It is often desirable to control data traffic flow in a networked environment. For example, for some applications, it is desirable or necessary to guarantee a desired transmission rate or error rate. To make such Quality of Service (QoS) commitments possible in public networks such as the Internet, policy based network management systems have been developed. Policy based network management systems provide routers and/or gateways within the managed network with a mechanism to classify and route packets of information in accordance with predefined routing policies. In this way, certain packets may be given priority in routing from place to place to ensure QoS commitments are kept. Additionally, access limitations such as might be required to manage a virtual private network or the like may be enforced via these policy control mechanisms.
For example, in the Internet context, data is routed from point to point as a plurality of data packets. Each packet includes a header constructed pursuant to the Internet Protocol (IP). The IP header includes a number of fields specifying certain properties associated with the packet. For example, the IP header includes a source field identifying the source address for the packet, a destination field identifying the destination address of a packet, a time-to live (TTL) field specifying the maximum number of routers that may handle the packet before the packet is destroyed, etc. The information in these and other fields in the IP header may be used to determine the manner in which the associated packet is handled by a router in the network. For example, policy based network management systems use the information in the packet headers to determine which policies apply to the subject packets, and then use the applicable policies to decide where and/or whether to forward the associated data packets. To accomplish this task, policy based network management systems include packet classification units which read the packet headers to decipher the routing policies that apply to the same.
Network traffic speeds have increased in recent years. For example, traffic speeds at 10 Gbits/sec (gigabits per second) are now common. Indeed, some traffic speeds are approaching 40 Gbits/sec. Fast classification of packets becomes increasingly important in such environments, as delays in the routing policy enforcement mechanism can create large bottlenecks in the network. In fact, as traffic speeds increase, they may require classification of as many as one million packets per second (Mpps) to enforce routing policies while avoiding formation of bottlenecks.