Add to collection(s) Add to saved
  1. No category

HybridCuts

advertisement 
HybridCuts: A Scheme Combining Decomposition
and Cutting for Packet Classification
Wenjun Li
Xianfeng Li
School of Electronic and Computer Engineering (ECE)
Peking University
IEEE Hot Interconnects 21
San Jose, CA, August 21-22, 2013
Outline

Background

HybridCuts

Evaluation

Conclusion
School of ECE, Peking University
2
PART I: Background
School of ECE, Peking University
3
Packet Classification
 Key for policy enforcement in packet forwarding
Router / Firewall
Incoming Packet
Outgoing Packet
Forwarding Engine
Header
Flow Classification
Fibre Optics
Fibre Optics
Header
Classifier (Rule Database)
Predicate
Action
Payload
Payload
#
r1
r2
r3
SA
1.2.3.0/20
1.2.3.11/24
*
DA
192.168.0.1
1.2.3.11/24
*
SP
[1,65534]
80
*
DP
[1,65534]
[1,65534]
*
School of ECE, Peking University
Prot
TCP
UDP
*
Action
accept
accept
discard
4
Why Yet Another Paper?
A well established problem
without
Well established solutions
 Algorithmic: Desired but speed/memory inefficient
 Architectural: Fast but expensive, power hungry,
poor scalability and suffer from range expansion
School of ECE, Peking University
5
Recent Efforts on Algo. Solutions
A
EffiCuts [SIGCOMM’10]
B
Reduction by Separation
Equal-dense cutting, etc
C
A
D
B
G
D
E
E
F
C
Pros
Reduction on memory
consumption
F
Cons
G
Increase on #memory
accesses
School of ECE, Peking University
6
Better Solutions?
Rule separation: the right direction
Better separations
(with less rule groups)
+
Better cuttings
(by exploiting characteristics)
School of ECE, Peking University
7
A Little Review...
 Decomposition
 Cutting
Y
R1
R6
Packet P
3
2
1
R3
R2
.
Y
R5
R4
X
4
Root
Node
X
R1, R2
School of ECE, Peking University
R2, R5
R3, R5
R6
R4
8
PART II: HybridCuts
School of ECE, Peking University
9
HybridCuts
A two-stage scheme
Original Rule Set
1st Stage
2nd Stage
Decomposition
Cutting
SA-subset
Decision Tree SA
DA-subset
Decision Tree DA
SP-subset
Decision Tree SP
DP-subset
Decision Tree DP
Big-subset
Decision Tree Big
Preprocessing && Constructing search structure
School of ECE, Peking University
10
Observations (1)
Very few big rules!
Threshold: (SA,DA,SP,DP)
School of ECE, Peking University
11
Observation (2)
R14
R10
R8
R11
X-Subset
R9
R7
R14
R13
R6
R8
Y
R10
R12
R5
Decomposition
R11
R9
X
R4
R7
R13
R6
R3
Y
R5
R1
R2
R12
R4
X
Y-Subset
R3
Y
R1
R2
X
School of ECE, Peking University
12
Decomposition
Search in DA
Rules
matching DA
Search in SP
Rules
matching SP
Search in DP
Rules
matching DP
Search in Prot
Rules
matching Prot
SA-subset tree
Best matching
in SA-subset
DA-subset tree
Best matching
in DA-subset
SP-subset tree
Best matching
in SP-subset
DP-subset tree
Best matching
in DP-subset
Big-subset tree
Best matching
in Big-subset
School of ECE, Peking University
Highest
Priority Rule
Priority Selector
Rules
matching SA
Match Aggregation
Packet Header
Improved
Decomposition
Packet Header
Traditional
Decomposition
Search in SA
Highest
Priority Rule
13
FiCuts: Fixed intelligent Cuttings
Cut
2
Cut 0
R14
R14
R10
R8
R10
R8
R11
R11
R9
Cut 0
R9
R13
Y
Cut 1
HiCutsàFiCuts
R13
Y
R12
X
Root
(Cut 0)
(Y-Cuts:2)
Node 1
(Cut 1)
(Y-Cuts:2)
Leaf 1
R12
Leaf 2
R8 R9
R11 R13
R12
Simpler but
more efficient
X
Root
(Cut 0)
(X-Cuts:4)
Node 2
(Cut 2)
(X-Cuts:2)
Leaf 3
R8
R9
Leaf 1
R8
Leaf 2
R9
Leaf 3
R10
Leaf 4
R11 R12
R13 R14
Leaf 4
R10 R11
R14
School of ECE, Peking University
14
A hybrid FiCuts + HyperCuts
 When to switch to HyperCuts?
 Subspace becomes small, and rule replication becomes
