Skip to content

Investigate performance improvement for CIDR match against long prefix array #1807

Open
@nischalsheth

Description

@nischalsheth

Expected/Desired Behavior

Logarithmic increase in time w.r.t. length of prefix array when performing longest prefix match (LPM) of an IPv4 address against a list of arbitrary IPv4 prefixes.

Actual Behavior

Linear increase in time.

Steps to Reproduce the Problem

  1. Define a prefix array as prefixes := ["10.1.1.0/24", "10.1.2.0/24", "10.1.3.0/24", ...]
  2. Use something like net.cidr_contains(prefixes[_], input.address) using an address that matches the last prefix in above array
  3. Observe linear increase in time w.r.t. length of prefixes

Additional Info

https://openpolicyagent.slack.com/archives/C1H19LW4F/p1569731663252900

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions