ipgpc - IP Generic Packet Classifier
The IP Generic Packet Classifier (ipgpc) module provides packet classification at the Solaris IP layer. ipgpc is an implementation of the Multi-Field (MF) classifier as described in RFC2475: An Architecture for Differentiated Services.
The classifier is configured, at startup or dynamically, using a set of “filters.” Filters describe selectors that are matched against input packets that are processed by the classifier. Some selectors feature exact matching data points, while others utilize non-exact or wildcard data points.
Each filter is associated with a class describing the next actions to process a packet. There is a many-to-one (M-to-1) mapping relationship between filters and a class. Additionally, each class is aware of which filters are associated with it. A class is configured with a class name and a next action.
Unlike traditional classifiers used in edge routers, ipgpc is designed for a host or server device. A host-based classifier provides access to more resources and data than edge routers. User, project, and interface information are available at the host.
The ipgpc module exports global and per-class statistics (available through kstat:)
module: ipgpc instance:<action id> name: ipgpc global stats class: <action name> crtime snaptime nbytes <number of classified bytes> nclasses <number of classes> nfilters <number of filters> npackets <number of classified packets> epackets <number of packets in error>
module: ipgpc instance:<action id> name: <class name> class: <action name> crtime snaptime last match <time of last match> nbytes <number of classified bytes> npackets <number of classified packets>
See attributes(7) for descriptions of the following attributes:
RFC 2475, An Architecture for Differentiated Services S. Blake, D. Black, M. Carlson, E. Davies, Z. Wang, W. Weiss, The Internet Society, 1998.