公开(公告)号：US10958627B2

公开(公告)日：2021-03-23

申请号：US16858874

申请日：2020-04-27

Applicant: Mellanox Technologies, Ltd.

Inventor： Adi Menachem ,  Liran Liss ,  Boris Pismenny

IPC: H04L29/06 ,  G06F21/60 ,  G06F21/53 ,  H04L9/08 ,  G06F9/455 ,  H04L9/14 ,  H04L9/32

Abstract: Computing apparatus includes a host processor, which runs a virtual machine monitor (VMM), which supports a plurality of virtual machines and includes a cryptographic security software module. A network interface controller (NIC) links the host processor to a network so as to transmit and receive data packets from and to the virtual machines and includes a cryptographic security hardware logic module, which when invoked by the VMM, applies the cryptographic security protocol to the data packets while maintaining a state context of the protocol with respect to each of the virtual machines. Upon encountering an exception in applying the cryptographic security protocol, the NIC transfers the data packet, together with the state context of the cryptographic security protocol with respect to the given virtual machine, to the cryptographic security software module for processing.

公开(公告)号：US10476803B2

公开(公告)日：2019-11-12

申请号：US15844658

申请日：2017-12-18

Applicant: MELLANOX TECHNOLOGIES, LTD.

Inventor： Alex Shpiner ,  Liran Liss ,  Matty Kadosh

IPC: H04L12/851 ,  H04L12/875 ,  H04L12/833 ,  H04L12/865 ,  H04L12/863 ,  H04L12/26 ,  H04L12/813

Abstract: A network element connected to a data network holds a flow of data packets in a queue and periodically determines a metric of the queue. Responsively to a predetermined value of the metric the queue is associated with an elephant flow or a mouse flow. The packets are marked according to the associated flow, and the network element sends the marked packets into the data network. Other network elements process the packets according to the associated flow marked therein.

公开(公告)号：US20190190892A1

公开(公告)日：2019-06-20

申请号：US15841339

申请日：2017-12-14

Applicant: Mellanox Technologies, Ltd.

Inventor： Adi Menachem ,  Liran Liss ,  Boris Pismenny

IPC: H04L29/06 ,  H04L9/14 ,  H04L9/32 ,  G06F9/455

CPC classification number: H04L63/0428 ,  G06F9/45533 ,  G06F9/45558 ,  G06F21/53 ,  G06F21/602 ,  G06F2009/45587 ,  G06F2009/45595 ,  H04L9/0897 ,  H04L9/14 ,  H04L9/3226 ,  H04L63/0485 ,  H04L63/164 ,  H04L2209/12

Abstract: Computing apparatus includes a host processor, which runs a virtual machine monitor (VMM), which supports a plurality of virtual machines and includes a cryptographic security software module. A network interface controller (NIC) links the host processor to a network so as to transmit and receive data packets from and to the virtual machines and includes a cryptographic security hardware logic module, which when invoked by the VMM, applies the cryptographic security protocol to the data packets while maintaining a state context of the protocol with respect to each of the virtual machines. Upon encountering an exception in applying the cryptographic security protocol, the NIC transfers the data packet, together with the state context of the cryptographic security protocol with respect to the given virtual machine, to the cryptographic security software module for processing.

公开(公告)号：US09925492B2

公开(公告)日：2018-03-27

申请号：US14665043

申请日：2015-03-23

Applicant: Mellanox Technologies Ltd.

Inventor： Shlomo Raikin ,  Liran Liss ,  Ariel Shachar ,  Noam Bloch ,  Michael Kagan

IPC: G06F15/16 ,  B01D53/94 ,  G06F9/46 ,  G06F13/28 ,  G06F15/173 ,  B01J37/02 ,  B01J29/072 ,  B01J29/76 ,  B01J35/04 ,  B01J35/00

CPC classification number: B01D53/9418 ,  B01D53/9477 ,  B01D2251/2062 ,  B01D2255/20761 ,  B01D2255/50 ,  B01D2255/904 ,  B01D2255/9155 ,  B01J29/072 ,  B01J29/56 ,  B01J29/76 ,  B01J29/763 ,  B01J35/0006 ,  B01J35/023 ,  B01J35/04 ,  B01J37/0215 ,  B01J37/0246 ,  B01J37/08 ,  B01J37/30 ,  B01J2229/186 ,  F01N3/035 ,  F01N3/103 ,  F01N3/2066 ,  F01N3/2842 ,  G06F9/467 ,  G06F13/287 ,  G06F15/17331 ,  Y02C20/10

Abstract: Remote transactions using transactional memory are carried out over a data network between an initiator host and a remote target. The transaction comprises a plurality of input-output (IO) operations between an initiator network interface controller and a target network interface controller. The IO operations are controlled by the initiator network interface controller and the target network interface controller to cause the first process to perform accesses to the memory location atomically.

