| Date post: | 31-Dec-2015 |
| Category: |
Documents |
| Upload: | andrew-barry |
| View: | 28 times |
| Download: | 0 times |
Packet Classification Using Multidimensional Cutting
Sumeet Singh (UCSD)Florin Baboescu (UCSD)George Varghese (UCSD)
Jia Wang (AT&T Labs-Research)
Reviewed by
Michela BecchiDiscussion Leader
Haoyu Song
Michela Becchi - 04/19/23
Outline
Introduction
Related works» HiCuts
HyperCuts
Evaluation
Conclusions
Michela Becchi - 04/19/23
Packet Classification
Rule-based packets’ handling» Destination address» Source address» Protocol type» Destination and source port» TCP flags
Rules Destination Source Dest. Port Action
Rule1 * 128.13.34.42 25 Block
Rule2 128.12.120.1 * * Redirect
Michela Becchi - 04/19/23
Applications
Security
QoS
Network address translation
Traffic shaping
Monitoring
…
Michela Becchi - 04/19/23
Challenge
Classify packets at packets’ processing speed
Increasing link speed » 14% links between core routers OC-768 (40 Gbps)» 21% links between edge routers OC-192 (10 Gbps)
Memory-time tradeoff
Michela Becchi - 04/19/23
Terminology
Classifier: N rules R1,R2,…,RN
Rule Rj: array of k values (fields, dimensions )
Rj[i]: value of the i-th header field of a packet» Exact match: source address equal to 128.252.169.1 » Prefix match: destination address matches 128.252.*» Range match: destination port in range 0 to 255
actionj: action associated to Rj
E.g. R=(128.252.*,*,TCP,23,*), action=block» Pkt1=(128.252.169.16,128.111.41.101,TCP,23,1025)» Pkt2=(128.252.169.16,128.111.41.101,TCP,79,1025)
Michela Becchi - 04/19/23
Memory-time tradeoff Time-memory tradeoff:
» O((log N)^(k-1)) time and linear space» Log N time and O(N^k) space
SRAM vs. DRAM
Hardware solutions: Ternary CAMs
Algorithmic solutions:» Linear search» EGT-PC» HiCuts
Note: Update complexity not considered for core routers
Michela Becchi - 04/19/23
TCAMs
Uses parallelism in hardware
Pros:» Low latency and high throughput» Simple on-chip management scheme
Cons:» Power scaling (parallel comparisons) » Density scaling (more board area)» Time scaling (highest match arbitration)» Rule Multiplication for ranges (prefix format)
=> Suitable for small classifiers
Michela Becchi - 04/19/23
EGT-PC
Extended Grid-Of-Tries with Path Compression
Idea: Regardless of database size, any packet matches only a few rules. This is true even when the rules are projected to only source or destination fields
Extend efficient two-field classification algorithm with linear search
Worst case search time ~ HiCuts optmized for speed
Memory requirement ~ HiCuts optmized for space
Michela Becchi - 04/19/23
HiCuts
Hierarchical Intelligent Cutting
Decision-tree based algorithm
Linear search on leaves
Storage ~ depth of tree
Local optimization decisions at each node to test next dimension to cut» Limit amount of linear search» Limit amount of storage increase
Range checks => cut=hyperplane
Michela Becchi - 04/19/23
HiCuts: an example
Field2
Field4 Field3
R9
R10
R11
R8
R9
R10
R11
R7
R10
R11
R3
R7
R10
R11
R2
R7
R10
R11
R4
R7
R10
R11
R7
R10
R11R7
R11
R0
R5
R6
R10
R7
R10
R11
Field5R1
R7
R10
R11
R0
R5
R6
R7
R10
R11
R2
R3
R4
R7
R10
R11
R0
R1
R5
R6
R7
R10
R11
0..3 4..7 8..11
12..15
Bucket size = 4
(0010,1101,00,01,TCP)
12..15
0
Michela Becchi - 04/19/23
From HiCuts to Hypercuts
Multiple cuts per node possible» Reduce depth of the tree (memory)» Through array indexing one memory access per node
Hypercube instead of hyperspace
Michela Becchi - 04/19/23
Hypercube
* Slide taken from S. Singh’s presentation
Michela Becchi - 04/19/23
Building Decision Tree (1)
Step1: Select dimensions to cut
Goal: Pick dimensions leading to the most uniform distribution of rules
Alternatives:» Largest number of unique elements» # unique elements > mean of unique elements» # unique elements / size of region
Idea: dimensions with highest entropia
Michela Becchi - 04/19/23
Building Decision Tree (2)
Step2: Select number of cuts
Goal: Create search tree with minimal memory requirement
Alternative 1:» Minimum number of rules in each child node» Maximum number of children limited by space
factor * sqrt(# rules in current node)
Alternative 2 (Greedy approach):» Determine local optimum nc(i) for each dimension» Determine iteratively best combination
Michela Becchi - 04/19/23
Refinements (1) Node Merging:
nodes with same rules
Rule Overlap: overlapping rules and different priorities
Michela Becchi - 04/19/23
Refinements (2) Region Compaction:
shrink the region of a node depending on its rules
Pushing Common Rule Subset Upwards: » rules to non-leaf nodes.» Bitmap in header to
avoid extra memory accesses
Michela Becchi - 04/19/23
Search Algorithm
* Slide taken from S.Singh’s presentation
Michela Becchi - 04/19/23
Search Algorithm
* Slide taken from S.Singh’s presentation
Michela Becchi - 04/19/23
Search Algorithm
* Slide taken from S.Singh’s presentation
Michela Becchi - 04/19/23
Search Algorithm
* Slide taken from S.Singh’s presentation
Michela Becchi - 04/19/23
Evaluation Memory: up to an order of magnitude less than
HiCuts optimized for memory and EGT-PC
Time: 3 to 10 times faster than HiCuts
On ERs: HyperCuts ~ HiCuts (only IP source and destination specified => 2 dimensions)
On FWs: wildcard-rules on IP addresses make HyperCuts ouperform HiCuts
Synthetic databases: memory requirement grows linearly with number of rules (except for FWs – wildcards)
Michela Becchi - 04/19/23
Conclusions
Idea of cutting in more than one direction» Improvement in memory requirement» Still one access per node
Refinements to reduce memory wasting
Evaluation on industrial firewall databases and synthetic databases
Limited depth of the tree: possible hardware implementation using pipelining and on-chip SRAM
Michela Becchi - 04/19/23
Questions?
Michela Becchi - 04/19/23
Evaluation Data (1)
Michela Becchi - 04/19/23
Evaluation Data (2)
