I have approx 5K-10K (5 000 - 10 000) rules.
On average I have 10-20 matches (60 max).
I don't need to insert/delete/update rules frequently - you can consider
rules being permanent which are loaded once on startup.

пт, 26 нояб. 2021 г. в 17:12, Dmitry Kozlyuk <dmitry.kozliuk@gmail.com>:

> 2021-11-26 16:53 (UTC+0300), Дмитрий Степанов:
> > Hi!
> > I have a big number of IPv4 5-tuple rules, every rule corresponds to some
> > action. I need to find all matched rules and perform all tied actions.
>
> I rather meant the subject field,
> like splitting the flows or access control is a typical application of ACL.
> I'm asking partially out of curiosity,
> but also because there may be a better solution then DPDK ACL.
>
> > The search time greatly affects overall system performance, so I can't
> just
> > scan all rules. ACL is based on multi-bit tries and provides great
> > performance, so I'm looking for nearly the same performance with the
> > ability to find all matches within a single request.
>
> Some regex libraries, Hyperscan or DPDK regexdev in particular,
> take a database of rules, compile it to an efficient form
> (Hyperscan generates vector instructions, regexdev may use HW
> acceleration),
> and then allow to match input to the entire database in a single request,
> yielding every match for every expression.
>
> From my experience, performance is decent,
> but of course it depends on the number or rules and their complexity.
> How many rules do you have?
> How many rules are expected to match (avg/max)?
> How often do you need to insert/delete/update rules?
>