Ruler: High-speed packet matching and rewriting on NPUs

Tomas Hruby*, Kees Van Reeuwijk, Herbert Bos

*Corresponding author for this work

Research output: Chapter in Book / Report / Conference proceedingConference contributionAcademicpeer-review


Programming specialized network processors (NPU) is inherently difficult. Unlike mainstream processors where architectural features such as out-of-order execution and caches hide most of the complexities of efficient program execution, programmers of NPUs face a 'bare-metal' view of the architecture. They have to deal with a multithreaded environment with a high degree of parallelism, pipelining and multiple, heterogeneous, execution units and memory banks. Software development on such architectures is expensive. Moreover, different NPUs, even within the same family, differ considerably in their architecture, making portability of the software a major concern. At the same time expensive network processing applications based on deep packet inspection are both in-creasingly important and increasingly difficult to realize due to high link rates. They could potentially benefit greatly from the hardware features offered by NPUs, provided they were easy to use. We therefore propose to use more abstract programming models that hide much of the complexity of 'bare-metal' architectures from the programmer. In this paper, we present one such programming model: Ruler, a flexible high-level language for deep packet in-spection (DPI) and packet rewriting that is easy to learn, platform independent and lets the programmer concentrate on the functionality of the application. Ruler provides packet matching and rewrit-ing based on regular expressions. We describe our implementa-tion on the Intel IXP2xxx NPU and show how it provides versatile packet processing at gigabit line rates.

Original languageEnglish
Title of host publicationANCS'07 - Proceedings of the 2007 ACM Symposium on Architecture for Networking and Communications
Number of pages10
Publication statusPublished - 1 Dec 2007
Event3rd ACM/IEEE Symposium on Architectures for Networking and Communications Systems, ANCS 2007 - Orlando, FL, United States
Duration: 3 Dec 20074 Dec 2007


Conference3rd ACM/IEEE Symposium on Architectures for Networking and Communications Systems, ANCS 2007
Country/TerritoryUnited States
CityOrlando, FL


  • deep packet inspection
  • network processors
  • regular expressions
  • TDFA


Dive into the research topics of 'Ruler: High-speed packet matching and rewriting on NPUs'. Together they form a unique fingerprint.

Cite this