Hashing algorithm for network receive filtering

US 9,594,842 B2
Filed: 01/30/2015
Issued: 03/14/2017
Est. Priority Date: 10/20/2005
Status: Active Grant

First Claim

Patent Images

1. A method for use by a host computer system in dynamically reconfiguring a filter table in a network interface device, the filter table having a plurality of filter entries, the method comprising:

receiving a request to close a specified network socket;

identifying in the network interface device filter table a particular filter entry in a particular chain of filter entries, the particular filter entry containing data that corresponds to the specified socket;

responsive to a determination that removing from the filter table data from a first set of filter entries including the particular filter entry would not reduce a maximum chain length of filter entries in the filter table, the module replacing the data in the particular filter entry in the filter table with a tombstone marker; and

responsive to a determination that removing from the filter table data from a second set of filter entries including the particular filter entry would reduce the maximum chain length of filter entries in the filter table, performing a garbage collection of tombstoned filter entries;

wherein the chain length of the particular chain of filter entries is the number of entries between a first filter entry of the particular chain and the last filter entry that contains data corresponding to an open socket, inclusive.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Roughly described, a network interface device is assigned a maximum extent-of-search. A hash function is applied to the header information of each incoming packet, to generate a hash code for the packet. The hash code designates a particular subset of the table within which the particular header information should be found, and an iterative search is made within that subset. If the search locates a matching entry before the search limit is exceeded, then the incoming data packet is delivered to the receive queue identified in the matching entry. But if the search reaches the search limit before a matching entry is located, then device delivers the packet to a default queue, such as a kernel queue, in the host computer system. The kernel is then responsible for delivering the packet to the correct endpoint.

Citations

30 Claims

1. A method for use by a host computer system in dynamically reconfiguring a filter table in a network interface device, the filter table having a plurality of filter entries, the method comprising:
- receiving a request to close a specified network socket;
  
  identifying in the network interface device filter table a particular filter entry in a particular chain of filter entries, the particular filter entry containing data that corresponds to the specified socket;
  
  responsive to a determination that removing from the filter table data from a first set of filter entries including the particular filter entry would not reduce a maximum chain length of filter entries in the filter table, the module replacing the data in the particular filter entry in the filter table with a tombstone marker; and
  
  responsive to a determination that removing from the filter table data from a second set of filter entries including the particular filter entry would reduce the maximum chain length of filter entries in the filter table, performing a garbage collection of tombstoned filter entries;
  
  wherein the chain length of the particular chain of filter entries is the number of entries between a first filter entry of the particular chain and the last filter entry that contains data corresponding to an open socket, inclusive.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. The method of claim 1, wherein receiving the request is performed by a module in the host computer system.
  - 3. The method of claim 2, wherein the module in the host computer system receiving the request to close a specified network socket runs as a kernel level process of the host computer system, and the request is received from a user level process.
  - 4. The method of claim 3, wherein the request to close a specified network socket is a UNIX close( ) system call.
  - 5. The method of claim 1, wherein identifying a particular filter entry containing data that corresponds to the specified socket, is performed by a module in the host computer system.
  - 6. The method of claim 5, wherein:
    - the module has a host-centric copy of the network interface device'"'"'s filter table; and
      
      identifying the particular filter entry in the network interface device'"'"'s filter table which corresponds to the specified socket comprises;
      
      searching the host-centric copy for an entry containing data therein that corresponds to the specified socket; and
      
      identifying the particular filter entry based on the entry found in the host-centric copy of the network interface device'"'"'s filter table.
  - 7. The method of claim 6, wherein searching the host-centric copy of the network interface device'"'"'s filter table comprises a hashed search.
  - 8. The method of claim 1, wherein the first set of filter entries and the second set of filter entries are the same set.
  - 9. The method of claim 1, wherein the second set of filter entries includes the particular filter entry and all tombstoned entries in the particular chain of filter entries.
  - 10. The method of claim 1, further comprising:
    - receiving a request to open a particular network socket;
      
