Network adaptor configured for connection establishment offload

Description

BACKGROUND

Denial of Service (DoS) attacks are attempts to deny service of a target computer to legitimate users attempting to access the target computer via a network. In one form, a DoS attack is such that the target computer is forced to expend resources on activities related to the attack. As a result, during the attack, the target computer does not have resources available to provide service to the legitimate users.

One type of DoS attack of this form is a SYN flood attack. During a SYN flood attack, illegitimate TCP/SYN packets (i.e., ones for which there is no intention to initiate a TCP connection) are sent to the target computer. The target computer, handling the illegitimate TCP/SYN packets as legitimate, needlessly consumes resources in responding to the illegitimate TCP/SYN packets with a TCP/SYN-ACK (acknowledgement) packet. Perhaps even worse, the target computer allocates and ties up resources while waiting for details of the “connection”—such details never come. Furthermore, using viruses or other malware, multiple computers on a network such as the internet may be compromised to cause all the computers to simultaneously attack the target computer. Such attacks are known as distributed attacks.

There have been attempts to respond to DoS attacks. For example, SYN cookies may be utilized such that resources of the target computer are not allocated until the sender of the TCP/SYN request, responds with an TCP/ACK to the TCP/SYN+ACK, or even not until the first data carrying packet is received from the peer. The SYN cookies approach requires a modification to the TCP protocol and handling by the target computer.

In some systems, firewalls are employed to distinguish between good traffic and attack traffic. The firewalls confirm that the TCP connections are valid and then proxy packets of the confirmed connection on to the intended destination endpoint. Such firewalls can be effective against DoS attacks. However, resources are utilized during the data transfer phase to handle the overhead of proxying packets of the confirmed connections on to the intended destination.

Even legitimate TCP/SYN packets (i.e., TCP/SYN packets from legitimate peers legitimately intending to initiate a TCP connection), if numerous enough, can bog down a host computer such that, for example, the host computer cannot perform other functions such as communicating on already established connections.

SUMMARY

In accordance with an aspect, coupling circuitry (such as an intelligent network adaptor) couples a network to a host. The host is executing an operating system, and the host is further configured for transfer of data between the host and at least one peer via the network using at least one stateful connection between the host and the at least one peer according to a connection-oriented protocol.

The coupling circuitry receives indications of attempts to establish stateful connections with a host according to the connection-oriented protocol. The coupling processes each of the received indications by attempting to establish a stateful connection to a peer indicated by that connection establishment attempt indication such that, for a genuine attempt by a peer to establish a stateful connection with the host, the coupling circuitry interoperates with the peer to perform establishment-phase protocol processing of the attempted stateful connection between the peer and the host according to the connection-oriented protocol.

For each of the established stateful connections, the coupling circuitry operates to cause a state of that established stateful connection to be provided from the coupling circuitry to the host, wherein the operating system of the host handles data transfer phase protocol processing of that established stateful connection.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 schematically illustrates an architecture of a system in which setup activities of a host with respect to stateful connections (such as using the TCP/IP protocol) are offloaded to offload circuitry such as to a network interface card.

FIG. 2 is a flowchart illustrating an example of processing in the network adaptor of the FIG. 1 architecture.

FIG. 3 schematically illustrates, in slightly greater detail than that illustrated in FIG. 1, the interface between the network adaptor and the OS of the host system.

DETAILED DESCRIPTION

The inventors have realized that offloading the connection setup requests to an intelligent adapter can be used to increase the connection rate of the hosts. Conventional software implementation of TCP/IP protocol stacks cannot handle incoming SYN packets at line rate. In one example, a host executing software can handle five million incoming SYN requests when connected to 10 Gbps Ethernet, but an intelligent adapter can handle up to 16 million requests, therefore greatly increasing the likelihood that a DoS attack will not be successful. In accordance with an inventive aspect, connection setup activities of a host with respect to stateful connections (such as using the TCP/IP protocol) are offloaded to offload circuitry such as to a network interface card. The offload circuitry handles connection setup activities such that resources of the host are not allocated until the connection is set up. The connection is transferred to the host by providing, from the offload circuitry to the host, data indicative of the connection state such that the host can handle the protocol processing of the data transfer phase of the established stateful connection.

FIG. 1 schematically illustrates an architecture of a system in accordance with this aspect. Referring to FIG. 1, a peer 102 is configured to provide a legitimate TCP/SYN packet 104, via a network 106 (such as the internet) in an attempt to establish a connection with the host 106. Network adaptor circuitry 108 (e.g., such as a network interface controller card) associated with the host 106 receives the legitimate TCP/SYN packet 104 and attempts (indicated by reference numeral 110) to establish a TCP/IP connection with the peer 102. Thus, for example, the attempt 110 may comprise engaging in connection setup activities with the peer according to the TCP/IP protocol.

In the case where a TCP/SYN packet is legitimate (e.g., the TCP/SYN packet 104), the connection setup activities result, in the network adaptor 108, in data 112 characterizing the established connection. The connection is then “transferred” to a protocol stack of an operating system 118 being executed by the host 106. In one example, the data 112 characterizing the established connection is copied from memory of the network adaptor 108 to memory associated with the operating system 118 being executed by the host. In another example, the operating system 118 accesses the data 112 in a memory that is shared between the operating system 118 and the network adaptor 108 or is otherwise accessible to the operating system 118. The operating system 118 handles data transfer phase protocol processing of the established connection.

Even the case where the TCP/SYN packet is not legitimate (e.g., the illegitimate TCP/SYN packets 120), the network adaptor circuitry 108 associated with the host 106 attempts (again indicated by reference numeral 110) to establish a TCP/IP connection with the nominal peer, which is the peer indicated in the received illegitimate TCP/SYN packet. Thus, for example, the attempt 110 may in this case comprise attempting to engage in connection setup activities with the nominal peer according to the TCP/IP protocol. A connection will not be established based on a received illegitimate TCP/SYN packet and, thus, resources of the operating system 118 will not be implicated in dealing with illegitimate TCP/SYN packets.

Another type of attack may include illegitimate TCP/SYN+ACK packets being sent. In this case, where the network adaptor circuit 108 has no knowledge of a corresponding TCP/SYN packet that should have preceded a received illegitimate TCP/SYN+ACK packet, there will be no or minimal corresponding processing in the network adaptor 108 and, perhaps more significantly, resources of the OS 118 will not be implicated in processing (or otherwise resulting from) the illegitimate TCP/SYN+ACK packets.

FIG. 2 is a flowchart illustrating processing in a network adaptor in accordance with an inventive aspect. At step 202, a TCP/SYN packet is received. At step 204, the received TCP/SYN packet is processed in an attempt to establish a TCP connection based on the received TCP/SYN packet. At step 206, it is determined if a connection has been successfully established. For example, there may be a wait time between steps 204 and 206 or within the processing of step 204. Based on a determination that a connection has not been successfully established, the processing in FIG. 2 ends. Based on a determination that a connection has been successfully established, at step 208, the connection state information for the established connection is caused to be provided to a protocol processing stack (e.g., of a host operating system). In this way, the host need not be involved with the illegitimate connection attempts and, even for legitimate connection attempts, the connection rate can be increased by offloading the connection setup.

FIG. 3 schematically illustrates, in slightly greater detail than that illustrated in FIG. 1, the interface between the network adaptor 306 and the OS 312 of the host system 302. In particular, referring to FIG. 3, the network adaptor 308 includes memory in which data of the state of an established connection is stored. The network adaptor 306 communicates with a driver 314 of the operating system 312 via a message passing protocol 316. The operating system 312 may be, for example, a general purpose or special purpose operating system that includes a protocol processing stack. The protocol processing stack is configured to operate a connection to a peer based on data of the state of a connection stored in a memory 310 accessible to the protocol processing stack of the operating system.

Based on the messages exchanged via the message passing protocol 316 (generated at least in part based on a connection to a peer being established by the network adaptor 306), the data of the state of the established connection may be transferred 318 from the memory of the network adaptor 306 to the memory 310 of the protocol processing stack.

It is noted that a network adaptor configured to establish a stateful connection and then to pass the state of the stateful connection to a host for data transfer phase protocol processing may comprise hardware alone, primary a programmed processor, or may be some combination. In some examples, the network adaptor comprises a populated interface card configured to communicate with the host via interface circuitry such as via a PCI local bus.

Claims

1. A method of operating coupling circuitry that couples a network to a host, the host further configured for transfer of data between the host and at least one peer via the network according to a TCP connection-oriented protocol, the method comprising: by the coupling circuitry, receiving indications corresponding to TCP connection establishment phase messages to the host from a nominal peer according to the connection-oriented protocol, wherein the indications corresponding to connection establishment phase messages are messages including TCP SYN information from the nominal peer;by the coupling circuitry, processing each of the received indications by attempting to perform appropriate responsive processing in accordance with the connection-oriented protocol such that, when the nominal peer is an actual peer, the coupling circuitry interoperates with the actual peer to perform TCP connection establishment phase protocol processing of an attempted stateful connection between the host and the actual peer according to the connection-oriented protocol to accomplish establishment of a stateful TCP connection, wherein attempting to perform appropriate responsive processing includes providing at least one message including TCP SYN+ACK information to the nominal peer and thereafter receiving at least one message including an ACK to the TCP SYN+ACK information from the nominal peer, wherein accomplishing establishment of the stateful connection includes generating TCP connection state data in the coupling circuitry characterizing the established stateful TCP connection, wherein the TCP connection state data includes a state of the established stateful TCP connection; andby the coupling circuitry, for each of the established stateful TCP connections, causing the generated TCP connection state data characterizing that established stateful TCP connection to be provided from the coupling circuitry to be accessible to a TCP protocol processing stack of the host based on a determination that the TCP connection has been successfully established and without the coupling circuitry itself handing any data transfer phase processing of the established TCP connection prior to causing the generated TCP connection state data to be accessible to the TCP protocol processing stack of the host, whereby the generated TCP connection state data is usable by the host to handle data transfer phase protocol processing of that established stateful TCP connection, for transfer of data between the host and at least one peer via the network, wherein prior to each connection having been established by interoperation of the coupling circuitry with the actual peer and the resulting generated TCP connection state data having been provided from the coupling circuitry to be accessible to the protocol processing stack of the host for data transfer processing of that TCP connection, resources of the host for that TCP connection are not allocated or involved.
2. The method of claim 1, wherein: for a first particular connection establishment phase message including ACK of TCP SYN+ACK information from a nominal peer that, according to the connection-oriented protocol is to be preceded by a corresponding second particular connection establishment message including a TCP SYN information from a nominal peer, determining that the appropriate response is no response when there is no preceding corresponding second particular connection establishment message.
3. The method of claim 1, further comprising: by the host, receiving the generated TCP connection state data characterizing the state of that established stateful TCP connection and handling the data transfer phase processing of that established stateful TCP connection using the received generated TCP connection state data characterizing the state of that established stateful TCP connection, for transfer of data between the host and at least one peer via the network.
4. The method of claim 1, wherein: the coupling circuitry is at least a portion of circuitry comprising an intelligent network adaptor that is a network interface card.
5. The method of claim 1, wherein: the coupling circuitry includes a combination of hardware and a programmed microprocessor.
6. The method of claim 1, wherein: the coupling circuitry does not provide the host particular generated TCP connection state data characterizing an established stateful TCP connection until after the TCP stateful connection is established.
7. A method of operating coupling circuitry that couples a network to a host, the host further configured for transfer of data between the host and at least one peer via the network using at least one stateful connection between the host and the at least one peer according to a connection-oriented protocol, wherein the connection-oriented protocol includes a definition of at least a connection establishment phase and of a data transfer phase, the definition of the connection establishment phase including at least a first message that is a request by a peer to connect with the host, a second message that is a response by the host to the peer acknowledging the first message, and a third message that is a response from the peer to the host acknowledging the second message, wherein a proper exchange of the first message, the second message and the third message according to the connection-oriented protocol is necessary to establish a stateful connection between the peer and the host, the method comprising: by the coupling circuitry, receiving indications each corresponding to a nominal connection establishment attempt first message by a nominal peer to establish a stateful connection with the host according to the connection-oriented protocol;by the coupling circuitry, for each of the received nominal stateful connection establishment attempts first messages, processing that received nominal stateful connection establishment attempt first message by providing an appropriate response second message, according to the connection-oriented protocol, to that connection establishment attempt, such that at least some of the appropriate second message each result in receipt of an appropriate third message and therefore an established stateful connection; andby the coupling circuitry, for each of the established stateful connections as a result of the coupling circuitry interoperating with a peer to accomplish establish phase processing for that stateful connection, causing generated connection state data characterizing that established stateful connection and including a state of that established stateful connection to be provided from the coupling circuitry to be accessible to a protocol processing stack of the host based on a determination that the connection has been successfully established and without the coupling circuitry itself handing any data transfer phase processing of the established connection prior to causing the generated connection state data to be accessible to the protocol processing stack of the host, whereby the generated connection state data is usable by the host to handle data transfer phase protocol processing of that established stateful connection, for transfer of data between the host and at least one peer via the network,
8. The method of claim 7, further comprising: by the host, receiving the generated connection state data characterizing the state of that established stateful connection and handling the data transfer phase processing of that established stateful connection, for transfer of data between the host and at least one peer via the network, using the received generated connection state data characterizing the state of that established stateful connection.
9. The method of claim 7, wherein: the connection-oriented protocol is TCP/IP.
10. The method of claim 7, wherein: the coupling circuitry is at least a portion of circuitry comprising an intelligent network adaptor.
11. The method of claim 7, wherein: the coupling circuitry includes a combination of hardware and a programmed microprocessor.
12. The method of claim 7, wherein: the coupling circuitry does not provide the host any of the particular generated connection state data characterizing an established a stateful connection until after the stateful connection is established by the coupling circuitry.
13. An intelligent network adaptor to couple a network to a host that is configured for transfer of data between the host and at least one peer via the network according to a connection-oriented protocol, wherein the connection-oriented protocol includes a definition of at least a connection establishment phase and of a data transfer phase, the definition of the connection establishment phase including at least a first message that is a request by a peer to connect with the host, a second message that is a response by the host to the peer acknowledging the first message, and a third message that is a response from the peer to the host acknowledging the second message, wherein a proper exchange of the first message, the second message and the third message according to the connection-oriented protocol is necessary to establish a stateful connection between the peer and the host, the network adaptor comprising a processor and a memory, wherein the processor is configured to process instructions in the memory to: receive indications of attempts to establish stateful connections with a host according to the connection-oriented protocol, wherein the indications of attempts are indications of first messages of the connection establishment phase of the connection-oriented protocol; process each of the received indications by interoperating with the at least one peer, attempting to establish a stateful connection to a nominal peer indicated by said received indication, by attempting to exchange with the nominal peer second and third messages of the connection establishment phase of the connection-oriented protocol, such that, for a genuine attempt by a peer to establish a stateful connection with the host, the intelligent network adaptor successfully interoperates with the peer to perform establishment-phase protocol processing of the attempted stateful connection between the peer and the host according to the connection-oriented protocol to actually accomplish establishment of the stateful connection, wherein accomplishing establishment of the stateful connection includes generating connection state data in the network adaptor during the connection establishment phase of the connection according to the connection-oriented protocol, the connection state characterizing the established stateful connection and including a state of the established stateful connection; andfor each of the established stateful connections, cause the generated connection state data characterizing that established stateful connection to be provided from the coupling circuitry to be accessible to a protocol processing stack of the host based on a determination that the connection has been successfully established and without the coupling circuitry itself handing any data transfer phase processing of the established connection prior to causing the generated connection state data to be accessible to the protocol processing stack of the host, whereby the generated connection state data is usable by the host to handle data transfer phase protocol processing of that established stateful connection, for transfer of data between the host and at least one peer via the network,

