Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
TCAM Razor: A SystematicApproach Towards Minimizing Packet Classifiers in TCAMsChad R. Meiners Alex X. Liu Eric Torng{mein...
Introduction Access Control List                                         No ModificationsFirst Match Conflict Resolution  ...
How do we solve this problem?• Software solutions   – Linear search   – Trie and geometric data structures• Hardware solut...
TCAM Challenges• Low capacity   – Maximum of 18 Mb   – 2 Mb and 1Mb modules are the most popular   – Each entry has 144 bi...
Encoding Considerations• Range expansions   – Encoding ranges has a multiplicative effect        • [1,14] => 0001, 001*, 0...
Minimizing Prefix Entries• Minimal Prefix encodings is polynomial   – For single fields only!   – Multiple fields is an op...
From Single to Multiple Dimensions•   Break the problem into sub problem     – K dimensional problem         • K-1 dimensi...
Firewall Decision Diagrams     • First step of TCAM Razor is to convert rules into an FDDRule      F1          F2     Deci...
Multi-dimensional TCAM                      Minimization• Work from the bottom up                                         ...
Solution Composition     • Sub-solutions are composed by expansion          Rule       Field    Decision            1     ...
Redundancy Removal• Apply known redundant rule removal algorithm• Prefix encoding enables effective redundant rule removal...
Experimental Data• Real-life Packet Classifiers   – 17 structurally distinct classifiers   – 42 actual classifiers   – A f...
Experimental Metrics• Direct Rule Expansion Direct(f)   – Number rule produced by encoding classifier f     into prefix fo...
Experimental Metrics• For a set of classifiers S   – Average Compression ratio of A over S      •  fS (A(f)/Direct(f)) /...
Experimental Factors• Field Ordering   – FDD field order results in a substantial difference   – 5! = 120 permutations• Fo...
Compression Ratios• TCAM Razor: 18.2% average compress ratio• Redundancy Removal: 41.8% TCAM Razor: A Systematic Approach ...
Compression Ratios• 13 of 17 classifier have less than 1% TCAM Razor: A Systematic Approach Towards Minimizing Packet Clas...
Expansion RatioTCAM Razor: A Systematic Approach Towards Minimizing Packet Classifiers in TCAMs   18/22                   ...
Synthetic Packet Classifiers• Average compression ratio   – .046• Average expansion ratio   – 8.737  TCAM Razor: A Systema...
Synthetic Packet Classifiers•   Total compression ratio     – .016•   Total expansion ratio     – 3.082    TCAM Razor: A S...
Concluding Remarks• TCAM Razor is not optimal   – Better algorithms are future work• TCAM can usually result in significan...
Questions?TCAM Razor: A Systematic Approach Towards Minimizing Packet Classifiers in TCAMs   22/22                        ...
Upcoming SlideShare
Loading in …5
×

