Title: Packet Classification Algorithms
1Packet Classification Algorithms
2Outline
- Background and problem definition
- Classification schemes
- One dimensional classification
- Two dimensional classification
3Background
4Flow-aware Vs. Flow-unaware Routers
- Flow-aware router
- Keep track of flows and perform similar
processing on packets in a flow - Flow-unaware router
- Packet-by-packet router
- Treat each incoming packet individually
5Why Flow-aware Router?
- Additional mechanisms required
- Admission control, resource reservation, per-flow
queueing, fair scheduling etc. - Provision of DiffService in ISPs
- Capability to distinguish and isolate traffic
belonging to different flows based on negotiated
service agreements
Rules or Policies
Classification
6Need for DiffService
- Service
- Traffic shaping
- Traffic filtering
- Policy routing
7More Valueadded Services
- DiffService
- Regard traffic from Autonomous System 33 as
platinumgrade - Accounting and billing
- Treat all video traffic as highest priority and
perform accounting for this type of traffic - Committed access rate (rate limiting)
- Rate limit WWW traffic from subinterface739 to
10Mbps
8Flow-aware Router
- Basic Architectural Components
9Flow Classification
Forwarding Engine
H E A D E R
Flow Classification
Flow Index
Classifier (Policy Database)
Incoming Packet
10Classful Addresses
11Classless InterDomain Routing (CIDR)
- Prefix can be of arbitrary length
12Table Growth of a Backbone Router
From http//www.telstra.net/ops/bgptable.html
13Prefix Length Distribution
14Problem Definition- Packet Classification
15- Given a classifier C with N rules, Rj, 1 ? j ? N,
where Rj consists of three entities - A regular expression Rji, 1 ? i ? d, on each of
the d header fields, - A number, pri(Rj), indicating the priority of the
rule in the classifier, and - An action, referred to as action(Rj)
16Classification is a Generalization of Lookup
- Classifier routing table
- One-dimension (destination address)
- Rule routing table entry
- Regular expression prefix
- Action (next-hop-address, port)
- Priority prefix-length
17Metrics for Classification Algorithms
- Speed
- Storage requirements
- Low update time
- Ability to handle large classifiers
- Flexibility in implementation
- Low preprocessing time
- Scalability in the number of header fields
- Flexibility in rule specification
18One Dimensional Packet Classification IP
Address Lookup Algorithms
19Binary Tries
Prefixes a 0 b 01000 c 011 d 1 e 100 f
1100 g 1101 h 1110 i 1111
20Path-Compressed Trie
Prefixes a 0 b 01000 c 011 d 1 e 100 f
1100 g 1101 h 1110 i 1111
Legend x indicates to inspect which bit
21Disjoint-prefix Binary Trie
Prefixes a 0 b 01000 c 011 d 1 e 100 f
1100 g 1101 h 1110 i 1111
- Leaf pushing
- Disjoint prefixes do not overlap
- No prefix is itself a prefix of another
22Variable-stride Multibit Trie
Prefixes a 0 b 01000 c 011 d 1 e 100 f
1100 g 1101 h 1110 i 1111
- Reduced number of memory accesses
- Greater wasted space
23Caching Addresses
24Hash-based Scheme
- Store a hash table for each prefix length
- Hash key is the prefix value and prefix length
- Search scheme
- Linear search on prefix lengths
- Binary search on prefix lengths
- Need to provide intermediate markers
- Guide to more specific prefix
- Need precomputation per marker
- Avoid backtracking
25Linear Search on Prefix Lengths
Linear search on length
Prefixes a 0 b 01000 c 011 d 1 e 100 f
1100 g 1101 h 1110 i 1111 j 01 k
1100001 p 101
26Linear Search on Prefix Lengths (cont.)
Query address A 01110011
Prefix-length Hash-Table
1 (0, a), (1, d)
2 (01, j)
3 (011, c), (100, e), (101, p)
4 (1100, f), (1101, g), (1110, h), (1111, i)
5 (01000, b)
6
7 (1100001, k)
Probing sequence
27Binary Search on Prefix Lengths (1)
Binary search on length
Prefixes a 0 b 01000 c 011 d 1 e 100 f
1100 g 1101 h 1110 i 1111 j 01 k
1100001 p 101
1
2
3
4
5
6
7
28Binary Search on Prefix Lengths (2)
- Need to provide intermediate markers to guide to
more specific prefix - A prefix with length i places a marker in an
ancestor node iff the node representing the hash
table of prefix-length i lies in the right
sub-tree of the ancestor node - E.g. A prefix with length 6 will place a marker
in the hash table of prefix-length 4 - Need precomputation of longest matching prefix
(LMP) per marker to avoid backtracking - LMP of a marker a matching prefix that is
shorter than the marker and longer than any other
matching prefix
29Binary Search on Prefix Lengths (3)
Prefix-length Hash-Table
1 (0, a), (1, d)
Query address A 01110011
Prefix-length Hash-Table
2 (01, j), (10, d)
Prefix-length Hash-Table
3 (011, c), (100, e), (101, p)
Prefix-length Hash-Table
4 (1100, f), (1101, g), (1110, h), (1111, i), (0100, j)
Prefix-length Hash-Table
5 (01000, b), (11000, f)
Prefix-length Hash-Table
6
Marker with precomputed BMP
Prefix-length Hash-Table
7 (1100001, k)
Probing sequence
30Lookups with Ternary-CAM
31Lookups with Ternary-CAM
- Disadvantages
- Inflexible range-to-prefix blowup
- Density largest available in 2000 is 32K x 128
(but can be cascaded) - Management software, and on-chip logic
non-trivial complexity - Power 5-8 W
- Incremental updates slow
- DRAM-based CAMs higher density but soft-error is
a problem - Cost 30-160 for 1Mb
- Advantages
- Suitable for multiple fields
- Fast 16-20 ns (50-66 Mpps)
- Simple to understand
32Two Dimensional Packet Classification
33Taxonomy of Classification Algorithms
- Trie-based search schemes
- Hierarchical tries
- Set pruning tries
- Grid-of-tries
- Tuple space-based search schemes
- Line search
- Rectangle search
- Double binary search
- Sequential binary search
- Other interesting schemes
- Bitmap-intersection
- Cross-producting
34Trie-Based Search Algorithms
35- Hierarchical tries (multilevel tries,
backtracking search tries, trie-of-tries) - Store rule at most once
- Need backtracking
- Set pruning tries
- Replicate rules to avoid backtracking
- Grid-of-tries
- Use switching pointer and precomputation to avoid
replicating rules and backtracking traversal
36Hierarchical Tries
- A simple extension of 1-D trie-based IP address
lookup algorithm - For all rules, construct a 1-D source-trie
according to their prefixes in source field - For each prefix, p, in the source-trie, construct
a 1-D Destination-trie, Tp, on those rules whose
prefixes in source field are identical to p - Prefix p is linked to the trie Tp by using a next
trie pointer
37Hierarchical Tries ? Search Process
- Perform the longest matching prefix in field one
and then in field two - Backtrack to find the next longest matching
prefix in field one and then perform the longest
matching prefix in field two - Repeat Step 2 until the Destination-trie pointed
by the root of the Source-trie has been examined
completely
38Hierarchical Tries ? An Example
Query P (SA, DA) (0101, 0001)
1
0
Rule DA SA
R1 0 10
R2 0 01
R3 0 1
R4 00 1
R5 00 11
R6 10 1
R7 00
Dest. trie
0
0
Next trie pointer
1
1
0
1
0
Src. tries
R3
R4
R6
1
0
1
0
R5
R2
R1
R7
39Hierarchical Tries ? Performance
- The worst case search time complexity is O(W2),
where W is the maximum bit length of fields - The worst case storage requirement is O(NW) for N
rules
40Set Pruning Tries (1)
- Eliminate the backtrack traversals incurred in
the Hierarchical Tries data structure by
replicating some rules - The rules are replicated to ensure that every
matching rule will be encountered in the same
path - Condition for replicating rule
- For any two arbitrary rules R1 and R2, if R11
is a prefix of R21, then replicate a new rule
R1 (R21, R12) to the original rule set F
to obtain an extended rule set F
41Set Pruning Tries (2)
- Construct a Hierarchical Tries on the extended
rule set F - Search strategy
- Sequentially perform the longest matching prefix
in both fields and keep track of the best
matching rule
42Set-pruning Tries ? An Example
Query P (SA, DA) (0101, 0001)
Rule DA SA
R1 0 10
R2 0 01
R3 0 1
R4 00 1
R5 00 11
R6 10 1
R7 00
R1 00 10
R2 00 01
R7 0 00
R7 00 00
R7 10 00
Replicated rules
43Set Pruning Tries ? Performance
- The worst case search time complexity is O(W),
where W is the maximum bit length of fields - The worst case storage requirement is O(N2W) for
N rules
44Grid-of-Tries (1)
- Avoid the memory blowup problem incurred in Set
Pruning Tries while still achieve O(W) search
time as in Hierarchical Tries - Use precomputation and switch pointers in the
lower level tries (e.g. source tries) - Switch pointers allow the search process to move
more on the path of the matching source trie,
without having to restart at the root of the next
ancestor source trie
45Grid-of-Tries (2)
- Precomputation is used to ensure that matching
rules are encountered before a switching pointer
changes the search path to next source trie - Each trie node (D, S) pre-computes the best
matching rule whose destination field is a prefix
of D and source field is a prefix of S - Precomputation is applied when one rule is
completely contained by another one
46Grid-of-Tries (3)
- Assume that a switching pointer with label b (
0 or 1) exists from a node w in the source
trie Tw to a node x of another source trie Tx, it
satisfies - Bit-string (root(T), s) is a prefix of bit-string
(root(T), r) - Bit-string (root(Tw), w) b bit-string
(root(Tx), y, x) - Node w dose not have a child pointer labeled b
47Grid-of-Tries (4)
48Grid-of-Tries ? An Example
Query P (SA, DA) (0101, 0001)
1
Rule DA SA
R1 0 10
R2 0 01
R3 0 1
R4 00 1
R5 00 11
R6 10 1
R7 00
0
Dest. trie
0
0
0
1
0
0
1
1
R3
0
R4
R3
R6
0
0
1
1
0
Source tries
R5
R2
R1
R7
Replace R4 by R3 through Precomputation
Switching pointer
49Grid-of-Tries ? Performance
- The worst case search time complexity is O(W),
where W is the maximum bit length of fields - The worst case storage requirement is O(NW) for N
rules
50Grid-of-Tries ? cont.
20K entries 2MB, 9 memory accesses (with
expansion)
- Disadvantages
- Static solution
- Not easily extensible to more than two
dimensions
- Advantages
- Good solution for two dimensions
51Tuple Space-Based Search Algorithms
52Introduction
- Decompose the classification problem into a
number of exact match problems, then use hashing - Define a tuple as a combination of field lengths
- E.g. Both rules (01, 11) and (11, 00) belong
to tuple T(2,2) - Use hashing in each tuple to find a match
- Need to provide intermediate markers
- Guide the search process to more specific rules
- Need precomputation of Best Matching Rule
- Avoid backtracking
53Introduction - cont.
