As more and more services are being provided on Internet Protocol (IP) based networks, the IP network's quality of service and security have become critical. One of the factors that affect the Quality of Service (QoS) and security is packet classification. Packet classification may involve matching incoming packets against a set of rules defined over one or more packet header fields, and determining one or more decisions (actions). For example, a router may classify one or more received packets to determine whether or not the received packet(s) should be permitted to pass through a router. Traditionally, packet classification can be performed in software using fast network processors, with a Static Random Access Memory (SRAM) or a Dynamic Random Access Memory (DRAM). However, packet arrival rate (wire-speed) is increasing dramatically with the growth of the Internet. Despite the use of fast network processors, there is a widening gap between the packet arrival rate and memory access speeds for SRAM and DRAM. Hence, software-based packet classification is not able to provide classification at wire-speed. Another approach is a hardware-based solution to classify packets at wire-speed using Ternary Content Addressable Memory (TCAM). However, TCAM is an expensive and complex technology. Moreover, as wire speeds and rule sets increase, pure TCAM-based solutions will become increasingly more expensive.
Therefore, there is a need for a method and apparatus that provide efficient packet classification.