公开(公告)号：US09894005B2

公开(公告)日：2018-02-13

申请号：US14673892

申请日：2015-03-31

Applicant: Mellanox Technologies Ltd.

Inventor： Shachar Raindel ,  Idan Burstein ,  Noam Bloch ,  Benny Koren ,  Barak Gafni ,  Dror Goldenberg ,  Liran Liss

IPC: H04L12/28 ,  H04L12/801 ,  H04L12/707 ,  H04L12/721 ,  H04L12/803

CPC classification number: H04L47/34 ,  H04L45/22 ,  H04L45/38 ,  H04L47/122

Abstract: A method in a network element that includes multiple interfaces for connecting to a communication network includes receiving from the communication network via an ingress interface a flow including a sequence of packets, and routing the packets to a destination of the flow via a first egress interface. A permission indication for re-routing the flow is received in the ingress interface. In response to receiving the permission indication, subsequent packets of the flow are re-routed via a second egress interface that is different from the first egress interface. Further re-routing of the flow is refrained from, until receiving another permission indication.

公开(公告)号：US20160294983A1

公开(公告)日：2016-10-06

申请号：US14672397

申请日：2015-03-30

Applicant: MELLANOX TECHNOLOGIES LTD.

Inventor： Yevgeny Kliteynik ,  Aviad Yehezkel ,  Liran Liss ,  Amir Vadai ,  Eli Cohen ,  Erez Shitrit ,  Gabi Liron

IPC: H04L29/06 ,  G06F15/173 ,  G06F12/10

CPC classification number: G06F15/17331 ,  G06F12/0802

Abstract: A method for data storage includes provisioning, in a cluster of computers, including at least first and second computers, which are connected to a packet data network, a range of RAM on the second computer for use by the first computer. Blocks of data are stored in the provisioned range for use by programs running on the first computer. Upon incurring a page fault on the first computer in response to a request for a page of virtual memory by a program running on the first computer, a block swap request is directed to the NIC of the first computer with respect to the requested page. In response to the block swap request, an RDMA read request is initiated by the NIC via the network to the NIC of the second computer, to retrieve the requested page from the provisioned range, so as to resolve the page fault.

Abstract translation: 一种用于数据存储的方法包括在计算机集群中提供包括连接到分组数据网络的至少第一和第二计算机，第二计算机上的RAM的范围供第一计算机使用。 数据块存储在供应范围内供第一台计算机上运行的程序使用。 响应于通过在第一计算机上运行的程序对虚拟存储器页的请求而在第一计算机上引起页错误时，块交换请求针对所请求的页面被引导到第一计算机的NIC。 响应于块交换请求，NIC通过网络发起RDMA读取请求到第二台计算机的NIC，从提供的范围中检索所请求的页面，以便解决页面错误。

公开(公告)号：US20150222547A1

公开(公告)日：2015-08-06

申请号：US14608265

申请日：2015-01-29

Applicant: Mellanox Technologies Ltd.

Inventor： Ofer Hayut ,  Noam Bloch ,  Shlomo Raikin ,  Liran Liss

IPC: H04L12/803 ,  H04L12/721

CPC classification number: H04L49/00

Abstract: A Network Interface Controller (NIC) includes a network interface, a peer interface and steering logic. The network interface is configured to receive incoming packets from a communication network. The peer interface is configured to communicate with a peer NIC not via the communication network. The steering logic is configured to classify the packets received over the network interface into first incoming packets that are destined to a local Central Processing Unit (CPU) served by the NIC, and second incoming packets that are destined to a remote CPU served by the peer NIC, to forward the first incoming packets to the local CPU, and to forward the second incoming packets to the peer NIC over the peer interface not via the communication network.

