Two stage packet classification using most specific filter matching and transport level sharing

In this paper we introduce two new concepts to the design of packet classification systems. First, we propose most specific filter matching (MSFM), an improvement over the well known Cross Producting algorithm [V. Srinivasan, S. Suri, G. Varghese, M. Waldvogel, Fast and scalable layer four switching, in: Proceedings of ACM SIGCOMM, 1998] that significantly reduces the memory requirement of the earlier scheme. Second, we suggest that rules specifying the same source– destination IP prefix pair can be grouped together forming shared sets of transport level fields. This property of Transport Level Sharing (TLS), which characterizes real world classification databases is exploited for reducing a classifier’s memory requirement and for hardware acceleration. We split the classification process into two stages. First, we perform classification on source–destination IP prefix pairs using the MSFM algorithm. Second, we perform classification on transport level fields exploiting transport level sharing. It is the combination of most specific filter matching and transport level sharing which results in a scheme that requires no more than 11 dependent memory accesses in the critical path independent of the size of the classification database. The memory access bandwidth of our scheme is also bounded when our scheme is accelerated in hardware. Compared to other schemes which involve a small and predictable number of steps in the critical path (e.g., Cross Producting [V. Srinivasan, S. Suri, G. Varghese, M. Waldvogel, Fast and scalable layer four switching, in: Proceedings of ACM SIGCOMM, 1998] or Recursive Flow Classification [P. Gupta, N. McKeown, Packet classification on multiple fields, in: Proceedings of ACM SIGCOMM, 1999]) the combination of most specific filter matching and transport level sharing is associated with the least memory requirement. 2007 Elsevier B.V. All rights reserved.