An argument for simple embedded ACL optimisation

Grout, Vic, Davies, John N and McGinn, John (2007) An argument for simple embedded ACL optimisation.

[img]
Preview
PDF
fulltext.pdf

Download (265kB) | Preview

Abstract

The difficulty of efficiently reordering the rules in an Access Control List is considered and the essential optimisation problem formulated. The complexity of exact and sophisticated heuristics is noted along with their unsuitability for real time implementation embedded in the hardware of the network device. A simple alternative is proposed, in which a very limited rule reordering is considered following the processing of each packet. Simulation results are given from a range of traffic types. The method is shown to achieve savings that make its use worthwhile for lists longer than a given number of rules. This number is dependent on traffic characteristics but generally around 25 for typical network conditions.

Item Type: Article
Additional Information: Original publication is available at http://dx.doi.org/10.1016/j.comcom.2006.08.024Copyright © 2006 Elsevier B.V.
Keywords: Access Control Lists, ACLs, Packet latency, Optimisation
Divisions: ?? GlyndwrUniversity ??
Depositing User: ULCC Admin
Date Deposited: 05 Oct 2011 09:13
Last Modified: 11 Dec 2017 20:06
URI: https://wrexham.repository.guildhe.ac.uk/id/eprint/187

Actions (login required)

Edit Item Edit Item