High performance IP processor using RDMA
First Claim
1. A hardware processor providing remote direct memory access capability on an IP network and using a TCP, SCTP or UDP protocol, or a combination of any of the foregoing, over IP networks.
2 Assignments
0 Petitions
Accused Products
Abstract
An architecture provides capabilities to transport and process Internet Protocol (IP) packets from Layer 2 through transport protocol layer and may also provide packet inspection through Layer 7. A set of engines may perform pass-through packet classification, policy processing and/or security processing enabling packet streaming through the architecture at nearly the full line rate. A scheduler schedules packets to packet processors for processing. An internal memory or local session database cache stores a session information database for a certain number of active sessions. The session information that is not in the internal memory is stored and retrieved to/from an additional memory. An application running on an initiator or target can in certain instantiations register a region of memory, which is made available to its peer(s) for access directly without substantial host intervention through RDMA data transfer.
370 Citations
259 Claims
- 1. A hardware processor providing remote direct memory access capability on an IP network and using a TCP, SCTP or UDP protocol, or a combination of any of the foregoing, over IP networks.
- 2. A hardware processor providing remote direct memory access capability on an Ethernet network.
- 3. A hardware processor providing remote direct memory access capability on an IP network using a protocol selected from the group of protocols consisting of the group of protocols excluding TCP, SCTP and UDP.
- 4. A hardware processor bypassing the TCP/IP stack of a system and providing remote direct memory access capability.
- 9. A hardware processor providing remote direct memory access capability for enabling data transfer and using a TCP, SCTP or UDP protocol or a combination of any of the foregoing, said processor enabling storage and retrieval, to and from a storage system, of data transmitted over an IP network.
-
10. A hardware processor providing remote direct memory access capability for enabling data transfer and using a protocol selected from the group of protocols consisting of other than TCP, SCTP or UDP, said processor enabling storage and retrieval, to and from a storage system, of data transmitted over an IP network.
- 21. A hardware processor providing remote direct memory access capability for enabling data transfer and using a TCP or SCTP or UDP protocol or a combination of any of the foregoing over IP networks, said processor embedded in a server'"'"'s host hardware components for providing IP networking capability.
- 22. A hardware processor providing remote direct memory access capability for enabling data transfer and using a protocol selected from the group of protocols consisting of other than TCP, SCTP or UDP over IP networks, said processor embedded in a server'"'"'s host hardware components for providing IP networking capability.
- 28. A hardware processor providing remote direct memory access capability for enabling data transfer using a TCP, SCTP or UDP protocol or a combination of any of the foregoing, over IP networks, said processor included as part of a chipset of a host processor for providing offloading capability for said protocol.
- 29. A hardware processor providing remote direct memory access capability for enabling data transfer and using a protocol selected from the group of protocols consisting of other than TCP, SCTP or UDP over IP networks, said processor included as part of a chipset of a host processor for providing protocol offloading capability for said protocol.
-
34. A hardware processor providing remote direct memory access capability for enabling data transfer using TCP over IP networks, said processor embedded in an IP storage area network switching system line card, said processor being programmable and operating on data packets transmitted, encapsulated or encoded using a iSCSI, iFCP, infiniband, SATA, SAS, IP, ICMP, IPSEC, DES, 3DES, AES, FC, SCSI, FCIP, NFS, CIFS, DAFS, HTTP, XML, XML derivative, SGML, or HTML format or a combination of any of the foregoing.
- 35. A hardware processor providing remote direct memory access capability for enabling data transfer using TCP or SCTP or UDP over IP networks, said processor embedded in a chipset of a gateway controller of a storage area network.
- 36. A hardware processor providing remote direct memory access capability for enabling data transfer and using a protocol other than a TCP or SCTP or UDP protocol over IP networks, said processor embedded in a chipset of a gateway controller of a storage area network.
- 38. A hardware processor providing remote direct memory access capability for enabling data transfer of data traffic using TCP over IP networks, said processor embedded in a chipset of a storage system or a storage area network management appliance for enabling said appliance to transport TCP/IP packets in-band to said data traffic or out of band to said data traffic.
