Packet Classification Omid Mashayekhi Vaibhav Chidrewar What is - PowerPoint PPT Presentation

Feb 27, 2024 •415 likes •574 views

Packet Classification Omid Mashayekhi Vaibhav Chidrewar What is Packet Classification? Definition: The function of identifying and categorizing packets of data moving across the network Rule Source IP Dest IP Action R1 152.163.190.69/

Packet Classification Omid Mashayekhi Vaibhav Chidrewar
What is Packet Classification? Definition: The function of identifying and categorizing packets of data moving across the network Rule Source IP Dest IP Action R1 152.163.190.69/ 152.163.80.11/ Deny 255.255.255.255 255.255.255.255 R2 152.168.3.0/ 152.163.200.157/ Permit 255.255.255.0 255.255.255.255
Applications of Packet Classification Switches , Routers, Firewalls, Intrusion Detection Systems (IDS) ● Packet Filtering ● Policy Routing ● Accounting and Billing ● Traffic Rate Limiting
Requirements ● Fast Search Speed ● Low Storage ● Scalability ● Faster updates ● Support any number of fields (?????)
Crowded Space
Linear Search Link list of rules stored in decreasing order of priority ● Pros ○ Simple ○ Memory efficient O(N) ○ Fast Update ● Cons ○ Prohibitively slow speed for large N - O(N) ■ Can use caching , parallel search with sublists
Grid of Tries
Grid of Tries ● Pros: ○ Fast Search O(W) ● Cons: ○ Does not scale with > 2 fields ○ Incremental updates are difficult ■ rebuilding in O(NW) is suggested ○ Storage Complexity - O(NW)
HiCuts
HiCuts
HiCuts ● Pros ○ fast ○ uses characteristics of real world classifiers ● Cons ○ precomputation required for building classifier ○ increment update can take time ○ Heuristics based
TCAM
TCAM
TCAM ● Pros ○ Very Fast ○ Supports wildcards ● Cons ○ High Cost ○ Extra circuitry required for handling wildcards ○ High power requirement
Why yet another packet classification method? ● Rules with wildcard need expansion ● Scalability with number of fields ● Incremental updates are complex ○ Precomputation required ○ Build the classifier from scrach

Download Presentation

Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Hashing Round-down Prefixes for Rapid Packet Classification Fong Pong and Nian-Feng Tzeng*

Hashing Round-down Prefixes for Rapid Packet Classification Fong Pong and Nian-Feng Tzeng* *Center for Advanced Computer Studies University of Louisiana, Lafayette, USA 1 Outline Packet Classification Review of Existing Decision Tree

803 views • 31 slides

Algorithms for Advanced Packet Classification with Ternary CAMs Karthik Lakshminarayanan UC

Algorithms for Advanced Packet Classification with Ternary CAMs Karthik Lakshminarayanan UC Berkeley Joint work with Anand Rangarajan and Srinivasan Venkatachary (Cypress Semiconductor) Packet Processing Environment Rule: acl-id src-addr

603 views • 36 slides

Multi-dimensional Packet Classification Yadi Ma, Suman Banerjee University of Wisconsin-Madison

A Smart Pre-Classifier to Reduce Power Consumption of TCAMs for Multi-dimensional Packet Classification Yadi Ma, Suman Banerjee University of Wisconsin-Madison Packet classification S1 L1 D S2 R Internet L2 Subnet A Subnet B

921 views • 65 slides

P leaving only 32 ns to classify a packet. This daunting task ACKET classification enables network

IEEE TRANSACTIONS ON COMPUTERS, VOL. 60, NO. 5, MAY 2011 723 Toward Advocacy-Free Evaluation of Packet Classification Algorithms Haoyu Song, Member , IEEE , and Jonathan S. Turner, Fellow , IEEE Abstract Understanding the real performance

318 views • 11 slides

Classification & Filtering Traffic Management October 2016 Chelsio T5/T6 Packet

Classification & Filtering Traffic Management October 2016 Chelsio T5/T6 Packet Classification and Filtering Features 1. Supported Match Fields with Optional Masks Up to 500K exact-match and 2K wildcard rules, 20M/sec lookup rate, 200K

92 views • 6 slides

via Improved Space zyxwvutsrqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA Packet Classification

via Improved Space zyxwvutsrqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA Packet Classification Email: zyxwvutsrqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA { zyxwvutsrqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA Decomposition Techniques Filippo Geraci,

480 views • 9 slides

SAX-PAC (Scalable And eXpressive PAcket Classification) Kirill Kogan Purdue University and

SAX-PAC (Scalable And eXpressive PAcket Classification) Kirill Kogan Purdue University and IMDEA Networks Sergey Nikolenko Steklov Institute of Mathematics at St. Petersburg and National Research University Higher School of Economics Ori

335 views • 16 slides

Exploiting Order Independence for Scalable and Expressive Packet Classification Author: Kirill

Exploiting Order Independence for Scalable and Expressive Packet Classification Author: Kirill Kogan, Sergey I. Nikolenko, Ori Rottenstreich, William Culhane, and Patrick Eugster Presenter: Qing Lyu 2017/04/12 IEEE/ACM TRANSACTIONS ON

787 views • 64 slides

Efficient Packet Classification for Intrusion Detection Using FPGA Haoyu Song, John W. Lockwood

Efficient Packet Classification for Intrusion Detection Using FPGA Haoyu Song, John W. Lockwood Applied Research Lab : Reconfigurable Network Group Department of Computer Science and Engineering

214 views • 9 slides

Introduction to Packet Tracer What is Packet Tracer? Packet Tracer is a protocol simulator

Introduction to Packet Tracer What is Packet Tracer? Packet Tracer is a protocol simulator developed by Dennis Frezzo and his team at Cisco Systems. Packet Tracer (PT) is a powerful and dynamic tool that displays the various protocols used in

419 views • 17 slides

Space and Speed Tradeoffs in TCAM Hierarchical Packet Classification Alex Kesselman , Kirill

Space and Speed Tradeoffs in TCAM Hierarchical Packet Classification Alex Kesselman , Kirill Kogan , Sergey Nemzer and Michael Segal Google, Inc. Email: alx@google.com Cisco Systems, Netanya, Israel and Communication

70 views • 6 slides

A Ternary Unification Framework for Optimizing TCAM-Based Packet Classification Systems Author:

A Ternary Unification Framework for Optimizing TCAM-Based Packet Classification Systems Author: Eric Norige, Alex X. Liu, and Eric Torng Publisher: ANCS 2013 Presenter: Chang Chen

227 views • 22 slides

OC-3072 Packet Classification Using BDDs and Pipelined SRAMs Amit Prakash Adnan Aziz Department

OC-3072 Packet Classification Using BDDs and Pipelined SRAMs Amit Prakash Adnan Aziz Department of Electrical and Computer Engineering The University of Texas at Austin adnan@ece.utexas.edu prakash Abstract We focus on one of the

80 views • 6 slides

Packet Classification Peng He (Institute of Computing Technology, China) Gaogang Xie(Institute of

Meta-algorithms for Software based Packet Classification Peng He (Institute of Computing Technology, China) Gaogang Xie(Institute of Computing Technology, China) Kav Salamatian (University of Savoie, France) Laurent Mathy (University of

443 views • 31 slides

Range Tree-Linked List Hierarchical Search Structure for Packet Classification on FPGAs O

Range Tree-Linked List Hierarchical Search Structure for Packet Classification on FPGAs O guzhan Erdem Aydin Carus Electrical and Electronics Engineering Computer Engineering Trakya University Trakya University Edirne, TURKEY 22030

375 views • 6 slides

Packet Radio Lee Maddox, N4HOK What is Packet Radio? Packet radio is the connection of a computer

03/11/2017 Packet Radio Lee Maddox, N4HOK What is Packet Radio? Packet radio is the connection of a computer to a radio for the transmission of digital data via amateur radio. It is another mode of operation that has a multitude of uses, such as

571 views • 17 slides

Configuring and Troubleshooting MPLS VPN Vinit Jain, CCIE Security, Data Center, SP, and R&S

Cisco Support Community Expert Series Webcast Configuring and Troubleshooting MPLS VPN Vinit Jain, CCIE Security, Data Center, SP, and R&S September 15, 2015 Ask the Expert Events Now through September 18 Implementing and Troubleshooting

1.13k views • 56 slides

Power Production Quarterly Commission Update 4/9/19 Powering our way of life. Department Purpose

Power Production Quarterly Commission Update 4/9/19 Powering our way of life. Department Purpose and Goal Purpose: Provide safe, secure, economical, reliable and compliant power generation under the Priest Rapid Project Federal Energy

990 views • 82 slides

Project: IEEE P802.15 Working Group for Wireless Personal Area Networks ( etworks (WPANs WPANs)

May 4, 2009 doc.: IEEE 802.15-09-0341-01-0006 Project: IEEE P802.15 Working Group for Wireless Personal Area Networks ( etworks (WPANs WPANs) ) Project: IEEE P802.15 Working Group for Wireless Personal Area N Submission Title: [IMEC Narrowband

983 views • 79 slides

USING OPENSTACK FOR RADIO ACCESS NETWORK VIRTUALIZATION MOTIVATION Expected diversity of

USING OPENSTACK FOR RADIO ACCESS NETWORK VIRTUALIZATION MOTIVATION Expected diversity of services, use cases and applications in 5G requires a flexible, adaptable and programmable architecture Many participants, Deutsche Telekom, Nokia,

116 views • 9 slides

Probably the worlds best stateless traffic generation and analysis platform 2 1 2 4 5 6

1 Probably the worlds best stateless traffic generation and analysis platform 2 1 2 4 5 6 3 OVERVIEW TYPES OF TESTS HARDWARE SOFTWARE AUTOMATION KEY FEATURES LEARN MORE 3 OVERVIEW Valkyrie is a full-featured stateless traffic

720 views • 43 slides

PacketExpert PacketBroker (Wire-speed Ethernet Tap) 818 West Diamond Avenue - Third Floor,

PacketExpert PacketBroker (Wire-speed Ethernet Tap) 818 West Diamond Avenue - Third Floor, Gaithersburg, MD 20878 Phone: (301) 670-4784 Fax: (301) 670-9187 Email: info@gl.com 1 1 Website: http://www.gl.com Ethernet Technology 2

650 views • 46 slides

Exploiting Sequence of Events for Potential Attack Detection in Network Security using Machine

Exploiting Sequence of Events for Potential Attack Detection in Network Security using Machine Learning Ashrith Barthur, PhD Security Research @cyberbaggage H 2 O .ai Machine Intelligence Sequence of Events (SoE) What is a Sequence of

636 views • 35 slides

6QM Solution for IPv6 QoS Measurements Nov. 2004 Moscow Jordi Palet (Consulintel), Csar

6QM Solution for IPv6 QoS Measurements Nov. 2004 Moscow Jordi Palet (Consulintel), Csar Olvera (Consulintel), Miguel A. Daz (Consulintel) {jordi.palet, cesar.olvera, miguelangel.diaz}@consulintel.es Introduction The QoS measurement

343 views • 19 slides