FPGA-based network security acceleration card and FPGA-based network security acceleration method

A network security, accelerator card technology, applied in the field of data transmission

Pending Publication Date: 2020-08-28
北京光润通科技发展有限公司
View PDF4 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The external bandwidth is very high, but at the same time, it brings unprecedented challenges to the processor processing capacity of the server. The network processing cannot fully meet the needs of the processor alone, and the network performance problem has even become a bottleneck restricting the further enrichment and improvement of functions.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • FPGA-based network security acceleration card and FPGA-based network security acceleration method
  • FPGA-based network security acceleration card and FPGA-based network security acceleration method
  • FPGA-based network security acceleration card and FPGA-based network security acceleration method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0027] The present invention provides a method for accelerating network security based on FPGA, such as figure 1 , figure 2 shown, including the following steps:

[0028] S1: The receiving processor writes the quintuple information, corresponding Hash value, and forwarding rules of the first packet by writing into the PCIe BAR register, and converts the quintuple information, corresponding Hash values, and forwarding rules according to the Hash value. The corresponding address is written into the DDR memory, and the forwarding rules include security policies, routing information and processing policies;

[0029] S2: receiving a data packet, buffering the data packet through FIFO and extracting the quintuple information of the data packet;

[0030] S3: Perform a hash operation on the quintuple information of the data packet to obtain the hash value of the quintuple;

[0031] S4: Access the corresponding DDR memory by using the obtained Hash value as the address, read the ha...

Embodiment 2

[0064] An FPGA-based network security accelerator card, such as Figure 5 As shown, including the following parts:

[0065] The information writing module 1 is configured to receive the quintuple information, the corresponding Hash value and the forwarding rules of the first packet written by the receiving processor by writing the PCIe BAR register, and convert the quintuple information, the corresponding Hash value Value and forwarding rules are written in the DDR memory according to the address corresponding to the Hash value, and the forwarding rules include security policies, routing information and processing policies;

[0066] The extraction module 2 is configured to receive the data packet, cache the data packet through the FIFO and extract the quintuple information of the data packet;

[0067] The hash operation module 3 is configured to perform Hash operation on the quintuple information of the data packet to obtain the Hash value of the quintuple;

[0068] The data...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention belongs to the technical field of data transmission, and particularly relates to an FPGA-based network security acceleration card and an FPGA-based network security acceleration method.The invention provides a novel FPGA-based network security acceleration card and a novel FPGA-based network security acceleration method. According to the FPGA-based network security acceleration cardand the FPGA-based network security acceleration method, a classic quintuple accurate matching flow forwarding mode is adopted to process network messages; and network processing shunting can be carried out on the processor, so that the processor can be liberated from heavy work, and some things which must be done by the processor can be handled, and the data forwarding rate can be further improved.

Description

technical field [0001] The invention belongs to the technical field of data transmission, in particular to an FPGA-based network security acceleration card and an acceleration method. Background technique [0002] With the rapid development of global big data and artificial intelligence technology, the network performance is getting higher and higher, from the original 100M and Gigabit throughput to the current 10G, 25G, 40G and even 100G, 200G and so on. . The external bandwidth is very high, but at the same time, it brings unprecedented challenges to the processor processing capacity of the server. The network processing cannot fully meet the demand by the processor alone, and the network performance problem has even become a bottleneck restricting the further enrichment and improvement of functions. Contents of the invention [0003] In order to solve the problems in the prior art, the invention provides a new FPGA-based network security acceleration card and an accele...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F15/78G06F13/28G06F13/42
CPCG06F15/7839G06F13/28G06F13/4282
Inventor 不公告发明人
Owner 北京光润通科技发展有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap