Real-time optimisation of access control lists for efficient Internet packet filtering

Vic Grout, John McGinn, John Davies
2007 Journal of Heuristics  
This paper considers an optimisation problem encountered in the implementation of traffic policies on network routers, namely the ordering of rules in an access control list to minimise or reduce processing time and hence packet latency. The problem is formulated as an objective function with constraints and shown to be NP-complete by translation to a known problem. Exact and heuristic solution methods are introduced, discussed and compared and computational results given. The emphasis
more » ... t is on practical implementation of the optimisation process, that is within the tight constraints of a production network router seeking to reduce latency. on-line, in real-time but without the overhead of significant extra computation.
doi:10.1007/s10732-007-9019-1 fatcat:yl5jdqw5ubaabnhhiwfyaxegam