Longest Prefixes Expressed Using Ranges

Above, we have seen the close resemblance between sequences of prefixes and ranges. This can also be advantageous the other way round, by expressing prefixes as ranges. Having both possibilities will allow us to switch from one representation to the other, resulting in a way to improve the number of pre-fixes needed to represent the original information, e.g., minimizing the number of entries needed in complex routing tables.

As discussed earlier in Section 2.4, a single change in a database ofN pre-fixes expressed as up to 2N ranges, can require changes in N ranges, which is clearly impractical whenever response time to updates is an issue. But there are applications where the advantages of coding entries as prefixes outweigh this disadvantage. This is especially true when the ranges are encoded as overlapping prefixes again, in which case the above-mentioned drawback no longer applies, and fast updates can be achieved using the technique described in Section 5.4. Such an application are Internet forwarding tables. Our work involving such tables has shown that these tables are often described ineffi-ciently and that further or different aggregation may reduce the routing table size significantly. It is common to find successive prefixes, which all contain the same information, i.e., point to the same next hop. In this case it may be desirable to recode such sequences more optimally, using less prefixes. One technique is described below.

8.6. Matching Ranges 119 Minimizing Routing Table Entries

A simple technique is to describe a sequence of prefixes having the same in-formation by a single range, and then optimally encoding such a range by possibly overlapping prefixes, such as described in Section 8.6.2. This can be done inO(N W) time andO(W)space.

Besides optimally encoding successive prefixes, this also optimally en-codes overlapping prefixes, where a more specific prefix contains the same information as its outer prefix. As an additional bonus, it also covers the case where prefixes only almost succeed, and either contain a small hole between them, which does not contain any information, or a small range containing different information. This is already done by the scheme in Section 8.6.2.

There, ranges which are covered by overlapping longest prefixes whose bor-ders overlap will generate some identical prefixes, which are automatically merged. A more complex scheme achieving a similar result, including an op-timality proof, can be found in [DKSZ99].

Beyond the Optimum

Although [DKSZ99] contains an optimality proof, it is possible to improve on that. We do not show that the proof shown therein is in error, instead we show that one of the boundary conditions they assume and adhere often can be relaxed.

Above, we have seen that almost successive ranges may contain holes. Al-though these holes are rendered efficiently when recoded using ranges, there is an even better way to encode these holes: Not at all. This works efficiently, if some router further downstream still has the knowledge that there really is a hole. In a default-free world, this automatically happens whenever the packet addressed to a non-existent address in the hole reaches a choke point, a point where the hole is left alone, and not merged with either side. This happens lat-est, when the range just below the hole needs to contain information different from the range just above the hole.

Should the packet leave the default-free part of the Internet, then this so-lution still works perfectly, if the hole belongs to an address space allocated to the same entity as the bordering ranges. Then this entity (usually an Inter-net Service Provider, ISP) can return the correct ICMP error message to the

source, notifying it of its use of an unused address. If this is not the case, the packet will bounce forth and back between the default-free zone and the ISP, and eventually be discarded because it exceeded its lifespan. Then, some more resources have been utilized and a possibly misleading message that the packet looped before it reached the destination will be sent back. Since pack-ets should not be sent to an inexistent destination frequently, we believe that this is just a minor inconvenience and will not cause any network problems.

8.7 Summary

In this chapter, we have shown several techniques enabling efficient two-dimensional longest prefix matching in general. To test its performance, we developed models for possible future two-dimensional classification patterns.

For more than two dimensions, a native three-dimensional algorithm has been introduced that is able to perform fast searches when the sizes of sets of mu-tually ambiguous prefix length tuples remains small. More importantly, we have shown an efficient scheme to match 5-tuples used for Internet packet classification.

We have further shown the close relation between range matching and longest prefix matching has been laid out. Techniques for mapping them onto each other have been introduced, including analyses on the impact of the con-versions. Based on the two conversions, an algorithm optimizing routing table entries, thus minimizing memory requirements has been presented. Further, a strategy for further improvement has been proposed, which can also further improve another algorithm which was proved optimal.

Chapter 9

Applications

In the previous chapters, we have introduced an algorithm to perform fast and scalable longest prefix matching. We have also discussed several opti-mizations that allow this algorithm to improve the number of search steps required by adapting closely to the database searched. We have also shown some generalizations, notably to match arbitrary ranges and the extension to match multiple dimensions. All of this work has been focusing on applica-tion in an Internet world, to be utilized by network nodes such as routers or firewalls.

In this chapter, we will show the versatility of the algorithm, its improve-ments, and extensions by introducing applying it to solve a number of differ-ent problems unrelated to packet networks. We will cover topics from such diverse topics such as geographical information systems (GIS), memory man-agement, databases, and access control management. Many of these are still topics of ongoing research and require further work.