• The Journal of the Korea Contents Association
• /
• v.13 no.2
• /
• pp.44-51
• /
• 2013

Routers should perform fast IP address lookup for Internet to provide high-speed service. In this paper, we present a hybrid parallel IP address lookup structure composed of four-stage pipeline. It achieves parallelism at low cost by using multiple SRAMs in stage 2 and partitioned TCAMs in stage 3, and improves the performance through pipelining. The smart distributor in stage 1 does not transfer any IP address identical to previous one toward the next stage, but only uses the result of the previous lookup. So it improves throughput of lookup by caching effects, and decreases the access conflict to TCAM bank in stage 3 as well. In the last stage, the reorder buffer rearranges the completed IP addresses according to the input order. We evaluate the performance of our parallel pipelined IP lookup structure comparing with previous hybrid structure, using the real routing table and traffic distributions generated by Zipf's law.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.9B
• /
• pp.914-922
• /
• 2009

In this paper, we propose a matrix based real-time pattern matching method, called MDPI, for real-time intrusion detection on several Gbps network traffic. Particularly, in order to minimize a kind of overhead caused by buffering, reordering, and reassembling under the circumstance where the incoming packet sequence is disrupted, MDPI adopts independent partial matching in the case dealing with pattern matching matrix. Consequently, we achieved the performance improvement of the amount of 61% and 50% with respect to TCAM method efficiency through several experiments where the average length of the Snort rule set was maintained as 9 bytes, and w=4 bytes and w=8bytes were assigned, respectively, Moreover, we observed the pattern scan speed of MDPI was 10.941Gbps and the consumption of hardware resource was 5.79LC/Char in the pattern classification of MDPI. This means that MDPI provides the optimal performance compared to hardware complexity. Therefore, by decreasing the hardware cost came from the increased TCAM memory efficiency, MDPI is proven the cost effective high performance intrusion detection technique.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.4B
• /
• pp.298-305
• /
• 2003

In this paper, we proposed a high performance lookup controller for IP packet forwarding engine of ATM based label edge routers. The lookup controller is designed to provide services such as MPLS, VPN, ELL, and RT services as well as the best effort. For high speed searching for IP addresses, we employed a TCAM based hardware search device not using traditional algorithmic approaches. We also implement lookup control functions into FPGA for fast processing of packet header and lookup control. The proposed lookup controller is designed to support differenciated services for users and to process in pipelined mechanism for performance improvement. A two-step search scheme is also applied to perform lookup for the key combined with multi-field of packet header. We found that the proposed lookup controller provides the performance of about 16M packets per second through simulations.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.27 no.11C
• /
• pp.1171-1177
• /
• 2002

In this paper, we proposed a high speed IP(Internet Protocol) packet forwarding engine of ATM(Asynchronous Transfer Mode) based label edge routers for POS(Packet over SONET) interface. The forwarding engine uses TCAM(Ternary Content Addressable Memory) for high performance lookup processing of the packet received from POS interface. We have accomplished high speed IP packet forwarding in hardware by implementing the functions of high speed IP header Processing and lookup control into FPGA(Field Programmable Gate Array). The proposed forwarding engine has the functions of label edge routers as the lookup controller supports MPLS(Multiprotocol Label Switching) packet processing functionality.

• The Journal of the Korea Contents Association
• /
• v.7 no.3
• /
• pp.50-59
• /
• 2007

IP address lookup is one of the most important and complex functions in the router. In this paper, we propose an improved technique of LC-trie to increase the performance of IP address lookup in the high performance router. We effectively apply the prefix pruning method, which is used for the compression of the forwarding table in TCAM((Ternary Content Addressable Memory), to the LC-trie. This technique can decrease the number of memory accesses and upgrade the lookup speed. Moreover, through the real forwarding table and the real traffic distribution, we evaluate the performance of our scheme in terms of the lookup time and the number of memory access, comparing with that of the previous LC-trie.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.46 no.1
• /
• pp.88-95
• /
• 2009

