Packet Classi cation using Tuple Space Search

Routers must perform packet classi cation at high speeds to e ciently implement functions such as rewalls and QoS routing. Packet classi cation requires matching each packet against a database of lters (or rules), and forwarding the packet according to the highest priority lter. Existing lter schemes with fast lookup time do not scale to large lter databases. Other more scalable schemes work for 2-dimensional lters, but their lookup times degrade quickly with each additional dimension. While there exist good hardware solutions, our new schemes are geared towards software implementation. We introduce a generic packet classi cation algorithm, called Tuple Space Search (TSS). Because real databases typically use only a small number of distinct eld lengths, by mapping lters to tuples even a simple linear search of the tuple space can provide signi cant speedup over naive linear search over the lters. Each tuple is maintained as a hash table that can be searched in one memory access. We then introduce techniques for further re ning the search of the tuple space, and demonstrate their e ectiveness on some rewall databases. For example, a real database of 278 lters had a tuple space of 41 which our algorithm prunes to 11 tuples. Even as we increased the lter database size from 1K to 100K (using a random two-dimensional lter generation model), the number of tuples grew from 53 to only 186, and the pruned tuples only grew from 1 to 4. Our Pruned Tuple Space search is also the only scheme known to us that allows fast updates and fast search times. We also show a lower bound on the general tuple space search problem, and describe an optimal algorithm, called Rectangle Search, for two-dimensional lters. Research supported in part by NSF Grant NCR-9628145. Research supported in part by NSF Grant 9813723 Research supported in part by NSF Grant NCR 9813723.