TupleMerge: Fast Software Packet Processing for Online Packet Classification

Packet classification is an important part of many networking devices, such as routers and firewalls. Software-defined networking (SDN) heavily relies on online packet classification which must efficiently process two different streams: incoming packets to classify and rules to update. This rules ou...

Full description

Saved in:
Bibliographic Details
Published in:IEEE/ACM transactions on networking Vol. 27; no. 4; pp. 1417 - 1431
Main Authors: Daly, James, Bruschi, Valerio, Linguaglossa, Leonardo, Pontarelli, Salvatore, Rossi, Dario, Tollet, Jerome, Torng, Eric, Yourtchenko, Andrew
Format: Journal Article
Language:English
Published: New York IEEE 01.08.2019
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subjects:
Algorithms
Classification
Computer simulation
Data structures
Electronic devices
Firewalls
Heuristic algorithms
high-speed software data plane
IEEE transactions
Microprocessors
online algorithms
Packet classification
Partitioning algorithms
Routers
Software
Software algorithms
Software-defined networking
Telecommunications
ISSN:1063-6692, 1558-2566
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Packet classification is an important part of many networking devices, such as routers and firewalls. Software-defined networking (SDN) heavily relies on online packet classification which must efficiently process two different streams: incoming packets to classify and rules to update. This rules out many offline packet classification algorithms that do not support fast updates. We propose a novel online classification algorithm, TupleMerge (TM), derived from tuple space search (TSS), the packet classifier used by Open vSwitch (OVS). TM improves upon TSS by combining hash tables which contain rules with similar characteristics. This greatly reduces classification time preserving similar performance in updates. We validate the effectiveness of TM using both simulation and deployment in a full-fledged software router, specifically within the vector packet processor (VPP). In our simulation results, which focus solely on the efficiency of the classification algorithm, we demonstrate that TM outperforms all other state of the art methods, including TSS, PartitionSort (PS), and SAX-PAC. For example, TM is 34% faster at classifying packets and 30% faster at updating rules than PS. We then experimentally evaluate TM deployed within the VPP framework comparing TM against linear search and TSS, and also against TSS within the OVS framework. This validation of deployed implementations is important as SDN frameworks have several optimizations such as caches that may minimize the influence of a classification algorithm. Our experimental results clearly validate the effectiveness of TM. VPP TM classifies packets nearly two orders of magnitude faster than VPP TSS and at least one order of magnitude faster than OVS TSS.
Bibliography:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:1063-6692
1558-2566
DOI:10.1109/TNET.2019.2920718