Reducing packet delay through filter merging

Conference item

Comerford, Paul, Davies, John, N. and Grout, Vic 2016. Reducing packet delay through filter merging. IEEE.
AuthorsComerford, Paul, Davies, John, N. and Grout, Vic
Abstract

The use of packet filters has increased considerably due to the growth of Internet users and network services. A number of header fields must be examined by the filter, causing delay for each packet processed. The problem is compounded when considering multiple filters across a network. To maximize network performance, it would be desirable to minimize the number of packet filters for each path across a domain. Due to the interactions of rules between filters, the underlying network topology and the actions of dynamic routing protocols, it is computationally infeasible to implement this strategy by collectively considering all packet filters across the network. A simpler approach is the elimination of a filter by merging two filters on a common network segment. This work presents a novel packet filter merging algorithm using decision diagrams. A large number of practical and simulated experimental results are provided to demonstrate the effectiveness of the technique and possible enhancements are considered in the conclusion. The results show an average 20% performance improvement can be obtained using the technique.

The use of packet filters has increased considerably due to the
growth of Internet users and network services. A number of header
fields must be examined by the filter, causing delay for each packet
processed. The problem is compounded when considering multiple
filters across a network. To maximize network performance, it
would be desirable to minimize the number of packet filters for
each path across a domain. Due to the interactions of rules between
filters, the underlying network topology and the actions of dynamic
routing protocols, it is computationally infeasible to implement this
strategy by collectively considering all packet filters across the
network. A simpler approach is the elimination of a filter by
merging two filters on a common network segment. This work
presents a novel packet filter merging algorithm using decision
diagrams. A large number of practical and simulated experimental
results are provided to demonstrate the effectiveness of the
technique and possible enhancements are considered in the
conclusion. The results show an average 20% performance
improvement can be obtained using the technique.

KeywordsNetwork performance; Packet filter; ACLs; Network security
Year2016
JournalProceedings of the 9th IEEE/ACM International Confereomputing (UCC 2016)
PublisherIEEE
Web address (URL)http://hdl.handle.net/10545/620817
hdl:10545/620817
File
File Access Level
Open
File
File Access Level
Open
Publication dates06 Dec 2016
Publication process dates
Deposited11 Nov 2016, 16:51
ContributorsUniversity of Derby and Glyndwr University
Permalink -

https://repository.derby.ac.uk/item/94y88/reducing-packet-delay-through-filter-merging

Log in to edit

Download files

File
PID4454135.pdf
File access level: Open

license.txt
File access level: Open

  • 7
    total views
  • 9
    total downloads
  • 0
    views this month
  • 0
    downloads this month

Export as