Implementation method for multi-field rule matching

An implementation method and technology of rules, applied in the implementation field that supports multi-domain flow rule matching, can solve the problems of high space complexity, high time complexity, complicated calculation, memory explosion, etc., and achieve the effect of improving real-time response speed.

Active Publication Date: 2015-03-25
NAT COMP NETWORK & INFORMATION SECURITY MANAGEMENT CENT +1
View PDF5 Cites 56 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The various algorithms studied at this stage have obvious advantages and disadvantages. Once the algorithm is extended to a large-scale or even super-large-scale rule base, and multi-domain arbitrary mask matching, many classification algorithms are complicated due to complex methods, many rule restrictions, and complicated calculations. Therefore, the space complexity or tim

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Implementation method for multi-field rule matching
  • Implementation method for multi-field rule matching

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0045] The technical scheme of the present invention will be further described in conjunction with the accompanying drawings and embodiments.

[0046] Such as figure 1 and figure 2 As shown, a method for implementing multi-domain flow rule matching provided by the present invention includes the following steps:

[0047] In the first step, according to the five-tuple definition (source / destination IP, source / destination port, network protocol number) of the IP packet data flow, a rule table is established for each tuple, five rule tables in total.

[0048] The organizational structure of the five rule tables described above is consistent with the query algorithm, and also provides an algorithm basis for realizing multi-table multi-table parallel search on a multi-core chip. The specific design principles of each rule table structure include:

[0049] (1.1) Each rule added exists in only one of the five rule tables.

[0050] (1.2) The rule table is divided into two parts. T...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an implementation method for multi-field rule matching, and relates to the technical field of high-speed stream classification. The implementation method comprises the steps that firstly, a rule list is established for each tuple according to quintuple definition of IP message data streams, then a Hash rapid stream list is established, and all information matched with rules is added in the rule lists; secondly, IP message data stream matching is conducted, corresponding actions are executed if matched data streams are found, otherwise the rule lists are searched, and mask matching inquiries are conducted. According to the implementation method, the mode that a prefix extension Trie tree high in inquiring speed is improved, part of memory space is sacrificed, and data compression and the Hash list are combined is adopted, and thus under the premise that the inquiring speed is ensured, memory explosion caused by a large-capacity rule base can be avoided.

Description

technical field [0001] The invention relates to high-speed flow classification technology, multi-domain mask matching technology and multi-core processor technology, in particular to an implementation method supporting multi-domain flow rule matching. Background technique [0002] With the increase of network bandwidth and more diversified network service classification, flow-based data packet matching has a wider range of uses. Many key network technologies, such as virtual private network (VPN), firewall based on security access list control, QoS, network intrusion detection and monitoring, network address translation, congestion control, resource reservation, load balancing, collection of statistical data, etc. are all based on packet classification and matching. The 10 Gigabit network has become the core network. In order to improve the network performance in an all-round way, the requirements for the packet classification and matching algorithm as the basic algorithm of...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/801
Inventor 云晓春陈训逊吴震谢铭史钦锋王东安常为领
Owner NAT COMP NETWORK & INFORMATION SECURITY MANAGEMENT CENT
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap