TCAM Partitioning for High - Performance Packet Classification 


Vol. 31,  No. 2, pp. 91-97, Feb.  2006


PDF
  Abstract

As increasing the network bandwidth, the threat of a network also increases with emerging various new services. For a high-performance network security, It is generally used that high-speed packet classification methods which employ hardware like TCAM. There needs an method using these devices efficiently because they are expensive and their capacity is not sufficient. In this paper, we propose an efficient packet classification using a Ternary-CAM(TCAM) which is widely used device for high-speed packet classification in which we have applied Snort rule set for the well-known intrusion detection system. In order to save the size of an expensive TCAM, we have eliminated duplicated IP addresses and port numbers in the rule according to the partitioning of a table in the TCAM, and we have represented negation and range rules with reduced TCAM size. We also keep advantages of low TCAM capacity consumption and reduce the number of TCAM lookups by decreasing the TCAM partitioning using combining port numbers. According to simulation results on our TCAM partitioning, the size of a TCAM can be reduced by upto 98% and the performance does not degrade significantly for high-speed packet classification with a large amount of rules.

  Statistics
Cumulative Counts from November, 2022
Multiple requests among the same browser session are counted as one view. If you mouse over a chart, the values of data points will be shown.


  Cite this article

[IEEE Style]

K. Kim, S. Kang, I. Song, T. Kwon, "TCAM Partitioning for High - Performance Packet Classification," The Journal of Korean Institute of Communications and Information Sciences, vol. 31, no. 2, pp. 91-97, 2006. DOI: .

[ACM Style]

Kyu-Ho Kim, Seok-Min Kang, Il-Seop Song, and Teack-Geun Kwon. 2006. TCAM Partitioning for High - Performance Packet Classification. The Journal of Korean Institute of Communications and Information Sciences, 31, 2, (2006), 91-97. DOI: .

[KICS Style]

Kyu-Ho Kim, Seok-Min Kang, Il-Seop Song, Teack-Geun Kwon, "TCAM Partitioning for High - Performance Packet Classification," The Journal of Korean Institute of Communications and Information Sciences, vol. 31, no. 2, pp. 91-97, 2. 2006.

Search
(IN TITLE, AUTHOR, ABSTRACT,KEYWORDS)

Advanced Search

POPULAR KEYWORDS
(TOP 10 KEYWORDS)

Recent Publications
(LAST 3 YEARS)






pISSN : 1226 - 4717
eISSN : 2287 - 3880