- 40. A hardware processor providing remote direct memory access capability for enabling data transfer using TCP, SCTP or UDP or a combination thereof over IP networks, said processor in at least one server in a cluster of servers.
- 41. A hardware processor providing remote direct memory access capability for enabling data transfer using a protocol other than TCP, SCTP and UDP over IP networks, said processor embedded in at least one server in a cluster of servers.
- 42. A hardware processor providing remote direct memory access capability on an Ethernet network, said processor embedded in at least one server in a cluster of servers.
- 44. A chip set having embedded therein a hardware processor providing remote direct memory access capability for enabling data transfer using TCP, SCTP or UDP or a combination of any of the foregoing over IP networks.
- 48. A multi-port hardware processor of a predetermined speed providing remote direct memory access capability for enabling data transfer using TCP, SCTP or UDP or a combination of any of the foregoing over IP networks, said processor coupled to multiple input and output ports each having slower speed line rates than said predetermined speed, the sum of said slower line speeds being less than or equal to said predetermined speed.
- 50. A hardware processor providing remote direct memory access capability for enabling telecommunications or networking using TCP, SCTP or UDP or a combination of any of the foregoing over IP.
-
51. A hardware processor providing remote direct memory access (RDMA) capability, said processor for enabling data transfer using TCP over IP or SCTP over IP or UDP over IP or Ethernet networks, or a combination of any of the foregoing, to a host running an application, said hardware processor comprising:
-
a. registration circuitry for allowing said application to register a memory region of said host processor with said hardware processor for RDMA access;
b. communication circuitry for exporting said registered memory region to at least one peer hardware processor having RDMA capability and for informing said peer of said host processor'"'"'s desire to allow said peer to read data from or write data to said registered memory region; and
c. RDMA circuitry for allowing information transfer to and/or from said registered region of memory without substantial host processor intervention.
-
-
52. In a hardware processor providing remote direct memory access (RDMA) capability, said hardware processor for enabling data transfer and using a TCP over IP or SCTP over IP or UDP over IP or Ethernet networks, or a combination of any of the foregoing, the process of performing RDMA for an application running on a host processor, said process comprising:
-
a. said application registering a region of memory of said host processor for RDMA;
b. said host processor making said region of memory available to a peer processor for access directly without substantial intervention by said host processor in said data transfer;
c. said hardware processor communicating to said peer processor said host processor'"'"'s desire to allow said peer processor to read data from or write data to said region of memory; and
d. said hardware processor enabling information transfer from or to said registered region of memory without substantial host processor intervention in said information transfer. - View Dependent Claims (53)
-
-
54. A hardware processor providing a transport layer remote direct memory access (RDMA) capability, said processor for enabling data transfer over a network using TCP over IP in one or more session connections, said processor including a TCP/IP stack, said stack including an interface to upper layer functions to transport data traffic, said stack providing at least one of the functions of:
-
a. sending and receiving data, including upper layer data;
b. establishing transport sessions and session teardown functions;
c. executing error handling functions;
d. executing time-outs;
e. executing retransmissions;
f. executing segmenting and sequencing operations;
g. maintaining protocol information regarding said active transport sessions;
h. maintaining TCP/IP state information for each of said one or more session connections;
i. fragmenting and defragmenting data packets;
j. routing and forwarding data and control information;
k. sending to and receiving from a peer, memory regions reserved for RDMA;
l. recording said memory regions reserved for RDMA in an RDMA database and maintaining said database;
m. executing operations provided by RDMA capability;
n. executing security management functions;
o. executing policy management and enforcement functions;
p. executing virtualization functions;
q. communicating errors;
r. processing Layer 2 media access functions to receive and transmit data packets, validate the packets, handle errors, communicate errors and other Layer 2 functions;
s. processing physical layer interface functions;
t. executing TCP/IP checksum generation and verification functions;
u. processing Out of Order packet handling;
v. CRC calculation functions;
w. processing Direct Data Placement/Transfer;
x. Upper Layer Framing functions;
y. processing functions and interface to socket API'"'"'s;
z. forming packet headers for TCP/IP for transmitted data and extraction of payload from received packets; and
aa. processing header formation and payload extraction for Layer 2 protocols of data to be transmitted and received data packets;
respectively. - View Dependent Claims (55, 56, 57)
-
- 58. An IP processor having RDMA capability, comprising an IP network application processor core for enabling TCP or SCTP or UDP or a combination of any of the foregoing over IP networks, comprising an intelligent flow controller, at least one packet processor, a programmable classification engine, a storage policy engine or network policy engine, a security processor, a session memory, a memory controller, a media interface and a host interface.