- Search schemes
- Line Search
- Rectangle Search
- Double Binary Search
- Sequential Binary Search
54Line Search (1)
- Simply partition the 2-D packet classification
problem into several 1-D search problems - Use binary search on prefix lengths to solve the
1-D search problem - Perform linearly on columns and binary search
within each column - A column is a sequence of tuples whose prefix
lengths are identical in first field and
completely ordered in second field - E.g. column 2 T(2, 0), T(2, 1), T(2, 2),,T(2,W)
55Line Search (2)
- Require the help of marker and precomputation to
enable the binary search within each column - Marker
- A rule in tuple (i, j) places a marker in an
ancestor node iff the node representing tuple (i,
j) lies in the left sub-tree of the ancestor node
- Precomputation
- The best matching rule for a marker is a matching
rule that is less specific than the marker and
more specific than any other rule in the same
column
56Illustration of Marker and Precomputation
- Rule R3 places a marker (1, 10) in tuple (1,
2) and the precomputation of best matching rule
is R1
Binary search on lengths of column 1
Rule set
Source prefix-length
Rule SA DA Tuple
R1 1 1 (1,1)
R2 1 00 (1,2)
R3 1 100 (1,3)
0 1 2 3 4
0
1 (1,1,R1)
2 (1,00,R2) (1,10, R1)
3 (1,100,R3)
4
1,0
1,1
1,2
1,3
Dest. Prefix-length
1,4
marker
57Query - An Example
Query P (1101, 1001)
Source prefix-length
Rule SA DA Tuple
R1 10 0 (2,1)
R2 01 0 (2,1)
R3 1 0 (1,1)
R4 1 00 (1,2)
R5 11 10 (2,2)
R6 1 100 (1,3)
R7 00 (2,0)
0 1 2 3 4
0 (00,,R7)
1 (1,0,R3) (10,0,R1) (01,0,R2)
2 (1,00,R4) (1,10,-) (11,10,R5)
3 (1,100,R6)
4
Dest. Prefix-length
marker
A match is found
- The matching rules for packet P are R5 and R6
58Line Search ? Performance
- The worst case search time complexity is
- Need to examine (W1) columns
- Within a column, require at most ?log(W1)? hash
probes to find the best matching rule - The worst case storage requirement is O(N logW)
for N rules - Generate at most logW markers per rule
59Line Search ? Enhancement
- Perform binary search on a sequence of completely
ordered prefix-length pairs longer than a single
row or column - The optimal length of a sequence is determined by
making it as long as possible while keeping its
length just below power of two - E.g. Length 1, 3, 7,, 2k-1, for k ? N
60Optimal Sequence Length
- For example in a 6 ? 6 tuple space
Optimal sequences
Original sequences
61Rectangle Search (1)
- Achieve a linear lookup performance
- Construction of marker
- A rule in a tuple places a marker at all tuples
to its left in the same row - Precomputation for a marker
- Similar to Line Search, each marker precomputes
the best matching rule from all rules that map to
tuples above it in the same column
62Illustration of Marker
- Rule R1 places a marker (, 1) in T(0, 1)
- Rule R2 creates three markers to its left in row
3
4-bit Rule set
Source prefix-length
Rule SA DA Tuple
R1 1 1 (1,1)
R2 110 100 (3,3)
0 1 2 3 4
0
1 (,1,) (1,1,R1)
2
3 (,100,-) (1,100,R1) (11,100,-) (110,100,R2)
4
Dest. Prefix-length
Markers in this row placed by R2
63Illustration of Precomputation
- Precomputation for marker (1, 100) in tuple
(1, 3) is R1
Source prefix-length
4-bit Rule set
Rule SA DA Tuple
R1 1 1 (1,1)
R2 110 100 (3,3)
0 1 2 3 4
0
1 (,1,) (1,1,R1)
2
3 (,100,-) (1,100,R1) (11,100,-) (110,100,R2)
4
Dest. Prefix-length
Consider all rules mapping to tuples above it in
this column for precomputation
64Rectangle Search (2)
- Search strategy
- Start probing at the bottom-left tuple
- Move right when a match is found in the current
tuple - Move up when no rule is matched in this tuple
- Terminate probing when the first row or the
right-most column is crossed
65Illustration of Search Strategy
Terminate probing
Source prefix-length
0 1 2 k W-1 W
0
1
2
3
. . .
j
j1
. . .
