1 / 33

Basic Data Structures for IP lookups and Packet Classification

Basic Data Structures for IP lookups and Packet Classification. Prefix. Length format : b n-1 …b 0 / l ( l is prefix length) In IPv4, d3.d2.d1.d0/ l can also be used. Mask format : b n-1 …b 0 /m n-1 …m 0 (prefix length is l )

grant-fernandez
Télécharger la présentation

Basic Data Structures for IP lookups and Packet Classification

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Basic Data Structures for IP lookups and Packet Classification

  2. Prefix • Length format: bn-1…b0/l (l is prefix length) • In IPv4, d3.d2.d1.d0/l can also be used. • Mask format: bn-1…b0/mn-1…m0 (prefix length is l) • mj = 1 for all n – 1  j  n – l+1, and mj =0 otherwise. • d3.d2.d1.d0/ m3.m2.m1.m0 for IPv4. • Ternary format: bn-1…bn-l+1*…* (prefix length is l) • bj = 0 or 1 for n – 1  j  n – l + 1. • If tk is *, then tj must also be * for all j < k. • A single don’t care bit can be used to denote a series of don’t care bits, e.g., 1* denotes 1**** in the 5-bit address space.

  3. Prefix • (n+1)-bit format: bn-1…bn-l+110…0 (l is prefix len) • for the prefix bn-1…bn-l+1* of length l in ternary format, there is one trailing ‘1’ followed by n – l 0’s. • or • (n+1)-bit format: bn-1…bn-l+101…1 • for the prefix bn-1…bn-l+1* of length l in ternary format, there is one trailing ‘0’ followed by n – l 1’s.

  4. 5-bit Prefixes: bn-1…bn-l+110…0 ***** 0**** 00*** 11*** 1 1 1 * * 0 0 0 * * 0 0 0 0 * 0 0 0 1 * 1 1 1 0 * 1 1 1 1 * 0 0 0 0 0 0 0 0 0 1 0 0 0 1 0 0 0 0 1 1 1 1 1 0 0 1 1 1 0 1 1 1 1 1 0 1 1 1 1 1 0 0 0 0 0 1 0 0 0 0 1 0 0 0 0 0 1 1 0 0 0 1 0 0 0 0 0 1 0 1 0 0 0 1 1 0 0 0 0 1 1 1 0 0 1 0 0 0 1 1 1 0 0 0 1 1 1 0 0 1 1 1 1 0 1 0 1 1 1 0 1 1 1 1 1 1 0 0 1 1 1 1 0 1 1 1 1 1 1 0 1 1 1 1 1 1 6-bit binary address space 000000 is not used

  5. 5-bit Prefixes:bn-1…bn-l+101…1 ***** 0**** 00*** 11*** 1 1 1 * * 0 0 0 * * 0 0 0 0 * 0 0 0 1 * 1 1 1 0 * 1 1 1 1 * 0 0 0 0 0 0 0 0 0 1 0 0 0 1 0 0 0 0 1 1 1 1 1 0 0 1 1 1 0 1 1 1 1 1 0 1 1 1 1 1 0 0 0 0 0 1 0 0 0 0 1 0 0 0 0 0 1 1 0 0 0 1 0 0 0 0 0 1 0 1 0 0 0 1 1 0 0 0 0 1 1 1 0 0 0 0 0 0 1 1 1 0 0 0 1 1 1 0 0 1 1 1 1 0 1 0 1 1 1 0 1 1 1 1 1 1 0 0 1 1 1 1 0 1 1 1 1 1 1 0 1 1 0 1 1 1 6-bit binary address space 111111 is not used

  6. Prefix properties • Disjoint prefixes: • Two prefixes are said to be disjoint if they do not share any address. • Prefix enclosure: • A = bn-1…bj…bi* and B = bn-1…bj* and j > i. • Prefix A is enclosed by B (B  A) since the IP address space covered by A is a subset of that covered by B, where  is the enclosure operator. • A special case of overlapping. • Prefix comparison • The inequality 0 < * < 1 is used to compare two prefixes in the ternary representation of prefixes.

  7. 5 1 3 2 1 1 2 2 1 1 3 2 1 1 1 1 1 1 3 2 1 2 1 1 1 3 2 1 2 4 4 Prefix properties • The most specific prefixes (MSP): • The prefixes that do not cover any others. • Disjoint, so can be put in an array for binary search • Grouping prefixes in layers based on MSP. • Six layers at most for IPv4 tables

  8. Prefix properties

  9. Prefix properties Number Prefix length

  10. Prefix Forwarding table example • P1 is disjoint from the other three prefixes. • P2  P3  P4 • Longest prefix match(LPM), not exact match • enclosure makes (1) sorting prefixes and (2) binary searching prefixes difficult

  11. Example Forwarding Table • Longest prefix match(LPM), not exact match • Prefix enclosure makes (1) sorting prefixes and (2) binary searching prefixes difficult. • So, trie based schemes emerge naturally

  12. Add P5=1110* 0 P5 I Binary Trie (Radix Trie) Trie node Lookup 10111 A next-hop-ptr (if prefix) 1 B right-ptr left-ptr 1 C D 0 P2 1 1 F E P1 0 G P3 1 H P4

  13. Binomial spanning tree 1111 1110 1100 2 1 0 3 0000 1000 0000 3 1000 2 1100 1 1110 0 1111 • A 4-cube and its corresponding binomial spanning tree.

