VISVESVARAYA TECHNOLOGICAL UNIVERSITY

Jnana Sangama, Belagavi – 590018

Industrial Training Report on

“Study and Algorithm development of packet classification engine”
Submitted in partial fulfilment of the requirement for the award of the Degree of
BACHELOR OF ENGINEERING
In
ELECTRONICS AND COMMUNICATION ENGINEERING
By
Ruthu Dinesh
[1JS15EC081]
Internship carried out
At
Whizchip Design Technologies Pvt Ltd
Bangalore-560004

Internal Guide: External Guide:

Mrs. Shubha B Mr. Ravi Shankar R
Asst. Professor, Dept. of ECE CEO
JSSATE

Department of Electronics & Communication Engineering

(Accredited by NBA for the academic years 2017-18, 2018-19 and 2019-20)

JSS ACADEMY OF TECHNICAL EDUCATION

UG Programs accredited by NBA-ECE, CSE, ISE, Mech, Civil, IEM, E&IE
Dr. Vishnuvardhan Road, Bengaluru – 560060
2018-19
JSS ACADEMY OF TECHNICAL EDUCATION
UG Programs accredited by NBA-ECE, CSE, ISE, Mech, Civil, IEM, E&IE

1
 Dr. Vishnuvardhan Road, Bengaluru – 560060

Department of Electronics & Communication Engineering

(Accredited by NBA for the academic years 2017-18, 2018-19 and 2019-20)

INDUSTRIAL TRAINING CERTIFICATE

This is to Certify that Industrial training work entitled “Study and Algorithm
development of packet classification engine” has been successfully carried out
at Whizchip Design Technologies Pvt Ltd by Ruthu Dinesh, bearing USN
1JS15EC081, a bonafide student of JSS Academy of Technical Education in the
partial fulfilment for the award of degree of “BACHELOR OF
ENGINEERING” in ELECTRONICS AND COMMUNICATION
ENGINEERING as prescribed by VISVESVARAYA TECHNOLOGICAL
UNIVERSITY, Belgaum during the academic year 2018-2019. It is certified that
all suggestions/corrections indicated for the internal assessment has been
incorporated in the report. The industrial training report has been approved as it
satisfies the academic requirements in respect of internship work for the said
degree.

Mrs. Shubha B Dr. Siddesh G.K Dr. Mrityunjaya V Latte

Asst. Professor Assoc. Professor & HOD Principal
Dept of ECE, JSSATE-B Dept of ECE, JSSATE-B JSSATE-B

EXTERNAL VIVA
Name of the Examiners Signature with date

1.

2.

JSS ACADEMY OF TECHNICAL EDUCATION

2
 UG Programs accredited by NBA-ECE, CSE, ISE, Mech, Civil, IEM, E&IE
Dr. Vishnuvardhan Road, Bengaluru – 560060

Declaration

I, Ruthu Dinesh, bearing the USN: 1JS15EC081 student of Bachelor of Engineering.

Electronics and Communication Engineering, JSS Academy of Technical Education,
Bengaluru, hereby declare that the Industrial training entitled “Study and Algorithm
development of packet classification engine” has been carried out by me under the
supervision and guidance of Mr. Ravi Shankar R, Whizchip Design Technologies,
Bengaluru and Mrs Shubha B, Asst. Professor, Dept. of ECE Engineering, JSSATEB,
submitted by me as a partial fulfilment for the award of Bachelor of Engineering degree in
Electronics and Engineering from Visvesvaraya Technological University, Belagavi,
during the academic year 2018-19. I also declare that the internship has not been submitted
previously for the award of any degree or diploma, by me, to any institution.

RUTHU DINESH
1JS15EC081

3
 Acknowledgement

I would like to express my gratitude to Dr.Mrutunjaya V Latte, Principle, JSSATE,

Bangalore, for providing me excellent facilities and academic ambience which has
helped me in satisfactory completion of this bachelor’s degree.

I express my truthful thanks to Dr. Siddesh G K, Head of department, Dept. of ECE,

for his valuable support.

I extend my sincere thanks and heartfelt gratitude to internship coordinator, Mr

Ravikumar K P, Dept. of ECE, for providing me an invaluable support.

I extend my sincere thanks and heartfelt gratitude to my internal guide, Mrs. Shubha
B, Asst. Professor, Dept. of ECE, for providing me an invaluable support throughout the
period of my Industrial Training.

