Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

full tcp offload solution with tcp session setup/teardown support

173 views
Skip to first unread message

oguzyil...@gmail.com

unread,
Jan 19, 2013, 6:54:49 AM1/19/13
to
Hello,

I am searching for a fpga accelerated ethernet card solution for facing tcp sessions before OS. The solution should complete 3 way handshake before operating system/driver stage. This implies it should create SYN-ACK packets and wait for 3rd step ACK. This implies it should keep a connection/session table. Generally, I am waiting high connection rate (1M conn per second for 1 Gbps connection) and high number of live sessions.

I would be grateful for any redirection. Sorry for bothering if this is the wrong community for the subject.

Regards,

Oguz

glen herrmannsfeldt

unread,
Jan 19, 2013, 7:09:38 AM1/19/13
to
oguzyil...@gmail.com wrote:
> Hello,
>
> I am searching for a fpga accelerated ethernet card solution
> for facing tcp sessions before OS. The solution should complete
> 3 way handshake before operating system/driver stage.
> This implies it should create SYN-ACK packets and wait for 3rd
> step ACK. This implies it should keep a connection/session table.
> Generally, I am waiting high connection rate (1M conn per second
> for 1 Gbps connection) and high number of live sessions.

It might be that some NIC do that. I know there are some with
special features to offload some of the processing from the
server, such as the checksum calculation.

> I would be grateful for any redirection. Sorry for bothering if
> this is the wrong community for the subject.

You might try comp.dcom.lans.ethernet, even though it isn't
really an ethernet question. There is also a tcpip group.

-- glen

oguzy...@gmail.com

unread,
Jan 19, 2013, 7:39:40 AM1/19/13
to
On Saturday, January 19, 2013 2:09:38 PM UTC+2, glen herrmannsfeldt wrote:
> oguzyil...@gmail.com wrote:
>
> > Hello,
>
> >
>
> > I am searching for a fpga accelerated ethernet card solution
>
> > for facing tcp sessions before OS. The solution should complete
>
> > 3 way handshake before operating system/driver stage.
>
> > This implies it should create SYN-ACK packets and wait for 3rd
>
> > step ACK. This implies it should keep a connection/session table.
>
> > Generally, I am waiting high connection rate (1M conn per second
>
> > for 1 Gbps connection) and high number of live sessions.
>
>
>
> It might be that some NIC do that. I know there are some with
>
> special features to offload some of the processing from the
>
> server, such as the checksum calculation.
>
>

I am searching for a different solution then ordinary TOE NIC solutions. The difference is high rate of tcp session setup/teardown.

Allan Herriman

unread,
Jan 19, 2013, 10:39:36 AM1/19/13
to
On Sat, 19 Jan 2013 03:54:49 -0800, oguzyilmazlist wrote:

> Hello,
>
> I am searching for a fpga accelerated ethernet card solution for facing
> tcp sessions before OS. The solution should complete 3 way handshake
> before operating system/driver stage. This implies it should create
> SYN-ACK packets and wait for 3rd step ACK. This implies it should keep a
> connection/session table. Generally, I am waiting high connection rate
> (1M conn per second for 1 Gbps connection) and high number of live
> sessions.


I hate to be a naysayer, but I believe 1M connections per second is not
possible on a 1Gb/s link, regardless of how fast the processing is.

Minimum frame size = 64 bytes + 8 bytes preamble and SFD + 12 bytes IFG.
You can send up to about 1.488M packets per second in each direction.
Can't do a 3 way handshake with 1.488 packets, unless you do some trick
like putting multiple handshakes in the one packet.


I've never implemented a TCP/IP stack, so I might be missing something.

Regards,
Allan

glen herrmannsfeldt

unread,
Jan 19, 2013, 1:52:55 PM1/19/13
to
oguzy...@gmail.com wrote:

(snip)
>> > I am searching for a fpga accelerated ethernet card solution
>> > for facing tcp sessions before OS. The solution should complete
>> > 3 way handshake before operating system/driver stage.

>> > This implies it should create SYN-ACK packets and wait for 3rd
>> > step ACK. This implies it should keep a connection/session table.

>> > Generally, I am waiting high connection rate (1M conn per second

>> > for 1 Gbps connection) and high number of live sessions.

>> It might be that some NIC do that. I know there are some with
>> special features to offload some of the processing from the
>> server, such as the checksum calculation.

> I am searching for a different solution then ordinary TOE NIC
> solutions. The difference is high rate of tcp session setup/teardown.

Yes, but someone else might have had this problem before.

Though a high rate of setup/teardown implies only a small amount
of data to each, and most use UDP in that case.

Can you explain the actual problem that you are trying to solve?
(Which specific protocol, or what kind of data?)

I haven't thought about this for a while, but I believe, while
it is usually not done, it is possible to include TCP data in
some of the TCP handshaking packets. You might also be able
to add FIN earlier than usual.

Post to the tcp-ip newsgroup and ask about the minimum TCP
session. You might be able to do:

1) SYN+data
2) SYN+ACK+data+FIN
3) ACK+data+FIN

I know that there are NICs designed to offload some of the work,
but I don't know much more than that.

-- glen

oguzyil...@gmail.com

unread,
Jan 20, 2013, 4:39:54 PM1/20/13
to
On Saturday, January 19, 2013 8:52:55 PM UTC+2, glen herrmannsfeldt wrote:
>
>
>
> (snip)
>
> >> > I am searching for a fpga accelerated ethernet card solution
>
> >> > for facing tcp sessions before OS. The solution should complete
>
> >> > 3 way handshake before operating system/driver stage.
>
>
>
> >> > This implies it should create SYN-ACK packets and wait for 3rd
>
> >> > step ACK. This implies it should keep a connection/session table.
>
>
>
> >> > Generally, I am waiting high connection rate (1M conn per second
>
>
>
> >> > for 1 Gbps connection) and high number of live sessions.
>
>
>
> >> It might be that some NIC do that. I know there are some with
>
> >> special features to offload some of the processing from the
>
> >> server, such as the checksum calculation.
>
>
>
> > I am searching for a different solution then ordinary TOE NIC
>
> > solutions. The difference is high rate of tcp session setup/teardown.
>
>
>
> Yes, but someone else might have had this problem before.
>
>
>
> Though a high rate of setup/teardown implies only a small amount
>
> of data to each, and most use UDP in that case.
>
>
>
> Can you explain the actual problem that you are trying to solve?
>
> (Which specific protocol, or what kind of data?)
>
>

Actual problems are,

- For IP Spood TCP connection trials, Full Toe NIC should receive SYN, send SYN-ACK, wait for ACK. This is 3way handshake. If this completes, we are sure IP is not spoofed. Now NIC can forward connection to the driver and operating system.

- Operating systems are using hash tree or radix tree tables for keeping state entries. For high session setup/teardown rates, this can be slow to Add, Delete Modify this table. Each state entry maybe about 500 bytes.I am curious about outcomes of doing state table operations on a TOE NIC.

Ulf Samuelsson

unread,
Mar 15, 2013, 3:34:17 AM3/15/13
to
Have been looking at this problem for some time, but for 10 GbE.
You will need

FPGA Card. Looking at Bittware and Hightec-Global which both provide
example designs and Linux Drivers.

For offloading, we are looking at Fraunhofer, but there are others like
PLDA, Intilog, Fiberblaze.

Fraunhofer will release some special features which will be needed,
but may not affect decisions for other applications.

BR
Ulf Samuelsson

mike_la_jolla

unread,
Mar 17, 2013, 10:40:05 PM3/17/13
to
> I am searching for a fpga accelerated ethernet card solution for facing tcp >sessions before OS. The solution should complete 3 way handshake before operating >system/driver stage. This implies it should create SYN-ACK packets and wait for >3rd step ACK. This implies it should keep a connection/session table. Generally, >I am waiting high connection rate (1M conn per second for 1 Gbps connection) and >high number of live sessions.

DINI provides this: http://www.dinigroup.com/new/TOE.php

Marko Zec

unread,
Mar 18, 2013, 4:05:48 AM3/18/13
to
No, they require "setup/teardown of TCP sessions" to be handled by
the CPU.

mike_la_jolla

unread,
Mar 18, 2013, 12:23:57 PM3/18/13
to
> No, they require "setup/teardown of TCP sessions" to be handled by the CPU.

Sorry. You are correct. Your best bet would be PLDA or Intilop.

KingOfDisaster

unread,
Mar 23, 2013, 6:11:39 PM3/23/13
to
I would reccomend you to be very careful in choosing a TOE.
I have worked for a company that in order to "save time to marked" used one of these Off shield TOE... and I have never seen working correctly!

good luck!

0 new messages