lec30 - Router/Classifier/Firewall Tables Set of rules(F,A...

Info icon This preview shows pages 1–9. Sign up to view the full content.

View Full Document Right Arrow Icon
Router/Classifier/Firewall Tables Set of rules—(F,A) F is a filter Source and destination addresses. Port number and protocol. Time of day. A is an action Drop packet Forward to machine x (next hop). Reserve 10GB/sec bandwidth.
Image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Example Filters QoS-router filter (source, destination, source port, destination port, protocol) Firewall filter >= 1 field Destination-based packet-forwarding filter Destination address 1-D filter Exactly 1 field – destination address
Image of page 2
Destination-Address Filters Range [35, 2096] Address/mask pair 101100/011101 Matches 101100, 101110, 001100, 001110. Prefix filter. Mask has 1s at left and 0s at right. 101100/110000 = 10* = [32, 47]. Special case of a range filter.
Image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Example Router Table P1 = 10* P2 = 111* P3 = 11001* P4 = 1* P5 = 0* P6 = 1000* P7 = 100000* P8 = 1000000* P1 matches all addresses that begin with 10.
Image of page 4
Tie Breakers First matching rule. Highest-priority rule. Most-specific rule. [2,4] is more specific than [1,6]. [4,14] and [6,16] are not comparable. Longest-prefix rule. Longest matching-prefix.
Image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Longest-Prefix Matching P1 = 10* P2 = 111* P3 = 11001* P4 = 1* P5 = 0* P6 = 1000* P7 = 100000* P8 = 1000000* Destination = 100000000 P1, P4, P6, P7, P8 match this destination P8 is longest matching prefix
Image of page 6
Static & Dynamic Router Tables Static Lookup time. Preprocessing time. Storage requirement. Dynamic Lookup time. Insert a rule. Delete a rule.
Image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Table Size 200,000+ rules Could reach 1M rules soon Prefix up to 32 bits in IPv4 Prefix up to 128 bits in IPv6 OC192, 10Gbps 32 mpps (40-byte packets) Log 2 n schemes make too many memory accesses.
Image of page 8
Image of page 9
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern