Electrical Engineering
      and Computer Sciences

Electrical Engineering and Computer Sciences

COLLEGE OF ENGINEERING

UC Berkeley

Lattice: A Scalable Layer-Agnostic Packet Classification Framework

Sameer Agarwal, Mosharaf Chowdhury, Dilip Joseph and Ion Stoica

EECS Department
University of California, Berkeley
Technical Report No. UCB/EECS-2011-96
August 24, 2011

http://www.eecs.berkeley.edu/Pubs/TechRpts/2011/EECS-2011-96.pdf

Despite widespread application, packet classification is implemented and deployed in an ad-hoc manner at different layers of the protocol stack. Moreover, high speed packet classification, in presence of a large number of classification rules, is both resource and computation intensive. We propose a scalable layer-agnostic packet classification framework (Lattice) that generalizes classifier design and enables offloading part of computation and memory requirements to collaborators (e.g., end hosts). Lattice eliminates per-packet classification and per-flow states in classifiers to increase scalability and decreases vulnerability to state-based DoS attacks. Furthermore, Lattice is incentive compatible in that collaborators cannot get better service by lying, and it incentivizes deployment by giving preferential treatment to packets carrying Lattice-related information. Finally, Lattice-enabled classifiers remain semantically equivalent to their unmodified counterparts. To evaluate Lattice, we have built a prototype using the Click software router and implemented multiple Lattice-enabled classifiers. Lattice-enabled firewalls perform at least 2X faster than unmodified counterparts and scale well with the increasing number of classification rules.


BibTeX citation:

@techreport{Agarwal:EECS-2011-96,
    Author = {Agarwal, Sameer and Chowdhury, Mosharaf and Joseph, Dilip and Stoica, Ion},
    Title = {Lattice: A Scalable Layer-Agnostic Packet Classification Framework},
    Institution = {EECS Department, University of California, Berkeley},
    Year = {2011},
    Month = {Aug},
    URL = {http://www.eecs.berkeley.edu/Pubs/TechRpts/2011/EECS-2011-96.html},
    Number = {UCB/EECS-2011-96},
    Abstract = {Despite widespread application, packet classification is implemented and deployed in an ad-hoc manner at different layers of the protocol stack. Moreover, high speed packet classification, in presence of a large number of classification rules, is both resource and computation intensive. We propose a scalable layer-agnostic packet classification framework (Lattice) that generalizes classifier design and enables offloading part of computation and memory requirements to collaborators (e.g., end hosts). Lattice eliminates per-packet classification and per-flow states in classifiers to increase scalability and decreases vulnerability to state-based DoS attacks. Furthermore, Lattice is incentive compatible in that collaborators cannot get better service by lying, and it incentivizes deployment by giving preferential treatment to packets carrying Lattice-related information. Finally, Lattice-enabled classifiers remain semantically equivalent to their unmodified counterparts. To evaluate Lattice, we have built a prototype using the Click software router and implemented multiple Lattice-enabled classifiers. Lattice-enabled firewalls perform at least 2X faster than unmodified counterparts and scale well with the increasing number of classification rules.}
}

EndNote citation:

%0 Report
%A Agarwal, Sameer
%A Chowdhury, Mosharaf
%A Joseph, Dilip
%A Stoica, Ion
%T Lattice: A Scalable Layer-Agnostic Packet Classification Framework
%I EECS Department, University of California, Berkeley
%D 2011
%8 August 24
%@ UCB/EECS-2011-96
%U http://www.eecs.berkeley.edu/Pubs/TechRpts/2011/EECS-2011-96.html
%F Agarwal:EECS-2011-96