公开(公告)号：US20060190613A1

公开(公告)日：2006-08-24

申请号：US11063950

申请日：2005-02-23

申请人： Everett Corl ,  Gordon Davis ,  Clark Jeffries ,  Steven Perrin ,  Hiroshi Takada ,  Victoria Thio

发明人： Everett Corl ,  Gordon Davis ,  Clark Jeffries ,  Steven Perrin ,  Hiroshi Takada ,  Victoria Thio

IPC分类号： G06F15/16

CPC分类号： H04L29/12009 ,  H04L29/12462 ,  H04L29/12481 ,  H04L45/745 ,  H04L61/255 ,  H04L61/2557

摘要： A method for increasing the capacity of a connection table in a firewall accelerator by means of mapping packets in one session with some common security actions into one table entry. For each of five Network Address Translation (NAT) configurations, a hash function is specified. The hash function takes into account which of four possible arrival types a packet at a firewall accelerator may have. When different arrival types of packets in the same session are processed, two or more arrival types may have the same hash value.

摘要翻译： 一种通过将一个会话中的分组映射到一个表条目中的一些常见安全措施来增加防火墙加速器中连接表的容量的方法。 对于五种网络地址转换（NAT）配置中的每一种，都指定了一个散列函数。 散列函数考虑了防火墙加速器可能具有的四个可能的到达类型中的哪一个。 当处理相同会话中的不同到达类型的分组时，两个或多个到达类型可以具有相同的哈希值。

公开(公告)号：US20060039376A1

公开(公告)日：2006-02-23

申请号：US10868725

申请日：2004-06-15

申请人： Claude Basso ,  Jean Calvignac ,  Chih-jen Chang ,  Gordon Davis ,  Fabrice Verplanken

发明人： Claude Basso ,  Jean Calvignac ,  Chih-jen Chang ,  Gordon Davis ,  Fabrice Verplanken

IPC分类号： H04L12/56 ,  H04L12/28

CPC分类号： H04L49/90 ,  H04L49/9042 ,  H04L49/9073 ,  H04L69/22

摘要： A method and structure is provided for buffering data packets having a header and a remainder in a network processor system. The network processor system has a processor on a chip and at least one buffer on the chip. Each buffer on the chip is configured to buffer the header of the packets in a preselected order before execution in the processor, and the remainder of the packet is stored in an external buffer apart from the chip. The method comprises utilizing the header information to identify the location and extent of the remainder of the packet. The entire selected packet is stored in the external buffer when the buffer of the stored header of the given packet is full, and moving only the header of a selected packet stored in the external buffer to the buffer on the chip when the buffer on the chip has space therefor.

摘要翻译： 提供了一种在网络处理器系统中缓冲具有报头和余数的数据分组的方法和结构。 网络处理器系统在芯片上具有处理器和芯片上的至少一个缓冲器。 芯片上的每个缓冲器被配置为在处理器中执行之前以预先选择的顺序缓冲数据包的报头，并且数据包的剩余部分存储在与芯片分离的外部缓冲器中。 该方法包括利用报头信息来识别分组的其余部分的位置和范围。 当给定分组的存储报头的缓冲器已满时，整个所选分组被存储在外部缓冲器中，并且当芯片上的缓冲器仅将存储在外部缓冲器中的选定分组的报头移动到芯片上的缓冲器时 有空间。

公开(公告)号：US20080098015A1

公开(公告)日：2008-04-24

申请号：US11962558

申请日：2007-12-21

申请人： Gordon Davis ,  Andreas Herkersdorf ,  Clark Jeffries ,  Mark Rinaldi

发明人： Gordon Davis ,  Andreas Herkersdorf ,  Clark Jeffries ,  Mark Rinaldi

IPC分类号： G06F17/30

CPC分类号： H04L49/3009 ,  H04L45/745 ,  H04L45/7453 ,  H04L49/351

摘要： A structure and technique for preventing collisions using a hash table in conjunction with a CAM to identify and prevent collisions of binary keys. A portion of the hash value of a binary key, which does not collide with a portion of the hash value of any other reference binary key, is used as an entry in the hash table. If two or more binary keys have identical values of the portions of the hash values, each of these binary keys are stored in their entirety, in the CAM. The key in the CAM provides a pointer to a data structure where the action associated with that binary key is stored. If the binary key is not found in the CAM, the binary key is hashed, and a specific entry in the hash table is selected using a portion of this hash value.

