Hardware Support for a Hash-Based IP Traceback

Hardware Support for a Hash-Based IP Traceback

Luis A. Sanchez, Walter C. Milliken, Alex C. Snoeren, Fabrice Tchakountio,
Christine E. Jones, Stephen T. Kent, Craig Partrige, and W. Timothy Strayer.
Proc. of the 2nd DARPA Information Survivability Conference and Exposition, June 2001.

The Source Path Isolation Engine (SPIE) is a system capable of tracing a single IP packet to its point of origin or point of ingress into a network. SPIE supports tracing by storing a few bits of unique information about each packet for a period of time as the packet traverses the network. Software implementations of SPIE can trace packets through networks comprised of slow to medium speed routers (up to OC-12), but higher speed routers (OC-48 and faster) require hardware support. In this paper, we discuss these hardware design aspects of SPIE. Most of the hardware resides in a self-contained SPIE processing unit, which may be implemented in a line card form factor for insertion into the router itself, or as a stand-alone unit that connects to the router through an external interface.

[PostScript (626KB)] [PDF (51KB)]