公开(公告)号：US20140355606A1

公开(公告)日：2014-12-04

申请号：US14463499

申请日：2014-08-19

Applicant: SOLARFLARE COMMUNICATIONS, INC.

Inventor： David J. Riddoch ,  Martin Porter ,  Steven L. Pope

IPC: H04L12/18 ,  H04L12/861

CPC classification number: H04L12/18 ,  H04L49/90

Abstract: Roughly described, incoming data packets are delivered by the NIC directly to at least two user level endpoints. In an aspect, only filters that cannot be ambiguous are created in the NIC. In another aspect, the NIC maintains a filter table supporting direct delivery of incoming unicast and multicast data packets to one user level endpoint. Additional requests to join the same multicast group cause replacement of the NIC filter with one in the kernel. In another aspect, a NIC has limited capacity to maintain multicast group memberships. In response to a new multicast filter request, the kernel establishes it in the NIC only if the NIC still has sufficient capacity; otherwise it is established in the kernel.

Abstract translation: 粗略描述，传入数据分组由NIC直接传递到至少两个用户级端点。 在一方面，仅在NIC中创建不能模糊的过滤器。 另一方面，NIC维护一个过滤表，该过滤表支持将一个单播和多播数据包直接传送到一个用户级端点。 加入同一组播组的其他请求会导致内核中的NIC过滤器的更换。 另一方面，NIC具有维持多播组成员身份的能力有限。 响应于新的多播过滤器请求，内核仅在NIC仍然具有足够的容量时才在NIC中建立它; 否则它在内核中建立。

公开(公告)号：US20200092120A1

公开(公告)日：2020-03-19

申请号：US16694879

申请日：2019-11-25

Applicant: SOLARFLARE COMMUNICATIONS, INC.

Inventor： Steve L. Pope ,  David J. Riddoch

IPC: H04L12/18 ,  H04L12/861 ,  G06F13/38

Abstract: A data processing system comprising: a processing subsystem supporting a plurality of consumers, each consumer being arranged to process messages received into a corresponding receive queue; a network interface device supporting a virtual interface for each of the receive queues; and a hardware accelerator coupled to the processing subsystem by the network interface device and configured to parse one or more streams of data packets received from a network so as to, for each consumer: identify in the data packets messages having one or more of a set of characteristics associated with the consumer; and frame the identified messages in a new stream of data packets addressed to a network endpoint associated with the virtual interface of the consumer so as to cause said new stream of data packets to be delivered into the receive queue of the consumer.

公开(公告)号：US20190104086A1

公开(公告)日：2019-04-04

申请号：US15721613

申请日：2017-09-29

Applicant: Solarflare Communications, Inc.

Inventor： Steven L. Pope ,  David J. Riddoch

IPC: H04L12/933 ,  H04L29/08

Abstract: A network interface device is provided in a first device. The network interface device comprises an interface configured to receive a first input from a network. The network interface device also has at least one processor configured to provide an output in dependence on contents of the first input and provenance information which uniquely identifies the network interface device, the output being output via the interface to the network.

公开(公告)号：US10212135B2

公开(公告)日：2019-02-19

申请号：US15231564

申请日：2016-08-08

Applicant: SOLARFLARE COMMUNICATIONS, INC.

Inventor： Steve L. Pope ,  Derek Roberts ,  David J. Riddoch

IPC: H04L9/32 ,  H04L29/06

Abstract: A logic device and method are provided for intercepting a data flow from a network source to a network destination. A data store holds a set of compliance rules and corresponding actions wherein at least one of the set of compliance rules is a temporary compliance rule valid for a predetermined period. A packet inspector is configured to inspect the intercepted data flow and identify from the data store a temporary compliance rule associated with the inspected data flow. A packet filter is configured to when the data flow is identified as being associated with the temporary compliance rule, carry out an action with respect to the data flow corresponding to the temporary compliance rule while the temporary compliance rule is valid.

公开(公告)号：US10021223B2

公开(公告)日：2018-07-10

申请号：US15253822

申请日：2016-08-31

Applicant: SOLARFLARE COMMUNICATIONS, INC.

Inventor： Steven L. Pope ,  David J. Riddoch ,  Kieran Mansley

IPC: H04L29/06 ,  H04L29/08 ,  H04L12/859

Abstract: A method of transmitting data for use at a data processing system and network interface device, the data processing system being coupled to a network by the network interface device, the method comprising: forming a message template in accordance with a predetermined set of network protocols, the message template including at least in part one or more protocol headers; forming an application layer message in one or more parts; updating the message template with the parts of the application layer message; processing the message template in accordance with the predetermined set of network protocols so as to complete the protocol headers; and causing the network interface device to transmit the completed message over the network.

