Add to collection(s) Add to saved
  1. No category

Implemented Method(1/17) - CSIE -NCKU

advertisement 
Packet Classification using
Rule Caching
Author: Nitesh B. Guinde, Roberto Rojas-Cessa, Sotirios G. Ziavras
Publisher: IISA, 2013 Fourth International Conference
Presenter: Chih-Hsun Wang
Date: 2014/12/10
Department of Computer Science and Information Engineering
National Cheng Kung University, Taiwan R.O.C.
Introduction



Different packet classification schemes have been
developed but they require a number of memory accesses
as classification is complex and memory is slow.
We propose a scheme based on memory cache to support
packet classification.
We present various packet classification caching schemes
for performing classification and provide the cache hit
ratio results for various traffic models generated with
Class bench.
National Cheng Kung University CSIE
Computer & Internet Architecture Lab
2
Method (1/9)



Use the concept of caching of rules using the leastrecently used (LRU) policy to replace information in
the cache.
Create two tries, one for the source IP and the other one
for the destination IP
Priority Bit
•
•
(1) there does not exist any rule which could be matched if r is
matched.
(2) there exists no rule of higher precedence which could be matched
if rule r is matched.
National Cheng Kung University CSIE
Computer & Internet Architecture Lab
3
Method (2/9)
National Cheng Kung University CSIE
Computer & Internet Architecture Lab
4
Method (3/9)
R1,R2,R3,R4,R5,R6
R5,R6
R6
R6
R5,R6
R5,R6
R6
R6
R6
R4,R6
R3,R5,R6
National Cheng Kung University CSIE
Computer & Internet Architecture Lab
R1,R2,R6
5
Method (4/9)
R1,R2,R3,R4,R5,R6
R4,R6
R5,R6
R4,R6
R5,R6
R5,R6
R1,R2,R6
R3,R5,R6
National Cheng Kung University CSIE
Computer & Internet Architecture Lab
6
Method (5/9)


We can decrease the number of steps in trie traversing by
directly checking the rules that could be matched and
those that have a priority higher than the rules in the
cache.
To achieve this, we need to store two address pointers, the
source IP trie address pointer and the destination IP trie
address pointer.
National Cheng Kung University CSIE
Computer & Internet Architecture Lab
7
Method (6/9)

Data Structure
•
•
•
•
•
•
Source IP, Destination IP
Source port range, Destination port range
Protocol
Flags
Priority bit
Source IP trie address, Destination IP trie address
National Cheng Kung University CSIE
Computer & Internet Architecture Lab
8
Method (7/9)
Search
Incoming Packet
Source IP
Destination IP
1100*
Source
Port
111*
Cache
Des. Port
R1
6
R2
17
R2 will match in cache but it’s priority bit is 0
Rule #
SIP
DIP
SP
DP
PB
AP
R1
1100*
111*
0:5
16:20
1
S11,D6
R2
1100*
111*
0:65535
16:20
0
S11,D6
National Cheng Kung University CSIE
Computer & Internet Architecture Lab
9
Method (8/9)
Search
Rule #
SIP
DIP
SP
DP
PB
AP
R1
1100*
111*
0:5
16:20
1
S11,D6
R2
1100*
111*
0:65535
16:20
0
S11,D6
National Cheng Kung University CSIE
Computer & Internet Architecture Lab
10
Method (9/9)
Search
Incoming Packet
Source IP
Destination IP
1100*
Source
Port
111*
Des. Port
6
17
Rule #
SIP
DIP
SP
DP
PB
AP
R1
1100*
111*
0:5
16:20
1
S11,D6
R2
1100*
111*
0:65535
16:20
0
S11,D6
match R2
National Cheng Kung University CSIE
Computer & Internet Architecture Lab
11
Problem (1/3)
National Cheng Kung University CSIE
Computer & Internet Architecture Lab
12
Problem (2/3)
Incoming Packet
Source IP
69.63.137.234
Destination IP
81.170.248.180
Source Port
750
Des. Port
113
Best match
R11
National Cheng Kung University CSIE
Computer & Internet Architecture Lab
13
Problem (3/3)
Incoming Packet
Source IP
69.63.137.234
Destination IP
Not 81.170.248.180
Source Port
750
Des. Port
113
Best match
R16
National Cheng Kung University CSIE
Computer & Internet Architecture Lab
14
Solution (1/3)



Create additional 256-bit vector and
information about the dependent rules.
Change the position of the bit pointed to by
the value in the byte to 1.
Keep the bit vector that contains the smallest
number of 1’s along with the marker
signifying the byte number of the bit vector
National Cheng Kung University CSIE
Computer & Internet Architecture Lab
15
Solution (2/3)
R16 for example
Dependent rules:
R11, R12, R13
National Cheng Kung University CSIE
Computer & Internet Architecture Lab
16
Solution (3/3)
R16 for example
Pick
National Cheng Kung University CSIE
Computer & Internet Architecture Lab
17
Implemented Method(1/17)

Method I

Method II
• Use a simple LRU scheme.
• Use a priority bit without the 256-bit vector.
• Use a simple LRU scheme.
• Use a priority bit and the 256-bit vector.
National Cheng Kung University CSIE
Computer & Internet Architecture Lab
18
Implemented Method(2/17)

Method III
• Use the frequency-based replacement method.
• Cache is divided into three sections: NEW, MID
•
and OLD sections.
Every rule in the cache has a reference count
associated with it.
National Cheng Kung University CSIE
Computer & Internet Architecture Lab
19
Implemented Method(3/17)
R1 match
NEW
MID
OLD
R1,1
National Cheng Kung University CSIE
Computer & Internet Architecture Lab
20
Implemented Method(4/17)
R2 match
NEW
MID
OLD
R2,1
R1,1
National Cheng Kung University CSIE
Computer & Internet Architecture Lab
21
Implemented Method(5/17)
R3 match
NEW
MID
OLD
R3,1
R2,1
R1,1
National Cheng Kung University CSIE
Computer & Internet Architecture Lab
22
Implemented Method(6/17)
R4 match
NEW
MID
R4,1
R1,1
OLD
R3,1
R2,1
National Cheng Kung University CSIE
Computer & Internet Architecture Lab
23
Implemented Method(7/17)
R1 match
NEW
MID
R1,2
R2,1
OLD
R4,1
R3,1
If the rule hit is in the MID section, then its count is incremented
and the rule is moved to the head of the NEW section.
National Cheng Kung University CSIE
Computer & Internet Architecture Lab
24
Implemented Method(8/17)
R4 match
NEW
MID
R4,1
R2,1
OLD
R1,2
R3,1
The reference count of the rule is not incremented in the NEW
and OLD sections.
National Cheng Kung University CSIE
Computer & Internet Architecture Lab
25
Implemented Method(9/17)
R10 match
NEW
MID
OLD
R4,1
R2,1
R7,1
R1,2
R5,1
R8,2
R3,1
R6,1
R9,1
If the cache is full, then we remove from the OLD section the rule
that has the least count.
National Cheng Kung University CSIE
Computer & Internet Architecture Lab
26
Implemented Method(10/17)

Method IV
• Separate count for the rule in the main memory
•
•
and cache.
Do not cache the rule until the count for the rule
crosses a threshold.
Maintain a sampling window of T time slots (i.e.,
incoming packet counts). At every t=n*T, for n=1,
2, 3, …, we transfer into the cache the rules that
have counts bigger than the chosen threshold.
National Cheng Kung University CSIE
Computer & Internet Architecture Lab
27
Implemented Method(11/17)
Threshold = 2, t = n*T, n = 1
Main Memory
Cache
R1,3
R2,0
R3,0
R4,0
R5,0
R6,0
Incoming Packet match R1, R1, R1
National Cheng Kung University CSIE
Computer & Internet Architecture Lab
28
Implemented Method(13/17)
Threshold = 2, t = n*T, n = 1
Main Memory
Cache
R1,1
R1,1
R2,0
R3,0
R4,0
R5,0
R6,0
At every t=n*T, for n= 1, 2, 3, …,
we transfer into the cache the rules that have counts bigger
than the chosen threshold. F
National Cheng Kung University CSIE
Computer & Internet Architecture Lab
29
Implemented Method(14/17)
Threshold = 2, t = n*T, n = 1
Main Memory
Cache
R1,1
R1,1
R2,1
R3,1
R3,1
R4,2
R4,1
R5,1
R6,1
Incoming Packet match R5, R6, R5
National Cheng Kung University CSIE
Computer & Internet Architecture Lab
30
Implemented Method(15/17)
Threshold = 2, t = n*T, n = 1
Main Memory
Cache
R1,1
R1,1
R2,1
R3,1
R3,1
R4,2
R4,1
R5,3
R6,2
Incoming Packet match R5, R6, R5
National Cheng Kung University CSIE
Computer & Internet Architecture Lab
31
Implemented Method(16/17)
Threshold = 2, t = n*T, n = 1
Main Memory
Cache
R1,1
R5,1
R2,1
R1,1
R3,1
R4,1
R4,1
R5,1
R6,2
R3 has be replaced
National Cheng Kung University CSIE
Computer & Internet Architecture Lab
32
Implemented Method(17/17)

Method V
• This method is very similar to the method III.
• Remove the MID section in the cache.
• Increment counts in the OLD section.
• The OLD section is very wide containing 768
locations.
National Cheng Kung University CSIE
Computer & Internet Architecture Lab
33
Experimental Results (1/4)
National Cheng Kung University CSIE
Computer & Internet Architecture Lab
34
Experimental Results (2/4)
National Cheng Kung University CSIE
Computer & Internet Architecture Lab
35
Experimental Results (3/4)
National Cheng Kung University CSIE
Computer & Internet Architecture Lab
36
Experimental Results (4/4)
National Cheng Kung University CSIE
Computer & Internet Architecture Lab
37
Related documents
A high-throughput and high-capacity IPv6 routing lookup system
A high-throughput and high-capacity IPv6 routing lookup system
sub-expression - Computer & Internet Architecture Lab!
sub-expression - Computer & Internet Architecture Lab!
2002 Accounting Theory and Practice Conference
2002 Accounting Theory and Practice Conference
Microsoft Word version
Microsoft Word version
Master Kung - WordPress.com
Master Kung - WordPress.com
Thesis_ECDS - CSIE -NCKU
Thesis_ECDS - CSIE -NCKU
心理學概論
心理學概論
Download
advertisement