-
63. An IP processor having RDMA capability for enabling TCP or SCTP or other session oriented protocols or UDP over IP networks, said processor comprising:
-
a. an RDMA mechanism for performing RDMA data transfer;
b. at least one packet processor for processing IP packets;
c. a session memory for storing IP session information;
d. a memory controller for controlling memory accesses;
e. a media interface for coupling to a network; and
f. a host interface for coupling to a host or a fabric interface for coupling to a fabric. - View Dependent Claims (64, 65, 66, 246)
-
-
67. A processor for processing Internet data packets in one or more sessions and capable of executing transport layer RDMA functions, said processor including a session memory for storing frequently or recently used session information for a plurality of sessions.
-
68. A processor for processing Internet data packets in one or more sessions, said processor comprising an RDMA mechanism, and a session memory for storing session information for a plurality of said sessions.
-
69. A hardware implemented IP network application processor implementing remote direct memory access (RDMA) capability for providing TCP/IP operations in sessions on information packets from or to an initiator and providing information packets to or from a target, comprising the combination of:
-
a. data processing resources comprising at least one programmable packet processor for processing said packets;
b. an RDMA mechanism capable of providing remote direct memory access function between said initiator and said target;
c. a TCP/IP session cache and memory controller for keeping track of the progress of, and memory useful in, said operations on said packets;
d. a host interface controller capable of controlling an interface to a host computer in an initiator or target computer system or a fabric interface controller capable of controlling an interface to a fabric; and
e. a media independent interface capable of controlling an interface to the network media in an initiator or target. - View Dependent Claims (70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 83, 84, 85)
-
-
81. The process, in a hardware implemented control plane processor or session controller capable of executing transport level RDMA functions and coupled to a host processor or a remote peer, of creating new sessions and their corresponding session database entries responsive to new session connection requests received either from the host processor or the remote peer.
-
82. The process, in hardware implemented control plane processor or session controller capable of executing transport level RDMA functions and coupled to a host processor or a remote peer and including a TCP/IP hardware processor or an IP storage hardware packet processor, or a combination of any of the foregoing, of tearing down or removing sessions and their corresponding session database entries responsive to session connection closure requests received either from the host processor or the remote peer or as a result of the operation by the said TCP/IP packet processor or IP Storage packet processor or a combination of any of the foregoing.
-
86. The process in a hardware implemented processor capable of remote direct memory access for enabling storage and retrieval of data in a host memory subsystem, in an initiator system or in a target system, where said data is transferred using one or more data packets over an IP network
a. from or to said target system to and from a host in said initiator system, or b. from or to said initiator system to and from a host in said target system, i. said initiator system and said target system each including at least one hardware implemented processor capable of enabling storage and retrieval of data packets over an IP network and said target system and said initiator system each having a connection to said IP network, (a) said process comprising providing a remote direct memory access process for said storage and retrieval without said host substantially controlling said remote direct memory access capability.
-
97. A hardware processor providing TCP or SCTP or other session oriented protocols, or UDP over IP or any combination of any of the foregoing, including RDMA capability for data transfer over a network from or to an initiator and to or from said target, said operations requested by a host processor, comprising:
-
a. an RDMA mechanism;
b. a command scheduler for scheduling commands or other operations from the command layer or socket layer or RDMA layer, or any combination of any of the foregoing, of said host processor for operation in the hardware processor;
c. first command queues for queuing commands or other operations from said host processor for existing sessions;
d. second command queues for queuing commands or other operations from said host processor for sessions that do not currently exist;
e. a database for recording in database entries the state of the session on which said command or other operation or its associated data is transported, said database also for recording progress of RDMA for those of said commands or other operations that use RDMA; and
f. at least one transmit/receive engine and at least one command engine coupled together, said engines working together to interpret commands and perform appropriate operations for performing RDMA for storing/retrieving data to/from or transmitting/receiving data to/from said target or said initiator. - View Dependent Claims (102)
-
- 98. A hardware processor for enabling data transfer over IP networks, said processor embedded in a blade server for providing networking capability.