Abstract translation: 网络接口控制器（NIC）包括网络接口，对等接口和转向逻辑。 网络接口被配置为从通信网络接收传入的分组。 对等体接口被配置为不通过通信网络与对等网络进行通信。 转向逻辑被配置为将通过网络接口接收的分组分类为目的地由NIC服务的本地中央处理单元（CPU）的第一入局分组，以及指向由对等体服务的远程CPU的第二传入分组 NIC，将首次传入的数据包转发到本地CPU，并通过对等接口将第二个传入数据包转发到对等网络，而不是通过通信网络。

公开(公告)号：US20140089451A1

公开(公告)日：2014-03-27

申请号：US13628155

申请日：2012-09-27

Applicant: MELLANOX TECHNOLOGIES LTD.

Inventor： Haggai Eran ,  Shachar Raindel ,  Liran Liss ,  Noam Bloch

IPC: G06F15/167

CPC classification number: G06F12/08 ,  G06F12/1081

Abstract: A method for data transfer includes receiving in an operating system of a host computer an instruction initiated by a user application running on the host processor identifying a page of virtual memory of the host computer that is to be used in receiving data in a message that is to be transmitted over a network to the host computer but has not yet been received by the host computer. In response to the instruction, the page is loaded into the memory, and upon receiving the message, the data are written to the loaded page.

Abstract translation: 一种用于数据传输的方法包括在主计算机的操作系统中接收由主机处理器上运行的用户应用程序发起的指令，该指令标识主计算机的虚拟存储器的页面，该页面将用于在消息中接收数据 通过网络传送到主计算机，但尚未被主计算机接收。 响应该指令，页面被加载到存储器中，并且在接收到消息时，数据被写入加载的页面。

公开(公告)号：US20140089450A1

公开(公告)日：2014-03-27

申请号：US13628075

申请日：2012-09-27

Applicant: MELLANOX TECHNOLOGIES LTD.

Inventor： Shachar Raindel ,  Haggai Eran ,  Liran Liss ,  Noam Bloch

IPC: G06F12/00 ,  G06F15/167

CPC classification number: G06F3/067 ,  G06F3/061 ,  G06F3/0656 ,  G06F3/0659

Abstract: A method for data transfer includes receiving in an input/output (I/O) operation a first segment of data to be written to a specified virtual address in a host memory. Upon receiving the first segment of the data, it is detected that a first page that contains the specified virtual address is swapped out of the host memory. At least one second page of the host memory is identified, to which a second segment of the data is expected to be written. Responsively to detecting that the first page is swapped out and to identifying the at least one second page, at least the first and second pages are swapped into the host memory. After swapping at least the first and second pages into the host memory, the data are written to the first and second pages.

Abstract translation: 一种用于数据传输的方法包括在输入/输出（I / O）操作中接收要写入主机存储器中的指定虚拟地址的第一数据段。 在接收到数据的第一段时，检测到包含指定虚拟地址的第一页被转换出主机存储器。 标识主机存储器的至少一个第二页，期望数据的第二段被写入到其上。 响应于检测到第一页面被换出并且识别至少一个第二页面，至少第一页面和第二页面被交换到主机存储器中。 至少将第一页和第二页交换到主机存储器之后，数据被写入第一页和第二页。

公开(公告)号：US12248416B2

公开(公告)日：2025-03-11

申请号：US18655386

申请日：2024-05-06

Applicant: MELLANOX TECHNOLOGIES, LTD.

Inventor： Daniel Marcovitch ,  Eliav Bar-Ilan ,  Ran Avraham Koren ,  Liran Liss ,  Oren Duer ,  Shahaf Shuler

IPC: G06F13/28 ,  G06F13/42

Abstract: A network adapter includes a network interface, a bus interface, a hardware-implemented data-path and a programmable Data-Plane Accelerator (DPA). The network interface is to communicate with a network. The bus interface is to communicate with an external device over a peripheral bus. The hardware-implemented data-path includes a plurality of packet-processing engines to process data units exchanged between the network and the external device. The DPA is to expose on the peripheral bus a User-Defined Peripheral-bus Device (UDPD), to run user-programmable logic that implements the UDPD, and to process transactions issued from the external device to the UDPD by reusing one or more of the packet-processing engines of the data-path.