EP2078393A2 - Procédé, dispositif et système pour une classification à plusieurs champs dans un réseau de communication de données - Google Patents

Procédé, dispositif et système pour une classification à plusieurs champs dans un réseau de communication de données

Info

Publication number
EP2078393A2
EP2078393A2 EP07835400A EP07835400A EP2078393A2 EP 2078393 A2 EP2078393 A2 EP 2078393A2 EP 07835400 A EP07835400 A EP 07835400A EP 07835400 A EP07835400 A EP 07835400A EP 2078393 A2 EP2078393 A2 EP 2078393A2
Authority
EP
European Patent Office
Prior art keywords
crunched
dimension
classes
classifier
crunching
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP07835400A
Other languages
German (de)
English (en)
Other versions
EP2078393A4 (fr
Inventor
Mikael Sundström
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Oricane AB
Original Assignee
Oricane AB
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from SE0602336A external-priority patent/SE531947C2/sv
Application filed by Oricane AB filed Critical Oricane AB
Publication of EP2078393A2 publication Critical patent/EP2078393A2/fr
Publication of EP2078393A4 publication Critical patent/EP2078393A4/fr
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/30Routing of multiclass traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control

Definitions

  • the present invention relates to a method, device and system for multi field classification in a data communications network.
  • Internet is formed of a plurality of networks connected to each other, wherein each of the constituent networks maintains its identity. Each network supports communication among devices connected to the networks, and the networks in their turn are connected by routers. Thus, Internet can be considered to comprise a mass of routers interconnected by links. Communication among nodes (routers) on Internet takes place using an Internet protocol, commonly known as IP. IP datagrams (packets) are transmitted over links from one router to the next one on their ways towards the final destinations. In each router a forwarding decision is performed on incoming datagrams to determine the datagrams next-hop router.
  • IP Internet protocol
  • each class is defined by a set of properties of the set of header fields of the packets.
  • each header field in each class is defined by an interval, which can also be a single value, and the classes, or rules, are organized as a linear list of rules.
  • specific data forwarding and/or processing actions depending on the nature of the data traffic is provided by classification of incoming data, such as packet classification or multi-field classification.
  • classification of incoming data such as packet classification or multi-field classification.
  • This is provided by a process of inspecting values of selected header fields of a data packet and selecting a first matching rule.
  • the selection is provided by selecting (or finding) from a list of rules or classes the first rule that matches a packet.
  • each rule consist of D intervals where D is the number of header fields in the packet (or the potential number of header fields of interest).
  • a packet is said to match a rule when the value of each header field of the packet lies within the corresponding interval in the rule. That is, the values contained in all header fields of the packet must match their corresponding interval in the rule.
  • this is provided by a method for performing specific data forwarding actions depending on the nature of data traffic comprising data packets.
  • the method comprises the steps of:
  • the multidimensional classification is provided by means of a technique for crunching or compression of the address space upon which a classifier operates, by analyzing the list of rules and preparing a single field classifier per dimension (header field), to reduce the size of the universe in each dimension to 2n+1, where n is the number of rules, thus reducing the complexity of the multi-dimensional classification to at most ceil(lg(2n+1 )) bits, where Ig is the logarithm with base 2, in each dimension.
  • a storage for storing a datagram forwarding data structure provided for indicating where to forward a datagram in a network, which data structure is in the form of a tree comprising at least one leaf and possibly a number of nodes including partial nodes, said data structure having a height, corresponding to a number of memory accesses required for looking up a largest stored non-negative integer smaller than or equal to a query key, means arranged to receive incoming data traffic of a specific nature, belonging to at least a specific class among a number of pre-defined classes, and means arranged to classify the data traffic by determining the nature of the data traffic, provided by a process of inspecting values of one or more selected header field(s) of an address space of a data packet, and selecting a first matching class from an ordered list of classes providing multi-dimensional classification by means of crunching or compression.
  • this is provided by a system.
  • a computer program product having computer program code means to make a computer execute the above method when the program is run on a computer.
  • Fig. 1 is a flow-chart showing the method according to an embodiment of the present invention
  • Fig. 2 illustrates a schematic block diagram of a (hardware) device according to an embodiment of the present invention
  • Fig. 3 illustrates a schematic block diagram of a software solution according to an embodiment of the present invention
  • Fig. 4 illustrates an overview of a multi-field classifier based on the cruncher- matchmaker architecture
  • Fig. 5 illustrates a source address cruncher
  • Fig. 6 illustrates an implementation of Fig.5
  • Fig. 7 illustrates how to support IPv4/IPv6 tunneling
  • Fig. 8 illustrates TCAM-like memory implementation
  • Fig. 9 illustrates a multi-field classifier
  • Fig. 10 illustrates a generalized hybrid classification block
  • Fig. 11 illustrates a multi-field packet classifier.
  • Fig. 12 illustrates a subset represented in a bit mask representation where set bits are illustrated by white cells and non-set bits are represented by shaded cells.
  • D-dimensional packet classification means to select from a list of rules or classes the first rule that matches a packet.
  • Each rule consists of D intervals corresponding to D header fields in the packet.
  • Ri be the ith rule and [xij, yij] the jth interval of rule Ri. Note that, for addresses, intervals are sometimes represented by prefixes and for protocols by single points.
  • nodes will contain 128 bits values instead of 32 bits values and this will clearly increase the size of the nodes. It will also have considerable effect on the lookup speed if the nodes are carefully sized and aligned to exploit the memory block size b as we do with block trees. For trie based classifiers, the number of levels will most likely increase, resulting in reduced lookup performance, or grow considerably in size.
  • the invention is not limited to compression of IPv6 addresses but can also be used to compress IPv4 addresses to reduce the complexity of the classification and increase the performance.
  • Fig. 1 illustrates a device according to an embodiment of the invention configured in hardware.
  • Fig. 1 illustrates a method for performing specific data forwarding actions depending on the nature of data traffic comprising data packets.
  • a first step step 201 .
  • the data traffic belongs to at least a specific class among a number of pre-defined classes.
  • the data traffic is classified by determining the nature of the data traffic, provided by a process of inspecting values of one or more selected header field(s) of an address space of a data packet and a first matching class is selected from an ordered list of classes providing multi-dimensional classification in a third step, step 203.
  • FIG. 1 is an illustration of a block schematic of a classifier device 100 for performing the method, according to an embodiment of the present invention.
  • the classifier device 100 is implemented in hardware and could be referred to as a multi-dimensional classifier.
  • the hard-ware implemented classifier device 100 comprises an input/output unit 104 for transmission of data signals comprising data grams to or from a source or destination such as a router or the like (not shown).
  • This input/output unit 104 could be of any conventional type including a cordless gate way/switch having input/output elements for receiving and transmitting video, audio and data signals.
  • Data input is schematically illustrated as "query" of one or more data header field(s), and data output as a result such as forwarding direction, policy to apply or the like.
  • a system bus 106 connected to a control system 108 for instance including a custom classification accelerator chip arranged to process the data signals.
  • the device 100 comprises means 109 for receiving incoming data traffic of a specific nature, belonging to at least a specific class among a number of pre-defined classes, and means 110 for classifying the data traffic by determining the nature of the data traffic, provided by a process of inspecting values of one or more selected header field(s) of an address space of a data packet, and selecting a first matching class from an ordered list of classes providing multi-dimensional classification.
  • the multidimensional classification is provided by means of a technique for compression of the address space upon which a classifier operates providing multi-dimensional classification.
  • the chip 108 provides, or includes, means 109, 110 for analyzing a rule set to prepare an array of single field classifiers, consisting of up to one single field classifier for each dimension, converting the original rule set to a corresponding list of compressed rules by using the array of single field classifiers, loading the array of single field classifier representations into a corresponding array of single field classifiers implemented in custom hardware on a chip to accelerate throughput, loading the list of compressed rules into a special kind of TCAM-like memory where each cell corresponds to one rule and each cell stores the boundaries (minimum and maximum) of one interval in each dimension wherein the actual classification of a list of header fields is achieved by first compressing the value of each header field in parallel using the array of single field classifiers to produce a compressed list of header fields which is then classified by loading matching it against all TCAM-like cells in parallel and selecting the first TCAM- like cell that matches using standard TCAM techniques for tie removal among multiple matches, to produce the final result, and techniques for integrating the address space compression and compressed