公开(公告)号：US09912665B2

公开(公告)日：2018-03-06

申请号：US13765579

申请日：2013-02-12

Applicant: SOLARFLARE COMMUNICATIONS, INC.

Inventor： Steve L. Pope ,  David J. Riddoch ,  Ching Yu ,  Derek Roberts

IPC: G06F15/16 ,  H04L29/06 ,  H04L12/861 ,  H04L12/879 ,  H04L12/863

CPC classification number: H04L63/10 ,  H04L47/50 ,  H04L49/90 ,  H04L49/901 ,  H04L49/9031 ,  H04L49/9063

Abstract: Roughly described, a network interface device receiving data packets from a computing device for transmission onto a network, the data packets having a certain characteristic, transmits the packet only if the sending queue has authority to send packets having that characteristic. The data packet characteristics can include transport protocol number, source and destination port numbers, source and destination IP addresses, for example. Authorizations can be programmed into the NIC by a kernel routine upon establishment of the transmit queue, based on the privilege level of the process for which the queue is being established. In this way, a user process can use an untrusted user-level protocol stack to initiate data transmission onto the network, while the NIC protects the remainder of the system or network from certain kinds of compromise.

公开(公告)号：US20160352687A1

公开(公告)日：2016-12-01

申请号：US15231564

申请日：2016-08-08

Applicant: SOLARFLARE COMMUNICATIONS, INC.

Inventor： Steve L. Pope ,  Derek Roberts ,  David J. Riddoch

IPC: H04L29/06

CPC classification number: H04L63/0263 ,  H04L63/0236

Abstract: A logic device and method are provided for intercepting a data flow from a network source to a network destination. A data store holds a set of compliance rules and corresponding actions wherein at least one of the set of compliance rules is a temporary compliance rule valid for a predetermined period. A packet inspector is configured to inspect the intercepted data flow and identify from the data store a temporary compliance rule associated with the inspected data flow. A packet filter is configured to when the data flow is identified as being associated with the temporary compliance rule, carry out an action with respect to the data flow corresponding to the temporary compliance rule while the temporary compliance rule is valid.

Abstract translation: 提供了用于截取从网络源到网络目的地的数据流的逻辑设备和方法。 数据存储器保存一组遵从性规则和相应的动作，其中该组合规规则中的至少一个是对于预定时间段有效的临时合规规则。 分组检查器被配置为检查所截获的数据流并且从数据存储中识别与被检查数据流相关联的临时合规性规则。 分组过滤器被配置为当数据流被识别为与临时遵从规则相关联时，在临时遵从规则有效的情况下，针对对应于临时遵从规则的数据流执行动作。

公开(公告)号：US20160277447A1

公开(公告)日：2016-09-22

申请号：US14660812

申请日：2015-03-17

Applicant: SOLARFLARE COMMUNICATIONS, INC.

Inventor： Steven L. Pope ,  David J. Riddoch ,  Derek Roberts

IPC: H04L29/06

CPC classification number: H04L63/20 ,  H04L63/0227 ,  H04L63/06 ,  H04L63/1441

Abstract: A rule engine receives data flows. The data flows are between a network and an application. The rule engine determines data flow information and in dependence on the information performs an action with respect to said flow. A controller provides control information to the rule engine to define one or more actions. The communications between said rule engine and said controller are secure.

Abstract translation: 规则引擎接收数据流。 数据流在网络和应用程序之间。 规则引擎确定数据流信息，并且根据该信息执行关于所述流的动作。 控制器向规则引擎提供控制信息以定义一个或多个动作。 所述规则引擎和所述控制器之间的通信是安全的。

公开(公告)号：US20210034526A1

公开(公告)日：2021-02-04

申请号：US16525313

申请日：2019-07-29

Applicant: SOLARFLARE COMMUNICATIONS, INC.

Inventor： Steven L. Pope ,  Dmitri Kitariev ,  David J. Riddoch ,  Derek Roberts ,  Neil Turton

IPC: G06F12/0831 ,  G06F12/0888 ,  G06F13/28 ,  G06F9/38

Abstract: A network interface device comprises a programmable interface configured to provide a device interface with at least one bus between the network interface device and a host device. The programmable interface is programmable to support a plurality of different types of a device interface.

公开(公告)号：US20190273814A1

公开(公告)日：2019-09-05

申请号：US16416587

申请日：2019-05-20

Applicant: SOLARFLARE COMMUNICATIONS, INC.

Inventor： Steve Pope ,  Kieran Mansley ,  Sian James ,  David J. Riddoch

IPC: H04L29/08 ,  H04L12/931 ,  H04L1/00

Abstract: Data is received at a buffer used by a protocol processing stack which protocol processes the received data. The received data is made available to, for example, an application, before the protocol processing of the data is complete. If the protocol processing is successful the data made available to the application is committed.