Embed Size (px)
Citation preview
EQC16: An Optimized Packet Classification Algorithm
For Large Rule-Sets
Author: Uday Trivedi, Mohan Lal Jangir
Publisher: 2014 International Conference on Advances in Computing, Communications and Informatics (ICACCI)
Presenter: Chih-Hsun Wang
Date: 2014/4/8
Department of Computer Science and Information Engineering National Cheng Kung University, Taiwan R.O.C.
Introduction
Packet classification is a well-researched field. However, none of the existing algorithms works well for very large rule-sets up to 128K rules.
EQC16 uses 16 bit lookup to reduce memory accesses, min-max rule information to narrow down search scope, and combines two 8 bit fields for fast search.
It has very high classification speed, reasonable memory requirement and small preprocessing time for large rule-sets and it supports real-time incremental updates.
EQC16 can be termed as “Equivalence class with 16 bit” design.
National Cheng Kung University CSIE Computer & Internet Architecture Lab
2
EQC16 Algorithm
National Cheng Kung University CSIE Computer & Internet Architecture Lab
3
EQC16 borrows the initial idea from BV and ABV (Aggregated Bit-Vector) and optimizes it with multiple changes.
The simplest data structure to describe BV with 8 bit lookup is a table with 256 rows and c columns where c is number of chunks.
EQC16 Algorithm
National Cheng Kung University CSIE Computer & Internet Architecture Lab
4
With ABV algorithm, each table index stores N bit BV vector and ABV vector. BV vector is partitioned into k blocks, each of size A bits, where k = N/A where A is aggregation factor.
EQC16 Algorithm
We noticed that many BV vectors at different row and column have eventually same bit vector data. However, there is no mechanism to find duplicate data in BV and ABV algorithms.
Instead of having large BV vector at each table index, we can have one table which stores all unique bit vectors and use index value of this table entry to access that bit vector.
Each unique entry is called an equivalence class and the table is called equivalence class table.
National Cheng Kung University CSIE Computer & Internet Architecture Lab
5
EQC16 algorithm uses two primary tables as part of search database.• Rule Index table: Rule index table contains indices to related EQC
table entry.
• EQC table : This table stores all unique BV, ABV and miscellaneous data like number of set rules (set bits), reference count, minimum and maximum rule number in BV etc. Min and Max rule keep information about LSB and MSB bit set in BV. Reference count is used while adding/deleting an EQC entry.
National Cheng Kung University CSIE Computer & Internet Architecture Lab
6
EQC16 Algorithm
National Cheng Kung University CSIE Computer & Internet Architecture Lab
7
EQC16 Algorithm
National Cheng Kung University CSIE Computer & Internet Architecture Lab
8
EQC16 Algorithm
With this scheme, we allocate only 2432 bytes compared to13K bytes required with min-max calculation
EQC16 Algorithm
Preprocessing phase• In preprocessing phase, rule-set file is read and search database is
generated.• We use one temporary table BT_TABLE with 1 column and
65536 rows and generate EQC classes chunk by chunk.• After preprocessing phase, we can free this BT_TABLE memory
as we have search database in EQC table and Rule index table.• Entry at EQ ID 0 is called NULL rule entry. All bits in BV and
ABV for that EQC entry are zero. All other field values are 0.
National Cheng Kung University CSIE Computer & Internet Architecture Lab
9
EQC16 Algorithm
National Cheng Kung University CSIE Computer & Internet Architecture Lab
10
EQC16 Algorithm
Classification phase• EQC16 uses Rule Index table to find all unique EQC entries
referred by search key chunks. • Once these unique EQC entries are found, min-max rule value is
used and both ABV and BV vector intersection is done to get the matching rule(s).
• From all matching rule, highest priority rule is chosen as final matching rule.
National Cheng Kung University CSIE Computer & Internet Architecture Lab
11
National Cheng Kung University CSIE Computer & Internet Architecture Lab
12
National Cheng Kung University CSIE Computer & Internet Architecture Lab
13
Optimization
Combining 8 bit fields into single 16 bit chunk• EQC16 algorithm takes advantage of 16 bit lookup by combining
two 8 bit fields into one single chunk. No rule match optimization
If any chunk value gives EQ ID with num_rules field as 0, we immediately confirm that there is no rule match and stop the search.
Ignoring duplicate EQ IDs• If multiple key chunks find same EQ ID, we ignore the duplicate
EQ IDs and process only unique ID.• Also, if an EQC entry has all rule bit set, it is ALL rule EQC
entry. We do not need to intersect this EQC entry and thus ignore this EQC index.
National Cheng Kung University CSIE Computer & Internet Architecture Lab
14
Optimization
Min-Max rule checking• Min rule and max rule of all unique EQC entries are used to
check no match scenario and reduce the scope of further memory inspection.
National Cheng Kung University CSIE Computer & Internet Architecture Lab
15
Test Setup and Results
We coded EQC16, BV, ABV and RFC algorithm as C programs.
Conducted our tests on Intel(R) Xeon(R) CPU E5-2667 v2 @ 3.30GHz with 3 GB memory.
Two types of rule-sets: Standard rule-sets ACL, FW, IPC with around 16K rules, 13 bytes and 7 chunks and synthetic rule-sets with 128K rules, 21 bytes and 12 chunks.
National Cheng Kung University CSIE Computer & Internet Architecture Lab
16
Test Setup and Results
National Cheng Kung University CSIE Computer & Internet Architecture Lab
17
Test Setup and Results
National Cheng Kung University CSIE Computer & Internet Architecture Lab
18
Test Setup and Results
National Cheng Kung University CSIE Computer & Internet Architecture Lab
19
Test Setup and Results
National Cheng Kung University CSIE Computer & Internet Architecture Lab
20
Test Setup and Results
National Cheng Kung University CSIE Computer & Internet Architecture Lab
21
Test Setup and Results
National Cheng Kung University CSIE Computer & Internet Architecture Lab
22
