ITTC High-Performance Networking The University of Kansas EECS 881 Packet Switch I/O Processing

Similar documents
ITTC Science of Communication Networks The University of Kansas EECS 784 Identifiers, Names, and Addressing

Problem Statement. Algorithm MinDPQ (contd.) Algorithm MinDPQ. Summary of Algorithm MinDPQ. Algorithm MinDPQ: Experimental Results.

Network Layer: Control/data plane, addressing, routers

Switch and Router Design. Packet Processing Examples. Packet Processing Examples. Packet Processing Rate 12/14/2011

Data Structures for Packet Classification

Survey and Taxonomy of Packet Classification Techniques

CS 268: Route Lookup and Packet Classification

Fast Packet Classification Algorithms

IP Forwarding. CSU CS557, Spring 2018 Instructor: Lorenzo De Carli

Growth of the Internet Network capacity: A scarce resource Good Service

Network layer: Overview. Network layer functions IP Routing and forwarding NAT ARP IPv6 Routing

Network layer: Overview. Network Layer Functions

ECE697AA Lecture 21. Packet Classification

Introduction to Internetworking

Lecture 8. Network Layer (cont d) Network Layer 1-1

Network Layer PREPARED BY AHMED ABDEL-RAOUF

Computer Network Fundamentals Spring Week 4 Network Layer Andreas Terzis

IPv4. Christian Grothoff.

CPSC 826 Internetworking. The Network Layer: Routing & Addressing Outline. The Network Layer

COMP211 Chapter 4 Network Layer: The Data Plane

Last Lecture: Network Layer

ECE 158A: Lecture 7. Fall 2015

2/22/2008. Outline Computer Networking Lecture 9 IP Protocol. Hop-by-Hop Packet Forwarding in the Internet. Internetworking.

EECS 122: Introduction to Computer Networks Switch and Router Architectures. Today s Lecture

ELEC / COMP 177 Fall Some slides from Kurose and Ross, Computer Networking, 5 th Edition

Topics for Today. Network Layer. Readings. Introduction Addressing Address Resolution. Sections 5.1,

Scalable Packet Classification for IPv6 by Using Limited TCAMs

CS244a: An Introduction to Computer Networks

Recursive Flow Classification: An Algorithm for Packet Classification on Multiple Fields

internet technologies and standards

15-744: Computer Networking. Routers

CMPE 150/L : Introduction to Computer Networks. Chen Qian Computer Engineering UCSC Baskin Engineering Lecture 12

CSC 4900 Computer Networks: Network Layer

Forwarding and Routers : Computer Networking. Original IP Route Lookup. Outline

Tree-Based Minimization of TCAM Entries for Packet Classification

Generic Architecture. EECS 122: Introduction to Computer Networks Switch and Router Architectures. Shared Memory (1 st Generation) Today s Lecture

RMIT University. Data Communication and Net-Centric Computing COSC 1111/2061. Lecture 2. Internetworking IPv4, IPv6

COMP/ELEC 429/556 Introduction to Computer Networks

CSC 401 Data and Computer Communications Networks

Lecture 12: Aggregation. CSE 123: Computer Networks Alex C. Snoeren

Lecture 3. The Network Layer (cont d) Network Layer 1-1

Network Processors. Nevin Heintze Agere Systems

CSCI Computer Networks Fall 2016

Hierarchical Routing. Our routing study thus far - idealization all routers identical network flat no true in practice. administrative autonomy

Packet Classification Using Dynamically Generated Decision Trees

Vorlesung Kommunikationsnetze

Towards Effective Packet Classification. J. Li, Y. Qi, and B. Xu Network Security Lab RIIT, Tsinghua University Dec, 2005

1-1. Switching Networks (Fall 2010) EE 586 Communication and. October 25, Lecture 24

The Internet Protocol. IP Addresses Address Resolution Protocol: IP datagram format and forwarding: IP fragmentation and reassembly

PACKET classification is an enabling function for a variety

EC441 Fall 2018 Introduction to Computer Networking Chapter4: Network Layer Data Plane

Three Different Designs for Packet Classification

Where we are in the Course

Chapter 4 Network Layer: The Data Plane

Master Course Computer Networks IN2097

ECE697AA Lecture 20. Forwarding Tables

ITTC High-Performance Networking The University of Kansas EECS 881 Architecture and Topology

IPv4 addressing, NAT. Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley.

Communications Software. CSE 123b. CSE 123b. Spring Lecture 2: Internet architecture and. Internetworking. Stefan Savage

Lecture 3: Packet Forwarding

DESIGN AND IMPLEMENTATION OF OPTIMIZED PACKET CLASSIFIER

Lecture 12: Addressing. CSE 123: Computer Networks Alex C. Snoeren

Scalable Packet Classification using Distributed Crossproducting of Field Labels

Decision Forest: A Scalable Architecture for Flexible Flow Matching on FPGA

Homework 1 Solutions:

Quiz. Segment structure and fields Flow control (rwnd) Timeout interval. Phases transition ssthresh setting Cwnd setting

A Scalable Approach for Packet Classification Using Rule-Base Partition

Communication Networks ( ) / Fall 2013 The Blavatnik School of Computer Science, Tel-Aviv University. Allon Wagner

Department of Computer and IT Engineering University of Kurdistan. Network Layer. By: Dr. Alireza Abdollahpouri

Last time. Network layer. Introduction. Virtual circuit vs. datagram details. IP: the Internet Protocol. forwarding vs. routing

Master Course Computer Networks IN2097

Lecture 10: Addressing

E : Internet Routing

Chapter 4: network layer

Scalable Packet Classification using Distributed Crossproducting of Field Labels

CSCE 463/612 Networks and Distributed Processing Spring 2018

internet technologies and standards

Lecture 4 - Network Layer. Transport Layer. Outline. Introduction. Notes. Notes. Notes. Notes. Networks and Security. Jacob Aae Mikkelsen

Network Layer. IP Protocol Stack: Key AbstracHons. Best- Effort Global Packet Delivery. Circuit Switching (e.g., Phone Network)

CSC 401 Data and Computer Communications Networks

Tutorial 9. SOLUTION Since the number of supported interfaces is different for each subnet, this is a Variable- Length Subnet Masking (VLSM) problem.