intense
 A threshold to trigger the FiCut=>HyperCuts switching
School of ECE, Peking University
15
Effectiveness (1)
R7
 14 à36 rules
R14
R6
R8
R10
R5
R11
R9
R4
R13
R3
Y
R1
R12
R2
Root
X
Node1
Leaf1
R1,2
Leaf2
R2
Leaf3
R3,8
Node2
Leaf4
R3,9
Leaf5
R2
Leaf6
R2,12
Leaf7
R4
Node3
Leaf8
R11,13
Leaf9
R5,8
Leaf10
Node4
Node5
R9
Leaf11
Leaf12
R10
R6,7
Leaf13
R11
Node7
Node6
Leaf15
Leaf16
Leaf17
Leaf18
Leaf19
Leaf20
Leaf21
Leaf22
Leaf23
Leaf24
Leaf25
Leaf14
R6,8
R6
R8
R7
R6,10
R6,10
R7
R7
R6,11
R11
R7
R14
HyperCuts
School of ECE, Peking University
16
Effectiveness (2)
X_FiCuts 0
 14 à14 rules
R14
R7
R10
R8
R11
R6
R9
HyperCuts 0_Y
R13
R5
Y
Y_FiCuts 0
R4
R12
R3
X
Y
HyperCuts 0_X
Root
(X_FiCuts 0)
(Cuts:4)
R1
R2
X
Root
(Y_FiCuts 0)
(Cuts:4)
Leaf 1
R1
Leaf 2
R3
R4
Leaf 3
R5
Y-Subset
Leaf 1
R8
Leaf 4
R6
R7
Leaf 2
R9
Leaf 3
R10
Leaf 4
R11
(PushUp)
HybridCuts
School of ECE, Peking University
Node 1
(HyperCuts 0)
(X-Cuts:2)
(Y-Cuts:2)
Leaf 5
R11 R12
R13
Leaf 6
R11
Leaf 7
R11
R14
X-Subset
17
Optimization
 Can be smaller? 5à3 subsets
Threshold: (SA,DA)
School of ECE, Peking University
18
PART III: Evaluation
School of ECE, Peking University
19
Experimental Setup
 Tested with
 A publicly available rule set from Washington University
 Used the ACL & FW & IPC 1K, 10K
 ClassBench
 Generate ACL & FW & IPC 100K
 Compared with
 HyperCuts && EffiCuts
 Primary metrics
 Memory consumption (Bytes/rule)
 Number of memory accesses
 Open Source for HybridCuts
 https://github.com/lwj4333765/HybridCuts
School of ECE, Peking University
20
Memory Consumption
HyperCuts
EffiCuts
HybridCuts
Bytes per rule
1.00E+07
1.00E+06
1.00E+05
1.00E+04
1.00E+03
1.00E+02
1.00E+01
1.00E+00
ACL_1K ACL_10K ACL_100K FW_1K
FW_10K FW_100K
School of ECE, Peking University
IPC_1K
IPC_10K IPC_100K
21
Memory Accesses
HyperCuts
EffiCuts
HybridCuts
Overall Memory Accesses
120
100
80
60
40
20
0
ACL_1K ACL_10K ACL_100K FW_1K
FW_10K FW_100K
School of ECE, Peking University
IPC_1K
IPC_10K IPC_100K
22
More Insights
The sizes of subsets
SA_SIZE
DA_SIZE
The sizes of trees
SA_MEM
BIG_SIZE
100%
100%
90%
90%
80%
80%
70%
70%
60%
60%
50%
50%
40%
40%
30%
30%
20%
20%
10%
10%
DA_MEM
BIG_MEM
0%
0%
ACL_1K
ACL_10K ACL_100K
FW_1K
FW_10K
FW_100K
IPC_1K
IPC_10K
IPC_100K
ACL_1K
ACL_10K ACL_100K
School of ECE, Peking University
FW_1K
FW_10K
FW_100K
IPC_1K
IPC_10K
IPC_100K
23
Potential Gain with Parallelization
Overall #memory accesses
45
Worst-case tree height
40
35
30
25
20
15
10
5
0
ACL_1K
ACL_10K ACL_100K
FW_1K
FW_10K FW_100K
School of ECE, Peking University
IPC_1K
IPC_10K IPC_100K
24
PART V: Conclusion
School of ECE, Peking University
25
Conclusion
 HybridCuts:
decomposition + cutting
New observations
A new rule set decomposition
A hybrid One- + Multi- dimensional cutting
 Future Works
OpenFlow
Software-hardware combined, e.g., FPGA
Combine with TCAM
School of ECE, Peking University
26
Thank you!
E-mail: liwenjun@sz.pku.edu.cn
wenjunli@pku.edu.cn
Web: http://liwenjun.weebly.com
Related documents
Document
Document
党苹课件
党苹课件
Beijing-Copenhagen Urban Challenge
Beijing-Copenhagen Urban Challenge
ECE 465 Teaching Philosophy
ECE 465 Teaching Philosophy
FIERCE CONVERSATIONS Fierce, Inc. ©
FIERCE CONVERSATIONS Fierce, Inc. ©
PhD Qualifying Exam
PhD Qualifying Exam
Click to file - Army Counseling Online
Click to file - Army Counseling Online
HARDWARE / SOFTWARE PARTITIONING
HARDWARE / SOFTWARE PARTITIONING
PowerPoint Presentation - Merrillville Community School
PowerPoint Presentation - Merrillville Community School
Download
advertisement