I wish to express my heartfelt gratitude to my external guide Mr. Ravi Shankar R,

The CEO, Whizchip Design Technologies, Bengaluru, for his valuable guidance,
suggestions and cheerful encouragement during the entire period of my Industrial
Training.

I would like to sincerely thank all those people who supported in the part of this
industrial training at Whizchip Design Technologies while presenting this Industrial
training and also during preparation of this report.

Finally, I take this opportunity to extend my earnest gratitude and respect to my

parents, teaching and non-teaching staffs of the department, the library staff and all my
friends, who have directly or indirectly supported me during the period of my industrial
training programme.

RUTHU DINESH
1JS15EC081

4
 CONTENTS

SL NO. PAGE NO
1. Working of Company 7
2. Preface 8
2.1. Purpose of this document 8
2.2. Overview 8

3. Introduction 9
4. Background of the invention 10
5. Performance metrics of packet classification 11
6. Abstract 12
7. Problems in classifying the packets 13
8. Literature survey 14
9. Definitions, Acronyms and Abbreviations 15
10. Block diagram 16
11. Received packet 18
12. Inspecting the packet for tag 20
13. Tagging the packet 'P' with the current time 22
14. For checking the port numbers 24
15. Understanding VLANs 28
16. VLAN port assignment 32
17. Conclusion 34

5
 1. ABOUT THE COMPANY

Whizchip Design Technologies Private Limited is a Private incorporated on 28

February 2005. It is classified as Non-govt Company and is registered at
Registrar of Companies, Bangalore. Its authorized share capital is Rs. 2,245,000
and its paid up capital is Rs. 2,157,500. It is involved in Software publishing,
consultancy and supply [Software publishing includes production, supply and
documentation of ready-made (non-customized) software, operating systems
software, business & other applications software, computer games software for
all platforms. Consultancy includes providing the best solution in the form of
custom software after analyzing the user’s needs and problems. Custom
software also includes made-to-order software based on orders from specific
users. Also, included are writing of software of any kind following directives of
the users; software maintenance, web-page design].

Business Objectives:

Towards customers
Strive continuously to assist our customers to reduce cost and increase
predictability in their complex chip design projects by

 Development and deployment of advanced design and verification

methodology IP.
 Providing technology based services to our customers in all phases of chip
design.
 Supplementing our customers with well chosen, well managed, top of the line
quality engineering staff.

6
Towards our colleagues
Enabling our deserving engineers by setting up a platform to have world class
technology exposure

Core Values:
• Credibility
• Innovation
• Collaboration
• Customer Orientation

7
2. PREFACE:
2.1. Purpose of this document
This document is a Technical Design Document for Packet Classification
Engine. It provides guidance which is intended to assist the relevant
management in producing a project specific technical design document. It
is also useful background reading for anyone involved in developing or
monitoring the Packet Classification Engine.

2.2. Overview
The process of categorizing packets into “flows” in an Internet router is
called packet classification. All packets belonging to the same flow obey
a pre-defined rule and are processed in a similar manner by the router.
Routers classify packets to determine which flow they belong to, and to
decide what service they should receive. Classification may, in general,
be based on an arbitrary number of fields in the packet header.
Performing classification quickly on an arbitrary number of fields is
known to be difficult, and has poor worst-case performance. In this
document, we consider a classifier taken from real network. We find that
the classifier contain considerable structure and redundancy that can be
exploited by the classification algorithm.
Packet classification is one of the most important tasks by the networking
equipment. This device is used to sort the packets. A packet has five
fields where these have to be matched with a rule. The incoming packets
are placed in a flow which is determined by the matched rule. Packet’s
priority is decided by the matched rule. Classifying the packet is the
difficult task. All the packets are processed at same speed and the rule
sets can contain ten thousand of rules. The packet classification uses
classification engine that consumes more power. Power is the major
constraint in the networking device.

8
3. INTRODUCTION

Packet classification is employed by Internet routers to implement a number

of advanced Internet services, such as routing, rate limiting, and access-
control in firewalls, virtual bandwidth allocation, policy-based routing,
service differentiation, load balancing, traffic shaping, and traffic billing.
Each of these services require the router to classify incoming packets into
different flows and then perform appropriate actions depending upon which
flow the incoming packet has been identified to fall into. These flows or
classes, are specified by a classifier. A classifier is a set of filters or rules.
There are more than ten thousand rules. These rules determine its own
action.
The present invention relates to a general-purpose programmable packet
processing platform for accelerating network infrastructure applications
which have been structured so as to separate the stages of classification and
action. The packet classifications, execution of actions upon these packets
are accelerated through the specialized modules.
Until recently, Internet routers provided only “best-effort” service, servicing
packets in a first-come-first-served manner. Routers are now called upon to
provide different qualities of service to different applications which means
routers need new mechanisms such as admission control, resource
reservation, per-flow queuing, and fair scheduling. All of these mechanisms
require the router to distinguish packets belonging to different flows.
The result is provided to a packet processor to take the appropriate action
based on the classification result.

9
4. BACKGROUND OF THE INVENTION

The present invention is related to the field of data communication networks.

In data communication networks, network devices such as switches are used
to route the packet through the network. Each switch typically has number of
ports interfaces, each connected to different network segment. When a
packet is received at a given port interface, forwarding logic determines
which port interface the packet should be transmitted from, and the packet is
transferred to the appropriate outgoing port interface to be sent towards the
destination in the network.

10
5. PERFORMANCE METRICS OF PACKET CLASSIFICATION

• Search speed — Faster links requires faster classification. For example, links
running at 10Gbps can bring 31.25 million packets per second (assuming
minimum sized 40 byte TCP/IP packets).
• Low storage requirements — Small storage requirements enable the use of fast
memory technologies like SRAM (Static Random Access Memory). SRAM can
be used as an on-chip cache by a software algorithm and as on-chip SRAM for a
hardware algorithm.
• Ability to handle large real-life classifiers.
• Fast updates — As the classifier changes, the data structure needs to be
updated. Data structures are categorized into those which can add or delete
entries incrementally, and those which need to be reconstructed from scratch
each time the classifier changes. When the data structure is reconstructed from
scratch, it is called “pre-processing”. The update rate differs among different
applications: a very low update rate may be sufficient in firewalls where entries
are added manually or infrequently, whereas a router with per-flow queues may
require very frequent updates.
• Scalability in the number of header fields used for classification.
• Flexibility in specification — A classification algorithm should support
general rules, including prefixes, operators (range, less than, greater than, equal
to, etc.) and wildcards. In some applications, non-contiguous masks may be
required.

11
6. ABSTRACT

The process of categorizing packets into “flows” in an Internet router is

called packet classification. All packets belonging to the same flow obey a
pre-defined rule and are processed in a similar manner by the router. For
example, all packets with the same source and destination IP addresses may
be defined to form a flow. Packet classification is needed for non “best-
effort” services, such as firewalls and quality of service; services that require
the capability to distinguish and isolate traffic in different flows for suitable
processing.

12
 7. PROBLEMS IN CLASSIFIYING THE PACKETS

The criteria for classifying packet is called rule R, and the set of finite rules R1,
R2...Rn contained in forwarding machine is called rule database or classifier.
The fields of rule and packet header are related, For example, the rules that
implement IPv4 consist of 5 fields (source IP address, destination IP address,
protocol type, source port, and destination port). The incoming packet to router
matches specific rule if the distinct fields in the packet match the corresponding
fields in that rule. Since a packet may match more than one rule in the database,
assigning a cost to each rule can avoid this ambiguity. The packet classification
problem is how to determine the lowest-cost matching for the incoming packet.
The packet must match at least one rule. There are three matching types.
1. Exact match: The values of rule fields and Packet header fields must be
identical.
2. Prefix match: The rule fields values must be prefix for the header fields
values.
3. Range match: The header field’s values must lie in the range specified by
the rule.

13
8. LITERATURE SURVEY

There are many algorithms to classify packets. Each method consumes

different amount of power. Decision tree based packet classification is one of
the oldest techniques in classifying packets which consumes about 15 Watts
of power. Deep packet inspection technique consumes about 13.28 Watts of
power. Multidimensional packet classification consumes about 15 Watts to
less than 3Watts. Smart pre-classifier technique uses about 11 Watts of
power. Hyper split which is also a method to classify the packets consume
about 12 Watts. This survey tells that the minimum power consumption is
about 9 Watts and a maximum of 15 Watts. So this is a major criterion in
classifying technique and has to be reduced.

14
 9. DEFINITION, ACRONYMS AND ABBREVIATIONS

Packet Memory: - This memory consists of one full packet.