Chapter 4: network layer. Network service model. Two key network-layer functions. Network layer. Input port functions. Router architecture overview

Performance Evaluation and Improvement of Algorithmic Approaches for Packet Classification

Master Course Computer Networks IN2097

A Hybrid Approach to CAM-Based Longest Prefix Matching for IP Route Lookup

On using content addressable memory for packet classification

Internetwork Protocols

Chapter 4 Network Layer: The Data Plane

Towards High-performance Flow-level level Packet Processing on Multi-core Network Processors

CS 43: Computer Networks. 21: The Network Layer & IP November 7, 2018

Router Architecture Overview

OSI Network Layer. Network Fundamentals Chapter 5. Version Cisco Systems, Inc. All rights reserved. Cisco Public 1

Information Network Systems The network layer. Stephan Sigg

Chapter 4: Network Layer

Routers. Session 12 INST 346 Technologies, Infrastructure and Architecture

Router Design: Table Lookups and Packet Scheduling EECS 122: Lecture 13

NETWORK LAYER DATA PLANE

IP - The Internet Protocol

AN EFFICIENT HYBRID ALGORITHM FOR MULTIDIMENSIONAL PACKET CLASSIFICATION

CS4450. Computer Networks: Architecture and Protocols. Lecture 13 THE Internet Protocol. Spring 2018 Rachit Agarwal

Transcription:

High-Performance Networking The University of Kansas EECS 881 Packet Switch I/O Processing James P.G. Sterbenz Department of Electrical Engineering & Computer Science Information Technology & Telecommunications Research Center The University of Kansas jpgs@eecs.ku.edu http://www.ittc.ku.edu/~jpgs/courses/hsnets 04 November 2010 rev. 10.1 2004 2010 James P.G. Sterbenz

Packet Switch I/O Processing Outline IO.1 Overview IO.2 IP Lookup IO.3 Packet Classification IO.4 Output Scheduling 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-2

Packet Switch I/O Processing Outline application application session session transport transport network network network network link link link link end system node network node end system link node network IO.1. Overview IO.2. IP lookup IO.3. Packet classification IO.4. Packet scheduling 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-3

Ideal Network Network Node Principle CPU R = network CPU M app M app end system D = 0 end system Network Node Principle Network nodes must support high-bandwidth low-latency, endto-end flows, as well as their aggregation. High-speed network nodes should provide a scalable number or high-bandwidth, low delay interconnections. 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-4 S-II

Ideal Switch Architecture Bandwidth, Latency, Ports Infinite bandwidth Zero latency Unlimited number of ports n = R = D = 0 Store-and-Forward & Queueing Delay Minimisation S-II.3 Store-and-forward delays should be avoided, and per packet queueing should be minimised. In the ideal case, nodes should pipeline and cut through packet with zero per packet delays. 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-5

Switch Packet Processing Throughput Packet processing rate critical packet processing must sustain at least average rate critical path must sustain peak line rate for min size packets Packet Processing Rate S-II.4p The packet processing rate (packets per second) is a key throughput measure of a switch. Packet processing software and shared parallel hardware resources must be able to sustain the average packet processing rate. Functions in the serial critical path must be designed for the worst case packet processing rate of the path to avoid queueing and blocking of subsequent packets. 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-6

Packet Switch I/O Processing IP Lookup IO.1 Overview IO.2 IP Lookup IO.3 Packet Classification IO.4 Packet Scheduling 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-7

Fast Datagram Switches Overview Fast datagram switch IP router fast packet switch core typical of modern high-performance routers 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-8

Fast Datagram Switches Architecture Fast packet switch core Input processing IP lookup packet classification Output processing packet scheduling fair queueing prefixes link prefixes link input processing header update input processor input processor classify management routing and signalling switch fabric control switch fabric output processing output scheduling output scheduling link link 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-9

Fast Datagram Switches Architecture: Shared Forwarding Fast packet switch core Input processing packet classification must be performed at input Shared forwarding engines flexible allocation, but uses switch fabric ports and bandwidth Output processing packet scheduling fair queueing link link input processing forwarding engines input processor headers input processor headers prefixes routing and signalling header processing switch fabric control switch fabric prefixes header processing output processing output scheduling output scheduling link link 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-10

Fast Datagram Switches Example 5.6 IP Packets 04 hl TOS length 06 class flow label identification flags TTL protocol header checksum source address destination address options [variable length] frag offset 20B payload length next header hop lim source address destination address data [variable length] 40B extension header(s) [variable length] data [variable length] 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-11

Fast Datagram Switches IPv4 Address Assignment IP addresses not randomly assigned to hosts why? 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-12

Fast Datagram Switches IPv4 Address Assignment IP addresses not randomly assigned to hosts every table would have to contain every Internet host billions of entries and would require exact match lookup 200.23.16.4 128.10.26.45 199.31.0.4 ISP A 38.66.126.2 X 128.10.26.45 1 199.31.0.4 2 200.23.16.4 0 ISP B 38.66.126.2 1 128.10.26.45 X 199.31.0.4 X 200.23.16.4 X Tier1 X 38.66.126.2 B 128.10.26.45 A 199.31.0.4 A 200.23.16.4 A 38.66.126.2 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-13

Fast Datagram Switches IPv4 Address Hierarchy IP addresses assigned hierarchically address aggregation dramatically improves scalability forwarding table only needs to contain network address routing advertisements only contain network address prefix 200.23.16.4 200.23.16.45 ISP A 199.31.0 X 200.23.16.4 0 200.23.16.12 2 200.23.16.45 1 Tier1 X 200.23.16 A 199.31.0 B 200.23.16.12 ISP B 38.66.126.2 1 200.23.16 X 199.31.0.4 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-14

Fast Datagram Switches IPv4 Class-Based Addressing Hierarchy 128 networks 16M hosts A 0 net host 16K networks 64K hosts B 10 net host 2M networks 256 hosts C 110 net host D 1110 multicast address E 1111 reserved Divide IP address into 3 level hierarchy class, network address, host address byte aligned simple IP address lookup (3 major cases) class D for multicast addresses Lecture NR 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-15

Fast Datagram Switches IPv4 Subnets 16K networks 64 subnets 1024 hosts B 10 net subnet host Subnets [RFC 0950 / STD 0005] originally way to divide address class within organisation example: 6b subnet to class B subnet mask Hosts in subnet share upper IP address bits natural to cluster similar IP addresses efficient IP routing to subnet switched layer 2 LAN with no layer 3 routing Lecture LL 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-16

Fast Datagram Switches IPv4 Class-Based Addressing Problems Principle behind division A: very large network providers B: large organisations C: LANs Reality: rigid structure doesn t match all organisations perfectly doesn t match many organisations well especially class B: three bears problem Inefficient partitioning of address space large fraction of unusable addresses imminent exhaustion of IP address space led to 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-17

Fast Datagram Switches IPv4 Classless Addressing (CIDR) CIDR: classless interdomain routing [RFC 1519] eliminate assignment of IP address blocks by class b 7 b 6. b 5 b 4. b 3 b 2. b 1 b 0 /x x-bit prefix = arbitrary number of network bits example: 11001000 00010111 00010000 00000000 200. 23. 16. 0/23 Service providers get variable IP block based on need from RIR (or NIR) Significant improvement in IP address use at the cost of significant increase in complexity of IP lookup how? 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-18

Fast Datagram Switches IPv4 Classless Addressing (CIDR) CIDR: classless interdomain routing [RFC 1519] eliminate assignment of IP address blocks by class b 7 b 6. b 5 b 4. b 3 b 2. b 1 b 0 /x x-bit prefix = arbitrary number of network bits example: 11001000 00010111 00010000 00000000 200. 23. 16. 0/23 Service providers get variable IP block based on need from RIR (or NIR) Significant improvement in IP address use at the cost of significant increase in complexity of IP lookup IP lookup is longest prefix match 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-19

IP Address Lookup Longest Prefix Match prefix p out f state * 00* 001* 0001* 0101* 101* 10100* 11* 111* Longest prefix match most specific subnet Critical parameters worst case lookup time how long as a function of n entries? hop count checksum fix 101 011 01 payload p out 101 011 01 payload 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-20

101 011 01 payload IP Address Lookup Longest Prefix Match prefix p out f state * 00* 001* 0001* 0101* 101* 10100* 11* 111* hop count checksum fix p out 101 011 01 Longest prefix match most specific subnet Critical parameters worst case lookup time brute force: O (log 2 n ) n hundred thousands to millions memory required forwarding table update time insert and sort payload 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-21

Packet Switch I/O Processing Packet Processing Challenges Target performance is very challenging Large number of flows: O (1M) determines amount of hardware needed memory for per flow state processing for flow-parallelism High data rate: 40Gb/s (OC-768) determines packet interarrival time minimum TCP/IP packet size = 40B 40B @ 40Gb/s 8ns processing budget for lookup determines required packet processing rate 8ns interarrival 125Mpkt/s [pps] 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-22

Packet Switch I/O Processing Lookup and Classification Strategies Lookup strategies? 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-23

Packet Switch I/O Processing Lookup and Classification Strategies Two (related) dimensions: Implementation technology software hardware assisted software hardware Algorithmic technique exhaustive search decision tree decomposition tuple space 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-24

Software Packet Switch I/O Processing Implementation Technology algorithms that minimise instruction count data structures that minimise memory accesses increasingly implemented in NPU: network processor 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-25

Software Packet Switch I/O Processing Implementation Technology algorithms that minimise instruction count data structures that minimise memory accesses increasingly implemented in NPU: network processor Hardware assisted software circuitry that assists software implementation specialised instructions in NPU (e.g. trie traversal) 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-26

Software Packet Switch I/O Processing Implementation Technology algorithms that minimise instruction count data structures that minimise memory accesses increasingly implemented in NPU: network processor Hardware assisted software circuitry that assists software implementation specialised instructions in NPU (e.g. trie traversal) Custom hardware functional blocks that store and manipulate IP prefixes memories that minimise access time 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-27

Lookup and Classification Algorithmic Techniques: Exhaustive Search Exhaustive search brute force search through all filters advantages and disadvantages? 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-28

Lookup and Classification Algorithmic Techniques: Exhaustive Search Exhaustive search brute force search through all filters + simple search algorithm although insertion/deletion may be complicated if filters sorted + potentially simple data structures + O(N) memory requirements for N filters but no sharing across filters; possible to do better 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-29

Lookup and Classification Algorithmic Techniques: Exhaustive Search Exhaustive search brute force search through all filters + simple search algorithm although insertion/deletion may be complicated if filters sorted + potentially simple data structures + O (N ) memory requirements for N filters but no sharing across filters; possible to do better poor performance for linear search O (N ) memory accesses if unsorted O (log N ) but requires sorting 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-30

Lookup and Classification Algorithmic Techniques: Exhaustive Search Exhaustive search brute force search through all filters + simple search algorithm although insertion/deletion may be complicated if filters sorted + potentially simple data structures + O (N ) memory requirements for N filters but no sharing across filters; possible to do better poor performance for linear search O (N ) memory accesses if unsorted O (log N ) but requires sorting better performance costs hardware, memory, processing e.g. massive parallelism: generally not practical e.g. special purpose hardware 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-31

Lookup and Classification Hardware Exhaustive Search Conventional memory: read, write comparison done in software by processor unacceptably slow for exhaustive search over large N SRAM: faster and less dense (6 CMOS transistors/bit) DRAM: slower and more dense (1 MOS transistor/bit) Alternative? 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-32

Lookup and Classification Hardware Exhaustive Search Conventional memory: read, write comparison done in software by processor unacceptably slow for exhaustive search over large N SRAM: faster and less dense (~6 CMOS transistors/bit) DRAM: slower and more dense (1 MOS transistor/bit) Alternative: build comparison circuits into memory search multiple locations in parallel based on content field content-addressable memory 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-33

Lookup and Classification Hardware Exhaustive Search: TCAMs TCAM: ternary content addressable memory three states/bit: 1, 0, X (don t care) don t care for low-order LPM bits in IP lookup don t care for irrelevant fields in classification filters read, write, match operations Advantages and disadvantages? 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-34

Lookup and Classification Hardware Exhaustive Search: TCAMs TCAM: ternary content addressable memory three states/bit: 1, 0, X (don t care) don t care for low-order LPM bits in IP lookup don t care for irrelevant fields in classification filters read, write, match operations Relatively complex typically 16 transistors; fewer possible implications? 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-35

Lookup and Classification Hardware Exhaustive Search: TCAMs TCAM: ternary content addressable memory three states/bit: 1, 0, X (don t care) don t care for low-order LPM bits in IP lookup don t care for irrelevant fields in classification filters read, write, match operations Relatively complex typically 16 transistors; fewer possible significantly less dense than SRAM significantly higher cost than SRAM 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-36

Lookup and Classification Hardware Exhaustive Search: TCAMs TCAM: ternary content addressable memory three states/bit: 1, 0, X (don t care) don t care for low-order LPM bits in IP lookup don t care for irrelevant fields in classification filters read, write, match operations Relatively complex typically 16 transistors; fewer possible significantly less dense than SRAM significantly higher cost than SRAM significantly higher cost than SRAM + Extreme performance: O (1) memory access 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-37

IP Address Lookup Hardware Exhaustive Search: TCAMs prefix p out f state * 00XXXX 001XXX 0001XX 0101XX 101XXX 10100X 11XXXX 111XXX priority mux LPM for IP lookup Simultaneous match lookup time constant O (1) Classification later hop count checksum fix 101 011 01 payload p out 101 011 01 payload 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-38

IP Address Lookup Hardware-Assisted Memory Lookup 101 011 01 payload short prefix table 0 i p out / index 0 long prefix table p out Multistage lookup [Gupta, Lin, McKeown 1998] conventional SRAM worst case lookup time O (s) number of stages 101 011 1 101 011 block 2 p -1 p out 101 011 01 payload 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-39

Decision tree IP Address Lookup Decision-Tree Search data structure in which leaves contain filters or their subsets 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-40

Decision tree IP Address Lookup Decision-Tree Search: Trie data structure in which leaves contain filters or their subsets Trie (from retrie val) or prefix tree tree data structure fanout is number of symbols in alphabet {0,1} for IP longest prefix matching and binary classifiers each level contains a successive symbol (bit) flag indicates terminal string represented by 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-41

Decision tree IP Address Lookup Decision-Tree Search: Trie data structure in which leaves contain filters or their subsets Trie (from retrie val) or prefix tree tree data structure Typically implemented in software or NPU data structure and instruction assist (IBM NP4GS3) advantages and disadvantages? 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-42

Decision tree IP Address Lookup Decision-Tree Search: Trie data structure in which leaves contain filters or their subsets Trie (from retrie val) or prefix tree tree data structure Typically implemented in software or NPU data structure and instruction assist IBM NP4GS3 data structure and lookup functional unit generally more space efficient than hardware serial algorithm: linear traversal from root to branch efficiency based on breadth of trie 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-43

Decision tree IP Address Lookup Decision-Tree Search: Trie data structure in which leaves contain filters or their subsets Trie (from retrie val) or prefix tree tree data structure fanout is number of symbols in alphabet {0,1} for IP longest prefix matching and binary classifiers each level contains a successive symbol (bit) flag indicates terminal string represented by * Typically implemented in software or NPU data structure and instruction assist (IBM NP4GS3) 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-44

IP Address Lookup Address Space Example Example IP address space [RBD2001] 5 bits of address shown organised as full trie a 0* b 01000* c 011* d 1* e 100* f 1100* g 1101* h 1110* i 1111* a 0 1 d 00 01 10 11 000 001 010 011 c e 100 101 110 111 01 01 01 01 01 01 01 01 01 f 01 g 01 h 01 i b 01 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-45

IP Address Lookup IP Lookup Example Example IP address space [RBD2001] 5 bits of address shown organised as full trie a 0* b 01000* c 011* d 1* e 100* f 1100* g 1101* h 1110* i 1111* a d c e f g h i b 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-46

IP Address Lookup IP Lookup Example Example IP address space [RBD2001] 5 bits of address shown organised as full trie a 0* b 01000* c 011* d 1* e 100* f 1100* g 1101* h 1110* i 1111* 0* a 0 1 d 1* c e f g h i b 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-47

IP Address Lookup IP Lookup Example Example IP address space [RBD2001] 5 bits of address shown organised as full trie a 0* b 01000* c 011* d 1* e 100* f 1100* g 1101* h 1110* i 1111* 0* a 0 1 d 1* 00 01 10 11 c e f g h i b 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-48

IP Address Lookup IP Lookup Example Example IP address space [RBD2001] 5 bits of address shown organised as full trie a 0* b 01000* c 011* d 1* e 100* f 1100* g 1101* h 1110* i 1111* a d 000 001 010 011 c e 100 101 110 111 b 011* 100* f g h i 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-49

IP Address Lookup IP Lookup Example Example IP address space [RBD2001] 5 bits of address shown organised as full trie a 0* b 01000* c 011* d 1* e 100* f 1100* g 1101* h 1110* i 1111* 0* a d c e 1110* 1100* 1101* 1111* 01 01 01 01 01 01 01 01 01 f 01 g 01 h 01 i b 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-50

IP Address Lookup IP Lookup Example Example IP address space [RBD2001] 5 bits of address shown organised as full trie Lookup time O (a ) worst case a = number of address bits a 0* b 01000* c 011* d 1* e 100* f 1100* g 1101* h 1110* i 1111* 0* a d c e 01 f g h i b 01000* 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-51

IP Address Lookup IP Lookup Example Example IP address space [RBD2001] 5 bits of address shown organised as full trie do we need to store the entire trie? a 0* b 01000* c 011* d 1* e 100* f 1100* g 1101* h 1110* i 1111* 0* a d c e 01 f g h i b 01000* 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-52

IP Address Lookup Trie Lookup Trie only containing nodes for prefixes node contains egress port (e.g. a, b, ) does not need to store prefix itself navigation algorithm keeps track of prefix depth in trie gives number of bits optimisation? a 0* b 01000* c 011* d 1* e 100* f 1100* g 1101* h 1110* i 1111* a 0 1 0* 01 10 1* 11 010 011 c e 100 110 111 0100 011* 100* 1100 f 1101 1110 g h 1111 i 01000 b 1100* 1101* 1110* 1111* 01000* 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-53 d

IP Address Lookup Trie Lookup Trie only containing nodes for prefixes node contains egress port (e.g. a, b, ) does not need to store prefix itself navigation algorithm keeps track of prefix depth in trie gives number of bits optimisation: remove unneeded nodes a 0* b 01000* c 011* d 1* e 100* f 1100* g 1101* h 1110* i 1111* a 0 1 0* 1* c 011* b 1100* 1101* 1110* 1111* 01000* 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-54 e 100* d f g h i

IP Address Lookup Path-Compressed Trie Lookup Path-compressed trie remove nodes at which no decision taken reduces number of lookup algorithm steps at the cost of storing prefixes in some nodes storing bit number to inspect at each level a 0* b 01000* c 011* d 1* e 100* f 1100* g 1101* h 1110* i 1111* b 01000* 3 a 0 1 d 2 0* c e 1* 011* 100* 4 3 4 f g h i 1100* 1101* 1110* 1111* 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-55

IP Address Lookup Path-Compressed Trie Lookup Path-compressed trie remove nodes at which no decision taken reduces number of lookup algorithm steps possible to further reduce the depth of trie? a 0* b 01000* c 011* d 1* e 100* f 1100* g 1101* h 1110* i 1111* b 01000* 3 a 0 1 d 2 0* c e 1* 011* 100* 4 3 4 f g h i 1100* 1101* 1110* 1111* 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-56

Multibi trie IP Address Lookup Multibit Trie Lookup increase breadth of trie: mutliple bits/level reduces number of lookup algorithm steps at the expense of more memory fixed or variable stride (# bits/level) a 0* b 01000* c 011* d 1* e 100* f 1100* g 1101* h 1110* i 1111* 00 01 10 11 a a d d 0* 0100 0101 0110 0111 100 101 1100 1101 1110 1111 c c e f g h i 0* 01000 01000 011* 011* 100* 1* 1100* 1101* 1110* 1111* 01000* b 0* 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-57

Packet Switch I/O Processing Hardware vs. Software Input and Output processing tradeoff custom hardware generally faster at potentially higher cost and lower density network processor software more flexible Hardware vs. Software Implementation of Input S-1Ch and Output Processing In determining the appropriate implementation of input and output processing, trade the cost and feasibility of hardware against the complexity and feasibility of network processor software. 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-58

Packet Switch I/O Processing IO.3 Packet Classification IO.1 Overview IO.2 IP Lookup IO.3 Packet Classification IO.4 Packet Scheduling 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-59

Packet Switch I/O Processing Packet Classification Packet classification determines how packet treated QoS or diffserv policy based routing security and DoS protection (e.g. firewalls) layer 4 and 7 switching active network processing 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-60

Packet Switch I/O Processing Classification Challenges Packet classification must be done before queueing to meet most stringent delay class Classification at line speed requires delay bound for minimum interarrival time (40 B) delay bound for worst case classification time e.g. deepest branch of decision tree Bound Packet Classification Time S-II.4c Packets that must be classified to potentially receive delay bounded service must be classified before any queueing at the input. The classification operation must have delay bounds that meet the most stringent service class. 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-61

Packet Classification Multidimensional Aspect TOS src adr payload source address R 0 R 1 Multidimensional classification policies may be hierarchal or overlap precedence rules needed More complex than longest prefix match Hardware and software implementation tradeoffs 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-62 T O S R 2 R 5 R 4 R 3

Packet Classification Filter Characteristics O (1000) O (10 000) filters / router and growing Typical filter parameters protocol: TCP, UDP, *, ICMP, IGMP, EIGRP, GRE, IPIP, ports corresponding to apps (e.g. 80 for HTTP): or ranges, e.g. high port numbers > 1024 difficult to convert to prefixes source and destination IP addresses specific addresses or prefixes higher layer protocol fields (HTTP, RTP, etc.) 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-63

Packet Classification Example Filter Set Example filter set [Taylor 2005] Filter source address [8 bit] destination address [8 bit] protocol <name> destination port [8 bit] Action flow ID [4 bit] priority tag [4 bit] 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-64

Packet Classification Example Filter Set Filter Action Src Addr Dest Addr Protocol Dest Port FlowID Priority 11010010 TCP [03:15] 00 03 10011100 [01:01] 01 05 101101 001110 [00:15] 02 08 10011100 01101010 UDP [05:05] 03 02 ICMP [00:15] 04 09 100111 011010 [03:15] 05 06 10010011 TCP [03:15] 06 03 UDP [03:15] 07 09 11101100 01111010 [00:15] 08 02 111010 01011000 UDP [06:06] 09 02 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-65

Software Packet Classification Classification Technology algorithms that minimise instruction count data structures that minimise memory accesses Custom hardware functional blocks that store and manipulate classifiers memories that minimise access time Tradeoffs similar to lookup 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-66

Exhaustive search Packet Classification Taxonomy of Algorithms complete search of all filters 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-67

Exhaustive search Packet Classification Taxonomy of Algorithms complete search of all filters Decomposition decompose into multiple field searches combine results 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-68

Exhaustive search Packet Classification Taxonomy of Algorithms complete search of all filters Decomposition decompose into multiple field searches combine results Decision tree construct decision tree from filter set search by traversing decision tree 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-69

Packet Classification Taxonomy of Algorithms Exhaustive search complete search of all filters Decomposition decompose into multiple field searches combine results Decision tree construct decision tree from filter set search by traversing decision tree Tuple space partition filter set by number of bits search for exact matches in partitions 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-70

Packet Classification Selected Techniques Exhaustive search (considered seminal in [Taylor 2005]) linear search (impractical) TCAM [Spitznagel 2003] Decomposition parallel bit vectors [Lakshman & Stiliadis 1998] crossproducting [Srinivasan 1998] recursive flow classification [Gupta & McKeown 1999] Decision tree grid-of-tries [Srinivasan 1998] hierarchical intelligent cuttings [Gupta & Mckeown 1999] Tuple space tuple space [Srinivasan 1999] 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-71

Packet Classification Exhaustive Search Exhaustive search linear search (impractical) TCAM Decomposition parallel bit vectors crossproducting recursive flow classification Decision tree grid-of-tries hierarchical intelligent cuttings Tuple space tuple space 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-72

Packet Classification Exhaustive Search: Linear Search Exhaustive search linear search (impractical) TCAM Decomposition parallel bit vectors crossproducting recursive flow classification Decision tree grid-of-tries hierarchical intelligent cuttings Tuple space tuple space 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-73

Linear search Packet Classification Exhaustive Search: Linear Search impractical for address lookup (1 dimension) even less practical for multidimensional classification 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-74

Packet Classification TCAM Exhaustive search linear search (impractical) TCAM Decomposition parallel bit vectors crossproducting recursive flow classification Decision tree grid-of-tries hierarchical intelligent cuttings Tuple space tuple space 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-75

Packet Classification TCAM TCAM: ternary content addressable memory advantage? 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-76

Packet Classification TCAM TCAM: ternary content addressable memory hardware based parallel match: O (1) time steps capable of matching prefixes (don t care in low order bits) problem for classification? 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-77

Packet Classification TCAM TCAM: ternary content addressable memory hardware based parallel match: O (1) time steps capable of matching prefixes (don t care in low order bits) but not arbitrary ranges (e.g. port field) Ranges must be converted to prefixes 2(w 1) prefixes required for w -bit fields with ranges expansion factor of 7 entries/filter needed [Taylor 2005] hardware implementation of ranges [Spitzangel 2003] Additional problem? 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-78

Packet Classification TCAM TCAM: ternary content addressable memory hardware based parallel match: O (1) time steps capable of matching prefixes (don t care in low order bits) but not arbitrary ranges (e.g. port field) Ranges must be converted to prefixes 2(w 1) prefixes required for w -bit fields with ranges expansion factor of 7 entries/filter needed [Taylor 2005] hardware implementation of ranges [Spitzangel 2003] Long search key for multidimensional classification requires O (d ) larger TCAM for d classification fields 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-79

Packet Classification Decomposition Exhaustive search linear search (impractical) TCAM Decomposition parallel bit vectors crossproducting recursive flow classification Decision tree grid-of-tries hierarchical intelligent cuttings Tuple space tuple space 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-80

Packet Classification Decomposition: Parallel BV Exhaustive search (considered seminal in [Taylor 2005]) linear search (impractical) TCAM Decomposition parallel bit vectors (parallel BV) crossproducting recursive flow classification Decision tree grid-of-tries hierarchical intelligent cuttings Tuple space tuple space 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-81

Packet Classification Parallel BV Overview Parallel bit vectors [Lakshman & Stiliadis 1998] d filter fields mapped into d -dimensional space each dimension divided into intervals max of 2N +1 < 2 b intervals for N filters with b -bit filter field sort filters by priority assign a N -bit vector to each interval for N filters bit vectors initialised to 0 bit set to 1 indicates match for a filter data structure to locate interval for given point for each dim. see [Taylor 2005 Tbl. IV and Fig. 16] 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-82

Filter Address Port a 1010 [02:02] b 1100 [05:05] c 0101 [08:08] d [06:06] e 111 [00:15] f 001 [09:15] g 00 [00:04] h 0 [00:03] i 0110 [00:15] j 1 [07:15] k 0 [11:11] Packet Classification Parallel BV Example [Taylor 2005] 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-83

Parallel BV search Packet Classification Parallel BV Search search d data structures independent and parallelisable bitwise AND of d bit vectors MSB (most significant bit) is filter match 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-84

Packet Classification Parallel BV Performance Parallel BV performance search time O (log N ) problem? 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-85

Packet Classification Parallel BV Performance Parallel BV performance search time O (log N ) memory requirement O (N 2 ) optimisations to improve possible [Lakshman & Stiliadis 1998] 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-86

Packet Classification Decomposition: Crossproducting Exhaustive search linear search (impractical) TCAM Decomposition parallel bit vectors crossproducting recursive flow classification Decision tree grid-of-tries hierarchical intelligent cuttings Tuple space tuple space 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-87

Observation: Packet Classification Crossproducting Overview number unique filter fields significantly less than number of filters Crossproduct precompute best match for all combinations of filter fields 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-88

Packet Classification Crossproducting Algorithm Crossproduct algorithm [Srinivasan 1989] separate and construct table for each of d fields 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-89

Packet Classification Crossproducting Filter Example Filter Address Port Protocol a 000 [00:01] TCP b 001 [00:01] TCP c 1101 [01:01] UDP d 10 [05:15] UDP e 001 [05:15] UDP f 111 [00:15] UDP g 000 [05:15] UDP h 10 [00:01] TCP i 001 [01:01] TCP j [00:15] UDP example from [Taylor 2005] k [00:15] 00 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-90

Packet Classification Crossproducting Field Set Example Filter Address Port Protocol a 000 [00:01] TCP b 001 [00:01] TCP c 1101 [01:01] UDP d 10 [05:15] UDP e 001 [05:15] UDP f 111 [00:15] UDP g 000 [05:15] UDP h 10 [00:01] TCP i 001 [01:01] TCP j [00:15] UDP k [00:15] Address 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-91 01

Packet Classification Crossproducting Field Set Example Filter Address Port Protocol a 000 [00:01] TCP b 001 [00:01] TCP c 1101 [01:01] UDP d 10 [05:15] UDP e 001 [05:15] UDP f 111 [00:15] UDP g 000 [05:15] UDP h 10 [00:01] TCP i 001 [01:01] TCP j [00:15] UDP k [00:15] Address 000 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-92 02

Packet Classification Crossproducting Field Set Example Filter Address Port Protocol a 000 [00:01] TCP b 001 [00:01] TCP c 1101 [01:01] UDP d 10 [05:15] UDP e 001 [05:15] UDP f 111 [00:15] UDP g 000 [05:15] UDP h 10 [00:01] TCP i 001 [01:01] TCP j [00:15] UDP k [00:15] Address 000 001 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-93 03

Packet Classification Crossproducting Field Set Example Filter Address Port Protocol a 000 [00:01] TCP b 001 [00:01] TCP c 1101 [01:01] UDP d 10 [05:15] UDP e 001 [05:15] UDP f 111 [00:15] UDP g 000 [05:15] UDP h 10 [00:01] TCP i 001 [01:01] TCP j [00:15] UDP k [00:15] Address 000 001 1101 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-94 04

Packet Classification Crossproducting Field Set Example Filter Address Port Protocol a 000 [00:01] TCP b 001 [00:01] TCP c 1101 [01:01] UDP d 10 [05:15] UDP e 001 [05:15] UDP f 111 [00:15] UDP g 000 [05:15] UDP h 10 [00:01] TCP i 001 [01:01] TCP j [00:15] UDP k [00:15] Address 000 001 1101 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-95 10 05

Packet Classification Crossproducting Field Set Example Filter Address Port Protocol a 000 [00:01] TCP b 001 [00:01] TCP c 1101 [01:01] UDP d 10 [05:15] UDP e 001 [05:15] UDP f 111 [00:15] UDP g 000 [05:15] UDP h 10 [00:01] TCP i 001 [01:01] TCP j [00:15] UDP k [00:15] Address 000 001 1101 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-96 10 111 06

Packet Classification Crossproducting Field Set Example Filter Address Port Protocol a 000 [00:01] TCP b 001 [00:01] TCP c 1101 [01:01] UDP d 10 [05:15] UDP e 001 [05:15] UDP f 111 [00:15] UDP g 000 [05:15] UDP h 10 [00:01] TCP i 001 [01:01] TCP j [00:15] UDP k [00:15] Address 000 001 1101 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-97 10 111 07

Packet Classification Crossproducting Field Set Example Filter Address Port Protocol a 000 [00:01] TCP b 001 [00:01] TCP c 1101 [01:01] UDP d 10 [05:15] UDP e 001 [05:15] UDP f 111 [00:15] UDP g 000 [05:15] UDP h 10 [00:01] TCP i 001 [01:01] TCP j [00:15] UDP k [00:15] Address 000 001 1101 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-98 10 111 Port 08

Packet Classification Crossproducting Field Set Example Filter Address Port Protocol a 000 [00:01] TCP b 001 [00:01] TCP c 1101 [01:01] UDP d 10 [05:15] UDP e 001 [05:15] UDP f 111 [00:15] UDP g 000 [05:15] UDP h 10 [00:01] TCP i 001 [01:01] TCP j [00:15] UDP k [00:15] Address 000 001 1101 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-99 10 111 Port [00:01] 09

Packet Classification Crossproducting Field Set Example Filter Address Port Protocol a 000 [00:01] TCP b 001 [00:01] TCP c 1101 [01:01] UDP d 10 [05:15] UDP e 001 [05:15] UDP f 111 [00:15] UDP g 000 [05:15] UDP h 10 [00:01] TCP i 001 [01:01] TCP j [00:15] UDP k [00:15] Address 000 001 1101 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-100 10 111 Port [00:01] [01:01] 10

Packet Classification Crossproducting Field Set Example Filter Address Port Protocol a 000 [00:01] TCP b 001 [00:01] TCP c 1101 [01:01] UDP d 10 [05:15] UDP e 001 [05:15] UDP f 111 [00:15] UDP g 000 [05:15] UDP h 10 [00:01] TCP i 001 [01:01] TCP j [00:15] UDP k [00:15] Address 000 001 1101 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-101 10 111 Port [00:01] [01:01] [05:15] 11

Packet Classification Crossproducting Field Set Example Filter Address Port Protocol a 000 [00:01] TCP b 001 [00:01] TCP c 1101 [01:01] UDP d 10 [05:15] UDP e 001 [05:15] UDP f 111 [00:15] UDP g 000 [05:15] UDP h 10 [00:01] TCP i 001 [01:01] TCP j [00:15] UDP k [00:15] Address 000 001 1101 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-102 10 111 Port [00:01] [01:01] [05:15] [00:15] 12

Packet Classification Crossproducting Field Set Example Filter Address Port Protocol a 000 [00:01] TCP b 001 [00:01] TCP c 1101 [01:01] UDP d 10 [05:15] UDP e 001 [05:15] UDP f 111 [00:15] UDP g 000 [05:15] UDP h 10 [00:01] TCP i 001 [01:01] TCP j [00:15] UDP k [00:15] Address 000 001 1101 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-103 10 111 Port [00:01] [01:01] [05:15] [00:15] Protocol 13

Packet Classification Crossproducting Field Set Example Filter Address Port Protocol a 000 [00:01] TCP b 001 [00:01] TCP c 1101 [01:01] UDP d 10 [05:15] UDP e 001 [05:15] UDP f 111 [00:15] UDP g 000 [05:15] UDP h 10 [00:01] TCP i 001 [01:01] TCP j [00:15] UDP k [00:15] Address 000 001 1101 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-104 10 111 Port [00:01] [01:01] [05:15] [00:15] Protocol TCP 14

Packet Classification Crossproducting Field Set Example Filter Address Port Protocol a 000 [00:01] TCP b 001 [00:01] TCP c 1101 [01:01] UDP d 10 [05:15] UDP e 001 [05:15] UDP f 111 [00:15] UDP g 000 [05:15] UDP h 10 [00:01] TCP i 001 [01:01] TCP j [00:15] UDP k [00:15] Address 000 001 1101 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-105 10 111 Port [00:01] [01:01] [05:15] [00:15] Protocol TCP UDP 15

Packet Classification Crossproducting Field Set Example Filter Address Port Protocol a 000 [00:01] TCP b 001 [00:01] TCP c 1101 [01:01] UDP d 10 [05:15] UDP e 001 [05:15] UDP f 111 [00:15] UDP g 000 [05:15] UDP h 10 [00:01] TCP i 001 [01:01] TCP j [00:15] UDP k [00:15] Address 000 001 1101 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-106 10 111 Port [00:01] [01:01] [05:15] [00:15] Protocol TCP UDP 16

Packet Classification Crossproducting Field Set Example Filter Address Port Protocol a 000 [00:01] TCP b 001 [00:01] TCP c 1101 [01:01] UDP d 10 [05:15] UDP e 001 [05:15] UDP f 111 [00:15] UDP g 000 [05:15] UDP h 10 [00:01] TCP i 001 [01:01] TCP j [00:15] UDP k [00:15] Address 000 001 1101 10 111 Port [00:01] [01:01] [05:15] [00:15] Protocol TCP UDP 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-107 17

Packet Classification Crossproducting Algorithm Crossproduct algorithm separate and construct table for each of d fields precompute table with best match for all combinations 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-108

Packet Classification Crossproducting Field Set Example Address Port Protocol Address Port Protocol Match 000 [00:01] TCP 000 [00:01] TCP a 001 [01:01] UDP 000 [00:01] UDP j 1101 [05:15] 000 [00:01] k 10 111 [00:15] 000 [01:01] TCP a 000 [01:01] UDP j 000 [01:01] k 000 [05:15] TCP k............ 001 [00:01] TCP............ [00:15] k 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-109

Packet Classification Crossproducting Algorithm Crossproduct algorithm separate and construct table for each of d fields precompute table with best match for all combinations search d field tables (parallelisable) 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-110

Packet Classification Crossproducting Field Set Example Address Port Protocol Address Port Protocol Match 000 [00:01] TCP 000 [00:01] TCP a 001 [01:01] UDP 000 [00:01] UDP j 1101 [05:15] 000 [00:01] k 10 111 [00:15] 000 [01:01] TCP a 000 [01:01] UDP j 000 [01:01] k 000 [05:15] TCP k d............ 001 [00:01] TCP............ [00:15] k 17 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-111

Packet Classification Crossproducting Algorithm Crossproduct algorithm separate and construct table for each of d fields precompute table with best match for all combinations search d field tables (parallelisable) return partial hash and combine 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-112

Packet Classification Crossproducting Field Set Example Address Port Protocol Address Port Protocol Match 000 [00:01] TCP 000 [00:01] TCP a 001 [01:01] UDP 000 [00:01] UDP j 1101 [05:15] 000 [00:01] k 10 111 [00:15] 000 [01:01] TCP a 000 [01:01] UDP j 000 [01:01] k 000 [05:15] TCP k............ h ( ) 001 [00:01] TCP............ [00:15] k 17 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-113

Packet Classification Crossproducting Algorithm Crossproduct algorithm separate and construct table for each of d fields precompute table with best match for all combinations search d field tables (parallelisable) return partial hash and combine hash into crossproduct table to get match filter 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-114

Packet Classification Crossproducting Field Set Example Address Port Protocol Address Port Protocol Match 000 [00:01] TCP 000 [00:01] TCP a 001 [01:01] UDP 000 [00:01] UDP j 1101 [05:15] 000 [00:01] k 10 111 [00:15] 000 [01:01] TCP a 000 [01:01] UDP j 000 [01:01] k 000 [05:15] TCP k............ h ( ) 001 [00:01] TCP............ [00:15] k 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-115

Packet Classification Crossproducting Algorithm Crossproduct algorithm separate and construct table for each of d fields precompute table with best match for all combinations search d field tables (parallelisable) return partial hash and combine hash into crossproduct table to get match filter Advantages and disadvantages? 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-116

Packet Classification Crossproducting Performance Crossproduct algorithm separate and construct table for each of d fields precompute table with best match for all combinations search d field tables (parallelisable) return partial hash and combine hash into crossproduct table to get match filter Performance packet processing rate exponential memory requirements O (n d ) for n filters on-demand scheme creates partial crossproduct table as cache 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-117

Packet Classification Crossproducting Algorithm Crossproduct algorithm separate and construct table for each of d fields precompute table with best match for all combinations search d field tables (parallelisable) return partial hash and combine 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-118

Packet Classification Decomposition: RFC Exhaustive search linear search (impractical) TCAM Decomposition parallel bit vectors crossproducting recursive flow classification (RFC) Decision tree grid-of-tries hierarchical intelligent cuttings Tuple space tuple space 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-119

Packet Classification RFC Overview Recursive flow calculation [Gupta & McKeown 1999] k -bit string specifying set of matching filters memory requirements based on number of regions 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-120

Filter Address Port a 1010 [02:02] b 1100 [05:05] c 0101 [08:08] d [06:06] e 111 [00:15] f 001 [09:15] g 00 [00:04] h 0 [00:03] i 0110 [00:15] j 1 [07:15] k 0 [11:11] Packet Classification RFC Example [Taylor 2005] 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-121

Packet Classification Decision Tree Exhaustive search linear search (impractical) TCAM Decomposition parallel bit vectors crossproducting recursive flow classification (RFC) Decision tree grid-of-tries hierarchical intelligent cuttings Tuple space tuple space 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-122

Packet Classification Decision Tree: Grid-of-Tries Exhaustive search linear search (impractical) TCAM Decomposition parallel bit vectors crossproducting recursive flow classification (RFC) Decision tree grid-of-tries hierarchical intelligent cuttings Tuple space tuple space 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-123

Packet Classification Grid-of-Tries Overview Grid-of-tries [Srinivasan, Suri, Varghese, Waldvogel 1998] extension of trie search to multiple dimensions based on DAG technique [Decasper, Parulkar, Dittia, Plattner 1998] 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-124

Packet Classification Decision Tree: HiCuts Exhaustive search linear search (impractical) TCAM Decomposition parallel bit vectors crossproducting recursive flow classification (RFC) Decision tree grid-of-tries hierarchical intelligent cuttings (HiCuts) Tuple space tuple space 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-125

Packet Classification HiCuts Overview Hierarchical intelligent cuttings [Gupta & McKeown 1998] partition d -dimensional filter space hierarchically navigate tree to filter set 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-126

Filter Address Port a 1010 [02:02] b 1100 [05:05] c 0101 [08:08] d [06:06] e 111 [00:15] f 001 [09:15] g 00 [00:04] h 0 [00:03] i 0110 [00:15] j 1 [07:15] k 0 [11:11] Packet Classification HiCuts Example [Taylor 2005] 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-127

Packet Classification HiCuts Example [Taylor 2005] 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-128

Packet Classification Tuple Space Exhaustive search linear search (impractical) TCAM Decomposition parallel bit vectors crossproducting recursive flow classification (RFC) Decision tree grid-of-tries hierarchical intelligent cuttings Tuple space tuple space 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-129

Packet Classification Tuple Space Overview Tuple space [Srinivasan, Suri, Varghese 1999] partitions filter space into tuples number of relevant bits in each filter field ranges coverted using nesting level and range range ID number distinct tuples filters 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-130

Packet Classification Tuple Filter Example Filter SrcAdr DestAdr SrcPort DestPort Prot a 0 001 [02:02] [00:15] TCP b c d e f g h i j 01 0110 1100 1 10 1001 0011 0 10 0 0011 110 1 1100 110 0 [00:15] [00:04] [05:15] [02:02] [00:15] [00:04] [05:15] [02:02] [02:02] [00:04] [05:15] [02:02] [00:15] [00:04] [05:15] [02:02] [00:15] [02:02] UDP TCP UDP UDP TCP UDP TCP UDP TCP k 0110 1100 [00:15] [00:15] ICMP l 1110 [02:02] 0:15 Tuple example from [Taylor 2005] 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-131

Packet Classification Tuple Filter Example Filter SrcAdr DestAdr SrcPort DestPort Prot Tuple a 0 001 [02:02] [00:15] TCP [,,,, ] b 01 0 [00:15] [00:04] UDP c 0110 0011 [00:04] [05:15] TCP d 1100 [05:15] [02:02] UDP e 1 110 [02:02] [00:15] UDP f 10 1 [00:15] [00:04] TCP g 1001 1100 [00:04] [05:15] UDP h 0011 [05:15] [02:02] TCP i 0 110 [02:02] [00:15] UDP j 10 0 [02:02] [02:02] TCP k 0110 1100 [00:15] [00:15] ICMP l 1110 [02:02] 0:15 example from [Taylor 2005] 04 November 2010 KU EECS 881 High-Speed Networking Switch I/O HSN-IO-132

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback