Method and system for transferring packets to a guest operating system
    1.
    发明授权
    Method and system for transferring packets to a guest operating system 有权
    将数据包传送到客户机操作系统的方法和系统

    公开(公告)号:US08886838B2

    公开(公告)日:2014-11-11

    申请号:US12040101

    申请日:2008-02-29

    IPC分类号: G06F15/16 H04L12/46

    CPC分类号: H04L12/4641

    摘要: In general, the invention relates to a method for transferring a packet. The method includes receiving the packet by a physical network interface, determining a virtual network interface card (VNIC) using a virtual switching table, where the VNIC is located on a computer operatively connected to the network express manager (NEM) via a chassis interconnect, and the VNIC is executing on a host operating system (OS) in the computer. The method further includes transferring the packet to a receive ring (RR) associated with the VNIC, wherein the RR is located on the NEM, providing the network express manager with a receive descriptor, transferring the packet to the guest OS memory using the receive descriptor, and notifying the guest OS that the packet is in the guest OS memory.

    摘要翻译: 通常,本发明涉及一种用于传送分组的方法。 该方法包括:通过物理网络接口接收分组,使用虚拟交换表确定虚拟网络接口卡(VNIC),其中VNIC位于经由机箱互连可操作地连接到网络快速管理器(NEM)的计算机上, 并且VNIC正在计算机中的主机操作系统(OS)上执行。 该方法还包括将分组传送到与VNIC相关联的接收环(RR),其中RR位于NEM上,向网络快速管理器提供接收描述符,使用接收描述符将分组传送到客户OS存储器 ,并通知客户机该数据包在客户机OS存储器中。

    Method and apparatus for defending against denial of service attacks
    2.
    发明授权
    Method and apparatus for defending against denial of service attacks 有权
    防止拒绝服务攻击的方法和装置

    公开(公告)号:US08635284B1

    公开(公告)日:2014-01-21

    申请号:US11255366

    申请日:2005-10-21

    IPC分类号: G06F15/16 H04L29/06 G06F11/30

    摘要: A method for processing packets that includes receiving a packet from a network, analyzing the packet to obtain packet information used to determine to which temporary data structure to forward the packet, if a first list includes the packet information forwarding the packet to a first temporary data structure, and processing the packet from the first temporary data structure, and if the first list does not include the packet information forwarding the packet to a second temporary data structure, processing the packet, wherein processing the packet comprises: sending a first test to a source of the packet using the packet information, placing the packet information on the first list, if a successful response to the first test is received, and placing the packet information on a second list, if an unsuccessful response to the first test is received.

    摘要翻译: 一种处理分组的方法,包括从网络接收分组,如果第一列表包括将分组转发到第一临时数据的分组信息,则分析分组以获得用于确定哪个临时数据结构转发分组的分组信息 结构,并且处理来自第一临时数据结构的分组,并且如果第一列表不包括将分组转发到第二临时数据结构的分组信息,则处理分组,其中处理分组包括:向第一临时数据结构发送第一测试 如果接收到对第一测试的成功响应,则将分组信息放置在第一列表上,并且如果接收到对第一测试的不成功的响应,则将分组信息放置在第二列表上。

    Host operating system bypass for packets destined for a virtual machine
    3.
    发明授权
    Host operating system bypass for packets destined for a virtual machine 有权
    主机操作系统绕过去往虚拟机的数据包

    公开(公告)号:US08005022B2

    公开(公告)日:2011-08-23

    申请号:US11489943

    申请日:2006-07-20

    IPC分类号: H04L12/28

    CPC分类号: H04L12/4641

    摘要: A method for processing packets that includes receiving a first packet for a first virtual machine by a network interface card (NIC), classifying the first packet using a hardware classifier, where the hardware classifier is located on the NIC, sending the first packet to a first one of a plurality of receive rings based on the classification, sending the first packet from the first one of the plurality of receive rings to a first virtual network interface card (VNIC), sending the first packet from the first VNIC to a first interface, and sending the first packet from the first interface to the first virtual machine, where the first virtual machine is associated with the first interface, where the first VNIC and the first virtual machine are executing on a host.

    摘要翻译: 一种处理分组的方法,包括通过网络接口卡(NIC)接收第一虚拟机的第一分组,使用硬件分类器对硬件分类器进行分类,其中硬件分类器位于NIC上,将第一分组发送到 将第一分组从多个接收环中的第一个发送到第一虚拟网络接口卡(VNIC),将第一分组从第一VNIC发送到第一接口 以及将所述第一分组从所述第一接口发送到所述第一虚拟机,其中所述第一虚拟机与所述第一接口相关联,其中所述第一VNIC和所述第一虚拟机在主机上执行。

    UPPER LAYER BASED DYNAMIC HARDWARE TRANSMIT DESCRIPTOR RECLAIMING
    4.
    发明申请
    UPPER LAYER BASED DYNAMIC HARDWARE TRANSMIT DESCRIPTOR RECLAIMING 有权
    基于上层动态硬件传输描述符重新生成

    公开(公告)号:US20100329259A1

    公开(公告)日:2010-12-30

    申请号:US12495386

    申请日:2009-06-30

    IPC分类号: H04L12/56

    CPC分类号: H04L47/10 G06F9/45533

    摘要: In general, the invention relates to reclaiming transmit descriptors by configuring a media access control (MAC) to execute a first MAC layer thread to reclaim a first number of transmit descriptors (TDs) from a first hardware transmit ring (HTR) using a first reclaim algorithm, where the first reclaim algorithm is associated with a first transmission pattern and a first TDR status. The invention further includes receiving, by a virtual NIC (VNIC) executing within the MAC layer, a first number of packets, forwarding the first number of packets to a device driver on the host associated with the physical NIC, and forwarding the first number of packets from the device driver to the physical NIC using the first number of TDs, where the first plurality of TDs are reclaimed by the first MAC layer thread according to the first reclaim algorithm.

    摘要翻译: 通常,本发明涉及通过配置媒体访问控制(MAC)来执行第一MAC层线程以从第一硬件传送环(HTR)使用第一回收来回收第一数量的发送描述符(TD)来回收传输描述符 算法,其中第一回收算法与第一传输模式和第一TDR状态相关联。 本发明还包括通过在MAC层内执行的虚拟NIC(VNIC)接收第一数量的分组,将第一数量的分组转发到与物理NIC相关联的主机上的设备驱动器,并且转发第一数量的 使用第一数量的TD从设备驱动程序到物理NIC的数据包,其中根据第一回收算法由第一MAC层线程回收第一多个TD。

    HANDLING OF MULTIPLE MAC UNICAST ADDRESSES WITH VIRTUAL MACHINES
    5.
    发明申请
    HANDLING OF MULTIPLE MAC UNICAST ADDRESSES WITH VIRTUAL MACHINES 有权
    用虚拟机处理多个MAC地址

    公开(公告)号:US20100306358A1

    公开(公告)日:2010-12-02

    申请号:US12474664

    申请日:2009-05-29

    IPC分类号: G06F15/173 G06F9/455

    摘要: A method for managing a guest OS executing on a host. The method includes receiving, from the guest OS associated with a first MAC address, a second MAC address, wherein the first MAC address is associated with a first guest VNIC, wherein the second MAC address is associated with a second guest VNIC; configuring an intermediate VNIC executing on the host OS to forward packets associated with the second MAC address to the guest OS, wherein packets associated with the first MAC address and received by the intermediate VNIC are forwarded to the guest OS; and forwarding the second MAC address from the intermediate VNIC to a device driver associated with a physical NIC, wherein the device driver configures a classifier on the physical NIC to forward packets associated with the second MAC address to a first HRR located on the physical NIC associated with the intermediate VNIC.

