Designed by
 ../epic_logo.gif (359 bytes)
EPIC
SOLUTIONS INTERNATIONAL



SIGCOMM 1998 LOGO High-Speed Policy-based Packet Forwarding Using Efficient Multi-dimensional Range Matching
T.V. Lakshman and D. Stiliadis (Bell Laboratories)

The ability to provide differentiated services to users with widely varying requirements is becoming increasingly important, and Internet Service Providers would like to provide these differentiated services using the same shared network infrastructure. The key mechanism, that enables differentiation in a connectionless network, is the packet classification function that parses the headers of the packets, and after determining their context, classifies them based on administrative policies or real-time reservation decisions. Packet classification, however, is a complex operation that can become the bottleneck in routers that try to support gigabit link capacities. Hence, many proposals for differentiated services only require classification at lower speed edge routers and also avoid classification based on multiple fields in the packet header even if it might be advantageous to service providers. In this paper, we present new packet classification schemes that, with a worst-case and traffic-independent performance metric, can classify packets, by checking amongst a few thousand filtering rules, at rates of a million packets per second using range matches on more than 4 packet header fields. For a special case of classification in two dimensions, we present an algorithm that can handle more than 128K rules at these speeds in a traffic independent manner. We emphasize worst-case performance over average case performance because providing differentiated services requires intelligent queueing and scheduling of packets that precludes any significant queueing before the differentiating step (i.e., before packet classification). The presented filtering or classification schemes can be used to classify packets for security policy enforcement, applying resource management decisions, ow identification for RSVP reservations, multicast look-ups, and for source-destination and policy based routing. The scalability and performance of the algorithms have been demonstrated by implementation and testing in a prototype system.


ACM Copyright Notice: Copyright (c) 1998 by Association for Computing Machinery, Inc. (ACM) Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that the copies are not made or distributed for profit or commercial advantage and that the copies bear this notice and full citation on the first page. Copyright for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, to republish, to post on servers, or to redistribute to lists, requires prior specific permission and/or a fee. Request permission to publish from: Publications Dept. ACM, Inc. Fax +1 212 869 0481 or email <permissions@acm.org>.

The referenced paper is in Computer Communication Review, a publication of ACM SIGCOMM, volume 28, number 4, October 1998. ISSN # 0146-4833.

This electronic facsimile may differ slighty from the printed version. It has may have been reformated to better support electronic viewing. Therefore, please use the printed version when referencing layout details, such as page numbers.

This paper is available in Postscript and Adobe Portable Document Format (PDF)

Get Acrobat Reader Get Microsoft Powerpoint Viewer, Get Ghostview Ghostview