  • the chip 108 could be configured as comprising classifier lookup structure and classifier lookup, typically hardwired.
  • the device 100 is implemented in software instead.
  • same reference numerals as already have been used in relation to Fig. 2 will be used as far as possible.
  • control system 108 comprises a processor 111 connected to a fast computer memory 112 with a system bus 106, in which memory 112 reside computer- executable instructions 116 for execution; the processor 111 being operative to execute the computer-executable instructions 116 to: providing in a storage 102, herein typically the main-memory, a datagram forwarding data structure provided for indicating where to forward a datagram in said network, and arranged to receive incoming data traffic of a specific nature, belonging to at least a specific class among a number of pre-defined classes, and classify the data traffic by determining the nature of the data traffic, provided by a process of inspecting values of one or more selected header field(s) of an address space of a data packet, and select a first matching class from an ordered list of classes providing multi-dimensional classification by means of compression.
  • a storage 102 herein typically the main-memory, a datagram forwarding data structure provided for indicating where to forward a datagram in said network, and arranged to receive incoming data traffic
  • the method comprises the step of providing a single field classifier is provided to compress the address space for each dimension, step 204.
  • the method comprises that the set of single field classifiers are organized as a vector where compression is executed in each dimension simultaneously, step 204.
  • the method comprises the step of analyzing the list of classes in each dimension to identify potential starting points providing the set Z, step 205.
  • the method comprises the step of reproducing (mapping) the interval to a corresponding compressed interval by means of using said single field classifier provided for that particular dimension.
  • the result is a compressed interval for each dimension in each rule and finally a list of rules that is totally compressed, step 206.
  • the lookup is performed by means of in a first step 201 , (or in parallel if implemented as hardware) looking up by means of corresponding single field classifier for each header field of the packet. In this way, there is provided a list of compromised values of the header fields.
  • multi-dimensional classification is performed (by means of TCAM if implemented in hard-ware) of the compromised list of header fields in the compressed list of rules.
  • the analysis of the original list of rules and the compression of the list of rules, as well as the definition of each single filed classifier is provided by means of software.
  • the lookup could be provided by means of hard-ware, for instance by means of pipelining for improved performance. If the lookup is provided by means of software, it is possible to use any kind of legacy multi-dimensional classifier to provide matching of the compressed list.
  • the invention includes analysis of original list of rules, the definition of SFC for each dimension, as well as compressing sv list of rules.
  • the set Z ⁇ z ⁇ , z1 ,...,zm ⁇ , where zj ⁇ zj+1, is the set of smaller endpoints of all possible intervals [z ⁇ , z1 - 1] , [z1 , z2 - 1] , . . . , [zm, maxU], and the set of these intervals is a partition of U.
  • ⁇ z ⁇ , z1 ,...,zm ⁇ , where zj ⁇ zj+1, is the set of smaller endpoints of all possible intervals [z ⁇ , z1 - 1] , [z1 , z2 - 1] , . . . , [zm, maxU], and the set of these intervals is a partition of U.
  • the mapping ⁇ as follows:
  • ⁇ (x) j , if zj ⁇ x ⁇ zj+1 - 1.
  • is a mapping from U onto ⁇ 0, . . . , m ⁇ . Moreover, m ⁇ 2n since at most one endpoint from each rule was added to X and Y respectively. It is straight forward to implementing ⁇ by using a single field classifier. In particular, any of the methods in patent application 1-4 can be used. Furthermore, since ⁇ is a monotonically increasing function, there is no need to store the actual data bits that constitute the result from the single field classifier explicitly. Instead, the result from lookup can be computed by tracing the lookup.
  • ⁇ ([h1 , h2, . . . , hD]) [ ⁇ 1 (h1), ⁇ 2(h1), . . . , ⁇ D(hD)] .
  • IPv6 prefixes can be mapped onto IPv4 prefixes.
  • classification is typically performed using a high performance TCAM chip.
  • MFC-5 IPv6 5-field multi dimensional classification
  • 296-bit TCAM cells are required. TCAM bits are extremely expensive, both in terms of implementation cost and power consumption.
