A network interface controller (NIC) is a device that manages and transfers communications between a host computer (referred to alternatively simply as a “host”) and a network, such as a local area network or switch fabric. The NIC directs packets from the network to their destination in the computer, for example by placing the packets in a buffer of a destination application in the computer memory, and directs outgoing packets to the network.
Some NICs are capable of filtering packets received from the network, and can thus perform access control and firewall functions on behalf of the host computer. For example, U.S. Patent Application Publication 2015/0358290 describes a method for stateful packet classification that uses hardware resources for performing stateful connection flow handshaking. To classify an incoming packet from a network, some embodiments perform stateless look-up operations for the incoming packet in hardware and forward the result of the stateless look-up to the software. The software in turn uses the result of the stateless look-up to perform the stateful connection flow handshaking and to determine the result of the stateful packet classification.