    摘要翻译: 一种用于管理在主机上执行的访客操作系统的方法。 该方法包括从与第一MAC地址相关联的客户OS接收第二MAC地址,其中第一MAC地址与第一客户端VNIC相关联,其中第二MAC地址与第二客户端VNIC相关联; 配置在所述主机OS上执行的中间VNIC以将与所述第二MAC地址相关联的分组转发到所述客户OS,其中与所述第一MAC地址相关联并由所述中间VNIC接收的分组被转发到所述客户OS; 以及将所述第二MAC地址从所述中间VNIC转发到与物理NIC相关联的设备驱动器,其中所述设备驱动程序在所述物理NIC上配置分类器以将与所述第二MAC地址相关联的分组转发到位于所述物理NIC相关联的第一HRR 与中间VNIC。

    MANAGING TRAFFIC ON VIRTUALIZED LANES BETWEEN A NETWORK SWITCH AND A VIRTUAL MACHINE
    6.
    发明申请
    MANAGING TRAFFIC ON VIRTUALIZED LANES BETWEEN A NETWORK SWITCH AND A VIRTUAL MACHINE 有权
    管理网络交换机与虚拟机之间虚拟化网络的通信

    公开(公告)号:US20100303075A1

    公开(公告)日:2010-12-02

    申请号:US12474671

    申请日:2009-05-29

    IPC分类号: H04L12/56

    CPC分类号: G06F13/385 G06F2213/0058

    摘要: A computer readable medium comprising software instructions for managing resources on a host, wherein the software instructions comprise functionality to: configure a classifier located on a NIC, to forward packets addressed to a first destination address to a first HRR mapped to a first VNIC, wherein packets addressed to the first destination address are associated with a first PFC lane; configure the classifier to forward packets addressed to a second destination address to a second HRR, wherein packets addressed to the second destination address are associated with a second PFC lane; and transmit, by the first VNIC, a pause frame associated with the first PFC lane to a switch operatively connected to the physical NIC, wherein the switch, in response to receiving the pause frame, stores packets associated with the first PFC lane in a buffer without transmitting the packets.

    摘要翻译: 一种包括用于管理主机上的资源的软件指令的计算机可读介质,其中所述软件指令包括以下功能:配置位于NIC上的分类器,将寻址到第一目的地地址的分组转发到映射到第一VNIC的第一HRR,其中 寻址到第一目的地地址的分组与第一PFC通道相关联; 配置分类器将寻址到第二目的地地址的分组转发到第二HRR,其中寻址到第二目的地地址的分组与第二PFC通道相关联; 并且由所述第一VNIC将与所述第一PFC通道相关联的暂停帧发送到可操作地连接到所述物理NIC的交换机,其中所述交换机响应于接收到所述暂停帧,将与所述第一PFC通道相关联的分组存储在缓冲器中 而不发送数据包。

    Method and system for automatically reflecting hardware resource allocation modifications
    7.
    发明授权
    Method and system for automatically reflecting hardware resource allocation modifications 有权
    自动反映硬件资源分配修改的方法和系统

    公开(公告)号:US07788411B2

    公开(公告)日:2010-08-31

    申请号:US11490582

    申请日:2006-07-20

    IPC分类号: G06F15/16

    CPC分类号: H04L12/4679

    摘要: A method is disclosed that includes assigning a portion of network hardware resources of a host to a virtual network interface card (VNIC), and configuring a virtual machine network stack (VMNS) in a virtual machine (VM) bound to the VNIC to use the portion of network hardware resources assigned to the VNIC. The method also includes performing a modification to the portion of network hardware resources, and automatically reconfiguring the VMNS to adapt to the modification.

    摘要翻译: 公开了一种方法,其包括将主机的网络硬件资源的一部分分配给虚拟网络接口卡(VNIC),以及在与VNIC绑定的虚拟机(VM)中配置虚拟机网络堆栈(VMNS)以使用 分配给VNIC的部分网络硬件资源。 该方法还包括对网络硬件资源的一部分进行修改,并且自动重新配置VMNS以适应修改。

    Method and system for virtual routing using containers
    8.
    发明授权
    Method and system for virtual routing using containers 有权
    使用容器进行虚拟路由的方法和系统

    公开(公告)号:US07738457B2

    公开(公告)日:2010-06-15

    申请号:US11642756

    申请日:2006-12-20

    IPC分类号: H04L12/28 H04L12/56 H04L12/66

    摘要: In general, the invention relates to a method for routing a packet. The method includes receiving the packet in a network interface card (NIC), classifying the packet, placing the packet in a receive ring of the NIC, sending the packet to a virtual NIC associated with the receive ring, sending the packet to a first container associated with the virtual NIC, and routing the packet to a packet destination using the first container.

    摘要翻译: 通常,本发明涉及一种用于路由分组的方法。 该方法包括在网络接口卡(NIC)中接收分组,对分组进行分类,将分组置于NIC的接收环中,将分组发送到与接收环相关联的虚拟NIC,将分组发送到第一容器 与虚拟NIC相关联,并且使用第一容器将分组路由到分组目的地。

    Network interface card resource mapping to virtual network interface cards
    9.
    发明授权
    Network interface card resource mapping to virtual network interface cards 有权
    网络接口卡资源映射到虚拟网络接口卡

    公开(公告)号:US07733890B1

    公开(公告)日:2010-06-08

    申请号:US11112063

    申请日:2005-04-22

    IPC分类号: H04L12/28 H04J3/16

    CPC分类号: H04L49/9063 H04L49/90

    摘要: Virtual network interfaces receive data from distinct subsets of receive rings of a network interface card. In other words, each virtual network interface “owns” its own subset of receive rings of the network interface card. The assignment of virtual network interfaces to particular receive rings of the network interface cards may be determined, for example, dynamically, based on priorities associated with particular virtual network interfaces, based on function type, and/or based on service need.

    摘要翻译: 虚拟网络接口从网络接口卡的接收环的不同子集接收数据。 换句话说,每个虚拟网络接口“拥有”自己的网络接口卡的接收环子集。 可以基于功能类型和/或基于服务需要,基于与特定虚拟网络接口相关联的优先级来动态地确定虚拟网络接口到网络接口卡的特定接收环的分配。

    System and method for virtual switching in a host
    10.
    发明授权
    System and method for virtual switching in a host 有权
    主机中虚拟交换的系统和方法

    公开(公告)号:US07643482B2

    公开(公告)日:2010-01-05

    申请号:US11480261

    申请日:2006-06-30

    IPC分类号: H04L12/28

    摘要: A system including a plurality of virtual network interface cards (VNICs); and a Vswitch table associated with a virtual switch, wherein each entry in the Vswitch table is associated with one of the plurality of VNICs, wherein each of the plurality of VNICs is located on the host, and wherein each of the plurality of VNICs is associated with the virtual switch. The first VNIC in the plurality of VNICs is configured to receive a packet associated with a hardware address (HA), determine, using the HA, whether one of the plurality of entries in the Vswitch table is associated with the HA, send the packet to a VNIC associated with HA if one of the plurality of entries in the Vswitch table is associated with the HA, wherein the VNIC is one of the plurality of VNICs.

    摘要翻译: 一种包括多个虚拟网络接口卡(VNIC)的系统; 以及与虚拟交换机相关联的Vswitch表,其中所述Vswitch表中的每个条目与所述多个VNIC中的一个相关联,其中所述多个VNIC中的每一个位于所述主机上,并且其中所述多个VNIC中的每一个被关联 与虚拟交换机。 多个VNIC中的第一VNIC被配置为接收与硬件地址(HA)相关联的分组,使用HA确定Vswitch表中的多个条目中的一个是否与HA相关联,将分组发送到 如果Vswitch表中的多个条目中的一个与HA相关联,则与HA相关联的VNIC,其中VNIC是多个VNIC中的一个。