US Referenced Citations (230)

Number	Name	Date	Kind
4445116	Grow	Apr 1984	A
4533996	Hartung et al.	Aug 1985	A
5058110	Beach et al.	Oct 1991	A
5065397	Shiobara	Nov 1991	A
5497476	Oldfield et al.	Mar 1996	A
5778189	Kimura et al.	Jul 1998	A
5937169	Connery et al.	Aug 1999	A
6087581	Emmer et al.	Jul 2000	A
6141705	Anand et al.	Oct 2000	A
6226680	Boucher et al.	May 2001	B1
6240094	Schneider	May 2001	B1
6247060	Boucher et al.	Jun 2001	B1
6334153	Boucher et al.	Dec 2001	B2
6389479	Boucher et al.	May 2002	B1
6393487	Boucher et al.	May 2002	B2
6397316	Fesas, Jr.	May 2002	B2
6401117	Narad et al.	Jun 2002	B1
6401177	Koike	Jun 2002	B1
6427171	Craft et al.	Jul 2002	B1
6427173	Boucher et al.	Jul 2002	B1
6434620	Boucher et al.	Aug 2002	B1
6460080	Shah et al.	Oct 2002	B1
6463077	Sato	Oct 2002	B1
6470415	Starr et al.	Oct 2002	B1
6510164	Ramaswamy et al.	Jan 2003	B1
6564267	Lindsay	May 2003	B1
6591302	Boucher et al.	Jul 2003	B2
6594268	Aukia et al.	Jul 2003	B1
6625671	Collette et al.	Sep 2003	B1
6658480	Boucher et al.	Dec 2003	B2
6681244	Cross et al.	Jan 2004	B1
6687758	Craft et al.	Feb 2004	B2
6697868	Craft et al.	Feb 2004	B2
6701372	Yano et al.	Mar 2004	B2
6708223	Wang et al.	Mar 2004	B1
6708232	Obara	Mar 2004	B2
6717946	Hariguchi et al.	Apr 2004	B1
6735702	Yavatkar et al.	May 2004	B1
6751665	Philbrick et al.	Jun 2004	B2
6757245	Kuusinen et al.	Jun 2004	B1
6757746	Boucher et al.	Jun 2004	B2
6792502	Pandya et al.	Sep 2004	B1
6798743	Ma et al.	Sep 2004	B1
6807581	Starr et al.	Oct 2004	B1
6813652	Stadler et al.	Nov 2004	B2
6862648	Yatziv	Mar 2005	B2
6907042	Oguchi et al.	Jun 2005	B1
6925055	Erimli et al.	Aug 2005	B1
6938092	Burns	Aug 2005	B2
6941386	Craft et al.	Sep 2005	B2
6965941	Boucher et al.	Nov 2005	B2
6996070	Starr et al.	Feb 2006	B2
7031267	Krumel	Apr 2006	B2
7042898	Blightman et al.	May 2006	B2
7076568	Philbrick et al.	Jul 2006	B2
7089289	Blackmore et al.	Aug 2006	B1
7089326	Boucher et al.	Aug 2006	B2
7093099	Bodas et al.	Aug 2006	B2
7114096	Freimuth et al.	Sep 2006	B2
7124205	Craft et al.	Oct 2006	B2
7133902	Saha et al.	Nov 2006	B2
7133914	Holbrook	Nov 2006	B1
7133940	Blightman et al.	Nov 2006	B2
7136355	Lin et al.	Nov 2006	B2
7155542	Trainin	Dec 2006	B2
7164656	Foster et al.	Jan 2007	B2
7167926	Boucher et al.	Jan 2007	B1
7167927	Philbrick et al.	Jan 2007	B2
7174393	Boucher et al.	Feb 2007	B2
7185266	Blightman et al.	Feb 2007	B2
7191241	Boucher et al.	Mar 2007	B2
7191318	Tripathy et al.	Mar 2007	B2
7239642	Chinn et al.	Jul 2007	B1
7254637	Pinkerton et al.	Aug 2007	B2
7260631	Johnson et al.	Aug 2007	B1
7284047	Barham et al.	Oct 2007	B2
7313623	Elzur et al.	Dec 2007	B2
7320042	Trainin et al.	Jan 2008	B2
7336608	Sin et al.	Feb 2008	B2
7346701	Elzur et al.	Mar 2008	B2
7349337	Mahdavi	Mar 2008	B1
7376147	Seto et al.	May 2008	B2
7408906	Griswold et al.	Aug 2008	B2
7447795	Naghshineh et al.	Nov 2008	B2
7453892	Buskirk et al.	Nov 2008	B2
7457845	Fan et al.	Nov 2008	B2
7460510	Olivier et al.	Dec 2008	B2
7474670	Nowshadi	Jan 2009	B2
7493427	Freimuth et al.	Feb 2009	B2
7533176	Freimuth et al.	May 2009	B2
7583596	Frink	Sep 2009	B1
7594002	Thorpe et al.	Sep 2009	B1
7596634	Mittal et al.	Sep 2009	B2
7609696	Guygyi et al.	Oct 2009	B2
7613813	Hussain et al.	Nov 2009	B2
7616563	Eiriksson et al.	Nov 2009	B1
7656887	Okuno	Feb 2010	B2
7660264	Eiriksson et al.	Feb 2010	B1
7660306	Eiriksson et al.	Feb 2010	B1
7715436	Eiriksson et al.	May 2010	B1
7724658	Eiriksson et al.	May 2010	B1
7735099	Micalizzi, Jr.	Jun 2010	B1
7746780	Seo	Jun 2010	B2
7751316	Yarlagadda et al.	Jul 2010	B2
7760733	Eiriksson et al.	Jul 2010	B1
7813339	Bar-David et al.	Oct 2010	B2
7826350	Michailidis et al.	Nov 2010	B1
7831720	Noureddine et al.	Nov 2010	B1
7831745	Eiriksson et al.	Nov 2010	B1
7836191	Susai et al.	Nov 2010	B2
7844742	Pope et al.	Nov 2010	B2
7869355	Kodama et al.	Jan 2011	B2
7924840	Eiriksson et al.	Apr 2011	B1
7929540	Elzur et al.	Apr 2011	B2
7930349	Hussain et al.	Apr 2011	B2
7945705	Eiriksson et al.	May 2011	B1
8028071	Mahalingam et al.	Sep 2011	B1
8060644	Michailidis et al.	Nov 2011	B1
8139482	Eiriksson et al.	Mar 2012	B1
8155001	Eiriksson et al.	Apr 2012	B1
8213427	Eiriksson et al.	Jul 2012	B1
20010010046	Muyres et al.	Jul 2001	A1
20010021949	Blightman et al.	Sep 2001	A1
20010037406	Philbrick et al.	Nov 2001	A1
20020039366	Sano	Apr 2002	A1
20020101848	Lee et al.	Aug 2002	A1
20020188753	Tang et al.	Dec 2002	A1
20020191622	Zdan	Dec 2002	A1
20030005164	Trainin et al.	Jan 2003	A1
20030018516	Ayala et al.	Jan 2003	A1
20030035436	Denecheau et al.	Feb 2003	A1
20030048751	Han et al.	Mar 2003	A1
20030067884	Abler et al.	Apr 2003	A1
20030079033	Craft et al.	Apr 2003	A1
20030154298	Lu	Aug 2003	A1
20030200284	Philbrick et al.	Oct 2003	A1
20030204631	Pinkerton et al.	Oct 2003	A1
20040003094	See	Jan 2004	A1
20040019689	Fan	Jan 2004	A1
20040028069	Tindal et al.	Feb 2004	A1
20040030745	Boucher et al.	Feb 2004	A1
20040042487	Ossman	Mar 2004	A1
20040047361	Fan et al.	Mar 2004	A1
20040054813	Boucher et al.	Mar 2004	A1
20040062245	Sharp et al.	Apr 2004	A1
20040062246	Boucher et al.	Apr 2004	A1
20040064578	Boucher et al.	Apr 2004	A1
20040064590	Starr et al.	Apr 2004	A1
20040073703	Boucher et al.	Apr 2004	A1
20040078480	Boucher et al.	Apr 2004	A1
20040088262	Boucher et al.	May 2004	A1
20040100952	Boucher et al.	May 2004	A1
20040111535	Boucher et al.	Jun 2004	A1
20040117496	Mittal et al.	Jun 2004	A1
20040123142	Dubal et al.	Jun 2004	A1
20040158640	Philbrick et al.	Aug 2004	A1
20040165592	Chen et al.	Aug 2004	A1
20040190533	Modi et al.	Sep 2004	A1
20040199808	Freimuth et al.	Oct 2004	A1
20040213235	Marshall et al.	Oct 2004	A1
20040240435	Boucher et al.	Dec 2004	A1
20050071490	Craft et al.	Mar 2005	A1
20050083850	Sin et al.	Apr 2005	A1
20050083935	Kounavis et al.	Apr 2005	A1
20050102682	Shah et al.	May 2005	A1
20050111483	Cripe et al.	May 2005	A1
20050120037	Maruyama et al.	Jun 2005	A1
20050125195	Brendel	Jun 2005	A1
20050135378	Rabie et al.	Jun 2005	A1
20050135396	McDaniel et al.	Jun 2005	A1
20050135412	Fan	Jun 2005	A1
20050135417	Fan et al.	Jun 2005	A1
20050147126	Qiu et al.	Jul 2005	A1
20050188074	Voruganti et al.	Aug 2005	A1
20050190787	Kuik et al.	Sep 2005	A1
20050216597	Shah et al.	Sep 2005	A1
20050223134	Vasudevan et al.	Oct 2005	A1
20050226238	Hoskote et al.	Oct 2005	A1
20050259644	Huitema et al.	Nov 2005	A1
20050259678	Gaur	Nov 2005	A1
20050286560	Colman et al.	Dec 2005	A1
20050289246	Easton et al.	Dec 2005	A1
20060015618	Freimuth et al.	Jan 2006	A1
20060015651	Freimuth et al.	Jan 2006	A1
20060031524	Freimuth et al.	Feb 2006	A1
20060039413	Nakajima et al.	Feb 2006	A1
20060072564	Cornett et al.	Apr 2006	A1
20060075119	Hussain et al.	Apr 2006	A1
20060080733	Khosmood et al.	Apr 2006	A1
20060098675	Okuno	May 2006	A1
20060101090	Aloni et al.	May 2006	A1
20060133267	Alex et al.	Jun 2006	A1
20060168649	Venkat et al.	Jul 2006	A1
20060200363	Tsai	Sep 2006	A1
20060206300	Garg et al.	Sep 2006	A1
20060209693	Davari et al.	Sep 2006	A1
20060221832	Muller et al.	Oct 2006	A1
20060221946	Shalev et al.	Oct 2006	A1
20060235977	Wunderlich et al.	Oct 2006	A1
20060265517	Hashimoto et al.	Nov 2006	A1
20060268841	Nagaraj et al.	Nov 2006	A1
20060274788	Pong	Dec 2006	A1
20060281451	Zur	Dec 2006	A1
20070011358	Wiegert et al.	Jan 2007	A1
20070014246	Aloni et al.	Jan 2007	A1
20070033301	Aloni et al.	Feb 2007	A1
20070064737	Williams	Mar 2007	A1
20070070901	Aloni et al.	Mar 2007	A1
20070076623	Aloni et al.	Apr 2007	A1
20070083638	Pinkerton et al.	Apr 2007	A1
20070086480	Elzur et al.	Apr 2007	A1
20070110436	Bennett	May 2007	A1
20070143848	Kraemer et al.	Jun 2007	A1
20070162572	Aloni et al.	Jul 2007	A1
20070201474	Isobe	Aug 2007	A1
20070233892	Ueno	Oct 2007	A1
20080002731	Tripathy et al.	Jan 2008	A1
20080016511	Hyder et al.	Jan 2008	A1
20080043750	Keels et al.	Feb 2008	A1
20080089347	Phillipi et al.	Apr 2008	A1
20080091868	Mizrachi et al.	Apr 2008	A1
20080135415	Han et al.	Jun 2008	A1
20080168190	Parthasarathy et al.	Jul 2008	A1
20080232386	Gorti et al.	Sep 2008	A1
20080273532	Bar-David et al.	Nov 2008	A1
20090073884	Kodama et al.	Mar 2009	A1
20090172301	Ebersole et al.	Jul 2009	A1
20090222564	Freimuth et al.	Sep 2009	A1
20100023626	Hussain et al.	Jan 2010	A1
20100235465	Thorpe et al.	Sep 2010	A1

Non-Patent Literature Citations (95)

Entry
Boon S. Ang, “An Evaluation of an Attempt at Offloading TCP/IP Processing onto an i960RN-based iNIC”, 2001, Hewlett Packard, p. 1-33.
Line Provider, “TCP/IP offload Engine TOE”, 2002, p. 1-7, retreived from http://line-provider.com/whitepapers/tcpip-offload-engine-toe/.
Hewlett Packard, “Using TCP/IP Offload Engine and Receive-Side Scaling to Improve Performance and Efficiency on HP ProLiant Servers in Microsoft® Windows® Environments”, 2006, p. 1-8.
Clark et al., “An Analysis of TCP Processing Overhead,” IEEE Communications Magazine, Jun. 1989, pp. 23-29.
Woodside et al., “The Protocol Bypass Concept for High Speed OSI Data Transfer,” Research Paper. Available at:http://citeseer.ist.psu.edu/cache/papers/cs/26104/http:zSzzSzwww.sce.carlet on.cazSzftpzSzpubzSzcmwzSzbpjan90.pdf/woodside90protocol.pdf.
Rütsche et al., “TCP/IP on the Parallel Protocol Engine,” High Performace Networking, (IV, C-14), Elsevier Science Publishers, B.V. North Holland 1993.
Thia et al., “High-Speed OSI Protocol Bypass Algorithm with Window Flow Control,” IFIP WG6.4 Third International Workshop on Protocols for High-Speed Networks, Stockholm, Sweden, May 13-15, 1992, pp. 53-68.
Thia et al., “A Reduced Operation Protocol Engine (ROPE) for a Multiple-Layer Bypass Architecture,” Protocols for High-Speed Networks IV, 4th IFIP International Workshop, Aug. 10-12, 1994, Vancouver, B.C., Canada, pp. 224-239.
Rütsche et al., “Architectures of Multimedia Communication Subsystems” IFIP Transactions; vol. C-23 archive, Proceedings of the IFIP TC6 International Conference on Information Networks and Data Communication table of contents, pp. 217-230, Year of Publication: 1994.
Dalton et al., “Afterburner: Architectural Support for High-Performance Protocols,” http://www.hpl.hp.com/techreports/93/HPL-93-46.pdf, Jul. 1993, 18 Pages.
TRM Technologies, Inc., “L4/L7 Switching,” Downloaded from http://www.trm,ca/pages/t-tech7.html on Feb. 16, 2006, 3 Pages.
Madsen et al., “Wireless Data Communication,” Fall 2003 Presentation, Wireless Networks Division (WING), Allborg University.
Yocum et al., “Anypoint: Extensible Transport Switching on the Edge,” Proceedings of the 4th USENIX Symposium on Internet Technologies and Systems, Mar. 26-28, 2003, Seattle, WA, USA.
International Search Report in PCT/US02/12679, dated Jul. 23, 2002.
Office Action in U.S. Appl. No. 10/474,500, mailed Oct. 4, 2007.
Office Action in U.S. Appl. No. 11/137,146, mailed Mar. 5, 2008.
Office Action in U.S. Appl. No. 11/137,140, mailed Feb. 5, 2008.
Office Action in U.S. Appl. No. 11/250,894, mailed Jun. 26, 2008.
Notice of Allowance in U.S. Appl. No. 10/474,500, mailed Jul. 1, 2008.
Allowed Claims from U.S. Appl. No. 10/474,500.
Office Action in U.S. Appl. No. 11/217,661, mailed Sep. 18, 2008.
Office Action in U.S. Appl. No. 11/313,003, mailed Aug. 22, 2008.
Office Action in U.S. Appl. No. 11/330,898, mailed Oct. 8, 2008.
Office Action in U.S. Appl. No. 11/137,146, mailed Nov. 3, 2008.
Office Action in U.S. Appl. No. 11/356,850 mailed Dec. 3, 2008.
U.S. Appl. No. 60/690,465, filed Jun. 14, 2005.
U.S. Appl. No. 60/718,418, filed Sep. 19, 2005.
Office Action in U.S. Appl. No. 11/282,933 mailed Feb. 20, 2009.
Office Action in U.S. Appl. No. 11/250,894 mailed Jan. 26, 2009.
Office Action in U.S. Appl. No. 11/137,140 mailed Mar. 31, 2009.
Office Action in U.S. Appl. No. 11/130,898 mailed Apr. 2, 2009.
Office Action in U.S. Appl. No. 11/747,790 mailed May 12, 2009.
Office Action in U.S. Appl. No. 11/747,793 mailed Jun. 8, 2009.
Notice of Allowance in U.S. Appl. No. 11/313,003, mailed Jun. 8, 2008.
Allowed Claims from U.S. Appl. No. 11/313,003.
Office Action in U.S. Appl. No. 11/217,661 mailed Jun. 9, 2009.
Pratt, Ian and Fraser, Keir, “Arsenic: A User-Accessible Gigabit Ethernet Interface,” INFOCOM 2001. Twentieth Annual Joint Conference of the IEEE Computer and Communications Societies. Proceedings. IEEE, vol. 1, Issue , 2001 pp. 67-76 vol. 1.
Office Action in U.S. Appl. No. 11/137,146, mailed Jun. 23, 2009.