  14. Perfect code: Hamming code (7, 4) • 7-cube example: 0000000 1000000 0100000 0010000 0001000 0000100 0000010 0000001 = 7-cube 24(16) one-level binomial spanning trees

  15. 1 0 0 0 1 1 0 1 1 0 1 1 0 0 0 1 0 0 1 0 1 H7 = G7 = 1 0 1 1 0 1 0 0 0 1 0 0 1 1 0 1 1 1 0 0 1 0 0 0 1 1 1 1 Perfect code: Hamming code (7, 4) (a) Parity-check and generator matrices of Hamming code (7, 4). Syndrome ErrorPattern Inner product Transpose 000 0000-000 001 0000-001 010 0000-010 011 0010-000 100 0000-100 101 0100-000 110 1000-000 111 0001-000 r = received code Syndromes = (s2 s1 s0) = r.H7T Corrected code = r+ ErrorPattern[s] (c) Decoding table

  16. Perfect code: Hamming code (7, 4) uCodeword 0000 0000-000 0001 0001-111 0010 0010-011 0011 0011-100 0100 0100-101 0101 0101-010 0110 0110-110 0111 0111-001 1000 1000-110 1001 1001-001 1010 1010-101 1011 1011-010 1100 1100-011 1101 1101-100 1110 1110-000 1111 1111-111 Generate 16 Codewords u.G7 16 codewords

  17. Perfect code: Golay code (23, 12) • 212 3-level binomial spanning trees • C(23,0)+C(23, 1)+C(23,2)+C(23,3) = 1 + 23 + 23*22/2 +3*22*21/(3*2) = 24 + 23*11 + 23*11*7 = 24 + 253*8 = 24 + 2024 = 2048 = 211

  18. Ranges • Why ranges? • Prefixes can also be represented by ranges. • The source/destination port fields of rule tables for packet classification are ranges. • Prefixes are special cases of ranges. • Prefix bn-1…bn-l+1* of length l is the range of addresses from bn-1…bn-l+10…0 to bn-1…bn-l+11…0, denoted as [bn-1…bn-l+10…0, bn-1…bn-l+11…0]. • Overlapping: • Two ranges are overlapping if they are not disjoint. • Partially overlapping: • Two ranges are partially overlapping if they are neither disjoint nor enclosing.

  19. Elementary Intervals for Ranges • Definition: Let the set of k elementary intervals constructed from a set R of ranges in the address space of 0 … N – 1 be X = {Xi | Xi = [ei, fi], for i = 1 to k}. • X must satisfy the following: • e1 = 0 and fk = N – 1, • fi = ei+1 – 1 for i = 1 to k – 1, • all addresses in Xi are covered by the same subset of R (called the range matching set of Xi) denoted by EIi, and • EIiEIi+1, for i = 1 to k – 1.

  20. Elementary Intervals for Ranges ID Prefix Range Minus-1 Traditional start finish start finish P1 000000/2 [0, 15] - 15 0 15 P2 010000/2 [16, 31] 15 31 16 31 P3 000100/4 [4, 7] 3 7 4 7 P4 100000/1 [32, 63] 31 - 32 63 P5 010110/5 [22, 23] 21 23 22 23 P6 110000/2 [48, 63] 47 - 48 63 P7 110000/4 [48, 51] 47 51 48 51 P8 110111/6 [55, 55] 54 55 55 55 P9 100000/3 [32, 39] 31 39 32 39

  21. Elementary Intervals for Ranges • Graphical view EI1 {P1} X1 [0, 3] EI2 {P1,P3} X2 [4, 7] EI3 {P1} X3 [8, 15] EI4 {P2} X4 [16, 21] EI5 {P2,P5} X5 [22, 23] EI6 {P2} X6 [24, 31] EI7 {P4,P9} X7 [32, 39] EI8 {P4} X8 [40, 47] EI9 {P4,P6,P7} X9 [48, 51] EI10 {P4,P6} X10 [52, 54] EI11 {P4,P6,P8} X11 [55, 55] EI12 {P4,P6} X12 [56, 63]

