This invention relates generally to storage networking semiconductors and in particular to a high performance network storage processor that is used to create Internet Protocol (IP) based storage networks.
Internet protocol (IP) is the most prevalent networking protocol deployed across various networks like local area networks (LANs), metro area networks (MANs) and wide area networks (WANs). Storage area networks (SANs) are predominantly based on Fibre Channel (FC) technology. There is a need to create IP based storage networks.
When transporting block storage traffic on IP designed to transport data streams, the data streams are transported using Transmission Control Protocol (TCP) that is layered to run on top of IP. TCP/IP is a reliable connection/session oriented protocol implemented in software within the operating systems. TCP/IP software stack is very slow to handle the high line rates that will be deployed in future. Currently, a 1 GHz processor based server running TCP/IP stack, with a 1 Gbps network connection, would use 50-70% or more of the processor cycles, leaving minimal cycles available for the processor to allocate to the applications that run on the server. This overhead is not tolerable when transporting storage data over TCP/IP as well as for high performance IP networks. Hence, new hardware solutions would accelerate the TCP/IP stack to carry storage and network data traffic and be competitive to FC based solutions. In addition to the TCP protocol. other protocols such as SCTP and UDP protocols can be used, as well as other protocols appropriate for transporting data streams.
Enterprise and service provider networks are rapidly evolving from 10/100 Mbps line rates to 1 Gbps, 10 Gbps and higher line rates. Traditional model of perimeter security to protect information systems pose many issues due to the blurring boundary of an organization's perimeter. Today as employees, contractors, remote users, partners and customers require access to enterprise networks from outside, a perimeter security model is inadequate. This usage model poses serious security vulnerabilities to critical information and computing resources for these organizations. Thus the traditional model of perimeter security has to be bolstered with security at the core of the network. Further, the convergence of new sources of threats and high line rate networks will create a need for enabling security processing in hardware inside core or end systems beside a perimeter firewall as one of the prominent means of security.
Data transported using TCP/IP or other protocols is processed at the source, the destination or intermediate systems in the network or a combination thereof to provide data security or other services like secure sockets layer (SSL) for socket layer security, Transport layer security, encryption/decryption, RDMA, RDMA security, application layer security, virtualization or higher application layer processing, which may further involve application level protocol processing (for example, protocol processing for HTTP, HTTPS, XML, SGML, Secure XML, other XML derivatives, Telnet, FTP, IP Storage, NFS, CIFS, DAFS, and the like). Many of these processing tasks put a significant burden on the host processor that can have a direct impact on the performance of applications and the hardware system. Hence, some of these tasks need to be accelerated using dedicated hardware for example SSL, or TLS acceleration. As the usage of XML increases for web applications, it is expected to put a significant performance burden on the host processor and would also benefit significantly from hardware acceleration.
Hardware acceleration for each type of network data payload can be expensive when a specialized accelerator is deployed for each individual type of network data. There is a clear need for a processor architecture that can adapt itself to the needs of the network data providing the necessary acceleration and thereby reduce the impact on the host performance. This patent describes such a novel architecture which adapts itself to needs of the network data. The processor of this patent can be reused and adapted for differing needs of the different types of the payload and still offer the benefits of hardware acceleration. This can have a significant reduction in the cost of the acceleration solutions deployment compared to dedicated application-specific accelerators.
Dynamically reconfigurable computing has been an area that has received significant research and development interest to address the need of reconfiguring hardware resources to suit application needs. The primary focus of the research has been towards creating general purpose microprocessor alternatives that can be adapted with new instruction execution resources to suit application needs.
Field programmable gate arrays (FPGA) have evolved from simple AND-OR logic blocks to more complex elements that provide a large number of programmable logic blocks and programmable routing resources to connect these together or to Input/Output blocks. U.S. Pat. No. 5,600,845 describes an integrated circuit computing device comprising a dynamically configurable FPGA. The gate array is configured to create a RISC processor with a configurable instruction execution unit. This dynamic re-configurability allows the dynamically reconfigurable instruction execution unit to be changed to implement operations in hardware which may be time consuming to run in software. Such an arrangement requires a preconfigured instruction set to execute the incoming instruction and if an instruction is not present it has to be treated as an exception which then has a significant processing overhead. The invention in U.S. Pat. No. 5,600,845 addresses the limitation of general purpose microprocessors but does not address the need of dynamically configuring the hardware based on the transported data being sent to or received from a network.
US Patent Application number 20030097546 describes a reconfigurable processor which receives an instruction stream that is inspected by a instruction test module to decide if the instruction is supported by existing non reconfigurable hardware or the reconfigurable hardware configured by a software routine and executes the instruction stream based on the test result. If the instruction is not supported then the processor decides a course of action to be taken including executing the instruction stream in software. The patent application number 20030097546 also does not address the need of dynamically configuring the hardware based on the transported data being sent to or received from a network.
US Patent Application number 20040019765 describes a pipelined reconfigurable dynamic instruction set processor. In that application, dynamically reconfigurable pipeline stages under control of a microcontroller are described. This is yet another dynamically reconfigurable processor that can adapt its pipeline stages and their interconnections based on the instructions being processed as an alternative to general purpose microprocessors.
The field of reconfigurable computing has been ripe with research towards creating dynamically reconfigurable logic devices either as FPGAs or reconfigurable processors as described above as primarily addressing the limitations of general purpose processors by adding reconfigurable execution units or reconfigurable coprocessors. For example, “Reconfigurable FPGA processor”, diploma thesis paper by Andreas Romer from Swiss Federal Institue of Technology, targets the need of creating an ASIC-like performance and area, but general purpose processor level flexibility, by dynamically creating execution functional units in a reconfigurable part of a reconfigurable FPGA like Xilinx Virtex and XC6200 devices. Similarly, the paper by J. R. Hauser and J Wawrzynek entitled Garp: A MIPS Processor With a Reconfigurable Coprocessor published in Proceedings of the IEEE Symposium on FPGAs for Custom Computing Machines (FCCM '97), targets the need for creating custom co-processing support to a MIPS processor addressing the limitations of the general purpose processing capabilities of the MIPS processor.
Published research or patent applications have not addressed the need of dynamically configuring the hardware based on transported data as well as actions to be taken and applications/services to be deployed for that specific data being sent to or received from a network. This patent describes a novel architecture which adapts itself to the needs of the network data and is run-time adaptable to perform time consuming security policy operations or application/services or other data processing needs of the transported data and defined policies of the system incorporating this invention.