Performance Characterization of a 10-Gigabit Ethernet TOE
HOTI '05 Proceedings of the 13th Symposium on High Performance Interconnects
Denial of service via algorithmic complexity attacks
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
On the Benefit of Caching Traffic Flow Data in the Link Buffer
SAMOS '08 Proceedings of the 8th international workshop on Embedded Computer Systems: Architectures, Modeling, and Simulation
A new TCB cache to efficiently manage TCP sessions for web servers
Proceedings of the 6th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
Concise lookup tables for IPv4 and IPv6 longest prefix matching in scalable routers
IEEE/ACM Transactions on Networking (TON)
Hi-index | 0.00 |
We present a new design for fast and robust TCP session lookup. The design uses a "set-associative" hash table, where each hash bucket keeps multiple "compressed and canonical" tags. The canonical tags encode both the flow identifiers and the addresses of the TCP contexts by a forward signature function F(Tag(flow identifier), address) during installation. On session lookup, an inverse function F-1(Tag(flow identifier), tag) matches sessions and recovers the address of the TCP context. We show that the method is effective and storage-efficient. It is also resistant to Denial-of-Service attack that is fabricated by forcing excessive hash collisions.