Packet-transfer devices in high-speed data networks, such as switches and routers, are required to perform flexible and sophisticated packet classification at high speed. For this purpose, many switches and routers use ternary content-addressable memory (TCAM) components to store rules that are to be applied in processing packets. To search the TCAM, several fields of the packet (typically header fields) are concatenated to form a key. A match between the key and a given TCAM entry can be used to trigger various actions for application by the network device, such as forwarding decisions, packet encapsulation and de-capsulation, security filtering, and quality of service classification.
TCAM is advantageous in that it is able to hold search entries that contain not only ones and zeroes, to be matched against the key, but also “don't care” bits, which will match either a zero or a one in the key. These “don't care” bits in the TCAM entries are commonly referred to as “masked” bits, while bits having a defined value (1 or 0) are referred to as “unmasked.” TCAM thus affords a high degree of flexibility in rule definition.
U.S. Pat. No. 8,462,786 describes a method for TCAM-based packet classification using multiple lookups and classifier semantics. The method includes: receiving a set of rules for packet classification, where a rule sets forth values for fields in a data packet and a decision for data packets having matching field values. Packet classification rules periodically need to be updated. According to the inventors, the common practice for updating rules is to run two TCAMs in tandem where one TCAM is used while the other is updated.