General Ternary Bit Strings on Commodity Longest-Prefix-Match Infrastructures Pavel Chuprikov ∗† , Kirill Kogan † , Sergey Nikolenko ∗ ∗ Steklov Institute of Mathematics at St. Petersburg † IMDEA Networks Institute, Madrid represent multi-field packet classifiers and add a new level of Abstract —Ternary Content-Addressable Memory ( TCAM ) is a powerful tool to represent network services with line-rate lookup expressiveness [6]. Unfortunately, TCAM s are expensive and time. There are various software-based approaches to represent power hungry [7], so TCAM s of a sufficient size are the de multi-field packet classifiers. Unfortunately, all of them either re- facto standard for classifier implementations only in high-end quire exponential memory or apply additional constraints on field network elements [8], [9]. Most network elements efficiently representations (e.g, prefixes or exact values) to have line-rate implement prefix classifiers with LPM priorities at line-rate. lookup time. In this work, we propose alternatives to TCAM and introduce a novel approach to represent packet classifiers based In this work, we explore alternatives to TCAM s and other on ternary bit strings (without constraining field representation) software-based approaches and show how to represent multi- on commodity longest-prefix-match ( LPM ) infrastructures. These field packet classifiers on commodity LPM infrastructures representations are built on a novel property, prefix reorderability , (transparently to them) with line-rate performance. Various that defines how to transform an ordered set of ternary bit strings approaches to represent multi-field packet classifiers on LPM to prefixes with LPM priorities in linear memory. Our results are supported by evaluations on large-scale packet classifiers with infrastructures exist, but all of them impose additional con- real parameters from ClassBench; moreover, we have developed straints on how fields are represented (e.g., prefixes or exact a prototype in P4 to support these types of transformations. values) and most do not achieve desired worst-case guaranteed lookup time [10], [2], [11], [12]. Unlike prior art, we do I. I NTRODUCTION not apply additional constraints on field representations and Packet classification is a core functionality for representing assume that classifier rules are ternary bit strings with general packet processing programs on the data plane. There are two priorities as in TCAM s. We do not propose a specific classifier major program categories: traffic forwarding between certain implementation but rather define an abstraction layer that points in a communication network and service policies that chooses a subset of bit indices to be used in the lookup process. guarantee desired traffic properties or track network behav- A classifier based on these bit indices can be transparently ior during forwarding (e.g., quality-of-service, access-control, represented by other schemes, both in hardware and software. firewall). Both can be captured as tuple matching with action The paper is organized as follows. Section II introduces sets, but they have distinct behavior and may rely on different the model; Section III, a novel structural property, prefix re- invariants; e.g., forwarding tables can be represented by pre- orderability , with an optimal algorithm that transforms a given fixes with priorities based on longest-prefix-match ( LPM ) while classifier into a prefix LPM classifier without extra memory (if policies can consider general multi-field classifiers; forwarding possible). In Sections IV and V we show how to represent non- tables may change frequently, while policies representing prefix-reorderable classifiers on existing LPM infrastructure economic models or specific traffic signatures are designed without and with extra memory. Since classification width mostly a priori . In this work, we concentrate on policies in supported by LPM infrastructures is usually limited to 32 or the second category based on multi-field packet classifiers. 128 bits, in Section VI we show how to represent much wider It is easier and more efficient to represent prefixes with classifiers on LPM infrastructures and study a composition LPM priorities than to use multi-field packet classifiers in of prefix reorderability with another structural property, rule software-based approaches [1]. Complexity bounds derived disjointness (order independence [14]). Section VII discusses from computational geometry imply that a software-based dynamic updates. In Section VIII, we evaluate our approach on packet classifier with N rules and k ≥ 3 fields uses ei- ClassBench classifiers with real parameters [19]. Section IX ther O ( N k ) space and O (log N ) time or O ( N ) space and outlines implementation details on top of the P4 domain- O (log k − 1 N ) time [2] , which makes them either too slow or specific language [20]; we have released the code under an too memory-intensive even with few prefix-fields. open source license. Section X discusses related prior art, and Software-based approaches become even worse if classifica- Section XI concludes the paper. tion rules are represented as general ternary bit strings, which is extremely useful in many applications [3], [4], [5]. Ternary II. M ODEL D ESCRIPTION content-addressable memory ( TCAM ) was introduced to over- In this section, we provide formal definitions for further come performance limitations of software-based solutions to exposition, starting with the basic notions of a packet header and classifier. A packet header H = ( h 1 , . . . , h w ) is a 978-1-5090-6501-1/17/$31.00 c ⃝ 2017 IEEE
Recommend
More recommend