A New TCAM Architecture for Managing ACL in Routers

Haesung HWANG
Shingo ATA
Kazunari INOUE
Masayuki MURATA

IEICE TRANSACTIONS on Communications   Vol.E93-B    No.11    pp.3004-3012
Publication Date: 2010/11/01
Online ISSN: 1745-1345
DOI: 10.1587/transcom.E93.B.3004
Print ISSN: 0916-8516
Type of Manuscript: PAPER
Category: Network
Access Control List (ACL),  hardware cost,  IP router,  prefix expansion,  Ternary Content Addressable Memory (TCAM),  

Full Text: PDF(1.6MB)>>
Buy this Article

Ternary Content Addressable Memory (TCAM) is a special type of memory used in routers to achieve high-speed packet forwarding and classification. Packet forwarding is done by referring to the rules written in the routing table, whereas packet classification is performed by referring to the rules in the Access Control List (ACL). TCAM uses more transistors than Random Access Memory (RAM), resulting in high power consumption and high production cost. Therefore, it is necessary to reduce the entries written in the TCAM to reduce the transistor count. In this paper, we propose a new TCAM architecture by using Range Matching Devices (RMD) integrated within the TCAM's control logic with an optimized prefix expansion algorithm. The proposed method reduces the number of entries required to express ACL rules, especially when specifying port ranges. With less than 10 RMDs, the total number of lines required to write port ranges in the TCAM can be reduced to approximately 50%.