      identifying in the network interface device filter table an available filter entry in which to store data that corresponds to the particular socket.
  - 11. The method of claim 10, wherein receiving the request to open a particular network socket is performed by a module in the host computer system.
  - 12. The method of claim 11, wherein the module in the host computer system receiving a request to open a particular network socket runs as a kernel process of the host computer system and the request is received from a user level process.
  - 13. The method of claim 12, wherein the request to open a particular network socket is a UNIX recvfrom( ), listen( ), or accept( ) system call.
  - 14. The method of claim 1, wherein the data stored in a filter entry comprises criteria that is used by the network interface device to match data packets received from a network.
  - 15. The method of claim 1, wherein garbage collection comprises replacing a tombstoned entry with an entry from later in the same chain which contains data corresponding to an open socket.
  - 16. The method of claim 1, wherein garbage collection comprises removing all tombstoned entries from the particular chain of filter entries.
  - 17. The method of claim 1, wherein garbage collection comprises removing all tombstoned entries from the filter table.

18. A network interface device for processing data packets received from a network, for use with a computing device, comprising:
- a memory having stored therein in a non-transitory manner a filter table having a plurality of filter entries for filtering incoming data packets for a plurality of transport protocols, each filter entry in the plurality storing values that specify comparison criteria and identifying a respective queue in the computing device to which matching incoming data packets are to be delivered;
  
  the comparison criteria identified by each of the filter entries including a destination IP address and at least one member of the group consisting of a source IP address, a source transport layer port number, and a destination transport layer port number; and
  
  logic which, in response to receipt by the network interface device of a first incoming data packet;
  
  calculates a first hash key in dependence upon content of the data packet, the first hash key identifying a first hash bucket in the filter table;
  
  performs a first iterative search of entries in the filter table for a matching entry whose comparison criteria are satisfied by content of the data packet received from the network; and
  
  if a matching entry was identified by the first iterative search, forwards the packet to the receive queue in the computing device that is indicated by the matching entry, wherein;
  
  a first one of the filter entries in the plurality of filter entries is associated with a first transport protocol, and a second one of the filter entries in the plurality of filter entries is associated with a second transport protocol different from the first transport protocol; and
  
  the first filter entry and the second filter entry store destination transport layer port numbers in different fields within the respective filter entry.
- View Dependent Claims (19, 20, 21, 22, 23, 24)
- - 19. The network interface device of claim 18, wherein the comparison criteria identified by one of the filter entries includes at least a destination IP address and a destination transport layer port number.
  - 20. The network interface device of claim 18, wherein the comparison criteria identified by one of the filter entries includes at least a destination IP address, a destination transport layer port number, and at least one of a source IP address and a source transport layer port number.
  - 21. The network interface device of claim 18, wherein a field in a filter entry having a pre-determined wildcard value is considered to match the respective field of every incoming data packet.
  - 22. The network interface device of claim 18, further comprising:
    - responsive to determining that the transport protocol indicator in the incoming data packet does not match any of the protocols of the plurality of protocols that are filtered using the filter table, forwarding the incoming data packet to a default queue in the computing device.
  - 23. The network interface device of claim 18, wherein the logic searches for and fails to find a filter entry that qualifies as a full match before searching for an entry that qualifies as a wildcard match.
  - 24. The network interface device of claim 23, wherein the logic, responsive to failing to find a matching filter entry while searching for a wildcard match, forwards the incoming data packet to a default queue in the computing device.

25. A network interface device for processing data packets received from a network, for use with a computing device, comprising:
- a memory having stored therein in a non-transitory manner a filter table having a plurality of filter entries for filtering incoming data packets, said filter entries comprising at least one chain of filter entries, a chain length of a respective chain of filter entries comprising a number of entries between a first filter entry of the respective chain and a last filter entry that contains data corresponding to an open socket, inclusive; and
  
  a resource configuration unit configured to;
  
  replace with a tombstone marker data in an identified filter table entry that corresponds to a specific socket, in response to receipt from the computing device of a request to remove the identified filter table entry, when removing from the filter table data from a chain of filter entries including the identified filter table entry would not reduce a maximum chain length of filter entries in the filter table; and
  
  receive from the computing device one or more requests that cause the resource configuration unit to perform garbage collection of tombstoned filter entries, responsive to a determination that removing from the filter table data from a chain of filter entries including the identified filter entry would reduce the maximum chain length of filter entries in the filter table.

26. A method for processing data packets received from a network, the method comprising:
- storing a filter table having a plurality of filter entries for filtering incoming data packets for a plurality of transport protocols, each filter entry in the plurality of filter entries storing values that specify comparison criteria and identifying a respective queue in the computing device to which matching incoming data packets are to be delivered, wherein the comparison criteria identified by each of the filter entries includes a destination IP address and at least one member of the group consists of a source IP address, a source transport layer port number, and a destination transport layer port number;
  
  receiving a first incoming data packet;
  
  calculating a first hash key in dependence upon content of the first incoming data packet, the first hash key identifying a first hash bucket in the filter table;
  
  performing a first iterative search of entries in the filter table for a matching entry whose comparison criteria are satisfied by content of the data packet received from the network; and
  
  responsive to the first iterative search identifying a matching a filter table entry, forwarding the packet to the receive queue in the computing device that is indicated by the matching entry, wherein;
  
  a first one of the filter entries in the plurality of filter entries is associated with a first transport protocol, and a second one of the filter entries in the plurality of filter entries is associated with a second transport protocol different from the first transport protocol; and
  
  the first filter entry and the second filter entry store destination transport layer port numbers in different fields within the respective filter entry.

27. A network interface device for processing data packets received from a network, for use with a computing device, comprising:
- a memory having stored therein in a non-transitory manner a filter table having a plurality of filter entries for filtering incoming data packets for a plurality of transport protocols, each filter entry in the plurality storing values that specify comparison criteria and identifying a respective queue in the computing device to which matching incoming data packets are to be delivered;
  
  the comparison criteria identified by each of the filter entries including a destination IP address and at least one member of the group consisting of a source IP address, a source transport layer port number, and a destination transport layer port number; and
  
  logic which, in response to receipt by the network interface device of a first incoming data packet;
  
  calculates a first hash key in dependence upon content of the data packet, the first hash key identifying a first hash bucket in the filter table;
  
  performs a first iterative search of entries in the filter table for a matching entry whose comparison criteria are satisfied by content of the data packet received from the network; and
  
  if a matching entry was identified by the first iterative search, forwards the packet to the receive queue in the computing device that is indicated by the matching entry, wherein;
  
  the first iterative search of filter entries is successful upon finding a filter entry that qualifies as a full match, wherein a full match comprises the incoming data packet matching a filter entry that specifies a non-wildcard value for a set of required fields comprising the destination IP address, the destination transport layer port address, and at least one of the source IP address or the source transport layer port address; and
  
  every value in the set of required fields matches the respective fields in the incoming data packet.

28. A network interface device for processing data packets received from a network, for use with a computing device, comprising:
- a memory having stored therein in a non-transitory manner a filter table having a plurality of filter entries for filtering incoming data packets for a plurality of transport protocols, each filter entry in the plurality storing values that specify comparison criteria and identifying a respective queue in the computing device to which matching incoming data packets are to be delivered;
  
  the comparison criteria identified by each of the filter entries including a destination IP address and at least one member of the group consisting of a source IP address, a source transport layer port number, and a destination transport layer port number; and
  
  logic which, in response to receipt by the network interface device of a first incoming data packet;
  
  calculates a first hash key in dependence upon content of the data packet, the first hash key identifying a first hash bucket in the filter table;
  
  performs a first iterative search of entries in the filter table for a matching entry whose comparison criteria are satisfied by content of the data packet received from the network; and
  
  if a matching entry was identified by the first iterative search, forwards the packet to the receive queue in the computing device that is indicated by the matching entry, wherein;
  
  the logic considers the first iterative search of filter entries to be successful upon finding a filter entry that qualifies as a wildcard match with the incoming data packet, wherein the filter entry specifies a non-wildcard value for a set of required fields comprising the destination IP address, and the destination transport layer port address; and
  
  every value in the set of required fields matches the respective fields in the incoming data packet.

29. A method for processing data packets received from a network, the method comprising:
- storing a filter table having a plurality of filter entries for filtering incoming data packets for a plurality of transport protocols, each filter entry in the plurality of filter entries storing values that specify comparison criteria and identifying a respective queue in the computing device to which matching incoming data packets are to be delivered, wherein the comparison criteria identified by each of the filter entries includes a destination IP address and at least one member of the group consists of a source IP address, a source transport layer port number, and a destination transport layer port number;
  
  receiving a first incoming data packet;
  
  calculating a first hash key in dependence upon content of the first incoming data packet, the first hash key identifying a first hash bucket in the filter table;
  
  performing a first iterative search of entries in the filter table for a matching entry whose comparison criteria are satisfied by content of the data packet received from the network;
  
  responsive to the first iterative search identifying a matching a filter table entry, forwarding the packet to the receive queue in the computing device that is indicated by the matching entry, wherein;
  
  the first iterative search of filter entries is successful upon finding a filter entry that qualifies as a full match, wherein a full match comprises the incoming data packet matching a filter entry that specifies a non-wildcard value for a set of required fields comprising the destination IP address, the destination transport layer port address, and at least one of the source IP address or the source transport layer port address; and
  
  every value in the set of required fields matches the respective fields in the incoming data packet.

30. A method for processing data packets received from a network, the method comprising:
- storing a filter table having a plurality of filter entries for filtering incoming data packets for a plurality of transport protocols, each filter entry in the plurality of filter entries storing values that specify comparison criteria and identifying a respective queue in the computing device to which matching incoming data packets are to be delivered, wherein the comparison criteria identified by each of the filter entries includes a destination IP address and at least one member of the group consists of a source IP address, a source transport layer port number, and a destination transport layer port number;
  
  receiving a first incoming data packet;
  
  calculating a first hash key in dependence upon content of the first incoming data packet, the first hash key identifying a first hash bucket in the filter table;
  
  performing a first iterative search of entries in the filter table for a matching entry whose comparison criteria are satisfied by content of the data packet received from the network; and
  
  responsive to the first iterative search identifying a matching a filter table entry, forwarding the packet to the receive queue in the computing device that is indicated by the matching entry, wherein;
  
  the logic considers the first iterative search of filter entries to be successful upon finding a filter entry that qualifies as a wildcard match with the incoming data packet, wherein the filter entry specifies a non-wildcard value for a set of required fields comprising the destination IP address, and the destination transport layer port address; and
  
  every value in the set of required fields matches the respective fields in the incoming data packet.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Xilinx, Inc. (Advanced Micro Devices, Inc.)
Original Assignee
SolarFlare Communications Incorporated (Advanced Micro Devices, Inc.)
Inventors
Pope, Steven L., Roberts, Derek, Riddoch, David J., Yu, Ching, Chiang, John Mingyung, Chu, Der-Ren
Primary Examiner(s)
ALAM, SHAHID AL

Application Number

US14/611,105
Publication Number

US 20150142832A1
Time in Patent Office

774 Days
Field of Search

707/754
US Class Current

1/1
CPC Class Codes

G06F 16/325   Hash tables

G06F 16/951   Indexing; Web crawling tech...

G06F 16/9535   Search customisation based ...

G06F 16/9538   Presentation of query results

H04L 45/742   Route cache; Operation thereof

H04L 45/745   Address table lookup; Addre...

H04L 45/7452   Multiple parallel or consec...

H04L 47/2441   relying on flow classificat...

H04L 47/621   Individual queue per connec...

H04L 49/90   Buffering arrangements

H04L 67/10   in which an application is ...

H04L 69/16   Implementation or adaptatio...

H04L 69/161   Implementation details of T...

H04L 69/162   involving adaptations of so...

H04L 69/163   In-band adaptation of TCP d...

H04L 69/164   Adaptation or special uses ...

H04L 69/22   Parsing or analysis of headers

Y10S 707/922   Communications

Hashing algorithm for network receive filtering

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

Citations

30 Claims

Specification

Solutions

Use Cases

Quick Links

Hashing algorithm for network receive filtering

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

30 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links