-
101. A hardware processor providing transport layer RDMA capability for enabling telecommunications or networking over an IP network.
-
103. For use in a hardware implemented IP network application processor having remote direct memory access capability and including an input queue and queue controller for accepting incoming data packets including new commands from multiple input ports and queuing them on an input packet queue for scheduling and further processing, the process comprising:
- accepting incoming data packets from one or more input ports and queuing them on an input packet queue; and
de-queuing said packets for scheduling and further packet processing. - View Dependent Claims (104, 105, 106, 107, 108, 109, 110, 111, 112, 113, 114)
- accepting incoming data packets from one or more input ports and queuing them on an input packet queue; and
-
115. A packet scheduler and sequencer for scheduling to a classification engine and to additional data processor resources in a hardware IP processor (1) data packets incoming to said IP processor over an IP network and (2) tasks relating thereto, comprising:
-
a. a classification controller and scheduler for retrieving packet headers from a queue controller and transmitting data said packets to said classification engine for determining classification and managing execution of said packets;
b. a queue for receiving headers of said packets for transmission to said classification controller and scheduler;
c. an input queue for transmitting commands, including security commands, to said data processor resources for execution for fragmented packets or secure packets;
d. a state controller and sequencer for receiving state information of processes active inside said hardware processor and including means for providing instructions for the next set of processes to be active;
e. an interface to a memory controller for queuing said packets that are fragmented packets or that are not processed due to resources being backed up;
f. a resource allocation table for assigning received packets or commands to ones of said processor resources based on the current state of said resources;
g. a packet memory store located within or external to the packet scheduler and sequencer for storing packets, packet tags, or classification results;
h. a priority selector and a packet fetch and command controller, i. said priority selector for retrieving commands and packet tags from respective queues based on assigned priority; and
ii. said packet fetch and command controller for retrieving the packet tags and classification results from said packet memory store and scheduling the packet transfer to appropriate resources; and
i. storage for receiving such classification results and transmitting said packets to said data processor resources based on the said classification results. - View Dependent Claims (117, 119, 121, 125, 126, 129, 131, 135)
-
-
116. A classification resource for classifying, and a packet scheduler and sequencer for scheduling, to data processor resources in a hardware IP processor (1) data packets incoming to said IP processor over an IP network and (2) tasks relating thereto, comprising:
-
a. a classification controller and scheduler for retrieving packet headers or packets and classification tags from a classified queue of the packets that are classified by the classification engine and scheduling for a state controller and sequencer to assign them for execution to the said data processor resources;
b. an input queue for transmitting commands, including security commands, to said data processor resources for execution for fragmented packets or secure packets;
c. a state controller and sequencer for receiving state information of processes active inside said hardware IP processor and including means for providing instructions for the next set of processes to be active inside said hardware IP processor;
d. an interface to a memory controller for queuing said packets that are fragmented packets or that are not processed due to resources being backed up;
e. a resource allocation table for assigning received packets to ones of said processor resources based on the current state of said resources;
f. a packet memory store located within or external to the packet scheduler and sequencer for storing packets, packet tags, or classification results;
g. a priority selector and a packet fetch and command controller, i. said priority selector for retrieving commands and packet tags from respective queues based on assigned priority;
ii. said packet fetch and command controller for retrieving the packet tags and classification results from said packet memory store and scheduling the packet transfer to appropriate resources; and
h. storage for receiving such classification results and transmitting said packets to said data processor resources based on the said classification results. - View Dependent Claims (118, 120, 122, 132, 146)
-
-
123. The process of scheduling and sequencing Internet Protocol packets, including packet headers, and tasks to a classification engine and other execution resources of a hardware processor having RDMA capability and balancing workload to said resources comprising:
-
retrieving the packets and packet headers from a header queue and transmitting said headers to said classification engine;
receiving classification results from said classification engine and storing them to a classifier queue; and
managing the execution of said packets through said execution resources. - View Dependent Claims (127, 133)
-
-
124. The process of scheduling and sequencing in a hardware processor classifying Internet Protocol packets, said packets further comprising a classification tag and packet descriptor, to and through execution resources of a hardware processor having RDMA capability and balancing workload to said resources comprising:
-
retrieving the classified packets, classification tag and results, from a classified queue receiving these from the classification engine; and
managing the execution of said packets through the execution resources. - View Dependent Claims (128, 130, 134, 136, 137, 138, 139, 140, 141, 142, 143, 144, 145, 147, 148, 149)
-
- 150. A hardware data processing classifier engine for classifying Internet data packets for traverse through a utilizing system, said classifying being accomplished according to the type of the packet, the protocol type, the port addresses of the packet, the source of the packet or the destination of the packet or a combination of any of the foregoing.
