Virtualizing the operation of intelligent network interface circuitry
First Claim
1. A method of operating network interface circuitry, wherein the network interface circuitry is configured to couple a host computer to a network to facilitate communication over the network between the host computer and a peer, the method comprising:
- by the network interface circuitry,receiving data from the peer via the network; and
processing the received data, including;
where there is a layer-2 classification rule associated with characteristics of the received data, automatically applying the classification rule to the received data; and
demultiplexing the received layer-2 packets according to destination queues associated with the host computer,wherein the method further comprises;
applying to the received data a layer-3 classification rule associated with characteristics of the received data, thereby filtering ingress packets that have layer-2 characteristics not consistent with the layer-3 characteristics; and
applying to the received data a VLAN classification rule associated with characteristics of the received data, thereby filtering ingress packets that have layer-2 characteristics and layer-3 characteristics that are not consistent with the VLAN characteristics.
11 Assignments
0 Petitions
Accused Products
Abstract
The present invention is in the field of virtualization of Network Interface Cards and Controllers (NIC) that connect to for example a host computer that can have multiple functions and OS'"'"'s (referred to as guest functions and guest-OS'"'"'s) running on it simultaneously and, in particular, relates to the virtualization of the operation of a single NIC such that it can be used simultaneously by multiple guests in such a manner that memory references due to the network traffic originating from and destined to a particular guest is kept separate from other network traffic, and that allows the Media Access Controller (MAC) within the NIC to operate such that it only accepts network packets that are destined to one of the guest-functions or guest-OS'"'"'s, and the MAC is not required to operate in promiscuous mode where it accept all incoming packets in order to implement the virtualization features.
166 Citations
16 Claims
-
1. A method of operating network interface circuitry, wherein the network interface circuitry is configured to couple a host computer to a network to facilitate communication over the network between the host computer and a peer, the method comprising:
-
by the network interface circuitry, receiving data from the peer via the network; and processing the received data, including; where there is a layer-2 classification rule associated with characteristics of the received data, automatically applying the classification rule to the received data; and demultiplexing the received layer-2 packets according to destination queues associated with the host computer, wherein the method further comprises; applying to the received data a layer-3 classification rule associated with characteristics of the received data, thereby filtering ingress packets that have layer-2 characteristics not consistent with the layer-3 characteristics; and applying to the received data a VLAN classification rule associated with characteristics of the received data, thereby filtering ingress packets that have layer-2 characteristics and layer-3 characteristics that are not consistent with the VLAN characteristics.
-
-
2. A method of operating network interface circuitry, wherein the network interface circuitry is configured to couple a host computer, executing a plurality of guest functions, to a network to facilitate communication over the network between the host computer and a peer, the method comprising:
-
by the network interface circuitry, receiving data packets from the peer via the network; and processing the received data packets, including; processing a classification rule associated with characteristics of the received data packets and automatically applying the classification rule to the received data packets to determine at least one set of at least one destination queue associated with the host computer; and demultiplexing the received data packets according to the determined at least one set of at least one destination queue, each separate set of at least one destination queue associated with a separate guest function configured for execution on the host computer, wherein; the host computer is executing a virtual operating system on top of which a plurality of operating system instances are executing, each operating system instance being an instance of a guest-OS having at least one of the guest-functions associated therewith; at least one of the set of destination queues is associated with the virtual operating system; and the classification rules are such that broadcast and/or multicast packets are demultiplexed according to the at least one of the set of destination queues that is associated with the virtual operating system. - View Dependent Claims (3, 4, 5, 6, 7, 8, 9)
-
-
10. A method of operating network interface circuitry, wherein the network interface circuitry is configured to couple a host computer, executing a plurality of guest functions, to a network to facilitate communication over the network between the host computer and a peer, the method comprising:
-
by the network interface circuitry, receiving data packets from the peer via the network; and processing the received data packets, including; processing a classification rule associated with characteristics of the received data packets and automatically applying the classification rule to the received data packets to determine at least one set of at least one destination queue associated with the host computer; and demultiplexing the received data packets according to the determined at least one set of at least one destination queue, each separate set of at least one destination queue associated with a separate guest function configured for execution on the host computer, wherein; the received data packets are network layer packets encapsulating packets at a higher layer than the network layer; applying the classification rule to the received data packets includes applying a classification rule associated with characteristics of the received data at the network layer, thereby filtering packets that have higher layer characteristics not consistent with the network layer characteristics; and processing the classification rule associated with characteristics of the received data packets and automatically applying the classification rule to the received data packets to determine at least one set of at least one destination queue associated with the host computer includes classifying the packets according to a network layer header and at least one header associated with the higher layer.
-
-
11. A method of operating network interface circuitry, wherein the network interface circuitry is configured to couple a host computer to a network to facilitate communication over the network between the host computer and a peer, the method comprising:
-
by the network interface circuitry, receiving data from the peer via the network; and processing the received data, including; where there is a layer-2 classification rule associated with characteristics of the received data, automatically applying the classification rule to the received data; and demultiplexing the received layer-2 packets according to destination queues associated with the host computer, wherein the method further comprises; applying to the received data a layer-3 classification rule associated with characteristics of the received data, thereby filtering ingress packets that have layer-2 characteristics not consistent with the layer-3 characteristics; and applying to the received data a layer-4 classification rule associated with characteristics of the received data, thereby filtering ingress packets that have layer-2 and layer-3 characteristics not consistent with the layer-4 characteristics. - View Dependent Claims (12, 13, 14, 15, 16)
-
Specification