Packet Index Memory: - This memory contains the length and locations of the
packets.
Classifier:- It’s a fundamental performance that allows a packet processing
system to cross layers of protocols stack without de-multiplexing.
Look-up Memory: - This memory location consists of 20-bit port numbers and
12-bit VLAN.
VLAN Tagging:- VLAN Tagging is method through which more than one
VLAN is handled on a port.
VLAN - Virtual land area network
CRC – Cyclic Redundancy Checking
IEEE - The Institute of Electrical and Electronics Engineers
 MAC – Media Access Control

15
 10. BLOCK DIAGRAM

P0

PACKET
P1

CLASSIFIER
P2

PACKET
P3
INDEX

LOOK UP MEMORY:

VLAN PN

P0
P1
P2
.
.

16
The packet index memory is organized as a 32-bit memory address. It is based
on length and location of the packets.
The first bit value is an entry bit of 0 or 1 that is to be stored into or accessed
from the memory cell.
The operation of the packet memory is supported by the packet index memory.
The memory is often organized to fit the needs of particular computer
architecture.
Flows are specified by rules applied to incoming packets. We call a collection
of rules a classifier.
Each rule specifies a flow that a packet may belong to based on some criteria
applied to the packet header.

1 150 0x4000
The bit value is one, so the entry is valid.
Then go to all the 0x4000 location.
Pick up the data from 150 locations that is starting at 0x4000.
This is one full packet.

0 150 0x4000
The bit value is zero.
Therefore, entry is invalid.
The look-up memory can be used or accessed randomly.
It acts as a very quick storage for all the information and data.
It has 12-bit VLANs and 20-bit port numbers.
Same port numbers may be assigned to various VLANs.

17
 VLAN PORT NO.

VLAN 1 P0
VLAN 2 P1
VLAN 3 P2

VLAN 4 P3

11. RECEIVED PACKET

After a packet is received from the network by the network interface device and
processed by the link layer, the processed packet is delivered to the network
layer.
Then it will check the packet for errors, IP checksum error etc.
If the packet is error-free, there are two possible scenarios:
1. The packet is destined to this host.
2. The packet is destined to some other host.

START

INITIALIZATION

PACK DATA

A
18
 A

WAIT

NO
RECEIVED?

READ

ENCODE
COMMAND

NO
TRANSMIT?

YES

TRANSMIT
PACKET

19
 12. INSPECTING THE PACKET FOR TAG

If we have more than one VLAN on the port, it is necessary to tell which packet
belongs to which VLAN on the other end.
To do this we are “tagging” a packet with a VLAN tag. VLAN tag is inserted in
the Ethernet frame as shown below:

Preamble Destination Source MAC Ethernet Data CRC

MAC Type

Preamble Destination Source 802.1Q Ethernet CRC

Data
MAC MAC Type
[CRC-CYCLIC REDUNDANCYCHECK]

Inspection Sequence Based On Header Fields

The 802.1Q tag contains a VLAN-ID.

The first 16-bit contains the “tag protocol identifier” which is 8100.
This also doubles as the Ether Type 0x8100 for the devices that don't
understand VLANs.
So a “tagged” packet contains the VLAN information in the Ethernet frame
while an “untagged” packet doesn't.

START

RECEIVED PACKET

20
 A

CHECK NO. OF
HEADERS

CHECK UNIQUE
VALUE

FORWARD
PACKET

VLAN tagging is used to tell which packet belongs to which VLAN on the
other side.
To make recognition easier, a packet is tagged with a VLAN tag in the
Ethernet frame.
To add a tag to a packet, we use tag keyword.
Once a tag is applied to a packet by a matching rule, it is never removed.
It can, however, be replaced with a different tag.
A packet is only assigned to one tag at a time.

21
 13. Tagging the packet 'P' with the current time

Start

Is queue Yes
Drop P
full?

No

Tag P with current time Increment

Push P to queue

Update queue with P’s size

Stop

Each tag has its own port number.

Tag Port No.

NA def=0
22
 If the port number matches with the tag then the packet is accepted.
Else a default VLAN ID is added.
The frame has a four-byte VLAN tag added, which includes the VLAN ID.

Destination Source Type/Len Data

Tag

Received a
packet

No
Does packet
carry tag?

Accept packet and add Yes

default VLAN ID

VLAN ID
No
Is VLAN ID Discard
valid?

Yes

Accept the packet

A 23
 A

Prepare for sending packet

Does the
No device
send
tagged
packets?

Yes
Remove tag
Retain original tag

Send it out

14. For checking the port numbers

A port is a number used to uniquely identify a transaction over a network by

specifying both the host and the service.
Port numbers are used in providing the destination of information on a
network.
The port mapping involves translating the address or port number to a new
destination, accepting the packet and forwarding it.
For checking the port number availability, before changing the port numbers,
make sure that the new ports you are going to use are available.

