公开(公告)号：US20230097439A1

公开(公告)日：2023-03-30

申请号：US18075460

申请日：2022-12-06

Applicant: MELLANOX TECHNOLOGIES, LTD.

Inventor： Miriam Menes ,  Noam Bloch ,  Adi Menachem ,  Idan Burstein ,  Ariel Shahar ,  Maxim Fudim

IPC: H04L9/06 ,  H04L9/08 ,  H04L9/32

Abstract: In one embodiment, data communication apparatus includes packet processing circuitry to receive data from a memory responsively to a data transfer request, and cryptographically process the received data in units of data blocks using a block cipher so as to add corresponding cryptographically processed data blocks to a sequence of data packets, the sequence including respective ones of the cryptographically processed data blocks having block boundaries that are not aligned with payload boundaries of respective one of the packets, such that respective ones of the cryptographically processed data blocks are divided into two respective segments, which are contained in successive respective ones of the packets in the sequence, and a network interface which includes one or more ports for connection to a packet data network and is configured to send the sequence of data packets to a remote device over the packet data network via the one or more ports.

公开(公告)号：US10708240B2

公开(公告)日：2020-07-07

申请号：US15841339

申请日：2017-12-14

Applicant: Mellanox Technologies, Ltd.

Inventor： Adi Menachem ,  Liran Liss ,  Boris Pismenny

IPC: H04L29/06 ,  G06F21/60 ,  G06F21/53 ,  H04L9/08 ,  G06F9/455 ,  H04L9/14 ,  H04L9/32

Abstract: Computing apparatus includes a host processor, which runs a virtual machine monitor (VMM), which supports a plurality of virtual machines and includes a cryptographic security software module. A network interface controller (NIC) links the host processor to a network so as to transmit and receive data packets from and to the virtual machines and includes a cryptographic security hardware logic module, which when invoked by the VMM, applies the cryptographic security protocol to the data packets while maintaining a state context of the protocol with respect to each of the virtual machines. Upon encountering an exception in applying the cryptographic security protocol, the NIC transfers the data packet, together with the state context of the cryptographic security protocol with respect to the given virtual machine, to the cryptographic security software module for processing.

公开(公告)号：US10237376B2

公开(公告)日：2019-03-19

申请号：US15278143

申请日：2016-09-28

Applicant: Mellanox Technologies Ltd.

Inventor： Diego Crupnicoff ,  Michael Kagan ,  Noam Bloch ,  Adi Menachem ,  Idan Burstein

IPC: H04L12/801 ,  H04L29/06 ,  H04L12/825 ,  H04L12/841

Abstract: A method for congestion control includes receiving at a destination computer a packet transmitted on a given flow, in accordance with a predefined transport protocol, through a network by a transmitting network interface controller (NIC) of a source computer, and marked by an element in the network with a forward congestion notification. Upon receiving the marked packet in a receiving NIC of the destination computer, a congestion notification packet (CNP) indicating a flow to be throttled is immediately queued for transmission from the receiving NIC through the network to the source computer. Upon receiving the CNP in the transmitting NIC, transmission of further packets on at least the flow indicated by the CNP from the transmitting NIC to the network is immediately throttled, and an indication of the given flow is passed from the transmitting NIC to a protocol processing software stack running on the source computer.

公开(公告)号：US10152441B2

公开(公告)日：2018-12-11

申请号：US15154945

申请日：2016-05-14

Applicant: Mellanox Technologies Ltd.

Inventor： Liran Liss ,  Shachar Raindel ,  Shlomo Raikin ,  Adi Menachem ,  Yuval Itkin

IPC: G06F13/00 ,  G06F13/38 ,  G06F13/42 ,  G06F13/28 ,  H04L12/861 ,  G06F13/40 ,  H04L12/935

Abstract: Peripheral apparatus for use with a host computer includes an add-on device, which includes a first network port coupled to one end of a packet communication link and add-on logic, which is configured to receive and transmit packets containing data over the packet communication link and to perform computational operations on the data. A network interface controller (NIC) includes a host bus interface, configured for connection to the host bus of the host computer and a second network port, coupled to the other end of the packet communication link. Packet processing logic in the NIC is coupled between the host bus interface and the second network port, and is configured to translate between the packets transmitted and received over the packet communication link and transactions executed on the host bus so as to provide access between the add-on device and the resources of the host computer.

公开(公告)号：US11909855B2

公开(公告)日：2024-02-20

申请号：US18075460

申请日：2022-12-06

Applicant: MELLANOX TECHNOLOGIES, LTD.

Inventor： Miriam Menes ,  Noam Bloch ,  Adi Menachem ,  Idan Burstein ,  Ariel Shahar ,  Maxim Fudim

IPC: H04L9/06 ,  H04L9/08 ,  H04L9/32

CPC classification number: H04L9/0625 ,  H04L9/0861 ,  H04L9/3247

Abstract: In one embodiment, data communication apparatus includes packet processing circuitry to receive data from a memory responsively to a data transfer request, and cryptographically process the received data in units of data blocks using a block cipher so as to add corresponding cryptographically processed data blocks to a sequence of data packets, the sequence including respective ones of the cryptographically processed data blocks having block boundaries that are not aligned with payload boundaries of respective one of the packets, such that respective ones of the cryptographically processed data blocks are divided into two respective segments, which are contained in successive respective ones of the packets in the sequence, and a network interface which includes one or more ports for connection to a packet data network and is configured to send the sequence of data packets to a remote device over the packet data network via the one or more ports.

