Packet Classification using Extended TCAMs

Applied Research LaboratoryApplied Research LaboratoryEdward W. SpitznagelEdward W. Spitznagel

April 20, 2023 1

Packet Classification usingExtended TCAMs

Edward W. Spitznagel, Jonathan S. Turner, David E. Taylor

Supported by NSF ANI-9813723, DARPA N660001-01-1-8930


April 20, 2023 2

Packet Classification Problem• Suppose you are a firewall, or QoS router, or network monitor ...

• You are given a list of rules (filters) to determine how to process incoming packets, based on the packet header fields– Some fields in the rules are specified with bit masks; others with ranges

• Goal: when a packet arrives, find the first rule that matches the packet’s header fields

SourceAddress

DestinationAddress

FilterSource

PortDestination

PortProtocol

11xx 01xxa 2-4 0-15 TCP

01xx 0010b 3-15 3-15 UDP

0101 xxxxc 3 * *

1101 101xd - - ICMP

Action

fwd 7

fwd 2

deny

fwd 5


April 20, 2023 3

Packet Classification Problem

• Example: packet arrives with header (0101, 0010, 3, 5, UDP)– classification result: filter b is matched

– filter c also matches, but, b occurs before c in the list

• Easy to do when we have only a few rules; very difficult when we have 100,000 rules and packets arrive at 40 Gb/s

SourceAddress

DestinationAddress

FilterSource

PortDestination

PortProtocol

11xx 01xxa 2-4 0-15 TCP

01xx 0010b 3-15 3-15 UDP

0101 xxxxc 3 * *

1101 101xd - - ICMP

Action

fwd 7

fwd 2

deny

fwd 5


April 20, 2023 4

Geometric Representation• Filters with K fields can

be represented geometrically in K dimensions

• Example:

2 640

2

6

4

0

Source Address

Sou

rce

Por

t

Source Address Source PortFilter

xxx 2-3a

010 0-7b

xx1 7c

a

b

c c c c


April 20, 2023 5

Related Work

• TCAM-based parallel classification– CoolCAMs (Narlikar, Basu, Zane) for IP lookup

• SRAM-based sequential classification– Recursive Flow Classification (Gupta, McKeown)

– HiCuts (Gupta, McKeown)

– Extended Grid of Tries (Baboescu, Singh, Varghese)

– HyperCuts (Singh, Baboescu, Varghese, Wang)

• SRAM: 6 transistors per bit (vs. 16 for TCAM), but the SRAM approaches use more bits per filter


April 20, 2023 6

• Most popular practical approach to high-performance packet classification

• Hardware compares query word (packet header) to all stored words (filters) in parallel– each bit of a stored word can be 0, 1, or X (don’t care)

• Very fast, but not without drawbacks:– High power consumption limits scalability

– inefficient representation of ranges

Ternary CAMs


April 20, 2023 7

SourceAddress

DestinationAddress

Filter

11xx xxxxa

0xxx 01xxb

xxxx 0110c

11100110

11100110

11100110

11100110Query:

Match!

Doesn’t Match

Match!

Entry 0 (filter a) is thefirst matching filter

1110 0110Packet:Src. Addr. Dest. Addr.

ContentsAddress

11xxxxxx0

0xxx01xx1

xxxx01102

TCAM

Ternary CAM - Example


April 20, 2023 8

Range Matching in TCAMs

• Convert ranges intosets of prefixes– 1-4 becomes 001, 01*, and 100

– 3-5 becomes 011 and 10*

2 640

2

6

4

0

Source Port

Des

tina

tion

Por

t

F

Source Port Destination PortFilter

1-4 3-5F


April 20, 2023 9

Range Matching in TCAMs

• With two 16-bit range fields,a single rule could require upto 900 TCAM entries!

• Typical case: entire filter setexpands by a factor of 2 to 6

2 640

2

6

4

0

Source Port

Des

tina

tion

Por

t

b c

e f

a

d

Source Port Destination PortFilter

001 10*a

01* 10*b

100 10*c

001 011d

01* 011e

100 011f


April 20, 2023 10

Extended TCAMs

• Extend standard TCAM architecture to enable classification with larger rulesets

• Partitioned TCAM, for reduced power– inspired by CoolCAMs– differences in indexing, search and partitioning

algorithms

• Support range matching directly in hardware


April 20, 2023 11

Use of Partitioned TCAM

• Main component of power use in TCAM search is proportional to number of entries searched

• Partitioning the TCAM:– divide TCAM into blocks of entries– each block is enabled for search via an associated

index filter


April 20, 2023 12

Use of Partitioned TCAM• Example: suppose we are given

the following filters:

0-15, 0xxx0-6, 1xxx

7-15, 1xxx0-15, xxxx

1-13, 001x2-3, 00xx

11-14, 011x12-12, 01xx

0-5, 11101-2, 11xx

7-7, 110x13-14, 11xx11-15, 111x

9-10, xxxx0-14, 1010

index filters:

filter blocks:

a. 1-13, 001xb. 2-3, 00xxc. 9-10, xxx1d. 11-14, 011xe. 12-13, 0xxxf. 0-14, 1010g. 7-7, 110xh. 0-5, 1110i. 1-2, 1x1xj. 13-14, 11xxk. 11-15, 111x

A real Extended TCAM would have more blocks, and more filters per block.


