Fast Conflict Detection for Multi-Dimensional Packet Filters

Chun Liang Lee, Guan Yu Lin*, Yaw Chung Chen

*此作品的通信作者

研究成果: 期刊稿件文章同行評審

1 引文 斯高帕斯(Scopus)

摘要

To support advanced network services, Internet routers must perform packet classification based on a set of rules called packet filters. If two or more filters overlap, a filter conflict will occur and lead to ambiguity in packet classification. Further, it may affect network security or even the correctness of packet routing. Hence, it is necessary to detect conflicts to avoid the above problems. In recent years, many conflict detection algorithms have been proposed, but most of them detect conflicts for only prefix fields (i.e., source/destination IP address fields) of filters. For greater practicality, conflict detection must include non-prefix fields such as source/destination IP port fields and the protocol field. In this study, we propose an efficient conflict detection algorithm for five-dimensional filters, which include both prefix and non-prefix fields. In the proposed algorithm, a tiny lookup table is created for quickly filtering out a large portion of non-conflicting filter pairs, thereby reducing the overall conflict detection time. Experimental results show that our algorithm reduces the detection time by 10% to 28% compared with other conflict detection algorithms for 20 K filter databases. More importantly, our algorithm can be used to extend any existing conflict detection algorithms for two-dimensional filters to support fast conflict detection for five-dimensional filters.

原文英語
文章編號285
期刊Algorithms
15
發行號8
DOIs
出版狀態已出版 - 08 2022

文獻附註

Publisher Copyright:
© 2022 by the authors.

指紋

深入研究「Fast Conflict Detection for Multi-Dimensional Packet Filters」主題。共同形成了獨特的指紋。

引用此