Title :
Efficient multimatch packet classification and lookup with TCAM
Author :
Yu, Fang ; Katz, Randy H. ; Lakshman, T.V.
Author_Institution :
Dept. of Electr. Eng. & Comput. Sci., California Univ., Berkeley, CA, USA
Abstract :
Today´s packet classification systems are designed to provide the highest-priority matching result, such as the longest prefix match, even if a packet matches multiple classification rules. However, new network applications demanding multimatch classification - that is, requiring all matching results instead of only the highest-priority match - are emerging. Ternary content-addressable memory is becoming a common extension to network processors, and its capability and speed make it attractive for high-speed networks. The proposed TCAM-based scheme produces multimatch classification results with about 10 times fewer memory lookups than a pure software approach. In addition, their scheme for removing negation in rule sets saves up to 95 percent of the TCAM space used by a straightforward implementation.
Keywords :
content-addressable storage; packet switching; workstation clusters; high-speed networks; memory lookup; multimatch packet classification; network processors; ternary content-addressable memory; Computer crime; High-speed networks; Intelligent networks; Internet; Intrusion detection; Load management; Network address translation; Payloads; Probes; Protocols;
Journal_Title :
Micro, IEEE