- 154. The process of a hardware classifier engine, in a hardware IP processor having a memory for storing a database of IP session entries and execution resources, classifying Internet Protocol packets in accordance with an attribute including examining fields of a received packet to identify the type of the packet, the protocol type, the packet'"'"'s port addresses, the packet source and the packet destination.
-
173. An Internet Protocol packet processor including RDMA capability and capable of being coupled to a scheduler, to a TCP engine or a storage engine, or a combination of any of the foregoing, said processor comprising:
-
an instruction decoder and sequencer;
an instruction memory or data memory or a combination of any of the foregoing;
an execution resource;
a bus controller or memory controller or a combination of any of the foregoing;
said Processor comprising;
fetching instructions from said instruction memory;
decoding them and sequencing them through said execution resource by said instruction decoder and sequencer;
transmitting said packets from said scheduler to said bus controller;
using said bus controller for moving the data packets from said scheduler to said data memory for operation and/or for moving said data packets to and/or from said TCP engine and to and from said storage engine for processing said packet by;
(a) extracting data;
(b) generating new packets in response to said packet processing code;
or(c) transferring said extracted data or newly generated packets or combination thereof to an output interface;
said extracting, generating and transferring enabling transmission to a media interface or a host processor interface.
-
-
174. A packet scheduler and sequencer for scheduling to data processor resources in a hardware IP processor (1) data or commands incoming to said IP processor from a host processor, and (2) tasks relating thereto, comprising:
-
a. a host command queue for queuing incoming host commands;
b. said host command queue for transmitting commands, including security commands, to said data processor resources for execution;
c. a state controller and sequencer for receiving state information of processes active inside said hardware processor and including means for providing instructions for the next set of processes to be active;
d. a priority selector and a packet fetch and command controller, i. said priority selector for retrieving commands and packet tags from respective queues based on assigned priority, and ii. said packet fetch and command controller for retrieving the commands from the said command queue or packet tags from said packet memory store and classification results and scheduling the packet or command transfer to appropriate resources; and
e. a resource allocation table for assigning received packets or commands to ones of said processor resources based on the current state of said resources. - View Dependent Claims (175)
-
-
176. For use in a hardware implemented IP network application processor capable of executing transport level RDMA functions and having one or more output queues for accepting outgoing data packets, including new commands, from one or more packet processor engines, TCP/IP processor engines or IP Storage processing engines, directing said packets on to an output port interface for sending them out to a network interface, said interface sending said packets on to the network, through one or more output packets, said process including:
- accepting incoming data packets from one or more packet processing engines and queuing them on said output packet queue; and
de-queuing said packets for delivery to said output port based on the destination port information in said packet. - View Dependent Claims (177, 178, 179)
- accepting incoming data packets from one or more packet processing engines and queuing them on said output packet queue; and
-
180. A storage flow and RDMA controller for controlling the flow of storage or non-storage data or commands, or a combination thereof, which may or may not require RDMA, for scheduling said commands and data to a scheduler or host processor or control plane processor or additional data processor resources including one or more packet processors, in a hardware IP processor, wherein (1) data or commands are incoming to said IP processor over an IP network, or (2) data or commands are incoming from the host interface from the host processor, said storage flow and RDMA controller comprising at least one of:
-
a. a command scheduler, state controller and sequencer for retrieving commands from a one or more command queues and sending the said command to the control plane processor or the scheduler or one or more of said packet processors for further processing, and managing execution of the said commands by these resources;
b. a new commands input queue for receiving new commands from a host processor;
c. an active command queue for holding commands that are being processed, including newly scheduled commands processed from the said new commands queue;
d. an output completion queue for transmitting the status and the completed commands or their ID to the host processor for the host to take necessary actions, including updating statistics related to the command and/or the connection, any error handling, releasing of any data buffers based on the command under execution;
e. an output new requests queue for transmitting to the host processor and the drivers running on the host, incoming commands from the packets received by the said IP packet processor for the host to take appropriate actions which may include allocating appropriate buffers for receiving incoming data on the connection, or acting on RDMA commands, or error handling commands or any other incoming commands;
f. a command look-up engine to look-up the state of the commands being executed including look-up of associated memory descriptors or memory descriptor lists, protection look-up to enable the state update of the commands and enabling the flow of the data associated with the commands to or from the host processor through the host interface;
g. command look-up tables to store the state of active commands as directed by the said command look-up engine or retrieve the stored state as directed by the said command look-up engine;
h. said host interface enabling the transfer of data and/or commands to or from the host processor;
i. a host data pre-fetch manager that directs the pre-fetch of the data anticipated to be required based on the commands active inside the said IP processor, to accelerate the data transfer to the appropriate packet processors when required for processing;
j. an output data queue for transporting the retrieved data and/or commands form the host processor to the said scheduler or the said control plane processor or the said packet processors for further processing by those resources;
k. output buffers to hold the data received from the host using the host interface for sending them to the appropriate IP processor resources, including the scheduler or the packet processors or the control plane processor or the session cache and memory controller;
l. an output queue controller that controls the flow of the received host data to the said output buffers and the said output queues working with the host data prefetch manager and/or the command scheduler, state controller and sequencer;
m. an input data queue for receiving incoming data extracted by the said packet processor or the control plane processor to be directed to the host processor;
n. an RDMA engine to perform the RDMA tasks required by those incoming or outgoing RDMA commands or RDMA data, comprising means for recording, retrieving and comparing the region ID, protection keys, performing address translation, and retrieving or depositing data from or to the data buffers in the host memory and further comprising means for providing instructions for the next set of actions or processes to be active for the RDMA commands;
o. an RDMA look-up table that holds RDMA information, including state per connection or command, used by said RDMA engine to process RDMA commands;
p. a Target/Initiator Table which is used to record target/initiator information for said data or commands, including IP address, the port to use to reach said IP address and connection or connections to the target/initiator used by the said command scheduler, state controller and sequencer;
orq. a combination of any of the foregoing.
-
-
181. The process of scheduling and sequencing commands and tasks to a scheduler, control plane processor, session cache and memory controller, packet processors and other execution resources of an IP hardware processor comprising:
-
retrieving the commands from a command queue and interpreting the command; and
retrieving the command state by retrieving the command state of execution from a command look-up engine;
or storing the command initial state to the command look-up engine and command look-up tables for new command;
or storing the command state to the command look-up engine and command look-up table for an active command; and
transmitting said commands to said scheduler, or control plane processor or session cache and memory controller, or packet processors and managing the execution of said commands through their states until command execution is completed;
- View Dependent Claims (182, 183, 184, 185, 187, 188, 192, 193, 194, 195, 196, 197)
-
-
186. An RDMA process comprising:
- identifying the RDMA command and the connection that it is associated with;
retrieving the state of the RDMA command;
selecting the next step for handling the RDMA command based on the current RDMA state and retrieving associated data from a host data buffer or queuing said associated data for depositing to the RDMA buffer of a host processor identified by the said RDMA command; and
updating the state of the RDMA process in an RDMA look-up table for use in handling the next command associated with this connection for storage or non-storage data transfer. - View Dependent Claims (189, 190, 191)
- identifying the RDMA command and the connection that it is associated with;
-
198. For use in a hardware implemented IP network application processor, including execution resources, a host interface controller comprising a host bus interface controller to control the physical protocol for transporting data to and from a host bus;
- a host transaction controller and interrupt controller for controlling and directing transactions on a host bus used to perform data transfers over the host bus;
a DMA engine used to perform direct memory access of the data involved in the transfers directly to or from a host memory without substantial host processor intervention;
a host command unit used to decode the command received from the drivers or applications on a host processor involved in the data transfer over an IP network including commands to setup or retrieve various configuration, control or data register resources of the said IP network application processor; and
a host input queue interface providing the data received from the host to be provided to the resources of the said IP network application processor;
a host output queue interface providing the data received from the resources of the processor for depositing them into the host memory; and
a host command queue interface to provide the commands to the resources of the IP network application processor. - View Dependent Claims (199, 200)
- a host transaction controller and interrupt controller for controlling and directing transactions on a host bus used to perform data transfers over the host bus;
-
201. For use in a hardware implemented IP network application processor, a security engine, comprising:
- at least one of an authentication engine for providing message digest and message authentication capabilities;
an encryption/decryption engine that provides various encryption/decryption algorithm implementations to encrypt outgoing data or decrypt incoming data with the appropriate algorithm;
a sequencer that sequences incoming packets through at least one of authentication and encryption/decryption engines and is used to fetch the appropriate security context for the packet being processed;
a security context memory used to hold a security association database for various connections that require security operations;
a coprocessor interface and queue manager used to interface a security engine and said security context with an offchip security processor and/or security context memory;
one or more clear packet input queues to receive packets that need encryption and/or message authentication;
a secure packet output queue used to transfer the packets that have gone through security processing by the security engine on their way out to the IP network from the said IP network application processor;
a secure packet input queue which receives the incoming IP network packets that are classified as secure packets and need security processing before further processing inside the IP network application processor;
or a clear packet output queue used to transfer the incoming IP network packets that have been processed by the security engine, or a combination of any of the foregoing. - View Dependent Claims (202, 203, 204, 205, 206)
- at least one of an authentication engine for providing message digest and message authentication capabilities;
-
207. For use in a hardware implemented IP network application processor comprising one or more packet processor engines, a session controller or connection manager comprising a global session cache and memory complex for caching, storing and retrieving session database entries for the connections being processed by the said IP network application processor;
- a control plane processor to create and teardown session entries to be held in the session cache and memory;
a local session database cache to hold the active session information inside the packet processor engines of the said IP network application processor;
a session database lookup engine inside one or more of the packet processor engines to retrieve session database entries from the global session cache and memory;
a session manager that is local to a packet processor used to retrieve session entries from local session cache; and
a global session data base look-up engine inside the session cache and memory complex to store, search and retrieve specific session entries to serve the specific sessions from a session memory. - View Dependent Claims (208, 209, 210, 211, 212, 213, 214, 215)
- a control plane processor to create and teardown session entries to be held in the session cache and memory;
-
216. An IP processor having transport layer RDMA capability and comprising an IP network application processor core or an IP Storage network application processor core for enabling TCP over IP networks, said processor core comprising:
-
a. an RDMA mechanism for performing RDMA data transfer b. at least one packet processor for processing packets;
c. a session memory for storing session information;
d. at least one memory controller for controlling memory accesses;
e. a media interface for coupling to at least one network; and
f. a host interface for coupling to at least one host or a fabric interface for coupling to a fabric. - View Dependent Claims (217, 218, 219)
-
-
230. A hardware processor capable of executing a transport layer RDMA protocol on an IP Network.
-
231. The manufacturing process of creating a hardware processor capable of executing a transport layer RDMA protocol on an IP Network.
-
232. The manufacturing process of creating on a hardware processor an RDMA mechanism capable of performing a transport layer RDMA protocol on an IP Network.
- 233. A hardware processor capable of executing a transport layer RDMA protocol on an IP Network for Internet Protocol data transfers, and including at least one packet processor having an internal memory containing as database entries, frequently or recently used IP session information for processing said data transfers.
-
235. A hardware processor capable of executing a transport layer RDMA protocol on an IP Network for Internet data transfer, and including at least one packet processor engine for processing said data transfers.
