An efficient conflict detection algorithm for packet filters

Chun Liang Lee*, Guan Yu Lin, Yaw Chung Chen

*Corresponding author for this work

Research output: Contribution to journalJournal Article peer-review

5 Scopus citations

Abstract

Packet classification is essential for supporting advanced network services such as firewalls, quality-of-service (QoS), virtual private networks (VPN), and policy-based routing. The rules that routers use to classify packets are called packet filters. If two or more filters overlap, a conflict occurs and leads to ambiguity in packet classification. This study proposes an algorithm that can efficiently detect and resolve filter conflicts using tuple based search. The time complexity of the proposed algorithm is O(nW + s), and the space complexity is O(nW), where n is the number of filters, W is the number of bits in a header field, and s is the number of conflicts. This study uses the synthetic filter databases generated by Class- Bench to evaluate the proposed algorithm. Simulation results show that the proposed algorithm can achieve better performance than existing conflict detection algorithms both in time and space, particularly for databases with large numbers of conflicts.

Original languageEnglish
Pages (from-to)472-479
Number of pages8
JournalIEICE Transactions on Information and Systems
VolumeE95-D
Issue number2
DOIs
StatePublished - 02 2012

Keywords

  • Conflict detection
  • Packet classification
  • Tuple space search

Fingerprint

Dive into the research topics of 'An efficient conflict detection algorithm for packet filters'. Together they form a unique fingerprint.

Cite this