  22. Segment Tree w 23 y z 7 47 P1 P4P6 u v g q 15 3 54 31 15 P1 P3 P2 X3 [8,15] X1 [0,3] X2 [4,7] X6 [24,31] h s r P2 P4 t 21 39 51 55 leaf node P5 P9 P7 P8 X4 [16,21] X5 [22,23] X7 [32,39] X8 [40,47] X9 [48,51] X10 [52,54] X11 [55,55] X12 [56,63]

  23. Interval Tree • Each node in an interval tree is associated with a key which must be covered by at least one range. • Depending on whether a node can store 1 or 1+ range, • fat interval tree • each node is allowed to store more than one range. • The number of nodes in the interval tree is O(N). • To insert a range R = [e, f], if R covers root’s key, R is stored in the root. Otherwise, R is inserted in the left (right) subtree of the root when f is smaller (e is larger) than the key of the root. • When R does not cover the key of any node which is traversed, a new node with the key selected from addresses e to f is created and inserted as the left or right child of the node which was last visited. • O(logN + k) time, k is # of prefixes that match the given address. • Prefix insertion and deletion are very expensive because ranges in some nodes may need relocations after tree rotations.

  24. Interval Tree • thin interval tree: • each node of the interval tree stores exactly one range. • Since ranges may overlap, two comparison rules are used to compare if a range is smaller or larger than another range. For two ranges R1 = [e1, f1] and R2 = [e2, f2], • R1 < R2 if e1 < e2. If tie, the second rule applies. • R1 < R2 if R2 is a subrange of R1 (i.e. e1 = e2 and f2 < f1). • Also, a node stores a max value, Max(the finish endpoints of all ranges) stored in the subtree rooted at that node. • In contrast with the fat interval tree, prefix insertion and deletion take O(logN) time. However, O(min{N, klogN}) time is needed to find the longest matching prefix as well as the highest-priority matching prefix, where k is the number of matched prefixes for a given address.

  25. Hash Table • Narrowing down the search space. • Index = Hash_function(key)%m, where key may be the first k bits of IP addresses and m is the size of the hash table. • Perfect hash: no collision • Minimal perfect hash: A perfect hash, where the size of its hash table is k for k different hashing keys.

  26. Hash Table • Difficulties: prefixes and ranges can not be used as the keys of the hash functions directly. Array of m elements H(k1)%m k2 k1 H(k2)%m collision

  27. Hash Table: 8-bit Segmentation table • A 8-bit segmentation table is usually used for IPv4 forwarding tables because there is no prefix of length shorter than 8. Array of 256 elements 0 Prefix: 0.x.y.z H(prefix)%256 (MSB 8 bits of prefix) 1 Prefixes with the same first 8 MSB bits Maybe empty set 255

  28. Hash Table: 16-bit Segmentation table • Prefixes of length <= 16 must be stored properly. • For example, duplicate 0.0.b.c/15 into buckets 0 and 1 or store the port of 0.0.b.c/15 into elements 0 and 1. • Put them into another set (good for update but need to search two sets in the worst case). Array of 216 elements 0 Prefix: 0.0.y.z H(prefix)%216 (MSB 16 bits of prefix) 1 Prefixes with the same first 16 MSB bits Maybe empty set 216-1 Prefixes of length  16

  29. Hash Table: Compression • Since there are many empty elements in the segmentation table, we can use bitmap to compress the segmentation table. 216-Bitmap containing M 1’s Array of M elements 0 Prefix: 0.0.y.z 1 1 0 0 . . . 0 1 1 0 0 1 1 Prefix: 0.1.y.z Prefixes with the same first 16 MSB bits Must be non-empty M-1

  30. Bloom filter • H1(key) = P1 • H2(key) = P2 • H3(key) = P3 • H4(key) = P4 • … • Hk(key) = Pk • Hi() is a hash function, e.g. MD5 Bit vector of m bits 1 1 m bits 1 1

  31. Bloom filter • After inserting n keys (kn bits), the probability that a particular bit is still 0 is (1-1/m)kn • So, the probability of a false positive is • p for the right-hand side is minimized when k = ln2m/n • m/n = 6, k = 4: p = 0.0561 • m/n = 8, k = 6: p = 0.0215 • m/n=12, k = 8: p =0.00314 • m/n=16, k=11: p =0.000458

  32. Bloom filter • Update: • Update whole SC • Threshold: when the digests differ beyond a threshold, say, 5% or 10%, • Regular time intervals: every say 5 mins,

  33. Counting Bloom filter • Deletion operation for local digest: • For each bit in the m-bit vector, use an l-bit counter to record the number of times that a particular bit is turned on by different URLs • l = 4 by experience • If deletion is not supported, cache summary must be rebuilt from scratch on a periodic basis to erase stale bits and prevent bit pollution

More Related