This paper presents a traffic pattern matching hardware that can be used in high performance network applications. The presented hardware is designed for a contents security system which is to block various kinds of information drain or intrusion activities. The hardware consists of two parts: the header lookup and string pattern matching parts. For implementing the header lookup part in hardware, the TCAMs(ternary CAMs) are popularly used. Since the TCAM approach is inefficient in terms of the hardware and memory costs and the power consumption, however, we adopt and modify an alternative approach based on the comparator arrays and the HiCuts tree. Our implementation results, using Xilinx FPGA XC4VSX55, show that our design can reduce the usage of the FPGA slices by about 26%, and the Block RAM by about 58%. In the design of string pattern matching part, we design and use a hashing module based on cellular automata, which is hardware efficient and consumes less power by adaptively changing its configuration to reduce the collision rates.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.2B
• /
• pp.158-166
• /
• 2004

Address lookup is one of the most essential functions of the Internet routers and a very important feature in evaluating router performance. Due to the facts that the Internet traffic keeps growing and the number of routing table entries is continuously growing, efficient address-lookup mechanism is indispensable. In recent years, various fast address-lookup schemes have been proposed, but most of those schemes are not practical in terms of the memory size required for routing table and the complexity required in table update In this paper, we have proposed a parallel IP address lookup architecture based on multiple hashing. The proposed scheme has advantages in required memory size, the number of memory accesses, and table update. We have evaluated the performance of the proposed scheme through simulation using data from MAE-WEST router. The simulation result shows that the proposed scheme requires a single memory access for the address lookup of each route when 203kbytes of memory and a few-hundred-entry TCAM are used.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2003.11b
• /
• pp.1077-1080
• /
• 2003

본 연구는 룰들의 각 필드들을 index하여 곱한 cross-product 테이블을 이용한 packet classification 알고리즘에 대해 연구하고 그 것의 성능을 평가하고 분석한다. 현재 Packet Classification은 Packet Filtering, Policy Routing, Accounting & Billing, Traffic Rate Limiting, Traffic Shaping, 등등의 서비스를 위한 가장 핵심적인 작업이다. 그러나 이들을 빠르게 서비스하는 알고리즘은 아직 존재하지 않는다. 단지 하드웨어 TCAM 을 이용해서 작은 룰들에 대한 처리만이 어느 정도 가능한 실정이다. 이에 본 연구는 소프트웨어를 이용한 cross-product 알고리즘의 효용성을 가늠하고자 연구하고 이를 실제 구현해 평가하고자 한다.

• Journal of KIISE
• /
• v.43 no.12
• /
• pp.1404-1411
• /
• 2016

Network virtualization is a technique that abstracts the physical network to provide multiple virtual networks to users. Virtualized network has the advantage to offer flexible services and improve resource utilization. In SDN architecture, network hypervisor serves to virtualize the network through address virtualization, topology virtualization and policy virtualization. Among them, address virtualization refers to the technique that provides an independent address space for each virtual network. Previous work divided the physical address space, and assigned an individual division to each virtual network. Each virtual address is then mapped one-to-one to a physical address. However, this approach requires a lot of flow entries, thus making it disadvantageous. Since SDN switches use TCAM (Ternary Contents Addressable Memory) for the flow table, it is very important to reduce the number of flow entries in the aspect of cost and scalability. In this paper, we propose a LISP based address virtualization, which separates address spaces for the physical and virtual addresses and transmits packet through tunneling, in order to resolve the limitation of the previous studies. By implementing a prototype, we show that the proposed scheme provides better scalability.

• Korean Journal of Childcare and Education
• /
• v.1 no.1
• /
• pp.125-146
• /
• 2005

This study examined the interactive effects of physical environment of childcare centers and teachers' creative teaching approaches on the level of young children's creativity. To do so, the study conducted an assessment called TCAM(Thinking Creativity in Action and Movement) that was developed by Torrance to 182 young children. Also, it utilized questionnaires to ask 28 teachers concerning physical environment of childcare centers and their creative teaching approaches level. The findings of this study were: First, the gender of young children didn't affect the level of young children's creativity but the age of young children positively affected the level of their imagination that is the subordinate area of creativity. Second, the high level of physical environment of childcare centers positively affected the level of young children's creativity. Third, teachers' actively creative teaching approaches positively affected the level of young children's creativity. Forth, both physical environment of childcare centers and teachers' creative teaching approaches interactively and positively influenced the level of young children's creativity. Fifth, both physical environment of childcare centers and teachers' creative teaching approaches positively affected the level of young children's creativity. The result of this study implies that the level of young children's creativity increases when childcare centers demonstrate high quality of physical environment and teachers deliver creative teaching approaches actively.