoft57336.2023.10175436
Xu WZhang ZSong HLiu SFeng YLiu B(2023)ISAC: In-Switch Approximate Cache for IoT Object Detection and RecognitionIEEE INFOCOM 2023 - IEEE Conference on Computer Communications10.1109/INFOCOM53939.2023.10229067(1-10)Online publication date: 17-May-2023
https://doi.org/10.1109/INFOCOM53939.2023.10229067
Lin HWang P(2023)TCAM-based packet classification for many-field rules of SDNsComputer Communications10.1016/j.comcom.2023.03.001203(89-98)Online publication date: Apr-2023
https://doi.org/10.1016/j.comcom.2023.03.001
Kumar ASuri M(2019)Optimized Programming for STT-MTJ-Based TCAM for Low-Energy Approximate ComputingApplications of Emerging Memory Technology10.1007/978-981-13-8379-3_6(159-176)Online publication date: 17-Jul-2019
https://doi.org/10.1007/978-981-13-8379-3_6
Lin HWang P(2018)Fast TCAM-Based Multi-Match Packet Classification Using DiscriminatorsIEEE Transactions on Multi-Scale Computing Systems10.1109/TMSCS.2018.28476774:4(686-697)Online publication date: 1-Oct-2018
https://doi.org/10.1109/TMSCS.2018.2847677
Zha YLi J(2018)CMAIEEE Computer Architecture Letters10.1109/LCA.2017.271902317:1(33-36)Online publication date: 1-Jan-2018
https://dl.acm.org/doi/10.1109/LCA.2017.2719023
Lin HWang P(2016)TCAM-Based Packet Classification Using Multi-stage SchemeProceedings of the Fifth International Conference on Network, Communication and Computing10.1145/3033288.3033302(83-87)Online publication date: 17-Dec-2016
https://dl.acm.org/doi/10.1145/3033288.3033302
Chang DWang P(2016)Tcam-based multi-match packet classification using multidimensional rule layeringIEEE/ACM Transactions on Networking10.1109/TNET.2015.241127424:2(1125-1138)Online publication date: 1-Apr-2016
https://dl.acm.org/doi/10.1109/TNET.2015.2411274
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents