Forwarding and Routers : Computer Networking. Original IP Route Lookup. Outline

Similar documents
15-744: Computer Networking. Routers

CS 268: Computer Networking

Message Switch. Processor(s) 0* 1 100* 6 1* 2 Forwarding Table

ECE697AA Lecture 20. Forwarding Tables

Data Structures for Packet Classification

Routers & Routing : Computer Networking. Binary Search on Ranges. Speeding up Prefix Match - Alternatives

Growth of the Internet Network capacity: A scarce resource Good Service

Switch and Router Design. Packet Processing Examples. Packet Processing Examples. Packet Processing Rate 12/14/2011

CS 268: Route Lookup and Packet Classification

CS419: Computer Networks. Lecture 6: March 7, 2005 Fast Address Lookup:

Homework 1 Solutions:

ECE697AA Lecture 21. Packet Classification

Last Lecture: Network Layer

Bitmap Algorithms for Counting Active Flows on High Speed Links

Scalable Packet Classification for IPv6 by Using Limited TCAMs

Midterm Review. Congestion Mgt, CIDR addresses,tcp processing, TCP close. Routing. hierarchical networks. Routing with OSPF, IS-IS, BGP-4

LONGEST prefix matching (LPM) techniques have received

Problem Statement. Algorithm MinDPQ (contd.) Algorithm MinDPQ. Summary of Algorithm MinDPQ. Algorithm MinDPQ: Experimental Results.

Lecture 12: Addressing. CSE 123: Computer Networks Alex C. Snoeren

Introduction. Introduction. Router Architectures. Introduction. Recent advances in routing architecture including

Introduction. Router Architectures. Introduction. Introduction. Recent advances in routing architecture including

FPGA Implementation of Lookup Algorithms

Lecture 12: Aggregation. CSE 123: Computer Networks Alex C. Snoeren

Implementation of Boundary Cutting Algorithm Using Packet Classification

Frugal IP Lookup Based on a Parallel Search

Fast Packet Classification Algorithms

Master Course Computer Networks IN2097

Lecture 3: Packet Forwarding

Computer Networks CS 552

IP Forwarding. CSU CS557, Spring 2018 Instructor: Lorenzo De Carli

Parallel-Search Trie-based Scheme for Fast IP Lookup

1 Connectionless Routing

The Routing Table: A Closer Look

Scalable IP Routing Lookup in Next Generation Network

IEEE/ACM TRANSACTIONS ON NETWORKING, VOL. 14, NO. 5, OCTOBER

Master Course Computer Networks IN2097

Packet Classification Using Dynamically Generated Decision Trees

Routing Lookup Algorithm for IPv6 using Hash Tables

An Efficient Parallel IP Lookup Technique for IPv6 Routers Using Multiple Hashing with Ternary marker storage

Power Efficient IP Lookup with Supernode Caching

Lecture 10: Addressing

Binary Search Schemes for Fast IP Lookups

How to Choose the Best Router Switching Path for Your Network

Packet Classification. George Varghese

Efficient Construction Of Variable-Stride Multibit Tries For IP Lookup

How to Choose the Best Router Switching Path for

Efficient Packet Classification using Splay Tree Models

Friday Four Square! 4:15PM, Outside Gates

Multiway Range Trees: Scalable IP Lookup with Fast Updates

Fast and scalable conflict detection for packet classifiers

Chapter 3 Internetworking

Basic Idea. Routing. Example. Routing by the Network

Towards High-performance Flow-level level Packet Processing on Multi-core Network Processors

2/22/2008. Outline Computer Networking Lecture 9 IP Protocol. Hop-by-Hop Packet Forwarding in the Internet. Internetworking.

Fast IP Routing Lookup with Configurable Processor and Compressed Routing Table

Efficient Packet Classification for Network Intrusion Detection using FPGA

CIS 551 / TCOM 401 Computer and Network Security. Spring 2007 Lecture 12

Routing by the Network

Chapter 12 Digital Search Structures

CS118 Discussion, Week 6. Taqi

CS244a: An Introduction to Computer Networks

Design of a High Speed FPGA-Based Classifier for Efficient Packet Classification

The iflow Address Processor Forwarding Table Lookups using Fast, Wide Embedded DRAM

Tree-Based Minimization of TCAM Entries for Packet Classification

EECS 122: Introduction to Computer Networks Switch and Router Architectures. Today s Lecture

Overview. Implementing Gigabit Routers with NetFPGA. Basic Architectural Components of an IP Router. Per-packet processing in an IP Router

AN EFFICIENT HYBRID ALGORITHM FOR MULTIDIMENSIONAL PACKET CLASSIFICATION

* I D ~~~ ~ Figure 2: Longest matching prefix.

Scalable Lookup Algorithms for IPv6

ITTC High-Performance Networking The University of Kansas EECS 881 Packet Switch I/O Processing

Shape Shifting Tries for Faster IP Route Lookup

Generic Architecture. EECS 122: Introduction to Computer Networks Switch and Router Architectures. Shared Memory (1 st Generation) Today s Lecture

Lecture 2: Streaming Algorithms for Counting Distinct Elements

Static Routing and Serial interfaces. 1 st semester

Selective Boundary Cutting For Packet Classification SOUMYA. K 1, CHANDRA SEKHAR. M 2

VLSM and CIDR. Routing Protocols and Concepts Chapter 6. Version Cisco Systems, Inc. All rights reserved. Cisco Public 1

Binary Search Schemes for Fast IP Lookups

Network Layer: Control/data plane, addressing, routers

Shape Shifting Tries for Faster IP Route Lookup

Multi-gigabit Switching and Routing

Three Different Designs for Packet Classification

AN ASSOCIATIVE TERNARY CACHE FOR IP ROUTING. 1. Introduction. 2. Associative Cache Scheme

Recursive Flow Classification: An Algorithm for Packet Classification on Multiple Fields

Review on Tries for IPv6 Lookups

CS4450. Computer Networks: Architecture and Protocols. Lecture 13 THE Internet Protocol. Spring 2018 Rachit Agarwal

EVERY Internet router today can forward entering Internet

IP ROUTING LOOKUP: HARDWARE AND SOFTWARE APPROACH. A Thesis RAVIKUMAR V. CHAKARAVARTHY

EEC-484/584 Computer Networks

Router Architectures

ELEC / COMP 177 Fall Some slides from Kurose and Ross, Computer Networking, 5 th Edition

C14b: Classless Intradomain Routing

DESIGN AND IMPLEMENTATION OF OPTIMIZED PACKET CLASSIFIER

ADDRESS LOOKUP SOLUTIONS FOR GIGABIT SWITCH/ROUTER

Lecture 11: Packet forwarding

L3 Addressing and data plane. Benjamin Baron

Performance Improvement of Hardware-Based Packet Classification Algorithm

Scalable High Speed IP Routing Lookups

Packet classification using diagonal-based tuple space search q

CS118 Discussion 1A, Week 6. Zengwen Yuan Dodd Hall 78, Friday 10:00 10:50 a.m.

Multi-core Implementation of Decomposition-based Packet Classification Algorithms 1

Transcription:

Forwarding and Routers 15-744: Computer Networking L-9 Router Algorithms IP lookup Longest prefix matching Classification Flow monitoring Readings [EVF3] Bitmap Algorithms for Active Flows on High Speed Links [BV1] Scalable Packet Classification (4 pages) Optional [D+97] Small Forwarding Tables for Fast Routing Lookups [VVV1] EffiCuts: Optimizing Packet Classification 2 Outline IP router design Architectures Scheduling Limits Active networking IP route lookup Variable prefix match algorithms Packet classification Flow monitoring Original IP Route Lookup Address classes A: 7 bit network 24 bit host (16M each) B: 1 14 bit network 16 bit host (64K) C: 11 21 bit network 8 bit host (255) Address would specify prefix for forwarding table Simple lookup 3 4 1

Original IP Route Lookup Example www.cmu.edu address 128.2.11.43 Class B address class + network is 128.2 Lookup 128.2 in forwarding table Prefix part of address that really matters for routing Forwarding table contains List of class+network entries A few fixed prefix lengths (8/16/24) Large tables 2 Million class C networks 32 bits does not give enough space encode network location information inside address i.e., create a structured hierarchy CIDR Revisited Supernets Assign adjacent net addresses to same org Classless routing (CIDR) How does this help routing table? Combine routing table entries whenever all nodes with same prefix share same hop Routing protocols carry prefix with destination network address Longest prefix match for forwarding 5 6 CIDR Illustration Provider is given 21.1../21 CIDR Shortcomings Multi-homing Customer selecting a new provider Provider 21.1../21 21.1../22 21.1.4./24 21.1.5./24 21.1.6./23 Provider 1 Provider 2 21.1../22 21.1.4./24 21.1.5./24 21.1.6./23 or Provider 2 address 7 8 2

Outline Trie Using Sample Database IP route lookup Variable prefix match algorithms Packet classification Flow monitoring P5 P7 P8 Root 1 P6 P1 Trie P4 1 1 P3 1 P2 Sample Database P1 = 1* P2 = 111* P3 = 111* P4 = 1* P5 = * P6 = 1* P7 = 1* P8 = 1* 9 1 How To Do Variable Prefix Match Traditional method Patricia Tree Arrange route entries into a series of bit tests Worst case = 32 bit tests Problem: memory speed is a bottleneck May need to backtrack Optimal Expanded Tries Pick stride s for root and solve recursively default / Bit to test = left child,1 = right child 1 16 128.2/16 19 128.32/16 128.32.13/24 128.32.15/24 11 3

Speeding up Prefix Match (P+98) Prefix Tree Cut prefix tree at 16 bit depth 64K bit mask Bit = 1 if tree continues below cut (root head) Bit = 1 if leaf at depth 16 or less (genuine head) Bit = if part of range covered by leaf 1 1 1 1 1 1 1 1 1 1 2 3 4 5 6 7 8 9 1 11 12 13 14 15 Port 1 Port 5 Port 7 Port 3 Port 9 Port 5 13 14 Prefix Tree 1 1 1 1 1 1 1 1 1 1 2 3 4 5 6 7 8 9 1 11 12 13 14 15 Subtree 1 Subtree 2 Subtree 3 15 Leaf Pushing: entries that have pointers plus prefix have prefixes pushed down to leaves 4

Speeding up Prefix Match (P+98) Lulea Trick Speeds up Lookup Each 1 corresponds to either a route or a subtree Keep array of routes/pointers to subtree Need index into array how to count # of 1s Keep running count to 16bit word in base index + code word (6 bits) Need to count 1s in last 16bit word Clever tricks Subtrees are handled separately 17 Speeding up Prefix Match (P+98) Scaling issues How would it handle IPv6 Update issues Other possibilities Why were the cuts done at 16/24/32 bits? Improve data structure by shuffling bits Speeding up Prefix Match - Alternatives Route caches Temporal locality Many packets to same destination Other algorithms Waldvogel Sigcomm 97 Binary search on prefixes Works well for larger addresses Bremler-Barr Sigcomm 99 Clue = prefix length matched at previous hop Why is this useful? Lampson Infocom 98 Binary search on ranges 19 2 5

Speeding up Prefix Match - Alternatives Content addressable memory (CAM) Hardware based route lookup Input = tag, output = value associated with tag Requires exact match with tag Multiple cycles (1 per prefix searched) with single CAM Multiple CAMs (1 per prefix) searched in parallel Ternary CAM,1,don t care values in tag match Priority (I.e. longest prefix) by order of entries in CAM Outline IP route lookup Variable prefix match algorithms Packet classification See slides Zhuo Flow monitoring 21 22 Packet Classification Typical uses Identify flows for QoS Firewall filtering Requirements Match on multiple fields Strict priority among rules E.g 1. no traffic from 128.2.* 2. ok traffic on port 8 Complexity N rules and k header fields for k > 2 O(log N k-1 ) time and O(N) space O(log N) time and O(N k ) space Special cases for k = 2 source and destination O(log N) time and O(N) space solutions exist How many rules? Largest for firewalls & similar 17 Diffserv/QoS much larger 1k (?) 23 24 6

Bit Vectors Bit Vectors 1 Rule Field1 Field2 * * 1 Rule Field1 Field2 * * 1 * 1* 1 * 1* 1 2 1* 11* 1 1 2 1* 11* 11 1 1 3 11* 1* 1 1 1 1 3 11* 1* Field 1 Field 2 25 26 Aggregating Rules [BV1] Common case: very few 1 s in bit vector aggregate bits OR together A bits at a time N/A bit-long vector A typically chosen to match word-size Can be done hierarchically aggregate the aggregates AND of aggregate bits indicates which groups of A rules have a possible match Hopefully only a few 1 s in AND ed vector AND of aggregated bit vectors may have false positives Fetch and AND just bit vectors associated with positive entries Rearranging Rules [BV1] Problem: false positives may be common Solution: reorder rules to minimize false positives What about the priority order of rules? How to rearrange? Heuristic sort rules based on single field s values First sort by prefix length then by value Moves similar rules close together reduces false positives 27 28 7

Summary: Addressing/Classification Router architecture carefully optimized for IP forwarding Key challenges: Speed of forwarding lookup/classification Power consumption Some good examples of common case optimization Routing with a clue Classification with few matching rules Not checksumming packets Outline IP route lookup Variable prefix match algorithms Packet classification Flow monitoring Based on IMC 3 talk by Estan, Varghese, and Fisk 29 3 Why count flows? Existing flow counting solutions Detect port/ip scans Identify DoS attacks Estimate spreading rate of a worm Packet scheduling Dave Plonka s FlowScan Router Memory Network bandwidth NetFlow data Memory size & bandwidth Server Analysis Traffic reports Fast link Network Network Operations Center 8

Motivating question Can we count flows at line speeds at the router? Wrong solution counters Naïve solution use hash tables (like NetFlow) Our approach use bitmaps Bitmap counting algorithms A family of algorithms that can be used as building blocks in various systems Algorithms can be adapted to application Low memory and per packet processing Generalize flows to distinct header patterns Count flows or source addresses to detect attack Count destination address+port pairs to detect scan Outline Direct bitmap Virtual bitmaps Multi-resolution bitmaps Some results Bitmap counting direct bitmap Set bits in the bitmap using hash of the flow ID of incoming packets HASH(green)=111 9

Bitmap counting direct bitmap Bitmap counting direct bitmap Different flows have different hash values Packets from the same flow always hash to the same bit HASH(blue)=11 HASH(green)=111 Bitmap counting direct bitmap Bitmap counting direct bitmap Collisions OK, estimates compensate for them HASH(violet)=1111 HASH(orange)=111111 1

Bitmap counting direct bitmap Bitmap counting direct bitmap As the bitmap fills up, estimates get inaccurate HASH(pink)=111 HASH(yellow)=1111 Bitmap counting direct bitmap Bitmap counting direct bitmap HASH(green)=111 Solution: use more bits Solution: use more bits Problem: memory scales with the number of flows HASH(blue)=11 11

Bitmap counting virtual bitmap Bitmap counting virtual bitmap Solution: a) store only a portion of the bitmap b) multiply estimate by scaling factor HASH(pink)=111 Bitmap counting virtual bitmap Bitmap counting multiple bmps Problem: estimate inaccurate when few flows active HASH(yellow)=1111 Solution: use many bitmaps, each accurate for a different range 12

Bitmap counting multiple bmps Bitmap counting multiple bmps HASH(pink)=111 HASH(yellow)=1111 Bitmap counting multiple bmps Bitmap counting multiple bmps Use this bitmap to estimate number of flows Use this bitmap to estimate number of flows 13

Bitmap counting multires. bmp Bitmap counting multires. bmp OR OR Problem: must update up to three bitmaps per packet Solution: combine bitmaps into one HASH(pink)=111 Bitmap counting multires. bmp Error of virtual bitmap HASH(yellow)=1111 Average (relative) error Flow density (flows/bit) 14

1 million flows, error 1% Hash table* Direct bitmap Virtual bitmap* Multiresolution bitmap 1.21 Gbytes 1.29 Mbytes 1.88 Kbytes 1.33 Kbytes Adaptive bitmap Virtual bitmap measures accurately number of flows if range known in advance Often number of flows does not change rapidly Measurement repeated Can use previous measurement to tune virtual bitmap Use small multi-resolution bit map for tuning Combine into single bit map (single update) Triggered bitmap Scan detection memory usage Need multiple instances of counting algorithm (e.g. port scan detection) Many instances count few flows Triggered bitmap Allocate small direct bitmap to new sources If number of bits set exceeds trigger value, allocate large multiresolution bitmap Interval length Snort (naïve) Probabilistic counting Triggered bitmap 12 seconds 1.94 M 2.42 M.37 M 6 seconds 49.6 M 22,34 M 5.59 M 15

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback