Search

CN-122027709-A - Technique for accelerating QUIC packet processing using hardware offloading

CN122027709ACN 122027709 ACN122027709 ACN 122027709ACN-122027709-A

Abstract

Techniques to accelerate QUIC packet processing include a computing device having a network controller. The computing device programs the network controller with an encryption key associated with the QUIC protocol connection. The computing device may pass the QUIC packet to a network controller that encrypts the payload of the QUIC packet using an encryption key. The network controller may segment the QUIC packet into a plurality of segmented QUIC packets prior to encryption. The network controller transmits the encrypted QUIC packet to the remote host. The network controller may receive the encrypted QUIC packet from the remote host. The network controller decrypts the encrypted payload of the received QUIC packet and may evaluate the valuation function with the entropy source in the received QUIC packet and forward the received QUIC packet to the receive queue based on the valuation function. Each receive queue may be associated with a processor core. Other embodiments are described and claimed.

Inventors

  • M. Dewar
  • G. BOWERS

Assignees

  • 英特尔公司

Dates

Publication Date
20260512
Application Date
20190318
Priority Date
20180629

Claims (20)

  1. 1. A network interface controller, comprising: an interface to a processor including a plurality of processor cores; Interface with network, and A circuit module for: for the corresponding received qic packets in the User Datagram Protocol (UDP) datagram: hash the corresponding QUIC connection identifier of the corresponding received QUIC packet; Determining a respective receive queue of a plurality of receive queues of the respective QUIC packet based on the hash of the QUIC connection identifier, different ones of the plurality of receive queues being associated with different ones of the plurality of processor cores, and The corresponding QUIC packet is forwarded to the determined receive queue.
  2. 2. The network interface controller of claim 1, further comprising a circuit module for performing quitc encryption offload and quitc decryption offload.
  3. 3. The network interface controller of claim 1, further comprising a circuit module for performing segment offloading on the quitc packets.
  4. 4. The network interface controller of claim 1, further comprising a circuit module for validating the QUIC packet based on authentication data of the QUIC packet.
  5. 5. The network interface controller of claim 2, further comprising a circuit module for receiving a key to perform quitc encryption offload on a quitc connection.
  6. 6. One or more non-transitory machine-readable storage media storing machine-readable instructions which, when executed by at least one machine, cause the machine to be configured to perform operations comprising: a network interface controller including interfaces to a plurality of processor cores and interfaces to a network is configured to: for the corresponding received qic packets in the User Datagram Protocol (UDP) datagram: hash the corresponding QUIC connection identifier of the corresponding received QUIC packet; Determining a respective receive queue of a plurality of receive queues of the respective QUIC packet based on the hash of the QUIC connection identifier, different ones of the plurality of receive queues being associated with different ones of the plurality of processor cores, and The corresponding QUIC packet is forwarded to the determined receive queue.
  7. 7. The one or more non-transitory machine-readable media of claim 6, wherein the operations comprise configuring the network interface controller to perform quit encryption offload and quit decryption offload operations.
  8. 8. The one or more non-transitory machine-readable media of claim 6, wherein the operations comprise configuring the network interface controller to perform a segment load shedding operation on a quitc packet.
  9. 9. The one or more non-transitory machine-readable media of claim 6, wherein the operations comprise configuring the network interface controller to verify the operation of the QUIC packet based on authentication data of the QUIC packet.
  10. 10. The one or more non-transitory machine-readable media of claim 6, wherein the operations comprise configuring the network interface controller to receive a key to perform a quitc encryption offload operation on a quitc connection.
  11. 11. A method, comprising: a network interface controller including interfaces to a plurality of processor cores and interfaces to a network is configured to: for the corresponding received qic packets in the User Datagram Protocol (UDP) datagram: hash the corresponding QUIC connection identifier of the corresponding received QUIC packet; Determining a respective receive queue of a plurality of receive queues of the respective QUIC packet based on the hash of the QUIC connection identifier, different ones of the plurality of receive queues being associated with different ones of the plurality of processor cores, and The corresponding QUIC packet is forwarded to the determined receive queue.
  12. 12. The method of claim 11, further comprising configuring the network interface controller to perform quitc encryption offload and quitc decryption offload.
  13. 13. The method of claim 11, further comprising configuring the network interface controller to perform segment offloading on quitc packets.
  14. 14. The method of claim 11, further comprising configuring the network interface controller to verify the QUIC packet based on its authentication data.
  15. 15. The method of claim 12, further comprising configuring the network interface controller to receive a key to perform quitc encryption offloading on a quitc connection.
  16. 16. A system, comprising: A processor including a plurality of processor cores, and A network interface controller, comprising: an interface to the processor comprising a plurality of processor cores; interface to network, and A circuit module for: For a QUIC packet including a QUIC packet received correspondingly in a User Datagram Protocol (UDP) datagram: hash the corresponding QUIC connection identifier of the corresponding received QUIC packet; Determining a respective receive queue of a plurality of receive queues of the respective QUIC packet based on the hash of the QUIC connection identifier, different ones of the plurality of receive queues being associated with different ones of the plurality of processor cores, and The corresponding QUIC packet is forwarded to the determined receive queue.
  17. 17. The system of claim 16, wherein the network interface controller further comprises a circuit module for performing quitc encryption offload and quitc decryption offload.
  18. 18. The system of claim 16, wherein the network interface controller further comprises a circuit module for performing segment offloading on the quitc packets.
  19. 19. The system of claim 16, wherein the network interface controller further comprises a circuit module for validating the QUIC packet based on its authentication data.
  20. 20. The system of claim 16, further comprising one or more computer-readable storage media comprising a plurality of instructions stored thereon that, in response to being executed, cause the processor to configure the network interface controller circuit module.

Description

Technique for accelerating QUIC packet processing using hardware offloading Cross Reference to Related Applications The present application claims the benefit of U.S. provisional patent application No. 62/644,045 filed on 3 months and 16 days 2018. Background Quitc (quick UDP internet connection) is a relatively new network protocol that may be used to replace traditional network protocols such as Transmission Control Protocol (TCP). Qic is a transport layer protocol built on top of UDP (user datagram protocol). The qic supports a set of multiplexed connections between two endpoints over UDP and can provide security protection equivalent to TLS/SSL while reducing connection and transmission latency and providing bandwidth estimation in each direction to avoid congestion. Thus, QUIC is intended to provide improved encryption and improved connection latency, while also providing flexible congestion management and compatibility with existing network infrastructure, as compared to conventional protocols such as TCP. Although relatively new, QUIC has constituted 7% of the total Internet traffic, and certain large network users are currently enabling QUIC. Current quitc protocol implementations (e.g., user mode protocol stacks and libraries) are implemented entirely in software. Drawings The concepts described herein are illustrated by way of example, and not by way of limitation, in the figures of the accompanying drawings. For simplicity and clarity of illustration, elements illustrated in the figures have not necessarily been drawn to scale. Where considered appropriate, reference numerals have been repeated among the figures to indicate corresponding or analogous elements. FIG. 1 is a simplified block diagram of at least one embodiment of a system for accelerating QUIC packet processing; FIG. 2 is a simplified block diagram of at least one embodiment of an environment of the computing device of FIG. 1; FIG. 3 is a simplified interactive diagram of at least one embodiment of a method for accelerating QUIC packet processing utilizing hardware offloading (offload) that may be performed by the system of FIGS. 1-2; FIG. 4 is a simplified flow diagram of at least one embodiment of a method of accelerating packet segmentation that may be performed by the computing device of FIGS. 1-2; FIG. 5 is a simplified flow diagram of at least one embodiment of a method of accelerating packet encryption that may be performed by the computing device of FIGS. 1-2; FIG. 6 is a simplified flow diagram of at least one embodiment of a method of accelerating packet decryption that may be performed by the computing device of FIGS. 1-2; FIG. 7 is a simplified flow diagram of at least one embodiment of a method of accelerating receive-side scaling (receiver-SIDE SCALING) and filtering that may be performed by the computing device of FIGS. 1-2. Detailed Description While the concepts of the present disclosure are susceptible to various modifications and alternative forms, specific embodiments thereof have been shown by way of example in the drawings and will herein be described in detail. It should be understood, however, that there is no intention to limit the concepts of the present disclosure to the specific forms disclosed, but on the contrary, the intention is to cover all modifications, equivalents, and alternatives consistent with the present disclosure and the appended claims. References in the specification to "one embodiment," "an illustrative embodiment," etc., indicate that the embodiment described may include a particular feature, structure, or characteristic, but every embodiment may or may not include the particular feature, structure, or characteristic. Moreover, such phrases are not necessarily referring to the same embodiment. Furthermore, when a particular feature, structure, or characteristic is described in connection with an embodiment, it is submitted that it is within the knowledge of one skilled in the art to effect such feature, structure, or characteristic in connection with other embodiments whether or not explicitly described. In addition, it should be appreciated that items included in the list in the form of "at least one A, B and C" may mean (A), (B), (C), (A and B), (A and C), (B and C), or (A, B and C). Similarly, an item listed in the form of "at least one of A, B or C" may mean (A), (B), (C), (A and B), (A and C), (B and C), or (A, B and C). The disclosed embodiments may be implemented in hardware, firmware, software, or any combination thereof in some cases. The disclosed embodiments may also be implemented as instructions carried by or stored on a transitory or non-transitory machine-readable (e.g., computer-readable) storage medium, which may be read and executed by one or more processors. A machine-readable storage medium may be embodied as any storage device, mechanism or other physical structure (e.g., volatile or non-volatile memory, media disk or other media device) for storing or transmitting i