公开(公告)号：US20210111996A1

公开(公告)日：2021-04-15

申请号：US17108002

申请日：2020-12-01

Applicant: Mellanox Technologies, Ltd

Inventor： Boris Pismenny ,  Miriam Menes ,  Idan Burstein ,  Liran Liss ,  Noam Bloch ,  Ariel Shahar

IPC: H04L12/721 ,  H04L12/717 ,  H04L29/06 ,  G06F11/10

Abstract: A system includes a host processor, which has a host memory and is coupled to store data in a non-volatile memory in accordance with a storage protocol. A network interface controller (NIC) receives data packets conveyed over a packet communication network from peer computers containing, in payloads of the data packets, data records that encode data in accordance with the storage protocol for storage in the non-volatile memory. The NIC processes the data records in the data packets that are received in order in each flow from a peer computer and extracts and writes the data to the host memory, and when a data packet arrives out of order, writes the data packet to the host memory without extracting the data and processes the data packets in the flow so as to recover context information for use in processing the data records in subsequent data packets in the flow.

公开(公告)号：US10979212B2

公开(公告)日：2021-04-13

申请号：US15945817

申请日：2018-04-05

Applicant: Mellanox Technologies, Ltd.

Inventor： Boris Pismenny ,  Liran Liss ,  Ilya Lesokhin

IPC: H04L9/06 ,  H04L9/32

Abstract: A method, apparatus, and computer program product for processing a data record including encrypted and decrypted data is described. Various embodiments include receiving a data record including ciphertext and plaintext blocks and determining whether each block in the data record is a ciphertext block or a plaintext block. If a block is a ciphertext block, the ciphertext block is stored into a ciphertext record, decrypted into a plaintext block utilizing a decryption algorithm, and stored in a plaintext record. If the block is a plaintext block, the plaintext block is stored into the plaintext record, encrypted into a ciphertext block utilizing an encryption algorithm, and stored in the ciphertext record. Embodiments described also include authenticating the data record by passing each block of the ciphertext record to an authentication scheme and outputting the plaintext record to a destination application.

公开(公告)号：US10938965B2

公开(公告)日：2021-03-02

申请号：US16442576

申请日：2019-06-17

Applicant: MELLANOX TECHNOLOGIES, LTD.

Inventor： Boris Pismenny ,  Liran Liss ,  Yossi Kuperman ,  Roee Moyal

IPC: H04L29/06 ,  H04L29/12 ,  H04L29/08

Abstract: A system including a network interface layer, and a physical network connection configured to connect with a networking medium, wherein the network interface layer is configured to: A) receive a user datagram protocol (UDP) message for sending, the UDP message having a length L, and a desired maximum network message size (MSS), B) segment the UDP message in accordance with the MSS into a plurality of message segments, each message segment having a size no greater than MSS, and adjust information in each of the plurality of message segments, and C) send the plurality of message segments via the physical network connection to a networking medium. Related apparatus and methods are also provided.

公开(公告)号：US20190387079A1

公开(公告)日：2019-12-19

申请号：US16442576

申请日：2019-06-17

Applicant: MELLANOX TECHNOLOGIES, LTD.

Inventor： Boris Pismenny ,  Liran Liss ,  Yossi Kuperman ,  Roee Moyal

IPC: H04L29/06 ,  H04L29/12 ,  H04L29/08

Abstract: A system including a network interface layer, and a physical network connection configured to connect with a networking medium, wherein the network interface layer is configured to: A) receive a user datagram protocol (UDP) message for sending, the UDP message having a length L, and a desired maximum network message size (MSS), B) segment the UDP message in accordance with the MSS into a plurality of message segments, each message segment having a size no greater than MSS, and adjust information in each of the plurality of message segments, and C) send the plurality of message segments via the physical network connection to a networking medium. Related apparatus and methods are also provided.

公开(公告)号：US20190188181A1

公开(公告)日：2019-06-20

申请号：US15841330

申请日：2017-12-14

Applicant: Mellanox Technologies, Ltd.

Inventor： Yuval Degani ,  Liran Liss

IPC: G06F15/173

CPC classification number: G06F15/17331

Abstract: Serialization and deserialization of an object are performed by transmitting metadata and addresses of data members in a byte stream through a data network, receiving the byte stream from the data network, defining a container for the object, obtaining the addresses of the data members in the first memory from the input byte stream, applying direct memory access (DMA) or remote direct memory access (RDMA) to read the data members using the obtained addresses, and writing the data members into the container to create a new instance of the object.

公开(公告)号：US10318312B2

公开(公告)日：2019-06-11

申请号：US15717969

申请日：2017-09-28

Applicant: Mellanox Technologies, Ltd.

Inventor： Yuval Itkin ,  Liran Liss

IPC: G06F13/36 ,  G06F9/4401 ,  G06F13/40 ,  G06F13/42

Abstract: A network adapter includes one or more network ports, multiple bus interfaces, and a processor. The one or more network ports are configured to communicate with a communication network. The multiple bus interfaces are configured to communicate with multiple respective Central Processing Units (CPUs) that belong to a multi-CPU device. The processor is configured to support an Option-ROM functionality, in which the network adapter holds Option-ROM program instructions that are loadable and executable by the multi-CPU device during a boot process, and, in response to a request from the multi-CPU device to report the support of the Option-ROM functionality, to report the support of the Option-ROM functionality over only a single bus interface, selected from among the multiple bus interfaces connecting the network adapter to the multi-CPU device.

公开(公告)号：US20190028505A1

公开(公告)日：2019-01-24

申请号：US15652285

申请日：2017-07-18

Applicant: Mellanox Technologies, Ltd.

Inventor： Alex Shpiner ,  Liran Liss ,  Matty Kadosh

IPC: H04L29/06

Abstract: A processor is configured to receive, from a client, a first message indicating a request to establish a connection between the client and a server, to ascertain that the first message does not include any cookie satisfying one or more criteria, to send, to the client, a second message that includes a first cookie, without allocating an endpoint on the server for the connection, in response to ascertaining that the first message does not include any cookie satisfying the criteria, to receive subsequently, from the client, a third message, to ascertain that the third message includes a second cookie, and that the second cookie satisfies the criteria, to allocate the endpoint for the connection in response to ascertaining that the second cookie satisfies the criteria, and to send, to the client, a fourth message indicating that the server is ready to receive data communication at the allocated endpoint.

公开(公告)号：US09787590B2

公开(公告)日：2017-10-10

申请号：US14666342

申请日：2015-03-24

Applicant: Mellanox Technologies Ltd.

Inventor： Gal Sivan ,  Saeed Mahameed ,  Vladimir Sokolovsky ,  Dotan Barak ,  Liran Liss ,  Oren Kladnitsky

IPC: H04L12/28 ,  H04L12/803 ,  H04L12/24 ,  H04L12/703 ,  H04L12/721

CPC classification number: H04L47/125 ,  H04L41/0668 ,  H04L45/28 ,  H04L45/38

Abstract: A network node includes one or more network adapters and a bonding driver. The one or more network adapters are configured to communicate respective data flows over a communication network by applying a transport layer protocol that saves communication state information in a state of a respective network adapter. The bonding driver is configured to exchange traffic including the data flows of an application program that is executed in the network node, to communicate the data flows of the traffic via one or more physical links of the one or more network adapters, and, in response to a physical-transport failure, to switch a given data flow to a different physical link or a different network path, transparently to the application program.

公开(公告)号：US20160342547A1

公开(公告)日：2016-11-24

申请号：US15154945

申请日：2016-05-14

Applicant: Mellanox Technologies Ltd.

Inventor： Liran Liss ,  Shachar Raindel ,  Shlomo Raikin ,  Adi Menachem ,  Yuval Itkin

IPC: G06F13/38 ,  G06F13/40 ,  G06F15/173 ,  H04L12/861 ,  G06F13/42 ,  G06F13/28

CPC classification number: G06F13/385 ,  G06F13/28 ,  G06F13/4022 ,  G06F13/4282 ,  H04L49/3009 ,  H04L49/9068

Abstract: Peripheral apparatus for use with a host computer includes an add-on device, which includes a first network port coupled to one end of a packet communication link and add-on logic, which is configured to receive and transmit packets containing data over the packet communication link and to perform computational operations on the data. A network interface controller (NIC) includes a host bus interface, configured for connection to the host bus of the host computer and a second network port, coupled to the other end of the packet communication link. Packet processing logic in the NIC is coupled between the host bus interface and the second network port, and is configured to translate between the packets transmitted and received over the packet communication link and transactions executed on the host bus so as to provide access between the add-on device and the resources of the host computer.

Abstract translation: 用于主计算机的外围设备包括附加设备，其包括耦合到分组通信链路的一端的第一网络端口和附加逻辑，其被配置为通过分组通信来接收和发送包含数据的分组 链接并对数据执行计算操作。 网络接口控制器（NIC）包括主机总线接口，被配置为连接到主计算机的主机总线和耦合到分组通信链路的另一端的第二网络端口。 NIC中的分组处理逻辑耦合在主机总线接口和第二网络端口之间，并且被配置为在通过分组通信链路发送和接收的分组之间转换和在主机总线上执行的事务之间的转换，以便在加法 - 设备和主机的资源。

公开(公告)号：US09497125B2

公开(公告)日：2016-11-15

申请号：US14338488

申请日：2014-07-23

Applicant: Mellanox Technologies Ltd.

Inventor： Shachar Raindel ,  Noam Bloch ,  Liran Liss ,  Diego Crupnicoff ,  Marina Lipshteyn ,  Adi Menachem

IPC: H04L12/801 ,  H04L12/931 ,  H04L12/46 ,  H04L12/851 ,  G06F3/06

CPC classification number: H04L47/127 ,  G06F3/0662 ,  G06F3/0664 ,  H04L12/4633 ,  H04L47/2441 ,  H04L49/50 ,  H04L49/70

Abstract: In a data network congestion control in a virtualized environment is enforced in packet flows to and from virtual machines in a host. A hypervisor and network interface hardware in the host are trusted components. Enforcement comprises estimating congestion states in the data network attributable to respective packet flows, recognizing a new packet that belongs to one of the data packet flows, and using one or more of the trusted components and to make a determination based on the congestion states that the new packet belongs to a congestion-producing packet flow. A congestion-control policy is applied by one or more of the trusted components to the new packet responsively to the determination.

Abstract translation: 在数据网络中，虚拟化环境中的拥塞控制在来自主机中的虚拟机的数据包流中实施。 主机中的管理程序和网络接口硬件是可信组件。 执行包括估计可归因于相应分组流的数据网络中的拥塞状态，识别属于数据分组流之一的新分组，以及使用一个或多个可信组件，并基于拥塞状态进行确定 新分组属于产生拥塞的分组流。 响应于该确定，拥塞控制策略由一个或多个可信任组件应用于新分组。