Size Limit for IP and IPv6 CAM Hardware Classifiers

In JunosE Release 10.1.x and lower-numbered releases, the maximum width of a CAM hardware classifier entry for IPv4 or IPv6 in a single policy was 128 bits. This limitation enabled only 128 bits of classification data to be supported per policy. Any policy configuration (sum of all CLACL entries) with more than 128 bits of classification data failed when a policy was attached to an interface. This 128-bit size limitation applied to both IPv4 and IPv6 classification data. Although this limitation was acceptable for IPv4 classification, it posed problems when full IPv6 classification was required to be performed. In JunosE Release 10.2.x and later, based on the size limit for a combined IPv6 classifier entry, a maximum of 336 bits of CAM entry is supported for full IPv6 classification.

Some independent classifiers share the same classifier entry location, while others are combined together to form a larger classifier field. The smallest IPv6 classifier can consume 8 bits and the largest IPv6 classifier can consume 336 bits. Beginning with JunosE Release 10.2.x, variable-sized CAM entries are supported for IPv6 policies to avoid wasteful use of CAM entries. In earlier releases, the number of CAM entries per line module was predefined because all CAM entries were of a fixed size of 128 bits. With the support for variable-sized CAM entries for IPv6 policies, a dynamic algorithm is used for CAM resource management. This feature is supported on GE-2 and GE-HDE line modules on ERX14xx models, ERX7xx models, and the ERX310 router and ES2 4G LMs on E120 and E320 routers.

Note: OC48/STM16 line modules on ERX14xx models, ERX7xx models, and the ERX310 router support only 128-bit IPv6 classification.

Based on the size limit for a combined IPv6 classifier entry, a maximum of 336 bits of CAM entry is supported for full IPv6 classification. An additional 16 bits that are reserved for rule set ID are added to the total classifier entry size, which causes the total CAM entry size required to be 352 bits. Some of the mutually exclusive classification fields share the same classifier entry location, while a few other smaller fields are combined to form a single larger classifier field.

Note: Range vector hardware classifiers on line modules supported full IPv6 classification even in JunosE releases earlier than Release 10.2.x.

IP Classifiers and Size Limits

Table 20 lists all IP classifiers and the size limit of each classifier entry.

Table 20: Size Limit of Individual IP Classifiers

IP Classifier

Size Limit (Bits)

Color

2

Destination address

32

Destination port

16

Destination route class

8

ICMP type

8

ICMP code

8

IGMP type

8

IP flags

3

IP fragmentation

2

Local

1

Protocol

8

Source address

32

Source port

16

Source route class

8

TCP flags

6

ToS

8

Traffic class

3

User packet class

4

Table 21 lists the IP classifiers that share the same classifier entry location and those that are combined to form a larger classifier field. The table also lists the rules that apply to these types of classifier combinations.

The format in the classifier entry combinations in Table 21 is based on the conventions for CLI commands, except that the pipe symbol ( | ) represents a choice of one or both options to the left and right of the pipe symbol.

Table 21: Size Limit of Combined IP Classifiers

IP Classifier Entry Combination

Size Limit (Bits)

Rule

Color or TCP flags or both

8

When you specify one or both of the color and TCP flags classifiers, 8 bits are added to the total classifier entry size.

Destination address

32

Destination address route class

8

[ Destination port ] and
[ [ ICMP type ] | [ ICMP code ] | [ IGMP type ] or nil ]

16

The ICMP type, ICMP code, IGMP type, and destination port classifiers share the same classifier field location.

When you specify the destination port classifier, 16 bits are added to the total classifier entry size. If you also specify the ICMP type, ICMP code, and IGMP type classifier, no additional bits are added.

[ IP flags ] | [ IP fragmentation ] | [ Traffic class ]

8

When you specify one or more of the IP flags, traffic class, and IP fragmentation classifiers, 8 bits are added to the total classifier entry size.

Protocol

8

[ Source port ] and
[ [ ICMP type ] | [ ICMP code ] | [ IGMP type ] ]

16

The ICMP type, ICMP code, IGMP type, and source port classifiers share the same classifier field location.

When you specify the source port classifier, 16 bits are added to the total classifier entry size.

When you also specify the ICMP type, ICMP code, and IGMP type classifiers, no additional bits are added.

Source address

32

[ not Source port ] and [ not Destination port ] and
[ [ ICMP type ] | [ ICMP code ] | [ IGMP type ] ]

16

When you do not specify the source port and destination port classifiers, but you specify one or more of ICMP type, ICMP code, and IGMP type, 16 bits are added to the total classifier entry size.

ICMP type, ICMP code, and IGMP type require 16 bits even if the source port and destination port classifications are not configured.

ToS

8

User packet class or local or both

8

When you specify one or both of the user packet class and local classifiers, 8 bits are added to the total classifier entry size.

IPv6 Classifiers and Size Limits

Table 22 lists all IPv6 and the size limit of each classifier entry.

Table 22: Size Limit of Individual IPv6 Classifiers

IPv6 Classifier Entry

Size Limit (Bits)

Color

2

Destination address

128

Destination port

16

Destination route class

8

ICMPv6 type

8

ICMPv6 code

8

Local

1

Protocol

8

Source address

128

Source port

16

Source route class

8

TC field

8

TCP Flags

6

Traffic class

3

User packet class

4

Table 23 lists the IPv6 classifiers that share the same classifier entry location and those that are combined to form a larger classifier field. The table also lists the rules that apply to these types of classifier combinations.

The format in the classifier entry combinations in Table 23 is based on the conventions for CLI commands, except that the pipe symbol ( | ) represents a choice of one or both options to the left and right of the pipe symbol.

Table 23: Size Limit of Combined IPv6 Classifiers

IPv6 Classifier Entry Combination

Size Limit (Bits)

Rule

Color or TCP flags or both

8

When you specify the color and/or TCP flags classifiers, 8 bits are added to the total classifier entry size.

Destination address (first word)

32

Destination address (second word)

32

Destination address (third word)

32

Destination address (fourth word)

32

Destination address route class

8

[ Destination port ] and
[ [ ICMPv6 type ] | [ ICMPv6 code or nil ] ]

16

When you specify the destination port classifier, 16 bits are added to the total classifier entry size. If you also specify the ICMPv6 type and ICMPv6 code classifiers, no additional bits are added to the total classifier entry size.

[ No source port ] and [ no destination port ] and
[ [ ICMPv6 type ] | [ ICMPv6 code ] ]

16

When you do not specify the source port and destination port classifiers, and you have already specified one or more of the ICMPv6 Type and ICMPv6 code classifiers, 16 bits are added to the total classifier entry size.

The ICMPv6 type and ICMPv6 code classifiers require 16 bits even if you have not specified the source port and destination port classifiers.

Protocol

8

Source address (first word)

32

Source address (second word)

32

Source address (third word)

32

Source address (fourth word)

32

Source address route class

8

[ source port ] and
[ [ ICMPv6 type ] | [ ICMPv6 code ] ]

16

When you specify the source port classifier, 16 bits are added to the total classifier entry size. If you also specify the ICMPv6 type and ICMPv6 code classifiers, no additional bits are added.

TC field

8

[ User packet class ] | [ traffic class ] | [ local ]

8

When you specify one or more of the user packet class, traffic class, and local classifiers, 8 bits are added to the total classifier entry size.

Related Documentation