公开(公告)号：US11088966B2

公开(公告)日：2021-08-10

申请号：US16672682

申请日：2019-11-04

Applicant: MELLANOX TECHNOLOGIES, LTD.

Inventor： Adi Menachem ,  Alex Shpiner ,  Noam Bloch ,  Eitan Zahavi ,  Idan Burstein ,  Dror Bohrer ,  Roee Moyal

IPC: H04L1/00 ,  H04L12/931 ,  H04L12/861 ,  H04L12/851 ,  H04L12/935

Abstract: A network adapter includes a host interface and circuitry. The host interface is configured to connect locally between the network adapter and a host via a bus. The circuitry is configured to receive from one or more source nodes, over a communication network to which the network adapter is coupled, multiple packets destined to the host, and temporarily store the received packets in a queue of the network adapter, to send the stored packets from the queue to the host over the bus, to monitor a performance attribute of the bus, and in response to detecting, based at least on the monitored performance attribute, an imminent overfilling state of the queue, send a congestion notification to at least one of the source nodes from which the received packets originated.

公开(公告)号：US10303647B2

公开(公告)日：2019-05-28

申请号：US15202590

申请日：2016-07-06

Applicant: Mellanox Technologies Ltd.

Inventor： Adi Menachem ,  Shachar Raindel

IPC: G06F15/173 ,  G06F13/40 ,  G06F9/455 ,  G06F13/42

Abstract: Computing apparatus includes a central processing unit (CPU), which is configured to run concurrently multiple virtual machines, including at least first and second virtual machines. A peripheral component bus is connected to communicate with the CPU. Multiple peripheral devices are connected to communicate via the bus with the CPU and with others of the peripheral devices, including at least first and second peripheral devices that are each respectively partitioned into at least first and second functional entities, which are respectively assigned to serve the at least first and second virtual machines. Access control logic is configured to forward peer-to-peer communications initiated by the functional entities between the peripheral devices over the bus while inhibiting access in the peer-to-peer communications between the functional entities that are assigned to different ones of the virtual machines.

公开(公告)号：US10158702B2

公开(公告)日：2018-12-18

申请号：US14937907

申请日：2015-11-11

Applicant: MELLANOX TECHNOLOGIES LTD.

Inventor： Noam Bloch ,  Gil Bloch ,  Ariel Shahar ,  Hillel Chapman ,  Gilad Shainer ,  Adi Menachem ,  Ofer Hayut

IPC: H04L29/08 ,  G06F9/54

Abstract: A Network Interface (NI) includes a host interface, which is configured to receive from a host processor of a node one or more work requests that are derived from an operation to be executed by the node. The NI maintains a plurality of work queues for carrying out transport channels to one or more peer nodes over a network. The NI further includes control circuitry, which is configured to accept the work requests via the host interface, and to execute the work requests using the work queues by controlling an advance of at least a given work queue according to an advancing condition, which depends on a completion status of one or more other work queues, so as to carry out the operation.

公开(公告)号：US20170093699A1

公开(公告)日：2017-03-30

申请号：US15278143

申请日：2016-09-28

Applicant: Mellanox Technologies Ltd.

Inventor： Diego Crupnicoff ,  Michael Kagan ,  Noam Bloch ,  Adi Menachem

IPC: H04L12/721 ,  H04L29/06 ,  H04L12/801

CPC classification number: H04L69/16 ,  H04L47/263 ,  H04L47/28 ,  H04L47/33 ,  Y02D50/10

Abstract: A method for congestion control includes receiving at a destination computer a packet transmitted on a given flow, in accordance with a predefined transport protocol, through a network by a transmitting network interface controller (NIC) of a source computer, and marked by an element in the network with a forward congestion notification. Upon receiving the marked packet in a receiving NIC of the destination computer, a congestion notification packet (CNP) indicating a flow to be throttled is immediately queued for transmission from the receiving NIC through the network to the source computer. Upon receiving the CNP in the transmitting NIC, transmission of further packets on at least the flow indicated by the CNP from the transmitting NIC to the network is immediately throttled, and an indication of the given flow is passed from the transmitting NIC to a protocol processing software stack running on the source computer.

公开(公告)号：US20210203610A1

公开(公告)日：2021-07-01

申请号：US17204968

申请日：2021-03-18

Applicant: MELLANOX TECHNOLOGIES, LTD.

Inventor： Boris Pismenny ,  Liran Liss ,  Ilya Lesokhin ,  Haggai Eran ,  Adi Menachem

IPC: H04L12/833 ,  H04L29/06 ,  H04L12/931 ,  H04L29/08 ,  H04L12/851 ,  H04L12/413 ,  H04L12/00

Abstract: Apparatus including a first interface to a host processor, a second interface to transmit and receive data packets having headers and payloads, to and from a packet communication network, a memory holding context information regarding a flow of the data and assigning serial numbers to the data packets in the flow, according to a session-layer protocol, and processing circuitry between the first and second interfaces and having acceleration logic, to decode the data records according to the session-layer protocol, using and updating the context information based on the serial numbers and the data records of the received packets, and processing circuitry writing the decoded data records through the first interface to a host memory. The acceleration logic, upon receiving in a given flow a data packet containing a serial number that is out of order, reconstructs the context information and applies that context information in decoding data records in subsequent data packets in the flow.