Abstract:
Computing apparatus includes a host processor, which runs a virtual machine monitor (VMM), which supports a plurality of virtual machines and includes a cryptographic security software module. A network interface controller (NIC) links the host processor to a network so as to transmit and receive data packets from and to the virtual machines and includes a cryptographic security hardware logic module, which when invoked by the VMM, applies the cryptographic security protocol to the data packets while maintaining a state context of the protocol with respect to each of the virtual machines. Upon encountering an exception in applying the cryptographic security protocol, the NIC transfers the data packet, together with the state context of the cryptographic security protocol with respect to the given virtual machine, to the cryptographic security software module for processing.
Abstract:
A network element connected to a data network holds a flow of data packets in a queue and periodically determines a metric of the queue. Responsively to a predetermined value of the metric the queue is associated with an elephant flow or a mouse flow. The packets are marked according to the associated flow, and the network element sends the marked packets into the data network. Other network elements process the packets according to the associated flow marked therein.
Abstract:
Computing apparatus includes a host processor, which runs a virtual machine monitor (VMM), which supports a plurality of virtual machines and includes a cryptographic security software module. A network interface controller (NIC) links the host processor to a network so as to transmit and receive data packets from and to the virtual machines and includes a cryptographic security hardware logic module, which when invoked by the VMM, applies the cryptographic security protocol to the data packets while maintaining a state context of the protocol with respect to each of the virtual machines. Upon encountering an exception in applying the cryptographic security protocol, the NIC transfers the data packet, together with the state context of the cryptographic security protocol with respect to the given virtual machine, to the cryptographic security software module for processing.
Abstract:
Remote transactions using transactional memory are carried out over a data network between an initiator host and a remote target. The transaction comprises a plurality of input-output (IO) operations between an initiator network interface controller and a target network interface controller. The IO operations are controlled by the initiator network interface controller and the target network interface controller to cause the first process to perform accesses to the memory location atomically.
Abstract:
A method in a network element that includes multiple interfaces for connecting to a communication network includes receiving from the communication network via an ingress interface a flow including a sequence of packets, and routing the packets to a destination of the flow via a first egress interface. A permission indication for re-routing the flow is received in the ingress interface. In response to receiving the permission indication, subsequent packets of the flow are re-routed via a second egress interface that is different from the first egress interface. Further re-routing of the flow is refrained from, until receiving another permission indication.
Abstract:
A method for data storage includes provisioning, in a cluster of computers, including at least first and second computers, which are connected to a packet data network, a range of RAM on the second computer for use by the first computer. Blocks of data are stored in the provisioned range for use by programs running on the first computer. Upon incurring a page fault on the first computer in response to a request for a page of virtual memory by a program running on the first computer, a block swap request is directed to the NIC of the first computer with respect to the requested page. In response to the block swap request, an RDMA read request is initiated by the NIC via the network to the NIC of the second computer, to retrieve the requested page from the provisioned range, so as to resolve the page fault.
Abstract:
A Network Interface Controller (NIC) includes a network interface, a peer interface and steering logic. The network interface is configured to receive incoming packets from a communication network. The peer interface is configured to communicate with a peer NIC not via the communication network. The steering logic is configured to classify the packets received over the network interface into first incoming packets that are destined to a local Central Processing Unit (CPU) served by the NIC, and second incoming packets that are destined to a remote CPU served by the peer NIC, to forward the first incoming packets to the local CPU, and to forward the second incoming packets to the peer NIC over the peer interface not via the communication network.
Abstract:
A method for data transfer includes receiving in an operating system of a host computer an instruction initiated by a user application running on the host processor identifying a page of virtual memory of the host computer that is to be used in receiving data in a message that is to be transmitted over a network to the host computer but has not yet been received by the host computer. In response to the instruction, the page is loaded into the memory, and upon receiving the message, the data are written to the loaded page.
Abstract:
A method for data transfer includes receiving in an input/output (I/O) operation a first segment of data to be written to a specified virtual address in a host memory. Upon receiving the first segment of the data, it is detected that a first page that contains the specified virtual address is swapped out of the host memory. At least one second page of the host memory is identified, to which a second segment of the data is expected to be written. Responsively to detecting that the first page is swapped out and to identifying the at least one second page, at least the first and second pages are swapped into the host memory. After swapping at least the first and second pages into the host memory, the data are written to the first and second pages.
Abstract:
A network adapter includes a network interface, a bus interface, a hardware-implemented data-path and a programmable Data-Plane Accelerator (DPA). The network interface is to communicate with a network. The bus interface is to communicate with an external device over a peripheral bus. The hardware-implemented data-path includes a plurality of packet-processing engines to process data units exchanged between the network and the external device. The DPA is to expose on the peripheral bus a User-Defined Peripheral-bus Device (UDPD), to run user-programmable logic that implements the UDPD, and to process transactions issued from the external device to the UDPD by reusing one or more of the packet-processing engines of the data-path.