Fast Packet Classification Using Multi-Dimensional Encoding

Chi Jia HUANG  Chien CHEN  

IEICE TRANSACTIONS on Communications   Vol.E92-B   No.6   pp.2044-2053
Publication Date: 2009/06/01
Online ISSN: 1745-1345
DOI: 10.1587/transcom.E92.B.2044
Print ISSN: 0916-8516
Type of Manuscript: PAPER
Category: Internet
router,  packet classification,  multi-dimensional encoding,  bitmap intersection,  network processor,  

Full Text: PDF(825.2KB)>>
Buy this Article

Internet routers need to classify incoming packets quickly into flows in order to support features such as Internet security, virtual private networks and Quality of Service (QoS). Packet classification uses information contained in the packet header, and a predefined rule table in the routers. Packet classification of multiple fields is generally a difficult problem. Hence, researchers have proposed various algorithms. This study proposes a multi-dimensional encoding method in which parameters such as the source IP address, destination IP address, source port, destination port and protocol type are placed in a multi-dimensional space. Similar to the previously best known algorithm, i.e., bitmap intersection, multi-dimensional encoding is based on the multi-dimensional range lookup approach, in which rules are divided into several multi-dimensional collision-free rule sets. These sets are then used to form the new coding vector to replace the bit vector of the bitmap intersection algorithm. The average memory storage of this encoding is θ (LNlog N) for each dimension, where L denotes the number of collision-free rule sets, and N represents the number of rules. The multi-dimensional encoding practically requires much less memory than bitmap intersection algorithm. Additionally, the computation needed for this encoding is as simple as bitmap intersection algorithm. The low memory requirement of the proposed scheme means that it not only decreases the cost of packet classification engine, but also increases the classification performance, since memory represents the performance bottleneck in the packet classification engine implementation using a network processor.