Wire-Speed TCAM-Based Architectures for Multimatch Packet Classification

Wire-Speed TCAM-Based Architectures for Multimatch Packet Classification

Most conventional packet classifiers find only the highest priority filter that matches the arriving packet. However, new networking applications such as network intrusion detection systems and load balancers require all (or the first few) matching packets during classification. In this paper, two T...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IEEE transactions on computers 2009-01, Vol.58 (1), p.5-17
Hauptverfasser: Faezipour, M., Nourani, M.
Format: Artikel
Sprache:eng
Schlagworte:
Balancing
Classification
Classifier design and evaluation
Classifiers
Clocks
Computer architecture
Design engineering
Hardware
integration and modeling
Intrusion
Matched filters
Microprocessors
Network monitoring
Network-level security and protection
Parallel architectures
Partitioning
Power consumption
Radiation detectors
System architectures
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Most conventional packet classifiers find only the highest priority filter that matches the arriving packet. However, new networking applications such as network intrusion detection systems and load balancers require all (or the first few) matching packets during classification. In this paper, two TCAM-based architectures for multi-match search are introduced. The first one is a renovated TCAM design that can find all or the first r matches in a packet filter set. The second architecture is a novel partitioning scheme based on filter intersection properties allowing us to use off-the-shelf TCAMs for multi-match packet classification. Our classifier engine finds all matches in exactly one conventional TCAM cycle while reducing the power consumption by at least two orders of magnitude, which is far better than the existing hardware based designs.
ISSN:0018-9340
1557-9956
DOI:10.1109/TC.2008.159