- 236. A chip set having embedded therein a hardware processor providing transport layer remote direct memory access capability for enabling high-speed storage using TCP, SCTP or UDP over IP networks.
-
240. In a hardware processor capable of executing a transport layer RDMA protocol for transporting data packets in TCP/IP or other session oriented protocol sessions or flows over an IP network, a scheduler for scheduling said packets to execution resources of the hardware processor, said scheduler comprising:
-
a. a resource allocation table for storing i. the identification of at least some of said execution resources, ii. the identification of the session which at least one of said resources is executing, and iii. the processing state of said resources, and b. a state controller and sequencer coupled to said resource allocation table and to said execution resources, said state controller and sequencer scheduling packets to be processed on a specific session to the execution resource executing said specific session, said scheduling based on at least the execution state of said execution resource. - View Dependent Claims (241, 242)
-
-
243. In a data processing apparatus capable of executing a transport layer RDMA protocol for transporting data packets in TCP/IP or other session oriented protocol sessions or flows over an IP network, a scheduler for scheduling said packets to execution resources of the hardware processor, said scheduler comprising:
-
a. a resource allocation table for storing i. the identification of at least some of said execution resources, ii. the identification of the TCP/IP session which at least one of said resources is executing, iii. the processing state of said resources, and b. a state controller and sequencer coupled to said resource allocation table, and to said execution resources, said state controller and sequencer scheduling packets to be processed on a specific session to the execution resource executing said specific session, said scheduling based on at least the execution state of said execution resource. - View Dependent Claims (244, 245)
-
-
248. A processor implemented in hardware and capable of performing transport layer RDMA functions, and including a session memory for storing session information for a plurality of sessions.
-
249. A hardware processor having transport layer RDMA capability for enabling Internet Protocol packets or their payloads to stream from a network interface through said hardware processor to a host interface or a fabric interface during packet processing, said hardware processor comprising:
-
a. an RDMA mechanism for performing RDMA data transfer;
b. at least one packet processor for processing said packets;
c. a packet memory;
d. a scheduler coupled to said at least one packet processor and to said packet memory for scheduling said packets to said at least one packet processor;
e. a session memory for storing session information for those packets transmitted, encapsulated or encoded using a session oriented protocol; and
f. a session manager coupled to the foregoing elements for managing session states for those packets transmitted, encapsulated or encoded using a session oriented protocol. - View Dependent Claims (250, 251, 252, 253, 254, 255)
-
-
256. An IP processor having RDMA capability for enabling TCP or other session oriented protocols over IP networks, said processor comprising:
-
a. an RDMA mechanism for performing RDMA data transfer b. at least one packet processor for processing IP packets;
c. a session memory for storing IP session information;
d. at least one memory controller for controlling memory accesses;
e. at least one media interface for coupling to at least one network; and
f. a host interface for coupling to at least one host or a fabric interface for coupling to a fabric;
i. wherein said processor operates in multiple stages, including one or more of the stages of (1) receiving incoming IP packets;
(2) providing security for processing said incoming IP packets if needed;
(3) classifying said incoming IP packets;
(4) scheduling IP packets for processing;
(5) executing data and/or protocol processing operations on IP Packets;
(6) providing direct memory access for transferring data/packets to or from the memory of a system external to said processor;
(7) executing protocol processing operations on data or commands forming IP packets;
(8) providing security processing security for outgoing IP packets, if needed;
or (9) transmitting IP packets onto a network;
or any combination of the foregoing; and
(a) each of said stages is capable of operating on different IP packets concurrently. - View Dependent Claims (257)
-
-
259. For use in a processor capable of executing a transport layer RDMA protocol over an IP Network for Internet Protocol data transfers in IP sessions a memory system comprising:
-
a. a session memory containing as database entries frequently or recently used IP session information for processing said data transfers;
b. a global memory accessible by said session memory and containing as database entries, IP session information for processing said data transfers, said IP session information contained in said global memory being less frequently or less recently used than the IP session information contained in said session memory; and
c. a third memory accessible by global memory and containing as database entries, IP session information for processing said data transfers, said IP session information contained in said third memory being less frequently or less recently used than the IP session information contained in said global memory.
-
Specification