W-1
W
No match, move up!
Dest. Prefix-length
A match is found, move right!
Start probing
66Query - An Example
Query P (1101, 1001)
Source prefix-length
Rule SA DA Tuple
R1 10 0 (2,1)
R2 01 0 (2,1)
R3 1 0 (1,1)
R4 1 00 (1,2)
R5 11 10 (2,2)
R6 1 100 (1,3)
R7 00 (2,0)
0 1 2 3 4
0 (0,,-) (00,,R7)
1 (,0,-) (1,0,R3) (0,0,-) (10,0,R1) (01,0,R2)
2 (,00,-) (,10,-) (1,00,R4) (1,10,-) (11,10,R5)
3 (,100,-) (1,100,R6)
4
Dest. Prefix-length
marker
A match is found
- The matching rules for packet P are R5 and R6
67Rectangle Search - Performance
- The worst case search time complexity is 2W 1
- The worst case storage requirement is N (W 1)
for N rules - A rule may place as many as W markers
68Double Binary Search (1)
- Rule set constraint conflict free
- Two rules R1 and R2 are conflict if R11 is a
prefix of R21 and R22 is a prefix of R12 - Ambiguity about best matching rule occurs when
two conflicting rules match a packet - Add a conflict resolution rule (R21, R12) to
resolve it - For example
R1 ( 10, 010) R2 (101, 10)
Conflicting rules
Resolution rule
R3 (101, 010)
69Illustration of Conflict Rules
- R1 and R2 are conflict
- R3 is the conflict resolution rule for R1 and R2
Tuple space
Geometric representation
4-bit Rule Set
Source prefix-length
Rule SA DA Tuple
R1 10 010 (2,3)
R2 101 10 (3,2)
R3 101 010 (3,3)
0
1
2
3
4
0
1
Dest. Prefix-length
R2
2
R1
3
R3
4
70Double Binary Search (2)
- Columns (rows) form a binary tree based on prefix
lengths in field one (two) - Search strategy
- Perform binary search on columns
- Perform binary search on tuples within a column
- Need to place primary markers for each rule
- Enable binary search on columns
- Need to place secondary markers for each rule or
primary marker - Enable binary search within a column
71Double Binary Search (3)
- Primary marker
- A rule places it to an ancestor node iff it is
in the left sub-column-tree of the ancestor node - Secondary marker
- The way to generate it is similar to that for
primary markers - Precomputation for a primary marker
- Consider all rules mapping to tuples which lie
in its top-left quadrant - Precomputation for a secondary marker
- Consider all rules or primary markers in tuples
above it in the same column
72Illustration of Markers
4-bit rule set
Column-tree
Rule SA DA Tuple
R1 1 1 (1,1)
R2 111 100 (3,3)
Source prefix-length
Row-tree
0 1 2 3 4
0
1 (1,1,R1)
2 (11,10,-) (111,10,-)
3 (11,100,R1) (111,100,R2)
4
Secondary marker created by R2
Dest. Prefix-length
Secondary marker created by primary marker (11,
100)
Primary marker created by R2
73Precomputation for A Primary Marker
- Precomputation for the primary marker (11,
100) in tuple (2, 3) is R1
4-bit Rule set
Source prefix-length
Rule SA DA Tuple
R1 1 1 (1,1)
R2 111 100 (3,3)
0 1 2 3 4
0
1 (1,1,R1)
2 (11,10,-) (111,10,-)
3 (11,100,R1) (111,100,R2)
4
Dest. Prefix-length
Consider all rules mapping to its top-left tuples
for precomputation of the primary marker (11,
100)
74Precomputation for A Secondary Marker
- Precomputation for the secondary marker (111,
10) in tuple (3, 2) is null
4-bit Rule set
Consider all rules mapping to tuples above it in
the same column for precomputation of the
secondary marker (111, 10)
Rule SA DA Tuple
R1 1 1 (1,1)
R2 111 100 (3,3)
Source prefix-length
0 1 2 3 4
0
1 (1,1,R1)
2 (11,10,-) (111,10,-)
3 (11,100,R1) (111,100,R2)
4
Dest. Prefix-length
75Query P(1101, 1001) - An Example
Rule SA DA Tuple
R1 10 0 (2,1)
R2 011 010 (3,3)
R3 1 0 (1,1)
R4 1 00 (1,2)
R5 11 10 (2,2)
R6 1 100 (1,3)
R7 00 (2,0)
R1 10 100 (2,3)
Source prefix-length
0 1 2 3 4
0 (00,,R7)
1 (1,0,R3) (10,0,R1),
2 (1,00,R4) (1,10,-) (11,10,R5), (01,01,-)
3 (1,100,R6) (10,100,R1) (01,010,-) (011,010,R2)
4
6
9
8
5
7
1
4
Dest. Prefix-length
3
2
76Double Binary Search - Performance
- The worst case search time is (?log(W1)?)2
- The worst case storage requirement is N log2W
for N conflict-free rules - A rule places at most logW primary markers
- A rule or a primary marker may place as many as
logW secondary marker
77Sequential Binary Search (1)
- Rule set constraint conflict free
- Speed up the search time by replicating some
rules and applying the longest prefix match
concept - The rules are replicated to ensure that every
matching rule will be encountered in the same
column - Condition of replication rule
- For any two arbitrary rules R1 and R2, if R11
is a prefix of R21, then replicate a new rule
R1 (R21, R12)
78Illustration of Replication Rule
4-bit Rule Set
Rule SA DA Tuple
R1 1 00 (1,2)
R2 11 10 (2,2)
R3 1 100 (1,3)
R4 00 (2,0)
R1 11 00 (2,2)
R2 11 100 (2,3)
Replication rules
Replicated rules
79Sequential Binary Search (2)
- Marker and Precomputation
- Identical to that used in Line Search algorithm
- Search strategy
- Perform the longest prefix match for field one,
assume that it occurs in column i - Within column i, perform binary search with the
help of markers - If there is no match, return a no match
- Otherwise, the rule found is the best matching
rule
80Query - An Example
Query P (1101, 1001)
Longest matching prefix in field one occurs here!
Rule SA DA Tuple
R1 10 0 (2,1)
R2 01 0 (2,1)
R3 1 0 (1,1)
R4 1 00 (1,2)
R5 11 10 (2,2)
R6 1 100 (1,3)
R7 00 (2,0)
R1 10 00 (2,2)
R3 11 0 (2,1)
R4 11 00 (2,2)
R5 11 100 (2,3)
Source prefix-length
0 1 2 3 4
0 (00,,R7)
1 (1,0,R3) (10,0,R1), (01,0,R2) (11,0,R3)
2 (1,00,R4) (1,10,-) (11,10,R5), (10,0,R1), (11,00,R4)
3 (1,100,R6) (11,100,R5)
4
Dest. Prefix-length
- The matching rules for packet P are R5 and R5
81Sequential Binary Search - Complexity
- Search time 2 ?log(W1)?
- The longest prefix match for field one can be
done in ?log(W1)? probes - Finding the best matching rule in a column
requires ?log(W1)? probes - Storage requirement N (logW 1) for N
conflict-free rules - A rule may place as many as logW markers
82Other Interesting Algorithms
- Bitmap-intersection
- Cross-producting
83Bitmap-intersection
R2
R1
R3
R4
84Bitmap-intersection cont.
512 rules 1Mpps with single FPGA (33MHz) and
five 1Mb SRAM chips
85Cross-producting
6
(8,4)
5
R2
R1
R3
4
R4
(1,3)
3
2
1
2
1
7
8
9
4
5
6
3
86Cross-producting cont.
Need 2 1-D lookups 1 memory access, O(N2)
space
50 rules 1.5MB, need caching (on-demand
cross-producting ) for bigger classifiers