摘要:
Method and apparatus for packet processing by re-insertion into network interface circuitry. A method for handling a burst of packets sent to network interface circuitry includes checking for a connection table entry for received packets, and responsive to non-existence of the connection table entry for the received packets, sending the packets to network interface software for processing. The network interface software processing includes: building the connection table entry; processing the packets; and sending the packets as processed to the network interface circuitry. Additionally, a method for re-inserting a packet responsive to an active audit mode is described.
摘要:
Described are data structures, and methodology for forming same, for network protocol processing. A method for creating data structures for firewalling and network address translating is described. A method for creating data structures for physical layer addressing is described. A method for security protocol support using a data structure is described. A method for creating at least one data structure sized responsive to whether a firewall is activated is described. A data structure for routing packets is described. A method of forming hashing table chains is described. Additionally, method and apparatus for tracking packet states is described. More particularly, Transmission Control Protocol (“TCP”) tracking of states for packets is described. In an embodiment, a division between software states and hardware states is made as a packet is processed by both software and hardware. Additionally, method and apparatus for network protocol processing are described. For example, a packet for network address translation having a media access control header is obtained, from which information, including the media access control header, is obtained. The information is parsed into one or more data structures. It is determined whether a network processing unit is in a first round processing mode, or a second round pass-through mode.
摘要:
A method and apparatus for transmitting commands between a TCP stack and an offload unit and for communicating receive and transmit data buffer locations is described. A command ring buffer stored in system memory is used to transmit commands from the TCP stack to the offload unit and to transmit command status from the offload unit to the TCP stack. A notification ring buffer is used to transmit connection information from the offload unit to the TCP stack. Other ring buffers are used to transmit locations of transmit buffers or receive buffers stored in system memory from the TCP stack to the offload unit.
摘要:
Method and apparatus for network protocol filtering of a packet is described. An index to a table is obtained and stored to travel with the packet. The index is obtainable to access the table to obtain packet information. In particular, a method for inbound network address translation packet filtering and a method for outbound packet filtering are described.
摘要:
A method and apparatus for filtering a packet on a connection within a computing system. In one embodiment, the method includes: receiving the packet; delegating the packet to an offload unit for filtering the packet; and determining, by the offload unit, whether the connection is a delegated connection.
摘要:
Described are data structures, and methodology for forming same, for network protocol processing. A method for creating data structures for firewalling and network address translating is described. A method for creating data structures for physical layer addressing is described. A method for security protocol support using a data structure is described. A method for creating at least one data structure sized responsive to whether a firewall is activated is described. A data structure for routing packets is described. A method of forming hashing table chains is described. Additionally, method and apparatus for tracking packet states is described. More particularly, Transmission Control Protocol (“TCP”) tracking of states for packets is described. In an embodiment, a division between software states and hardware states is made as a packet is processed by both software and hardware. Additionally, method and apparatus for network protocol processing are described. For example, a packet for network address translation having a media access control header is obtained, from which information, including the media access control header, is obtained. The information is parsed into one or more data structures. It is determined whether a network processing unit is in a first round processing mode, or a second round pass-through mode.
摘要:
A system and methods of uploading payload data to user buffers in system memory and of uploading partially processed frame data to legacy buffers allocated in Operating System memory space are described. User buffers are stored in a portion of system memory allocated to an application program, therefore data stored in user buffers does not need to be copied from another portion of system memory to the portion of system memory allocated to the application program. When partially processed frame data is uploaded by hardware to a legacy buffer in system memory, a tag, uniquely identifying the legacy buffer location is transferred by the hardware to a TCP stack, enabling the TCP stack to locate the legacy buffer.
摘要:
A method and apparatus for processing data received and transmitted on a TCP connection is described. An offload unit processes received data for which a special case does not exist, to produce payload data, which is uploaded directly to application memory. The offload unit partially processes received data for which a special case does exist and uploads the partially processed received data to a buffer stored in system memory. The partially processed received data is then further processed by a TCP stack to produce payload data, which is copied to application memory.
摘要:
A method and apparatus for editing outbound frames and generating acknowledgements for a TCP connection is described. Acknowledgements are automatically generated and included in outbound frames during data transmissions with minimal processor intervention.
摘要:
Method and apparatus for packet processing by re-insertion into network interface circuitry. A method for handling a burst of packets sent to network interface circuitry includes checking for a connection table entry for received packets, and responsive to non-existence of the connection table entry for the received packets, sending the packets to network interface software for processing. The network interface software processing includes: building the connection table entry; processing the packets; and sending the packets as processed to the network interface circuitry. Additionally, a method for re-inserting a packet responsive to an active audit mode is described.