Learn More
This whitepaper proposes OpenFlow: a way for researchers to run experimental protocols in the networks they use every day. OpenFlow is based on an Ethernet switch, with an internal flow-table, and a standardized interface to add and remove flow entries. Our goal is to encourage networking vendors to add OpenFlow to their switch products for deployment in(More)
This report summarizes progress on Washington University's Terabit Burst Switching Project, supported by DARPA and Rome Air Force Laboratory. This project seeks to demonstrate the feasibility of Burst Switching, a new data communication service which can more effectively exploit the large bandwidths becoming available in WDM transmission systems, than(More)
The current Internet is at an impasse because new architectures cannot be deployed, or even adequately evaluated. This paper urges the community to confront this impasse, and suggests a way virtualization might be used to overcome it. In the process, we discuss the nature of architecture and the debate between purists and pluralists.
There is a growing demand for network devices capable of examining the content of data packets in order to improve network security and provide application-specific services. Most high performance systems that perform deep packet inspection implement simple string matching algorithms to match packets against a large, but finite set of strings. owever, there(More)
Hash tables are fundamental components of several network processing algorithms and applications, including route lookup, packet classification, per-flow state management and network monitoring. These applications, which typically occur in the data-path of high-speed routers, must process and forward packets with little or no buffer, making it important to(More)
Internet address lookup is a challenging problem because of increasing routing table sizes, increased traffic, higher speed links, and the migration to 128 bit IPv6 addresses. IP routing lookup requires computing the best matching prefix, for which standard solutions like hashing were believed to be inapplicable. The best existing solution we know of, BSD(More)
The importance of network security has grown tremendously and a collection of devices have been introduced, which can improve the security of a network. Network intrusion detection systems (NIDS) are among the most widely deployed such system; popular NIDS use a collection of signatures of known security threats and viruses, which are used to scan each(More)
3 Abstract We relate two concepts in graph theory and algorithmic complexity, namely the search number and the vertex separation of a graph. Let s (G) denote the search number and vs (G) denote the vertex separation of a connected, undirected graph G. We show that vs (G) ≤ s (G) ≤ vs (G) + 2 and we give a simple transformation from G to G ′ such that vs (G(More)
Some of the fastest practical algorithms for IP route lookup are based on space-efficient encodings of multi-bit tries [1, 2]. Unfortunately, the time required by these algorithms grows in proportion to the address length, making them less attractive for IPv6. This paper describes and evaluates a new data structure called a shape-shifting trie, in which the(More)