CloudShield: Programmable Packet Processors
Xilinx devices enable programmable processors to decode, inspect, and modify packets with minimal CPU involvement.
Next-generation network infrastructures are emerging as 10-Gigabit Ethernet matures and the industry looks ahead to 40GbE and 100GbE. Converged networks create new challenges for scalable open platforms to process the traffic. CloudShield Technologies (an SAIC company) has created a new class of programmable packet processors able to inspect, classify, modify and replicate packets, integrating dynamic interaction with the application layer.
CloudShield Flow Acceleration SubsysTem (FAST) uses Xilinx FPGAs to preprocess packets for CloudShield Deep Packet Processing and Modification blades. These FPGAs include 10-Gbit Ethernet MACs with per-port ingress processors for classification and key extraction, egress processors for packet modification, packet queues using quad-data-rate (QDR) SRAMs, Xilinx Aurora-based messaging channels and a search engine based on ternary content-addressable memory (TCAM). The FPGAs provide caching and processing of packets with minimal CPU involvement for high-performance processing at up to 40 Gbits per second. Featuring Layer 2-7 field-based lookups, it uses dynamically reconfigurable rules to modify packets at wire speed in a flexible and deterministic manner.
CloudShield used standard Xilinx IP cores wherever possible in order to focus its system-on-chip design efforts on packet-processing capabilities. The team chose a Xilinx 10-Gbit Ethernet MAC core with dual GTP transceivers to implement the 4 x 3.125-Gbps XAUI physical-layer interface. For the NPU interface, they used a Xilinx SPI-4 Phase 2 core supporting up to 1 Gbps per LVDS differential pair with dynamic phase alignment and ChipSync technology.
Additional Information
- Read the full story, “Using Xilinx FPGAs to Speed Packet Processing,” in Xcell Issue 71