# ClassiPl

# A Classifier for next generation Content and Policy based Switches

SwitchOn Networks Inc. Sundar Iyer, Ajay Desai, Ajay Tambe, Ajit Shelat



### Agenda

- Classification Overview
- Content Co-processor requirements
- ClassiPI Architecture
- Conclusion



## **Packet Processing Model**

### Packet Processing Model

- > Extract
- ≻Classify
- Edit & Actions



## **Content Processing - Sequenced Lookups**





### **Content Processing – Packet Analysis**



- Source MAC address is authenticated
- Packet is being sent from marketing network
- VP Marketing is accessing an external web server
- Server: yahoo.com identified
- File Type: .mp3, access to audio file identified
- File Name: American\_Pie.mp3
- •It's 7:00 PM.
- •Allow the session? Yes.



## **Packet Processing Performance**





## **Content Co-processor - Motivation**

### • Content Processing

➢ Is a memory intensive operation

> Involves extraction & classification

➢ Requires sophisticated algorithms to perform

- Layer 3 Lookups
- Layer 4 ACLs
- Layer 7 scanning
- Layer 7 RegEx parsing
- A Content Co-processor requires a new architecture



## Content Co-processor – System view

- Content Co-processor should
  - > Perform all Data plane classification operations
  - Allow implementation of classification sequences which reflect the packet processing flow on the Network processor
  - > Interface gluelessly with Network Processors
  - > Minimize Network processor bus bandwidth usage
  - Perform classification related operations such as statistics collection
  - >Allow easy software integration



## ClassiPI - Block Diagram



SWITCH ON N E T W O R K S

- Look-up Operation Descriptor
  - Defines classification parameters
  - > High level abstraction of a classification operation



### • Field Extraction Engine

> Forms the Key using L3, L4, L4+ and User defined

> Automatically generates sequence of keys

> Variable length, wide keys support



- Parallel Look-up Engine
  - > Unique, flexible MISD architecture
  - > Array of Nano-processors perform look-ups
  - > Nano-processors have a powerful Policy Rule instruction set
  - ➤ Nano-processors operate on per field basis
  - > Nano-processors and Policy Rule memory can be configured/partitioned to define an Operation



### ClassiPI Architecture



NETWORKS

• Per rule statistics collection – Byte count, Packet count, Timestamp

### • Per rule User defined table look-up







#### • Instruction Set

Relational/Arithmetic operations on a per field basis

◆ EQ, GT, LT, Ranges, Masking, etc.

#### Logical operations between results



- Pattern/String Search
  - > Up to 192 byte patterns
  - Case insensitive character/string matching
  - Simultaneous multi-pattern search
  - Reverse and forward search
  - RegEx subset search capability



• Rule Complexity metric

> Number of possible operations per rule

**CAM rule complexity = 1** 

**>** TCAM rule complexity = 2

ClassiPI rule complexity > 1024

- Additional features
  - Composite rules
  - > Look-up sequencing



## ClassiPI - Overview

### • Specifications

- > 16K Policy rules per ClassiPI
- > Up to 128K Policy rules in a cascade
- L2 through L7 Content processing
- > On-chip IPv4 header extraction
- > IPv6 ready
- Selectable look-up Key
- > Up to 192 byte key
- ≻ 6.4 Gbps SSRAM compatible system interface

#### • Performance

- > OC-192 capable Look-up Engine
- > Designed to match Network Processor system interface requirements



• Lookup-Engine Performance

> Aggregate memory bandwidth

7.25 Tbits/sec to 58 Tbits/sec

> Processing power

256 GOPS to 2 TOPS



**ClassiPI – Vital Statistics** 

- 25M transistors
  - > 2M bits RAM
  - ≻ 2M gates logic
- 0.18 micron
- 352 Pin BGA
- 200 MHz internal clock
- 100 MHz interface clock



...2





## ClassiPI - Power Consumption

- Power reduction mechanisms
  - $\succ$  Custom low power embedded SRAM
  - Selectable clock frequency
  - > Hierarchical bus design
  - > Rule utilization based power management
- Low standby power
- Maximum 4.5 Watts (estimated)



## ClassiPI Architecture Scalability

- OC-192 performance
  - with enhanced system interface
- OC-768 performance
  - with silicon technology scaling
- Flexible architecture
  - Cost, Performance and Power trade-offs



## Conclusion

### **ClassiPI architecture provides**

- Functionality
- Flexibility
- Performance
- Scalability

essential for Content Processing

