中文摘要：

针对万兆网络环境下入侵检测、流量审计等应用系统处理能力瓶颈,提出一个并行实时处理体系结构,并基于FPGA实现了原型系统,该系统对OC192（10Gbps）流量进行分类、过滤及统计,然后将流量分发到多个后台并行处理.系统中设计了通用包分类结构RSTCAM（range-supported split TCAM）,该结构资源占用量少,可降低系统功耗,且易于实现范围查找,对基于TCAM包分类系统具有普遍意义.系统中还提出了一种负载均衡算法FDLB（feedback-based dynamic load balancing）,FDLB改进了基于表的Hash方法,在保证会话完整性的前提下将流量优先分发给当前负载最小的后端处理.测试表明,原型系统完全胜任万兆流量的线速处理,平均处理延迟为4.2μs.

英文摘要：

As network link speeds increase, traditional application systems such as intrusion detection and traffic audit are unable to process high bandwidth traffic. Proposed in this paper is a novel parallel architecture for processing 10 Gbps traffic in real-time. OC192 traffic is first classified and then filtered in this architecture. Filtered traffic is load-balanced to backend processors for detail processing. All kinds of statistics are collected during these procedures. A universal range-supported split TCAM structure （RSTCAM） is designed in the classification unit of this architecture. In RSTCAM each classification rule is split into 5 separate sub-rules according to its fields. These subrules are stored in 5 TCAMs separately. With RSTCAM, the following benefits can be obtained. resource and lower power consumption. imply range matching. A implemented in this arc novel feedba cture. FDLB It is demonstrated that it is very convenient for RSTCAM to ck based dynamic load balancing algorithm （FDLB） is also dispatches traffic to backend processors based on their loads. As many applications require session integra Traffics are dispatched to specific processor lity, FDLB guarantees this through table based hashing. by hashing their source and destination ip addresses. The prototype of the architecture is implemented in a FPGA. Experiment results show that the whole system can sustain OC192 traffic throughput with a processing delay of 4.2 microseconds.