A Computational Approach to Packet Classification

 

Multi-field packet classification is a crucial component in modern software-defined data center networks. To achieve high throughput and low latency, state-of-the-art algorithms strive to fit the rule lookup data structures into on-die caches; however, they do not scale well with the number of rules. We present a novel approach, NuevoMatch, which improves the memory scaling of existing methods. A new data structure, Range Query Recursive Model Index (RQ-RMI), is the key component that enables NuevoMatch to replace most of the accesses to main memory with model inference computations. We describe an efficient training algorithm that guarantees the correctness of the RQ-RMI-based classification. The use of RQ-RMI allows the rules to be compressed into model weights that fit into the hardware cache. Further, it takes advantage of the growing support for fast neural network processing in modern CPUs, such as wide vector instructions, achieving a rate of tens of nanoseconds per lookup. Our evaluation using 500K multi-field rules from the standard ClassBench benchmark shows a geometric mean compression factor of 4.9x, 8x, and 82x, and average performance improvement of 2.4x, 2.6x, and 1.6x in throughput compared to CutSplit, NeuroCuts, and TupleMerge, all state-of-the-art algorithms.

A Computational Approach to Packet Classification

View Source Code

Paper, Slides, Videos:  A Computational Approach to Packet Classification

Acknowledgements

We thank the anonymous reviewers of SIGCOMM’20 and our shepherd Minlan Yu for their helpful comments and feedback.
We would also like to thank Isaac Keslassy and Leonid Ryzhyk for their feedback on the early draft of the paper.
This work was partially supported by the Technion Hiroshi Fujiwara Cyber Security Research Center and the Israel National Cyber Directorate, by the Alon fellowship and by the Taub Family Foundation. We gratefully acknowledge support from Israel Science Foundation (Grant 1027/18) and Israeli Innovation Authority.