An argument for simple embedded ACL optimisation
Grout, Vic, Davies, John N and McGinn, John (2007) An argument for simple embedded ACL optimisation.
|
PDF
fulltext.pdf Download (265kB) | Preview |
Abstract
The difficulty of efficiently reordering the rules in an Access Control List is considered and the essential optimisation problem formulated. The complexity of exact and sophisticated heuristics is noted along with their unsuitability for real time implementation embedded in the hardware of the network device. A simple alternative is proposed, in which a very limited rule reordering is considered following the processing of each packet. Simulation results are given from a range of traffic types. The method is shown to achieve savings that make its use worthwhile for lists longer than a given number of rules. This number is dependent on traffic characteristics but generally around 25 for typical network conditions.
| Item Type: | Article |
|---|---|
| Additional Information: | Original publication is available at http://dx.doi.org/10.1016/j.comcom.2006.08.024Copyright © 2006 Elsevier B.V. |
| Keywords: | Access Control Lists, ACLs, Packet latency, Optimisation |
| Divisions: | ?? GlyndwrUniversity ?? |
| Depositing User: | ULCC Admin |
| Date Deposited: | 05 Oct 2011 09:13 |
| Last Modified: | 11 Dec 2017 20:06 |
| URI: | https://wrexham.repository.guildhe.ac.uk/id/eprint/187 |
Actions (login required)
 |
Edit Item |