TY - GEN
T1 - Space and speed tradeoffs in TCAM hierarchical packet classification
AU - Kesselman, Alex
AU - Kogan, Kirill
AU - Nemzer, Sergey
AU - Segal, Michael
PY - 2008
Y1 - 2008
N2 - Hierarchical packet classification is a crucial mechanism necessary to support many Internet services such as Quality of Service (QoS) provisioning, traffic policing, and network intrusion detection. Using Ternary Content Addressable Memories (TCAMs) to perform high-speed packet classification has become the de facto standard in industry. TCAMs compare packet headers against all rules in a classification database concurrently and thus provide high throughput unparalleled by software-based solutions. However, the complexity of packet classification policies have been growing rapidly as number of services deployed on the Internet continues to increase. High TCAM memory requirement for complex hierarchical policies is a major issue as TCAMs have very limited capacity. In this paper we consider two optimization problems of dual nature: the first problem is to minimize the number of TCAM entries subject to the constraint on the maximum number of levels in the policy hierarchy; the second problem is to minimize the number of levels in the policy hierarchy subject to the constraint on the maximum number of TCAM entries. We propose efficient dynamic programming algorithms for these problems, which reduce the TCAM memory requirement. To the best of our knowledge, this is the first work to study the fundamental tradeoff between the TCAM space and the number of lookups for hierarchical packet classification. Our algorithms do not require any modifications to existing TCAMs and are thus relatively easy to deploy.
AB - Hierarchical packet classification is a crucial mechanism necessary to support many Internet services such as Quality of Service (QoS) provisioning, traffic policing, and network intrusion detection. Using Ternary Content Addressable Memories (TCAMs) to perform high-speed packet classification has become the de facto standard in industry. TCAMs compare packet headers against all rules in a classification database concurrently and thus provide high throughput unparalleled by software-based solutions. However, the complexity of packet classification policies have been growing rapidly as number of services deployed on the Internet continues to increase. High TCAM memory requirement for complex hierarchical policies is a major issue as TCAMs have very limited capacity. In this paper we consider two optimization problems of dual nature: the first problem is to minimize the number of TCAM entries subject to the constraint on the maximum number of levels in the policy hierarchy; the second problem is to minimize the number of levels in the policy hierarchy subject to the constraint on the maximum number of TCAM entries. We propose efficient dynamic programming algorithms for these problems, which reduce the TCAM memory requirement. To the best of our knowledge, this is the first work to study the fundamental tradeoff between the TCAM space and the number of lookups for hierarchical packet classification. Our algorithms do not require any modifications to existing TCAMs and are thus relatively easy to deploy.
UR - http://www.scopus.com/inward/record.url?scp=49049118926&partnerID=8YFLogxK
U2 - 10.1109/SARNOF.2008.4520087
DO - 10.1109/SARNOF.2008.4520087
M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???
AN - SCOPUS:49049118926
SN - 1424418437
SN - 9781424418435
T3 - Proceedings of the 2008 IEEE Sarnoff Symposium, SARNOFF
BT - Proceedings of the 2008 IEEE Sarnoff Symposium, SARNOFF
T2 - 2008 IEEE Sarnoff Symposium, SARNOFF
Y2 - 28 April 2008 through 30 April 2008
ER -