2,406 research outputs found
Toward incremental FIB aggregation with quick selections (FAQS)
Several approaches to mitigating the Forwarding Information Base (FIB)
overflow problem were developed and software solutions using FIB aggregation
are of particular interest. One of the greatest concerns to deploy these
algorithms to real networks is their high running time and heavy computational
overhead to handle thousands of FIB updates every second. In this work, we
manage to use a single tree traversal to implement faster aggregation and
update handling algorithm with much lower memory footprint than other existing
work. We utilize 6-year realistic IPv4 and IPv6 routing tables from 2011 to
2016 to evaluate the performance of our algorithm with various metrics. To the
best of our knowledge, it is the first time that IPv6 FIB aggregation has been
performed. Our new solution is 2.53 and 1.75 times as fast as
the-state-of-the-art FIB aggregation algorithm for IPv4 and IPv6 FIBs,
respectively, while achieving a near-optimal FIB aggregation ratio
Dataplane Specialization for High-performance OpenFlow Software Switching
OpenFlow is an amazingly expressive dataplane program-
ming language, but this expressiveness comes at a severe
performance price as switches must do excessive packet clas-
sification in the fast path. The prevalent OpenFlow software
switch architecture is therefore built on flow caching, but
this imposes intricate limitations on the workloads that can
be supported efficiently and may even open the door to mali-
cious cache overflow attacks. In this paper we argue that in-
stead of enforcing the same universal flow cache semantics
to all OpenFlow applications and optimize for the common
case, a switch should rather automatically specialize its dat-
aplane piecemeal with respect to the configured workload.
We introduce ES WITCH , a novel switch architecture that
uses on-the-fly template-based code generation to compile
any OpenFlow pipeline into efficient machine code, which
can then be readily used as fast path. We present a proof-
of-concept prototype and we demonstrate on illustrative use
cases that ES WITCH yields a simpler architecture, superior
packet processing speed, improved latency and CPU scala-
bility, and predictable performance. Our prototype can eas-
ily scale beyond 100 Gbps on a single Intel blade even with
complex OpenFlow pipelines
OSHI - Open Source Hybrid IP/SDN networking (and its emulation on Mininet and on distributed SDN testbeds)
The introduction of SDN in IP backbones requires the coexistence of regular
IP forwarding and SDN based forwarding. The former is typically applied to best
effort Internet traffic, the latter can be used for different types of advanced
services (VPNs, Virtual Leased Lines, Traffic Engineering...). In this paper we
first introduce the architecture and the services of an "hybrid" IP/SDN
networking scenario. Then we describe the design and implementation of an Open
Source Hybrid IP/SDN (OSHI) node. It combines Quagga for OSPF routing and Open
vSwitch for OpenFlow based switching on Linux. The availability of tools for
experimental validation and performance evaluation of SDN solutions is
fundamental for the evolution of SDN. We provide a set of open source tools
that allow to facilitate the design of hybrid IP/SDN experimental networks,
their deployment on Mininet or on distributed SDN research testbeds and their
test. Finally, using the provided tools, we evaluate key performance aspects of
the proposed solutions. The OSHI development and test environment is available
in a VirtualBox VM image that can be downloaded.Comment: Final version (Last updated August, 2014
ADVANCED HASHING SCHEMES FOR PACKETFORWARDING USING SET ASSOCIATIVEMEMORY ARCHITECTURES
Building a high performance IP packet forwarding (PF) engine remains a challenge due to increasingly stringent throughput requirements and the growing sizes of IP forwarding tables.The router has to match the incoming packet's IP address against the forwarding table.The matching process has to be done in wire speed which is why scalability and low power consumption are features that PF engines must maintain.It is common for PF engines to use hash tables; however, the classic hashing downsides have to be dealt with (e.g., collisions, worst case memory access time, ... etc.).While open addressing hash tables, in general, provide good average case search performance, their memory utilization and worst case performance can degrade quickly due to collisions that leads to bucket overflows.Set associative memory can be used for hardware implementations of hash tables with the property that each bucket of a hash table can be searched in one memory cycle.Hence, PF engine architectures based on associative memory will outperform those based on the conventional Ternary Content Addressable Memory (TCAM) in terms of power and scalability.The two standard solutions to the overflow problem are either to use some sort of predefined probing (e.g., linear or quadratic) or to use multiple hash functions.This work presents two new hash schemes that extend both aforementioned solutions to tackle the overflow problem efficiently.The first scheme is a hash probing scheme that is called Content-based HAsh Probing, or CHAP.CHAP is a probing scheme that is based on the content of the hash table to avoid the classical side effects of predefined hash probing methods (i.e., primary and secondary clustering phenomena) and at the same time reduces the overflow.The second scheme, called Progressive Hashing, or PH, is a general multiple hash scheme that reduces the overflow as well.PH splits the prefixes into groups where each group is assigned one hash function, then reuse some hash functions in a progressive fashion to reduce the overflow.We show by experimenting with real IP lookup tables that both schemes outperform other hashing schemes
