This is archived content, mostly untouched since 2003. For newer content/updated versions, see netfuture.ch.
This is archived content, mostly untouched since 2003. For newer content/updated versions, see netfuture.ch.

W and AWaldvogel & Aschwanden
Roman Pletka
Nicola Aschwanden
Lars Waldvogel
Kinderlieder+Spiele
Marcel Waldvogel
Contact
Publications
Research
Memory
Crossbow
Fuzzycast
TERP
FPX
Forwarding
P2P
Multicast
VersaKey
Da CaPo++
Tutorials
Classes
Software
Archive
Fun

   

Fast Forwarding and Packet Classification

Background

Throughput bottlenecks plague the Internet because the speeds of affordable routers limp behind the speeds users desire and fiber-optics can deliver. Emerging services such as Virtual Private Networks, firewalls, QoS routing, multimedia broadcasts, or real-time conferencing require fast matching of each packet's header against a potentially large database of multi-dimensional filter rules. This combined lack of power and flexibility to provide for the deployment of new services poses a major limitation on future Internet services. We thus worked on improving the router speeds by providing new algorithms and enabling high-speed, easy-to-use, flexible, and modular support for programmable hardware.

Solutions

Fast Longest Prefix Matching

Adding Prefix LengthsOne major reason for the limited speed of Internet connections is the complex packet forwarding decision required for Internet Protocol (IP) packets. To keep the size of the routing database small, packets today have to be matched against a continuously growing routing tables of currently up to 100,000 entries, containing possibly overlapping prefixes of variable length. Among these matches, the search must return the longest matching prefix. With current Internet links being able to handle many million packets per second, and speeds fast increasing, this becomes a serious task. With the hundreds of millions of systems out there relying on the Internet Protocol, changing the protocol was not an option.

The traditional trie approach to packet forwarding requires work proportional to the number W of address bits (32 for the current version of the Internet Protocol, dubbed IPv4; 128 for the upcoming IP version 6). To achieve improvements in computational complexity and thus scalability to higher speeds and larger routing tables, we radically departed from slow linear search among the prefixes and introduced binary search on prefix lengths. Even though this had previously been considered inefficient by researchers, we started placing the individual prefixes in hash tables according to their prefix length. The challenge was to leave behind linear search and adopt binary search among the tables, even though binary search depends on ordered comparisons which hash tables do not provide. O(log W) search time for the best match is achieved through placement of a small number of guiding entries ("Markers") into the hash tables at predetermined decision points, enabling us to achieve with this new algorithm what was previously considered to be impossible.

To improve beyond the O(log W) time, we provide for Asymmetric Binary Search and Rope Search, which exploit the inherent non-uniformity of the routing tables. Rope Search piggybacks an extremely compact representation of a refined search tree onto the entries and Markers, narrowing the search faster than conventional binary search, namely in both the prefix length and address range dimensions at the same time. Ropes thus introduce a powerful new data structure, enabling a compact and highly efficient search algorithm.

Our original paper in SIGCOMM '97 (together with another presentation on the same day) started an active new research area with a lot of research activities. Our work has been heavily cited and made it into many textbooks. Our schemes have been used by other researchers and were licensed to several key players in the networking market.

High-Speed Packet Classification

Extending on our work in prefix matching to algorithms, we provided for multi-dimensional prefix-style addresses and wildcardable fields to match protocol and port numbers. Again, this paper was followed by a flurry of activity in that newly-created area.

Line Search and its sibling Rectangle Search are algorithms we have developed for two-dimensional Longest Prefix Matching. They naturally extend our Binary Search on Prefix Lengths scheme to prefix pairs, with Markers guiding the search among them. In addition to a logarithmic line optimization algorithm designed for two-dimensional optimization, the one-dimensional techniques Rope Search and Asymmetric Search become even more powerful in two dimensions.

I have also helped initiate new Space Division techniques that combine results from computational geometry with our own enhancements to provide a second solution to two-dimensional packet classification. This results in tight bounds for space, search, and insertion/deletion times.

An additional decision layer easily extends the two-dimensional schemes to efficiently support wildcardable protocol and port fields.

High-Speed Configurable Router Hardware

To speed up things further and show the feasibility of hardware implementations, we implemented the algorithm in hardware, requiring substantial changes to efficiently exploit the available inherent parallelism, including changing binary search to k-ary search. We expanded this into a full-featured, flexible framework of hardware-supported packet processing, which has since been used as a teaching tool and as a basis for many applications. To support high-speed operations, we provided a high-speed way to update CRCs of packets being modified, improving speed by an order of magnitude compared to conventional approaches.

Overlays for High-Speed Forwarding

Overlay networks have the power to augment and maybe at some time partially replace the Internet. We are looking at overlay networks that provide for mechanisms that would allow them to be used as a general-purpose protocol. The main goal of Mithos (Mapping Internet Topology for Hybrid Overlay Services) is to provide for use of locality, minimum routing information (neighborhood information only), and efficient forwarding, while also providing for location triangulation and supporting distributed hash tables (DHTs) on top.

Publications

IBM R&D 2003 PowerNP Network Processor: Hardware, Software and Applications
HotNets 2002,
CCR 2003		 Efficient Topology-Aware Overlay Network
Technical Report 2002 Creating Advanced Functions on Network Processors: Experience and Perspectives
Technical Report 2002 Routing and Data Location in Overlay Peer-to-Peer Networks
Computer Communications 2002 Issues and Trends in Terabit Switching
Micro 2002 Protocol Wrappers for Layered Network Packet Processing in Reconfigurable Networks
TOCS 2001 Scalable High-Speed Prefix Matching
FPL 2001,
LNCS 2147		 Reconfigurable Router Modules Using Network Protocol Wrappers
HotI 2001 Layered Protocol Wrappers for Internet Packet Processing in Reconfigurable Hardware
HPSR 2001 Fast Incremental CRC Updates for IP over ATM Networks
LCN 2000 Multi-dimensional Prefix Matching Using Line Search
Shaker 2000 Fast Longest Prefix Matching: Algorithms, Analysis, and Applications
Talk 2000 Large-Scale Internet Data Distribution
PfHSN '99,
Kluwer IFIP 158		 Space Decomposition Techniques for Fast Layer-4 Switching
Talks 1999 Scalable Prefix Matching for Internet Packet Forwarding
SIGCOMM '98 Fast and Scalable Layer Four Switching
Semester Project 1998 Schnelle Hashingverfahren für Routing im Internet
PODC '98 Scalable Best Matching Prefix Lookups
SIGCOMM '97 Scalable High Speed IP Routing Table Lookups
ATM '97 Crossbow — A Toolkit for Integrated Services over Cell Switched IPv6

Participants

Licensing Terms

This work is covered by U.S. patent 6,018,524. Please contact Marcel Waldvogel for further information regarding licensing. Some further information (including a description intended for a general audience) can be found in The Fastest Lookups in the West. For non-commercial use, a free license is planned. Please inquire for more details.

Selected Press Coverage