Skip to Main Content
Existing algorithms for packet classification always deal with a ready rule set. However, now a day, large classifiers' rule sets are huger and huger (say, 100 000 rules). Generated these rules by hand is so hard, and causes lots of redundant rules. In this paper, we present a two stage cluster based algorithm for packet classification, which aims to generate filter rules automatically for permitted packets. Based on the scheme, a three-field packet classification for permitted packets (sev-address, sev-port and protocol) is proposed. Experimental results show that the scheme can significantly reduce needed filter rules for permitted packets and the range of IP address lookup.