MLET: A Power Efficient Approach for TCAM Based, IP Lookup Engines in Internet Routers
Routers are one of the important entities in computer networks specially the
Internet. Forwarding IP packets is a valuable and vital function in Internet
routers. Routers extract destination IP address from packets and lookup those
addresses in their own routing table. This task is called IP lookup. Internet
address lookup is a challenging problem due to the increasing routing table
sizes. Ternary Content-Addressable Memories (TCAMs) are becoming very popular
for designing high-throughput address lookup-engines on routers: they are fast,
cost-effective and simple to manage. Despite the TCAMs speed, their high power
consumption is their major drawback. In this paper, Multilevel Enabling
Technique (MLET), a power efficient TCAM based hardware architecture has been
proposed. This scheme is employed after an Espresso-II minimization algorithm
to achieve lower power consumption. The performance evaluation of the proposed
approach shows that it can save considerable amount of routing table's power
consumption.Comment: 14 Pages, IJCNC 201
High-Performance Packet Processing Engines Using Set-Associative Memory Architectures
The emergence of new optical transmission technologies has led to ultra-high Giga bits per second (Gbps) link speeds.
In addition, the switch from 32-bit long IPv4 addresses to the 128-bit long IPv6 addresses is currently progressing.
Both factors make it hard for new Internet routers and firewalls to keep up with wire-speed packet-processing.
By packet-processing we mean three applications: packet forwarding, packet classification and deep packet inspection.
In packet forwarding (PF), the router has to match the incoming packet's IP address against the forwarding table.
It then directs each packet to its next hop toward its final destination.
A packet classification (PC) engine examines a packet header by matching it against a database of rules, or filters, to obtain the best matching rule.
Rules are associated with either an ``action'' (e.g., firewall) or a ``flow ID'' (e.g., quality of service or QoS).
The last application is deep packet inspection (DPI) where the firewall has to inspect the actual packet payload for malware or network attacks.
In this case, the payload is scanned against a database of rules, where each rule is either a plain text string or a regular expression.
In this thesis, we introduce a family of hardware solutions that combine the above requirements.
These solutions rely on a set-associative memory architecture that is called CA-RAM (Content Addressable-Random Access Memory).
CA-RAM is a hardware implementation of hash tables with the property that each bucket of a hash table can be searched in one memory cycle.
However, the classic hashing downsides have to be dealt with, such as collisions that lead to overflow and worst-case memory access time.
The two standard solutions to the overflow problem are either to use some predefined probing (e.g., linear or quadratic) or to use multiple hash functions.
We present new hash schemes that extend both aforementioned solutions to tackle the overflow problem efficiently.
We show by experimenting with real IP lookup tables, synthetic packet classification rule sets and real DPI databases that our schemes outperform other previously proposed schemes
CHAP : Enabling efficient hardware-based multiple hash schemes for IP lookup
Building a high performance IP lookup engine remains a challenge due to increasingly stringent throughput requirements and the growing size of IP tables. An emerging approach for IP lookup is the use of set associative memory architecture, which is basically a hardware implementation of an open addressing hash table with the property that each row of the hash table can be searched in one memory cycle. While open addressing hash tables, in general, provide good average-case search performance, their memory utilization and worst-case performance can degrade quickly due to bucket overflows. This paper presents a new simple hash probing scheme called CHAP (Content-based HAsh Probing) that tackles the hash overflow problem. In CHAP, the probing is based on the content of the hash table, thus avoiding the classical side effects of probing. We show through experimenting with real IP tables how CHAP can effectively deal with the overflow. © IFIP International Federation for Information Processing 2009
- …