Office Action in U.S. Appl. No. 11/137,140, mailed Aug. 21, 2009.
Office Action in U.S. Appl. No. 11/747,650, mailed Aug. 27, 2009.
Office Action in U.S. Appl. No. 11/250,894, mailed Sep. 15, 2009.
Notice of Allowance in U.S. Appl. No. 11/356,850, mailed Jun. 26, 2009.
Allowed Claims from U.S. Appl. No. 11/356,850.
Office Action in U.S. Appl. No. 11/282,933, mailed Sep. 9, 2009.
Notice of Allowance in U.S. Appl. No. 11/330,898, mailed Sep. 23, 2009.
Allowed Claims in U.S. Appl. No. 11/330,898.
Final Office Action in U.S. Appl. No. 11/747,790, mailed Nov. 5, 2009.
Notice of Allowance in U.S. Appl. No. 11/217,661 mailed Jan. 11, 2010.
Allowed Claims from U.S. Appl. No. 11/217,661.
Notice of Allowance in U.S. Appl. No. 11/282,933 mailed Dec. 31, 2009.
Allowed Claims from U.S. Appl. No. 11/282,933.
Office Action in U.S. Appl. No. 11/747,793, mailed Jan. 25, 2010.
Office Action in U.S. Appl. No. 12/122,570, mailed Feb. 4, 2010.
Office Action in U.S. Appl. No. 11/137,146, mailed Feb. 4, 2010.
Office Action in U.S. Appl. No. 11/747,790, mailed Mar. 9, 2010.
Notice of Allowance in U.S. Appl. No. 11/250,894, mailed Mar. 29, 2010.
Allowed Claims from U.S. Appl. No. 11/250,894.
Office Action in U.S. Appl. No. 11/747,650, mailed Apr. 15, 2010.
Office Action in U.S. Appl. No. 11/747,673, mailed Apr. 30, 2010.
Notice of Allowance in U.S. Appl. No. 11/137,140, mailed Jun. 30, 2010.
Allowed Claims in U.S. Appl. No. 11/137,140.
Notice of Allowance in U.S. Appl. No. 12/122,570, mailed Jul. 8, 2010.
Allowed Claims in U.S. Appl. No. 12/122,570.
Notice of Allowance in U.S. Appl. No. 11/747,650, mailed Jul. 8, 2010.
Allowed Claims in U.S. Appl. No. 11/747,650.
Final Office Action in U.S. Appl. No. 11/747,793, mailed Jul. 23, 2010.
Office Action in U.S. Appl. No. 11/747,790, mailed Aug. 18, 2010.
Office Action in U.S. Appl. No. 12/645,324, mailed Aug. 25, 2010.
Office Action in U.S. Appl. No. 12/752,719, mailed Nov. 10, 2010.
Office Action in U.S. Appl. No. 12/567,581, mailed Nov. 3, 2010.
Office Action in U.S. Appl. No. 11/747,673, mailed Oct. 29, 2010.
Notice of Allowance in U.S. Appl. No. 11/137,146, mailed Dec. 10, 2010.
Allowed claims in U.S. Appl. No. 11/137,146.
Notice of Allowance in U.S. Appl. No. 12/645,324, mailed Dec. 15, 2010.
Allowed Claims in U.S. Appl. No. 12/645,324.
Office Action in U.S. Appl. No. 12/255,112, mailed Dec. 16, 2010.
Notice of Allowance in U.S. Appl. No. 11/747,673, mailed Jun. 30, 2011.
Office Action in U.S. Appl. No. 12/567,581, mailed Mar. 8, 2011.
Office Action in U.S. Appl. No. 12/752,719, mailed May 5, 2011.
Office Action in U.S. Appl. No. 11/747,790, mailed Feb. 17, 2011.
Notice of Allowance in U.S. Appl. No. 12/255,112, mailed May 31, 2011.
Office Action in U.S. Appl. No. 12/567,581, mailed Jul. 28, 2011.
Office Action in U.S. Appl. No. 12/643,897 dated Nov. 2, 2011.
Notice of Allowance in U.S. Appl. No. 12/567,581, mailed Nov. 15, 2011.
Notice of Allowance in U.S. Appl. No. 12/752,719, dated Dec. 8, 2011.
Office Action in U.S. Appl. No. 11/747,790, dated Feb. 7, 2012.
Office Action in U.S. Appl. No. 13/249,077, dated Feb. 22, 2012.
Office Action in U.S. Appl. No. 13/413,196, dated May 10, 2012.
Final Office Action in U.S. Appl. No. 11/747,790, dated Jul. 26, 2012.
Notice of Allowance in U.S. Appl. No. 13/413,196, dated Aug. 31, 2012.
Office Action in U.S. Appl. No. 11/747,793 dated Apr. 5, 2013.
Office Action in U.S. Appl. No. 13/081,392 dated Aug. 7, 2013.
Notice of Allowance in U.S. Appl. No. 11/747,790, mailed Sep. 5, 2013.
Office Action in U.S. Appl. No. 11/747,793 dated Oct. 3, 2013.
Notice of Allowance in U.S. Appl. No. 13/081,392, mailed Nov. 18, 2013.

Network adaptor configured for connection establishment offload

Information

Patent Number

Date Filed

Date Issued

Inventors

Original Assignees

Examiners

Agents

CPC

US Classifications

Field of Search

US

International Classifications

Term Extension

Abstract

Description

Claims

US Referenced Citations (230)

Non-Patent Literature Citations (95)