摘要翻译： 一种用于使用散列表与CAM结合来防止冲突的结构和技术，以识别和防止二进制键的冲突。 不与任何其他参考二进制密钥的散列值的一部分相冲突的二进制密钥的散列值的一部分被用作散列表中的条目。 如果两个或更多个二进制密钥具有相同的哈希值部分的值，则这些二进制密钥中的每一个都将全部存储在CAM中。 CAM中的关键字提供了指向数据结构的指针，其中存储与该二进制密钥相关联的动作。 如果在CAM中没有找到二进制密钥，则二进制密钥被散列，并且使用该哈希值的一部分来选择散列表中的特定条目。

公开(公告)号：US20080052486A1

公开(公告)日：2008-02-28

申请号：US11930513

申请日：2007-10-31

申请人： Gordon Davis

发明人： Gordon Davis

IPC分类号： G06F12/00

CPC分类号： G06F12/1018 ,  G06F2212/1044

摘要： A page table mechanism translates virtual addresses to real addresses. In a first aspect, page table entries are contained in equal-sized blocks, the entries within each block corresponding to contiguous pages of virtual address space. Preferably, the common high-order portion of the virtual address is contained in segments distributed among multiple page table entries of the block. In a second aspect, the virtual address indexes a binary tree definitional structure. Decode logic traverses a binary tree defined by the definitional structure by testing selective bits of the virtual address to reach a leaf of the binary tree, which defines the location of data defining the real address.

摘要翻译： 页表机制将虚拟地址转换为实际地址。 在第一方面，页表条目包含在等大小的块中，每个块内的条目对应于虚拟地址空间的连续页面。 优选地，虚拟地址的公共高阶部分包含在分块在块的多个表表项之间的段中。 在第二方面，虚拟地址索引二进制树定义结构。 解码逻辑遍历由定义结构定义的二叉树，通过测试虚拟地址的选择性位以到达二叉树的叶，该二叉树定义了定义实际地址的数据的位置。

公开(公告)号：US20080028140A1

公开(公告)日：2008-01-31

申请号：US11867963

申请日：2007-10-05

申请人： Gordon Davis ,  Andreas Herkersdorf ,  Clark Jeffries ,  Mark Rinaldi

发明人： Gordon Davis ,  Andreas Herkersdorf ,  Clark Jeffries ,  Mark Rinaldi

IPC分类号： G06F12/00

CPC分类号： H04L49/3009 ,  H04L45/745 ,  H04L45/7453 ,  H04L49/351

摘要： A structure and technique for preventing collisions using a hash table in conjunction with a CAM to identify and prevent collision of binary keys. A portion of the hash value of a binary key, which does not collide with a portion of the hash value of any other reference binary key, is used as an entry in the hash table. If two or more binary keys have identical values of the portions of the hash values, each of these binary keys are stored in their entirety, in the CAM. The key in the CAM provides a pointer to a data structure where the action associated with that binary key is stored. If the binary key is not found in the CAM, the binary key is hashed, and a specific entry in the hash table is selected using a portion of this hash value.

摘要翻译： 一种用于使用散列表与CAM结合来防止冲突的结构和技术，以识别和防止二进制密钥的冲突。 不与任何其他参考二进制密钥的散列值的一部分相冲突的二进制密钥的散列值的一部分被用作散列表中的条目。 如果两个或更多个二进制密钥具有相同的哈希值部分的值，则这些二进制密钥中的每一个都将全部存储在CAM中。 CAM中的关键字提供了指向数据结构的指针，其中存储与该二进制密钥相关联的动作。 如果在CAM中没有找到二进制密钥，则二进制密钥被散列，并且使用该哈希值的一部分来选择散列表中的特定条目。

公开(公告)号：US20080013541A1

公开(公告)日：2008-01-17

申请号：US11776807

申请日：2007-07-12

申请人： Jean Calvignac ,  Gordon Davis

发明人： Jean Calvignac ,  Gordon Davis

IPC分类号： H04L12/54

CPC分类号： H04L49/602 ,  H04L49/354 ,  H04L49/604 ,  H04L69/22

摘要： A method and structure are disclosed for dispatching appropriate data to a network processing system comprising an improved technique for extracting protocol header fields for use by the network processor. This technique includes basic classification of a packet according to the types of protocol headers present in the packet. Based on the results of the classification, specific parameter fields are extracted from corresponding headers. All such parameter fields from one or more protocol headers in the packet are concatenated into a compressed dispatch message. Multiples of such dispatch messages are bundled into a single composite dispatch message. Thus, selected header fields from N packets are passed to the network processor in a single composite dispatch message, increasing the network processor's packet forwarding capacity by a factor of N. Likewise, multiple enqueue messages are bundled into a single composite enqueue message to direct enqueue and frame alterations to be taken on the bundle of N packets.

摘要翻译： 公开了一种用于将适当数据发送到网络处理系统的方法和结构，所述网络处理系统包括用于提取网络处理器使用的协议头域的改进技术。 该技术包括根据分组中存在的协议报头的类型对分组的基本分类。 根据分类结果，从相应的标题中提取特定参数字段。 来自分组中的一个或多个协议报头的所有这些参数字段被连接成压缩的调度消息。 这种分派消息的倍数被捆绑成单个复合调度消息。 因此，来自N个分组的选择的报头字段以单个复合调度消息传递到网络处理器，从而将网络处理器的分组转发能力提高N倍。同样地，多个入队消息被捆绑到单个复合入口消息中以引导入队 并且对N个分组的束进行帧改变。

公开(公告)号：US20060020600A1

公开(公告)日：2006-01-26

申请号：US10894628

申请日：2004-07-20

申请人： Everett Corl ,  Gordon Davis ,  Clark Jeffries

发明人： Everett Corl ,  Gordon Davis ,  Clark Jeffries

IPC分类号： G06F17/30

CPC分类号： H04L43/16 ,  H04L43/18 ,  H04L49/25 ,  H04L63/0263

摘要： The present invention relates to a method and computer system device for applying a plurality of rules to data packets within a network computer system. A filter rule decision tree is updated by adding or deleting a rule. If deleting a filter rule then the decision tree is provided to a network data plane processor with an incremental delete of the filter rule. If adding a filter rule then either providing an incremental insertion of the filter rule to the decision tree or rebuilding the first decision tree into a second decision tree responsive to comparing a parameter to a threshold. In one embodiment the parameter and thresholds relate to depth values of the tree filter rule chained branches. In another the parameter and thresholds relate to a total count of rule additions since a building of the relevant tree.

公开(公告)号：US20050177644A1

公开(公告)日：2005-08-11

申请号：US10772737

申请日：2004-02-05

申请人： Claude Basso ,  Jean Calvignac ,  Chih-jen Chang ,  Gordon Davis ,  Fabrice Verplanken

发明人： Claude Basso ,  Jean Calvignac ,  Chih-jen Chang ,  Gordon Davis ,  Fabrice Verplanken

IPC分类号： G06F15/16 ,  H04L12/56

CPC分类号： H04L47/60 ,  H04L47/15 ,  H04L47/50 ,  H04L47/52 ,  H04L49/90

摘要： A pipeline configuration is described for use in network traffic management for the hardware scheduling of events arranged in a hierarchical linkage. The configuration reduces costs by minimizing the use of external SRAM memory devices. This results in some external memory devices being shared by different types of control blocks, such as flow queue control blocks, frame control blocks and hierarchy control blocks. Both SRAM and DRAM memory devices are used, depending on the content of the control block (Read-Modify-Write or ‘read’ only) at enqueue and dequeue, or Read-Modify-Write solely at dequeue. The scheduler utilizes time-based calendars and weighted fair queueing calendars in the egress calendar design. Control blocks that are accessed infrequently are stored in DRAM memory while those accessed frequently are stored in SRAM.

摘要翻译： 描述了用于网络流量管理中的流水线配置，用于以分层链接排列的事件的硬件调度。 该配置通过最小化外部SRAM存储器件的使用来降低成本。 这导致一些外部存储器设备被不同类型的控制块共享，例如流队列控制块，帧控制块和层次控制块。 使用SRAM和DRAM存储器件，这取决于控制块的内容（仅读取 - 修改 - 写入或仅读取）在排队和出队，或仅读出 - 修改 - 写出。 调度器在出口日历设计中使用基于时间的日历和加权公平排队日历。 不频繁访问的控制块存储在DRAM存储器中，而频繁访问的控制块存储在SRAM中。

公开(公告)号：US20080072005A1

公开(公告)日：2008-03-20

申请号：US11944028

申请日：2007-11-21

申请人： Youseff Abdelilah ,  Bartholomew Blaner ,  Gordon Davis ,  Jeffrey Derby ,  Joseph Garvey ,  Malcolm Ware ,  Hua Ye

发明人： Youseff Abdelilah ,  Bartholomew Blaner ,  Gordon Davis ,  Jeffrey Derby ,  Joseph Garvey ,  Malcolm Ware ,  Hua Ye

IPC分类号： G06F12/02

CPC分类号： G06F13/28

摘要： A method, computer program product and system for facilitating inter-digital signal processing (DSP) data communications. A direct memory access (DMA) controller may be configured to facilitate transfers of data between a first and a second DSP processor core coupled to the DMA controller. The DMA controller may read a data structure, referred to as a “buffer descriptor block,” to perform the data transfer. The buffer descriptor block may store both a source address and a destination address indicating where the data is to be retrieved and stored. The buffer descriptor block may further store a value, e.g., number of bytes, indicating a size of the data to be transferred. The DMA controller may then transfer the data located at the source address in the first DSP processor core, with a size, e.g., number of bytes, indicated from the buffer descriptor block, to the destination address in the second DSP processor core.

摘要翻译： 一种用于促进数字间数字信号处理（DSP）数据通信的方法，计算机程序产品和系统。 直接存储器访问（DMA）控制器可以被配置为便于在耦合到DMA控制器的第一和第二DSP处理器核之间传输数据。 DMA控制器可以读取被称为“缓冲器描述符块”的数据结构来执行数据传送。 缓冲器描述符块可以存储指示要检索和存储数据的源地址和目的地址。 缓冲器描述符块还可以存储指示要传送的数据的大小的值，例如字节数。 然后，DMA控制器可以将位于第一DSP处理器核心中的源地址处的数据以从缓冲器描述符块指示的大小（例如，字节数）传送到第二DSP处理器核心中的目的地地址。

公开(公告)号：US20070294471A1

公开(公告)日：2007-12-20

申请号：US11832220

申请日：2007-08-01

申请人： Jean Calvignac ,  Chih-jen Chang ,  Gordon Davis ,  Fabrice Verplanken

发明人： Jean Calvignac ,  Chih-jen Chang ,  Gordon Davis ,  Fabrice Verplanken

IPC分类号： G06F12/00

CPC分类号： G06F13/1642

摘要： Access arbiters are used to prioritize read and write access requests to individual memory banks in DRAM memory devices, particularly fast cycle DRAMs. This serves to optimize the memory bandwidth available for the read and the write operations by avoiding consecutive accesses to the same memory bank and by minimizing dead cycles. The arbiter first divides DRAM accesses into write accesses and read accesses. The access requests are divided into accesses per memory bank with a threshold limit imposed on the number of accesses to each memory bank. The write receive packets are rotated among the banks based on the write queue status. The status of the write queue for each memory bank may also be used for system flow control. The arbiter also typically includes the ability to determine access windows based on the status of the command queues, and to perform arbitration on each access window.

摘要翻译： 访问仲裁器被用于将对DRAM存储器件，特别是快速循环DRAM中的各个存储体的读取和写入访问请求进行优先级排序。 这用于通过避免对同一存储体的连续访问并且通过最小化死循环来优化用于读取和写入操作的存储器带宽。 仲裁器首先将DRAM访问划分为写访问和读访问。 访问请求被划分为每个存储体的访问，并且对每个存储体的访问次数施加了阈值限制。 基于写入队列状态，写入接收数据包在存储体之间旋转。 每个存储体的写入队列的状态也可以用于系统流控制。 仲裁器还通常包括基于命令队列的状态来确定访问窗口的能力，并且在每个访问窗口上执行仲裁。