An Improved RFC-based Scheme for Packet Classification

  • 曾 彥錞

Student thesis: Master's Thesis


With the rapid development of the Internet packet classification becomes an important role gradually Packet classification has been used everywhere e g Firewall Quality of Service (Qos) network traffic monitoring Virtual Private Network (VPN) In recent year because of emergence of Software Defined Networking (SDN) which is associated with OpenFlow protocol So the methods which supported traditional 5-dimension packet must be redesigned There are 5 dimensions in traditional packet and they are source IP destination IP source port destination port and protocol respectively However in the OpenFlow protocol methods of packet classification need to support 12 or 15 dimension In this thesis we propose a method base on [1] We extended this method to support 12-dimension packet classification To achieve high performance we implement our method on FPGA Because the existing methods which implemented on FPGA often performed better Although packet classification on FPGA can get high performance the problem of memory usage needs to be consider To raise the throughput we use the architecture of pipeline to classify packets in parallel Thus to deal with those problem we propose a grouping method that can split the rule table into 129 small subgroups and cause little rule duplication according to OpenFlow table’s characteristic It can help to reduce the size of data structure in the system and let data structure fit into FPGA’s memory Besides we use module scheme to cut down the number of rules in the each pipeline and it can reduce the data structure’s size again Finally the fold scheme we use can solve the problem that the latency result from the long pipeline stages The method we proposed is extended from An Improved Stride-based Encoding Scheme for Packet Classification with Update [2] and Range Enhanced Packet Classification Designed on FPGA [16] and it can support 5K rule table The clock rate can reach 255MHz It is slightly lower than other existing method but our method has good performance in term of hardware resource usage In hardware resource our method only needs 1% of 36KB Block RAM 10% of 18KB Block RAM and 5% of slice LUTs on virtex-6 FPGA when rule size is 5K but it needs 15% of 36KB Block RAM and 48% of slice LUTs in [2] And it needs 56% of Block RAM and 90% of slice LUTs Obviously our method has the better resource efficiency Because of resource efficiency our method can support up to 50K rules Even more our method can be implemented in the architecture of dual port to reach the 443MHz of clock rate then the performance will better than [2] [16] and other existing method
Date of Award2016 Aug 17
Original languageEnglish
SupervisorYeim-Kuan Chang (Supervisor)

Cite this