• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.11
• /
• pp.2169-2177
• /
• 2015

This paper proposes a new pattern matching module to overcome the increased runtime of previous algorithm using RAM, which was designed to overcome cost limitation of hash-based algorithm using CAM (Content Addressable Memory). By adopting Merge FSM algorithm to reduce the number of state, the proposed module contains state block and entry block to use in RAM. In the proposed module, one input string is compared with multiple entry strings simultaneously using entry block. The effectiveness of the proposed pattern matching unit is verified by executing Snort 2.9 rule set. Experimental results show that the number of memory reads has decreased by 15.8%, throughput has increased by 47.1%, while memory usage has increased by 2.6%, when compared to previous methods.

• IEIE Transactions on Smart Processing and Computing
• /
• v.6 no.1
• /
• pp.27-38
• /
• 2017

Packet classification is one of the essential functionalities of Internet routers in providing quality of service. Since the arrival rate of input packets can be tens-of-millions per second, wire-speed packet classification has become one of the most challenging tasks. While traditional packet classification only reports a single matching result, new network applications require multiple matching results. Ternary content-addressable memory (TCAM) has been adopted to solve the multi-match classification problem due to its ability to perform fast parallel matching. However, TCAM has a fundamental issue: high power dissipation. Since TCAM is designed for a single match, the applicability of TCAM to multi-match classification is limited. In this paper, we propose a cost- and energy-efficient multi-match classification architecture that combines TCAM with a tuple space search algorithm. The proposed solution uses two small TCAM modules and requires a single-cycle TCAM lookup, two SRAM accesses, and several Bloom filter query cycles for multi-match classifications.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2014.04a
• /
• pp.196-198
• /
• 2014

최근 차세대 네트워크 패러다임으로 주목받는 소프트웨어 정의 네트워킹 (SDN)에서는 네트워크를 컨트롤 플레인과 데이터 플레인으로 나누고 중앙집중형 제어를 통해 효과적이고 유연한 네트워크 관리를 가능하게 한다. 하지만 잦은 컨트롤 이벤트 발생으로 인한 컨트롤러 및 컨트롤 채널의 부하와 거대한 플로우 엔트리 크기로 인한 스위치 내 TCAM(Temary Content Addressable Memory) 메모리 부족문제 등의 본질적인 문제로 실제 네트워크 적용 시 확장성 문제가 야기된다. 이러한 문제를 해결하기 위해 기존의 연구들은 컨트롤러의 연산능력을 향상시키거나, 컨트롤 이벤트의 발생을 줄이는데 초점이 맞춰져 왔으며, 한정적인 TCAM 공간의 효율적인 사용에 대한 연구는 부족한 상황이다. 따라서 본 논문에서는 효율적인 TCAM 자원 활용을 위한 플로우테이블 관리 기법을 제안한다. 제안 기법은 플로우 엔트리의 클러스터링을 통해 플로우 엔트리를 특성에 따라 그룹화하고 사용빈도를 기준으로 분할 및 병합을 수행함으로써 스위치 내의 가용한 플로우 수를 최대화한다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.4B
• /
• pp.298-305
• /
• 2003

In this paper, we proposed a high performance lookup controller for IP packet forwarding engine of ATM based label edge routers. The lookup controller is designed to provide services such as MPLS, VPN, ELL, and RT services as well as the best effort. For high speed searching for IP addresses, we employed a TCAM based hardware search device not using traditional algorithmic approaches. We also implement lookup control functions into FPGA for fast processing of packet header and lookup control. The proposed lookup controller is designed to support differenciated services for users and to process in pipelined mechanism for performance improvement. A two-step search scheme is also applied to perform lookup for the key combined with multi-field of packet header. We found that the proposed lookup controller provides the performance of about 16M packets per second through simulations.