Tcam razorslides

503 views

Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Tcam razorslides

  1. 1. TCAM Razor: A SystematicApproach Towards Minimizing Packet Classifiers in TCAMsChad R. Meiners Alex X. Liu Eric Torng{meinersc,alexliu,torng}@cse.msu.edu
  2. 2. Introduction Access Control List No ModificationsFirst Match Conflict Resolution Firewall Packet Classifier Rule SIP DIP S Port D Port Protocol Action 1 1.2.3.0/24 192.168.0.1 0 * * discard 2 1.2.3.0/24 192.168.0.1 65535 * * discard 3 1.2.3.0/24 192.168.0.1 * 0 * discard 4 1.2.3.0/24 192.168.0.1 * 65535 * discard 5 1.2.3.0/24 192.168.0.1 [0,65535] [0,65535] TCP accept 6 * * * * * discard TCAM Razor: A Systematic Approach Towards Minimizing Packet Classifiers in TCAMs 2/22 Meiners, Liu, Torng
  3. 3. How do we solve this problem?• Software solutions – Linear search – Trie and geometric data structures• Hardware solution – Ternary Content Addressable Memory • TCAM • Ternary bit pattern keys (0,1,*) • Constant time lookup TCAM Razor: A Systematic Approach Towards Minimizing Packet Classifiers in TCAMs 3/22 Meiners, Liu, Torng
  4. 4. TCAM Challenges• Low capacity – Maximum of 18 Mb – 2 Mb and 1Mb modules are the most popular – Each entry has 144 bits • 128K entries, 14K entries, 7K entries• Larger capacity consumes more energy – Power is a concern – Cooling is a concern• Larger capacity consumes space• Larger capacity is expensive – 1Mb module is ~ $250• Minimizing the number of entries addresses these issues TCAM Razor: A Systematic Approach Towards Minimizing Packet Classifiers in TCAMs 4/22 Meiners, Liu, Torng
  5. 5. Encoding Considerations• Range expansions – Encoding ranges has a multiplicative effect • [1,14] => 0001, 001*, 01**, 10**, 110*, 1110 • [1,14] / [1,14] => 6 × 6 = 36 entries – 1 rule can lead to over 900 TCAM entries. • Each port interval can leads to 30 rules • w-bit interval => 2w-2 maximum entries• Prefix Encoding – Standard practice to encode entries in prefix format • Each field is in prefix format – Minimizing arbitrary ternary lists is NP-hard TCAM Razor: A Systematic Approach Towards Minimizing Packet Classifiers in TCAMs 5/22 Meiners, Liu, Torng
  6. 6. Minimizing Prefix Entries• Minimal Prefix encodings is polynomial – For single fields only! – Multiple fields is an open problem – Dynamic programming algorithm • Suri et al. TCAM Razor: A Systematic Approach Towards Minimizing Packet Classifiers in TCAMs 6/22 Meiners, Liu, Torng
  7. 7. From Single to Multiple Dimensions• Break the problem into sub problem – K dimensional problem • K-1 dimensional sub-problems• Firewall Decision Diagrams v1 – Provides hierarchy of K-1 sub-problem F1 – Each sub-problem is a sub-tree of 0*** FDD 1000 1001 101* 11** v2 v3 F2 F2 0*** 10** **** 11** a d d TCAM Razor: A Systematic Approach Towards Minimizing Packet Classifiers in TCAMs 7/22 Meiners, Liu, Torng
  8. 8. Firewall Decision Diagrams • First step of TCAM Razor is to convert rules into an FDDRule F1 F2 Decision 1 [9,9] [0,15] d 2 [8,11] [0,7] d v1 3 [8,11] [12,15] d F1 4 [8,11] [0,15] a 0*** 1000 1001 5 [0,15] [0,15] d 101* 11** v2 v3 F2 F2 0*** 10** **** 11** a d d TCAM Razor: A Systematic Approach Towards Minimizing Packet Classifiers in TCAMs 8/22 Meiners, Liu, Torng
  9. 9. Multi-dimensional TCAM Minimization• Work from the bottom up Rule Field Decision v3 Rule Field Decision 1 **** discard v1v2 1 10** accept 2 **** discard F1 0*** 1000 1001 101* 11** v2 v3 F2 F2 0*** 10** **** 11** Rule Field Decision 1 1001 a v3 d dv1 2 10** v2 3 **** v3 These decisions are weighted! TCAM Razor: A Systematic Approach Towards Minimizing Packet Classifiers in TCAMs 9/22 Meiners, Liu, Torng
  10. 10. Solution Composition • Sub-solutions are composed by expansion Rule Field Decision 1 1001 v3v1 2 10** v2 Rule F1 F2 Decision 3 **** v3 1 1001 **** discard Rule Field Decision 2 10** 10** acceptv2 1 10** accept 3 10** **** discard 2 **** discard 4 **** **** discard Rule Field Decisionv3 1 **** discard TCAM Razor: A Systematic Approach Towards Minimizing Packet Classifiers in TCAMs 10/22 Meiners, Liu, Torng
  11. 11. Redundancy Removal• Apply known redundant rule removal algorithm• Prefix encoding enables effective redundant rule removalRule F1 F2 Decision Rule F1 F2 Decision 1 1001 **** discard 1 1001 **** discard 2 10** 10** accept 2 10** 10** accept 3 10** **** discard 3 **** **** discard 4 **** **** discard TCAM Razor: A Systematic Approach Towards Minimizing Packet Classifiers in TCAMs 11/22 Meiners, Liu, Torng
  12. 12. Experimental Data• Real-life Packet Classifiers – 17 structurally distinct classifiers – 42 actual classifiers – A few rules to hundreds of rules• Synthetic Packet Classifiers – Difficult to get real-life packet classifiers – 18 sets of 100 uniformly sized classifiers • Randomly generated • Generated to look like real classifiers TCAM Razor: A Systematic Approach Towards Minimizing Packet Classifiers in TCAMs 12/22 Meiners, Liu, Torng
  13. 13. Experimental Metrics• Direct Rule Expansion Direct(f) – Number rule produced by encoding classifier f into prefix format – We compare against direct rule expansion• Algorithm application A(f) – Number of prefix rules produced applying algorithm A on classifier f • TCAM Razor • Redundancy Removal TCAM Razor: A Systematic Approach Towards Minimizing Packet Classifiers in TCAMs 13/22 Meiners, Liu, Torng
  14. 14. Experimental Metrics• For a set of classifiers S – Average Compression ratio of A over S •  fS (A(f)/Direct(f)) / |S| – Total Compression ratio of A over S •  fS (A(f)) /  fS (Direct(f)) – Average Expansion ratio of A over S •  fS (A(f)/ |f|) / |S| – Total Expansion ratio of A over S •  fS (A(f)) /  fS (|f|) TCAM Razor: A Systematic Approach Towards Minimizing Packet Classifiers in TCAMs 14/22 Meiners, Liu, Torng
  15. 15. Experimental Factors• Field Ordering – FDD field order results in a substantial difference – 5! = 120 permutations• Fortunately there are good permutations v1 F1 0*** 1000 1001 101* 11** v2 v3 F2 F2 0*** 10** **** 11** a d d TCAM Razor: A Systematic Approach Towards Minimizing Packet Classifiers in TCAMs 15/22 Meiners, Liu, Torng
  16. 16. Compression Ratios• TCAM Razor: 18.2% average compress ratio• Redundancy Removal: 41.8% TCAM Razor: A Systematic Approach Towards Minimizing Packet Classifiers in TCAMs 16/22 Meiners, Liu, Torng
  17. 17. Compression Ratios• 13 of 17 classifier have less than 1% TCAM Razor: A Systematic Approach Towards Minimizing Packet Classifiers in TCAMs 17/22 Meiners, Liu, Torng
  18. 18. Expansion RatioTCAM Razor: A Systematic Approach Towards Minimizing Packet Classifiers in TCAMs 18/22 Meiners, Liu, Torng
  19. 19. Synthetic Packet Classifiers• Average compression ratio – .046• Average expansion ratio – 8.737 TCAM Razor: A Systematic Approach Towards Minimizing Packet Classifiers in TCAMs 19/22 Meiners, Liu, Torng
  20. 20. Synthetic Packet Classifiers• Total compression ratio – .016• Total expansion ratio – 3.082 TCAM Razor: A Systematic Approach Towards Minimizing Packet Classifiers in TCAMs 20/22 Meiners, Liu, Torng
  21. 21. Concluding Remarks• TCAM Razor is not optimal – Better algorithms are future work• TCAM can usually result in significant space savings – Average 82% reduction in TCAM entries• No hardware modification – Can be used to improve existing hardware TCAM Razor: A Systematic Approach Towards Minimizing Packet Classifiers in TCAMs 21/22 Meiners, Liu, Torng
  22. 22. Questions?TCAM Razor: A Systematic Approach Towards Minimizing Packet Classifiers in TCAMs 22/22 Meiners, Liu, Torng

×