  • the cost for a bit of SRAM memory as used to store our hybrid 1 -dimensional classifiers is small compared to the cost of a TCAM bit.
  • the resulting 5-fields, a total of 74 bits, can then be classified using a TCAM- like memory designed to match intervals instead of arbitrary wild-cards. Since the cost per bit in such a TCAM-like memory is should not be substantially higher than in an ordinary TCAM, the effective reduction of silicon area and power consumption can potentially be as high as 75%.
  • each dimension corresponds to a certain kind of header field which we refer to as the type of the header field.
  • the types of the first and second dimensions are IPv4 source and destination address respectively whereas the types of the third and fourth dimensions are source address and destination address respectively.
  • the protocol which corresponds to the fifth dimension, is either TCP or UDP. Otherwise, the specification of port ranges in the third and fourth dimension would not make any sense.
  • the address intervals are IPv6 addresses instead of IPv4 addresses.
  • IPv6 rules are mixed. If the actual multi-dimensional classification is performed using software (i.e. computer program product running on a computer), using a single multidimensional classifier becomes very messy since two address spaces with different sizes needs to be combined. The software will be hard and costly to implement, expensive to maintain and most likely very inefficient.
  • two multi-dimensional classifiers can be used where one is customized for basic IPv4 rules and the other for basic IPv6 rules. While this approach may (or may not) be feasible if there are only two types of rules, it does not scale to support the multitude of types of rules that are needed to implement powerful and sophisticated security polices in performance critical network environments.
  • the first concrete situation when this scaling becomes an issue is when we want to support other protocols such as for example ICMP (Internet Control Message Protocol) and ESP (Encapsulating Security Payload) that may follow the IP header.
  • ICMP Internet Control Message Protocol
  • ESP Encapsulating Security Payload
  • ICMP does not contain port numbers. Instead, there is a 5-bit type and a 4-bit code (even though both are represented as 8-bit fields in the ICMP header.
  • the scaling issues becomes even worse when we want to support rules for IP tunnelling where there may be two or more IPv4/IPv6 headers before the transport header thus yielding an MFC-7 rule, MFC-9 rule etc.
  • the type of the third dimension can be an IPv4 source address, an IPv6 source address, an UDP source port, a TCP source port, or an ICMP type.
  • a custom cruncher is used for each dimension and the intervals are mapped such that the first interval of each type is mapped to the number following the mapping of the last interval of the previous type in said dimension.
  • the method comprises the step of reproducing (mapping) each interval in each class to a corresponding crunched interval by means of using said crunching module provided for that particular dimension.
  • the matchmaking of the crunched key in the ordered list of crunched classes is performed using linear search.
  • the matchmaking of the crunched key in the ordered list of crunched classes is performed using any multi field classifier based on exhaustive search.
  • the matchmaking of the crunched key in the ordered list of crunched classes is performed using any decision tree based multi field classifier. In one embodiment, the matchmaking of the crunched key in the ordered list of crunched classes is performed using any multi field classifier based on decomposition into multiple single field classifications followed by combination of results.
  • the matchmaking of the crunched key in the ordered list of crunched classes is performed using any multi field classifier based on tuple space partitioning.
  • the matchmaking of the crunched key in the ordered list of crunched classes is performed using any legacy multi-field classifier.
  • the matchmaking of the crunched key in the ordered list of crunched classes is performed using hardware accelerated linear search in the form of a TCAM memory.
  • the matchmaking of the crunched key in the ordered list of crunched classes is performed using hardware accelerated linear search (Extended TCAM memory) where each crunched field is compared to the starting point and end point of each interval in dimension of each class simultaneously and a priority encoder is used to select the first matching class.
  • hardware accelerated linear search Extended TCAM memory
  • figure 4 we show an overview of a multi-field classifier based on the cruncher- matchmaker architecture.
  • the original list of header field values enters the cruncher where it is converted to type independent format (b) which then enters the matchmaker that produces the result (c).
  • the matchmaker that produces the result (c).
  • the maintenance of the cruncher and the matchmaker where updates are entered to change the behaviour of the classifier.
  • the cruncher consists of an array of crunching modules. Potentially, there is one module for each dimension. Each module consists of an array of custom crunchers with one custom cruncher for each type. We refer to a custom cruncher designed to crunch a w- bit field as w-bit field cruncher.
  • the cruncher contains one module for each dimension where the crunching process can improve the classification as shown in figure 5.
  • the crunchers are set up in the same fashion as the address compressors except that inputs can consist of different types of header fields.
  • the source address cruncher in figure 5 is configured by sorting all IPv4 source potential interval starting points to obtain a list of at most 2 * N4 + 1 IPv4 intervals where interval X is mapped to X.
  • the IPv6 cruncher is configured in a similar fashion except that interval Y is mapped to
  • Y + Xmax + 1 instead of to Y as would be the case if there only was an IPv6 cruncher. If there are more kinds of fields to combine the first interval from the next field is mapped to the value of the mapping of the last interval from the previous kind of field plus one. This can be repeated to support crunching and thus combination of an arbitrary number of different kinds of header fields in each dimension.
  • figure 6 it is shown how this method is applied to support IPv4/IPv6 MFC-5 rules with both TCP, UDP and ICMP.
  • the skipper could have been implemented in the third and fourth address cruncher modules instead with essentially the same result if the matchmaker is implemented in hardware (not shown).
  • the skipper could be skipped altogether by handling the transport protocol fields from MFC-5 rules in the third and fourth cruncher modules by combining source port and ICMP type in the third module and destination port and ICMP code in the fourth module (not shown).
  • the matchmaker can be implemented using a TCAM-like memory as shown in figure 8.
  • the overview of the matchmaker is shown as an array of cells and in (d) a single cell is shown in more detail. Each cell consist of a register for each dimension and in (e) the matching of a crunched field and cell register containing min and max values for the represented interval is shown in detail. In order to match, all dimensions must match. To combine the results into a single value representing the first matching cell, a priority encode is used (f).
  • the main purpose of the matchmaker is to eliminate the impact from the combinatorial complexity of the packet classification problem whereas the main purpose of the cruncher is to reduce the impact of large search keys (e.g. IPv6).
  • the partitioning of the problem into crunching and matchmaking also separates the different technologies used to implement the classification engine in hardware. Since crunching is an algorithmic approach all data structures involved can be stored in SRAM using pipelining and parallelism to achieve maximum performance. Matchmaking on the other hand is implemented using Extended TCAM (ETCAM) memory which performs exhaustive search in parallel in a list of rules where each rule consist of an interval for each dimension as opposed to prefixes required by standard TCAMs.
  • ETCAM Extended TCAM
  • space is measured in number of bits of memory required to represent a rule list of a certain size.
  • SRAM requires 6 transistors per bit
  • TCAM requires 16 transistors per bit
  • E-TCAM requires 44 transistors per bit.
  • Speed and power are closely related. To achieve maximum speed, we will assume that both pipelining and parallelism are used to maximum extent. This will increase the number of bits simultaneously involved in processing which in turn increases the power consumption.
  • the cost for simply storing a passive bit in SRAM is 20 nanowatts compared to 3 microwatts for storing a bit in a TCAM [15]
  • the algorithmic parts of the engine running in the cruncher may perform various operations simultaneously
  • the total number of active bits simultaneously involved in processing in the cruncher depends on the algorithms used, the degree of parallelism and pipelining, and the configuration of the memories It is fair to assume that none of these operations are more costly per bit than the range matching performed by an E-TCAM and therefore we will assume that the power consumption in the cruncher is 8 25 microwatts per active bit
  • Hybrid Classification Block to be multi field packet classifier constituted by a cruncher-matchmaker pair, including any of the embodiments described above
  • All embodiments of multi field packet classifiers described above consist of a single HCB
  • two HCBs, each dimensioned for n/2 rules can be used in parallel to implement a packet classifier for supporting n rules This clearly reduced the cost for matchmaking
  • the total number of active bits in one dimension in the cruncher is obtained by
  • the relative savings for using this configuration are approximately 7% and 27% for space and power consumption respectively, compared to using a single HCB.
  • Fig. 9 shows a multi field packet classifier, for computing the index of the first matching rule 4 of the query key 3, comprised of an array of hybrid classification blocks 0 running in parallel.
  • the first direction is a generalization of the algorithm into a family of algorithms where the number of bits involved in matchmaking can be reduced at the cost of increasing the space costs for the cruncher. This will add another optimization parameter to be considered when optimizing the total cost.
  • the second direction is related to implementing incremental updates.
  • each custom cruncher in each HCB computes a single value which corresponds to a crunched header field for the respective dimension and HCB.
  • the cost for this in terms of space for storing interval boundaries is not affected since the total number of intervals in the two crunchers are the same as the sum of the number of intervals in the original crunchers.
  • the amount of data stored doubles since each interval is associated with two data fields instead of only one.
  • the advantage of this approach is that the number of active bits in the crunchers are reduced by a factor of two, meaning that we have a yet another potential trade off which can be used to decrease the costs further.
  • GBCB Generalized Hybrid Classification Block
  • Fig. 10 shows a generalized hybrid classification block, for computing the index of the first matching rule 4 of the query key 3, comprised of a cruncher 2 and an array of matchmakers 1 running in parallel.
  • GPC Generalized Hybrid Classifier
  • Fig. 11 shows a multi field packet classifier, for computing the index of the first matching rule 4 of the query key 3, comprised of an array of generalized hybrid classification blocks 5 running in parallel.
  • u(L, M, N) be our update cost budget, i.e., the maximum number of memory accesses etc. we are allowed to spend on one update.
  • the main principle behind our maintenance strategy is to actually spend all these memory accesses on each update in the hope of postponing the first too expensive update as much as possible.
  • Our update cost budget corresponds to the cost of complete reconstruction of a pair of adjacent GHCBs.
  • B1 , B2, . . . , BM be a number of buckets corresponding to the M GHCBs. Each bucket can store up to N items corresponding to N rules.
  • x[i,1], . . . , x[i, mi] be the indices of the items stored in bucket Bi. Since we are allowed to reconstruct two adjacent GHCBs, we can move an arbitrary number of items between two adjacent buckets. When an item is inserted into a full bucket, it fails and the system of buckets is considered full. Only insertions needs to be considered since each deleted operation reduces n by 1 while financing the same amount of reconstruction work as an insert operation.
  • the role of a maintenance strategy is to maximize the number items that can be inserted by delaying the event of insertion into a full bucket as much as possible.
  • a phase where m ⁇ M items have been inserted.
  • For each item inserted we can move an arbitrary number of items between two adjacent buckets. This is called a move.
  • Proposition 10 (a) m - 1 moves is sufficient to distribute these m items evenly, i.e. one item per bucket, no matter how they were inserted, (b) these m- 1 moves can be performed after the current phase.
  • Proposition 10 (a) the number of insertions of the current phase is thus sufficient to pay for the maintenance for the previous phase and Proposition 10 (b) follows. It remains to prove Proposition 10 (a). To distinguish between items that have not been maintained from the previous phase and items being inserted in the current phase we colour the items from the previous phase blue and the inserted items red.
  • Bi the number of blue items in bucket i, and k the index of the rightmost completed bucket - k is initially zero.
  • We start in rightward mode: Find the leftmost bucket r satisfying sum(Bj, j k + 1..r) ⁇ r - k.
  • bit mask representation be a representation of a subset U where each element of U corresponds to one bit in a bit array and where a bit is set if and only if the corresponding element is a member of the subset represented.
  • the matchmaker is implemented by representing the intervals in one or more dimensions in one or more rules using the bit mask representation instead of storing the smallest and largest value of the interval.
  • each dimension in each rule is represented by an interval.
  • a generalized matchmaker to be a matchmaker where each dimension in each rule can be represented by an arbitrary subset of the crunched universe in said dimension as opposed to a simple interval.
  • a generalized matchmaker where the crunched rule list is represented using subsets in one or more dimensions in one or more rules as described in the definition of generalized matchmaker.
  • Fig. 12 illustrates a subset represented in the bit mask representation 1 , where set bits are illustrated by white cells 1 ' and non set bits are illustrated by shaded cells 12" ; wherein 2 shows a crunched key used to index into the array where the result is a match, i. e. the key is a member of the subset represented by the bit mask, indicated by a set bit 3; 4 shows a crunched key used into the bit array where the result is a mismatch, i. e. the key is not a member of the subset represented by the bit mask, indicated by a non set bit 5.

Abstract

La présente invention concerne un procédé pour effectuer des actions précises de réacheminement de données selon la nature du trafic des données comportant des paquets de données, lequel procédé comporte les étapes consistant: à recevoir un trafic de données d'arrivée d'une nature particulière, appartenant à au moins une catégorie particulière parmi plusieurs catégories prédéfinies, étape 101, à classer le trafic de données en déterminant la nature du trafic de données, étape 102, ledit classement étant fourni par un processus d'inspection de valeurs d'un ou de plusieurs champs d'en-tête sélectionnés d'un espace d'adresse d'un paquet de données, et à sélectionner une première catégorie de correspondance à partir d'une liste de catégories ordonnée en fournissant une classification multidimensionnelle, étape 103.
EP07835400A 2006-11-03 2007-11-02 Procédé, dispositif et système pour une classification à plusieurs champs dans un réseau de communication de données Withdrawn EP2078393A4 (fr)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
SE0602336A SE531947C2 (sv) 2006-11-03 2006-11-03 Förfarande, anordning och system för flerfältsklassificering i ett datakommunikationsnätverk
SE0700378A SE531989C2 (sv) 2006-11-03 2007-02-15 Förfarande och datorprogramsprodukt för flerfältsklassificiering i ett datakommunikationsnät
SE0700691A SE531954C2 (sv) 2006-11-03 2007-03-19 Förfarande och datorprogramsprodukt för flerfältsklassificering i ett datakommunikationsnät
PCT/SE2007/050816 WO2008054323A2 (fr) 2006-11-03 2007-11-02 Procédé, dispositif et système pour une classification à plusieurs champs dans un réseau de communication de données

Publications (2)

Publication Number Publication Date
EP2078393A2 true EP2078393A2 (fr) 2009-07-15
EP2078393A4 EP2078393A4 (fr) 2012-10-31

Family

ID=39344729

Family Applications (1)

Application Number Title Priority Date Filing Date
EP07835400A Withdrawn EP2078393A4 (fr) 2006-11-03 2007-11-02 Procédé, dispositif et système pour une classification à plusieurs champs dans un réseau de communication de données

Country Status (2)

Country Link
EP (1) EP2078393A4 (fr)
WO (1) WO2008054323A2 (fr)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
SE532426C2 (sv) * 2008-05-26 2010-01-19 Oricane Ab Metod för datapaketklassificering i ett datakommunikationsnät

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001059702A1 (fr) * 2000-02-08 2001-08-16 Xstream Logic, Inc. Classificateur de paquets multidimensionnels, aux vitesses de transmission de ligne
US6289013B1 (en) * 1998-02-09 2001-09-11 Lucent Technologies, Inc. Packet filter method and apparatus employing reduced memory
US6970462B1 (en) * 2000-04-24 2005-11-29 Cisco Technology, Inc. Method for high speed packet classification
US20060221954A1 (en) * 2005-03-31 2006-10-05 Narayan Harsha L Methods for performing packet classification

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003338830A (ja) * 2002-03-12 2003-11-28 Matsushita Electric Ind Co Ltd メディア送信方法、メディア受信方法、メディア送信装置及びメディア受信装置

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6289013B1 (en) * 1998-02-09 2001-09-11 Lucent Technologies, Inc. Packet filter method and apparatus employing reduced memory
WO2001059702A1 (fr) * 2000-02-08 2001-08-16 Xstream Logic, Inc. Classificateur de paquets multidimensionnels, aux vitesses de transmission de ligne
US6970462B1 (en) * 2000-04-24 2005-11-29 Cisco Technology, Inc. Method for high speed packet classification
US20060221954A1 (en) * 2005-03-31 2006-10-05 Narayan Harsha L Methods for performing packet classification

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of WO2008054323A2 *

Also Published As

Publication number Publication date
EP2078393A4 (fr) 2012-10-31
WO2008054323A2 (fr) 2008-05-08
WO2008054323A3 (fr) 2008-06-05

Similar Documents

Publication Publication Date Title
US8472446B2 (en) Method for data packet classification in a data communications network
US8477773B2 (en) Method, device and system for multi field classification in a data communications network
US7535906B2 (en) Packet classification
US7957387B2 (en) Packet classification
US7961734B2 (en) Methods and apparatus related to packet classification associated with a multi-stage switch
Taylor et al. Scalable packet classification using distributed crossproducing of field labels
US7835357B2 (en) Methods and apparatus for packet classification based on policy vectors
US7251651B2 (en) Packet classification
US7594092B1 (en) Integrated multidimensional sorter
US20090034530A1 (en) Packet classification using modified range labels
US8364803B2 (en) Method, device, computer program product and system for representing a partition of N W-bit intervals associated to D-bit data in a data communications network
KR100512949B1 (ko) 필드레벨 트리를 이용한 패킷분류장치 및 방법
Chang et al. Range-enhanced packet classification design on FPGA
US7362765B1 (en) Network traffic management system with floating point sorter
Hsieh et al. A classified multisuffix trie for IP lookup and update
Sun et al. An on-chip IP address lookup algorithm
WO2008054323A2 (fr) Procédé, dispositif et système pour une classification à plusieurs champs dans un réseau de communication de données
Spitznagel Compressed data structures for recursive flow classification
Kogan et al. Efficient FIB representations on distributed platforms
Van Tu et al. A high throughput pipelined hardware architecture for tag sorting in packet fair queuing schedulers
Hsieh et al. A novel dynamic router-tables design for IP lookup and update
Sonai et al. CTLA: Compressed Table Look up Algorithm for Open Flow Switch
Ray et al. A fast range matching architecture with unit storage expansion ratio and high memory utilization using SBiCAM for packet classification
Wang et al. High-performance IP routing table lookup
Zerbini et al. Optimization of lookup schemes for flow-based packet classification on FPGAs

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20090415

AK Designated contracting states

Kind code of ref document: A2

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LI LT LU LV MC MT NL PL PT RO SE SI SK TR

DAX Request for extension of the european patent (deleted)
A4 Supplementary search report drawn up and despatched

Effective date: 20121002

RIC1 Information provided on ipc code assigned before grant

Ipc: H04L 12/56 20060101AFI20120926BHEP

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: EXAMINATION IS IN PROGRESS

17Q First examination report despatched

Effective date: 20170503

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20171114