April 20, 2023 13


• Example: classify packet with header values (2, 1010)– index block: second and

fourth filters match

– search second and fourthfilter blocks

– find matching filters(1-2, 1x1x) and (0-14, 1010)

0-15, 0xxx0-6, 1xxx

7-15, 1xxx0-15, xxxx

1-13, 001x2-3, 00xx

11-14, 011x12-12, 01xx

0-5, 11101-2, 11xx

7-7, 110x13-14, 11xx11-15, 111x

9-10, xxxx0-14, 1010

index filters:

filter blocks:


April 20, 2023 14


• The key to minimizing power consumption:

Organize filters so that only a few TCAM blocks must be searched to find the filters matching a packet.

– Use a filter grouping algorithm

0-15, 0xxx0-6, 1xxx

7-15, 1xxx0-15, xxxx

1-13, 001x2-3, 00xx

11-14, 011x12-12, 01xx

0-5, 11101-2, 11xx

7-7, 110x13-14, 11xx11-15, 111x

9-10, xxxx0-14, 1010

index filters:

filter blocks:


April 20, 2023 15122 14108640

12

2

14

10

8

6

4

0

f

c

a. 1-13, 001xb. 2-3, 00xxc. 9-10, xxxxd. 11-14, 011xe. 12-13, 0xxxf. 0-14, 1010g. 7-7, 110xh. 0-5, 1110i. 1-2, 11xxj. 13-14, 11xxk. 11-15, 111x

a

b

d

e

h

i g

k

j

0-15, 0xxxIndex entry filters a, b, d, e

April 20, 2023 15


April 20, 2023 16122 14108640

12

2

14

10

8

6

4

0

f

c


g

k

j


0-6, 1xxx h, i

h

i

April 20, 2023 16


April 20, 2023 17122 14108640

12

2

14

10

8

6

4

0

f

c


g

k

j


0-6, 1xxx h, i

7-15, 1xxx g, j, k

April 20, 2023 17


April 20, 2023 18122 14108640

12

2

14

10

8

6

4

0


0-6, 1xxx

7-15, 1xxx


h, i

g, j, k

0-15, xxxx c, f

Next phase:

f

c

April 20, 2023 18


April 20, 2023 19122 14108640

12

2

14

10

8

6

4

0


0-6, 1xxx

7-15, 1xxx


h, i

g, j, k

0-15, xxxx c, f

Next phase:

April 20, 2023 19


April 20, 2023 20

Creating a set of partitions

• At most k filters per region (k = block size)• Regions within the same partition do not overlap• Total number of regions equals the index size


April 20, 2023 21

Range Matching

• Store a pair of values (lo , hi ) for each range match field

• Range check circuitry compares query values against lo and hi to determine if query is in range– Transistors per bit of range field is twice that of ordinary TCAM

– But, for typical IPv4 applications, this results in just a 22% increase in overall transistor count


April 20, 2023 22

Performance Metrics

• Power Fraction =

– a measure of power usage, relative to a standard TCAM

– smaller is better

• Storage Efficiency =

– higher is better; 1 is optimal

index size + (# of partitions)(block size)

number of filters

number of filters

index size + (# of blocks)(block size)


April 20, 2023 23

0

0.05

0.1

0.15

0.2

0.25

0.3

1000 10000 100000

Number of Filters

Po

wer

Fra

ctio

n

Different Block Sizes

Block size=256

Block size=64

Block size =32

Block size=16

Block size=128


April 20, 2023 24

0

0.05

0.1

0.15

0.2

2000 4000 8000 16000 32000 64000 128000

# Filters

Po

wer

Fra

ctio

nResults: Power Fraction

Block size = 32 Block size = 64 Block size = 128Block

size = 256

Basic Algorithm

Refined


April 20, 2023 25

Results: Storage Efficiency

0

0.2

0.4

0.6

0.8

1

1.2

2000 4000 8000 16000 32000 64000 128000

# Filters

Sto

rag

e E

ffic

ien

cy

Block size = 32 Block size = 64 Block size = 128Block

size = 256

Basic Algorithm Refined


April 20, 2023 26

Current/Future Work

• Computational complexity of filter grouping problem

• Filter updates (add/delete operations)

• Multi-level indices

• Different partitioning algorithms

• Application to SRAM/DRAM-based classification techniques


April 20, 2023 27

Summary

• Packet Classification is important for many advanced network services

• TCAMs scale poorly due to power consumption and inefficient range match representations

• Extended TCAMs: solve these issues by using partitioned TCAM and hardware support for range matching– power consumption greatly reduced (typically to 5% or less of power used

by a standard TCAM)

– range match hardware: avoid inefficiency in representing ranges


April 20, 2023 28

Questions?

?

Documents

Packet Classification using Extended TCAMs