24
 Start

Input port no.

Open the port

Disconnect

If
connection
is valid?

Connected

End

You can mark classified packets to indicate their traffic class. You can colour
packets by marking the IP precedence or DSCP field in the packets IP header or
the Experimental field in the MPLS label header.

 Network Type
The network type influences the method used for differentiating between traffic
classes and providing differentiated services for each class. An IP network can
choose to differentiate traffic based on either IP precedence or IP DSCP values.

25
On the other hand, an MPLS-based core infrastructure would use the EXP
values to differentiate between the various classes. Similarly, a Layer 2-based
core such as an Ethernet-switched network may use the 802.1p bits for the same
purpose. Hence it becomes very important for the SP to mark traffic at the
network edge using the appropriate scheme that is being used in the network
core.

 Traffic Type
The traffic type has a bearing on the method used for providing differentiated
services. Certain traffic types might not support a given method if used for the
purpose of differentiating classes. A good example is using MPLS EXP as a
scheme for providing differentiation for VoIP traffic that is not labeled (and
placed in the global routing table) in an MPLS-based core. Since this traffic is
not label switched and instead is carried as pure IP (unlabeled) traffic, the
scheme for providing differentiated services would indeed fail. Hence it is
imperative to clearly identify the various traffic types to be transported in the
network and appropriately choose the correct scheme for deployment. In certain
cases, more than one method can be used for this purpose. For instance, it is
common to deploy an EXP and IP precedence plus DSCP-based scheme in the
core, for supporting the various traffic types in a given environment.

 Classification and Marking Using the MPLS Experimental Field

The MPLS header consists of several fields. One of them is the 3-bit-long
experimental field, as illustrated in Figure 2.7. The EXP field was originally
called the CoS field when Cisco developed tag switching. When MPLS became
a formal standard, the CoS field was renamed the Experimental, or EXP, field
as its use was not clearly defined. However, the EXP field is still used to carry

26
CoS bits. The network core uses the EXP markings to apply the necessary
priorities for traffic.

 Classification and Marking Using the 802.1p Field in 802.1Q

802.1p, part of the IEEE 802.1Q standard, allows for the marking of Layer 2
frames with a user-priority value. The 802.1p field is 3 bits wide and thus
provides for easy mapping with the IP precedence and MPLS EXP fields. An
802.1Q frame is created from an Ethernet frame by changing the ether type of
the frame to 0×8100 (indicating 802.1Q) and inserting a 4-byte 802.1Q tag, as
illustrated in Figure below.

27
15. Understanding VLANs

A VLAN is a switched network that is logically segmented by function,

project team, or application, without regard to the physical locations of
the users. VLANs have the same attributes as physical LANs, but you can
group end stations even if they are not physically located on the same
LAN segment. Any switch module port can belong to a VLAN, and uni-
cast, broadcast, and multicast packets are forwarded and flooded only to
end stations in the VLAN.
Each VLAN is considered a logical network, and packets destined for
stations that do not belong to the VLAN must be forwarded through a
router, as shown in Figure below. Because a VLAN is considered a
separate logical network, it contains its own bridge MIB information and
can support its own implementation of spanning tree.

VLANs as Logically Defined Networks

28
 VLANs are often associated with IP sub networks. For example, all the end
stations in a particular IP subnet belong to the same VLAN. Interface VLAN
membership on the switch module is assigned manually on an interface-by-
interface basis. When you assign switch module interfaces to VLANs by using
this method, it is known as interface-based, or static, VLAN membership.

Traffic between VLANs must be routed. Switch modules that are running the IP
services image can route traffic between VLANs by using Switch Virtual
Interfaces (SVIs). To route traffic between VLANs, an SVI must be explicitly
configured and assigned an IP address. For more information, see the “Switch
Virtual Interfaces” section and the “Configuring Layer 3 Interfaces” section.
This section includes:
 Supported VLANs
 Normal-Range VLANs
 Extended-Range VLANs
 VLAN Port Membership Modes
 UNI-ENI VLANs

Supported VLANs
VLANs are identified with a number from 1 to 4094. VLAN IDs 1002 through
1005 are reserved for Token Ring and FDDI VLANs. VLAN IDs greater than
1005 are extended-range VLANs and are not stored in the VLAN database.
Although the switch module supports a total of 1005 (normal-range and
extended-range) VLANs, the number of routed ports, SVIs, and other
configured features affects the use of the switch module hardware.

29
 Normal-Range VLANs

Normal-range VLANs are VLANs with VLAN IDs 1 to 1005. You can add,
modify or remove configurations for VLANs 2 to 1001 in the VLAN database.
(VLAN IDs 1 and 1002 to 1005 are automatically created and cannot be
removed.)
Configurations for VLAN IDs 1 to 1005 are written to the file vlan.dat (VLAN
database), and you can display them by entering the show vlan privileged
EXEC command. The vlan.dat file is stored in flash memory.
You can set these parameters when you create a new normal-range VLAN or
modify an existing VLAN in the VLAN database:
 VLAN ID
 VLAN name
 VLAN type (Ethernet, Fiber Distributed Data Interface [FDDI], FDDI network
entity title [NET], TrBRF, or TrCRF, Token Ring, Token Ring-Net)
 VLAN state (active or suspended)

 Maximum transmission unit (MTU) for the VLAN

 Security Association Identifier (SAID)
 Bridge identification number for TrBRF VLANs
 Ring number for FDDI and TrCRF VLANs
 Parent VLAN number for TrCRF VLANs
 Spanning Tree Protocol (STP) type for TrCRF VLANs
 VLAN number to use when translating from one VLAN type to another
 Private VLAN. Configure the VLAN as a primary or secondary private
VLAN. For information about private VLANs.
 Remote SPAN VLAN. Configure the VLAN as the Remote Switched
Port Analyzer (RSPAN) VLAN for a remote SPAN session. For more
information on remote SPAN.
 UNI-ENI VLAN configuration

30
For extended-range VLANs, you can configure only MTU, private VLAN,
remote SPAN VLAN, and UNI-ENI VLAN parameters.
Extended-Range VLANs
You can create extended-range VLANs (in the range 1006 to 4094) to enable
service providers to extend their infrastructure to a greater number of customers.
The extended-range VLAN IDs are allowed for any switch port commands that
allow VLAN IDs. Extended-range VLAN configurations are not stored in the
VLAN database, but they are stored in the switch module running configuration
file, and you can save the configuration in the startup configuration file by using
the copy running-config startup-config privileged EXEC command.

The configured VLANs with interfaces assigned as access and trunk ports on switches
could look like this:

31
 The port modes are defined as follows:

 Access Port — the frames received on the interface are assumed to not
have a VLAN tag and are assigned to the specified VLAN. Access ports
are used primarily for hosts and can only carry traffic for a single VLAN.

 Trunk Port — the frames received on the interface are assumed to have
VLAN tags. Trunk ports are for links between switches or other network
devices and are capable of carrying traffic for multiple VLANs.

16. VLAN Port Assignment

VLANs are assigned to individual switch ports.

Ports can be statically assigned to a single VLAN or dynamically assigned to a
single VLAN.
All ports are assigned to VLAN1 by default.
Ports are active only if they are assigned to VLANs that exist on the switch.
Static port assignments are performed by the administrator and do not change
unless modified by the administrator.
Dynamic VLANs are assigned to a port, based on the MAC address of the
device plugged into a port.
After configuring a port to VLAN assignments, we use two commands to
verify the VLAN port assignments:
COS – show port
IOS – show interface status
The default VLAN ID in only relevant on an access port, which is port that
sends and expects to receive traffic without a VLAN tag.

32
 When we enable port-based VLANs, all ports in the system are added to the
default VLAN. By default, the default VLAN ID is “VLAN 1”.
The default VLAN is not configurable.
If we want to use the VLAN ID, “VLAN 1” as a configurable VLAN, we can
assign a different VLAN ID to the default VLAN.
Also, we must specify a valid VLAN ID that is not already in use.
For example, if we have already defined VLAN 10, we cannot try to use
“10” as a new VLAN ID for the default VLAN.

No connection among Is port in Yes VLAN Yes

devices in same VLAN correct present in A
VLAN? VLAN
database?

No
No

Assign port to Create VLAN in VLAN

correct VLAN database

Verify connection among

devices in same VLAN

33
17. CONCLUSION
To classify a packet as belonging to a flow often requires network system
to maintain large data structures. A key challenge is to design packet
classification engine that can be implemented efficiently on network
processor platforms. We argue that the design of such engine/system will
need to exploit the structure and characteristics of packet classification
rules.

34