Browse Prior Art Database

System and method for filtering based on ethernet II frames

IP.com Disclosure Number: IPCOM000231067D
Publication Date: 2013-Sep-25
Document File: 3 page(s) / 38K

Publishing Venue

The IP.com Prior Art Database

Abstract

Presented is a system and method for filtering based on ethernet II frames for use in a clustered environment.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 47% of the total text.

Page 01 of 3

System and method for filtering based on ethernet II frames

In a heterogenous environment with multiple nodes defined in one or more clusters, network traffic is quite critical to overall infrastructure performance. There are situations where some undesirable network packets create network traffic that will burden both the cluster software and the applications running above it, creating a reduction in cluster performance. This is because these packets have to be processed at both the cluster level and passed up the network stack and finally discarded. Unknown packet types could expose existing code defects in the networking stack.

The present solution describes a method to optimize utilization of the Ethernet II Network Adapter to filter undesired EtherType packets and prevents them from being sent up to the kernel stack to be processed. This will optimize usage of CPU and memory since the kernel will no longer need to process packets that upper layers in the stack are not required.

This is a performance enhancement. Cluster Software, such as cluster-aware AIX* (CAA), inserts itself in the network stack in order preempt network processing. This solution will help such cluster software avoid processing undesired packets.

The novel part provides a mechanism to upper layer network users to make a desired filtering request using one of the EtherTypes, and off-loading the filtering to the physical network adapter, so the kernel load is reduced. This will also enhance security by filtering out unnecessary network traffic that could potentially compromise a computer's network management facility.

Every Ethernet II Frame has a two-octet field called EtherType. It will indicate the protocol encapsulated in the payload of an Ethernet II Frame. Ethernet II Frames are identified by a field that is greater than or equal to 1536 (0x0600).

For example a value of 0x0800 is IPv4, 0x86DD indicates IPv6 and so on.

The values are defined and regulated by IEEE** ( http://standards.ieee.org/develop/regauth/ethertype/eth.txt)

There are approximately 30 to 35 EtherType as described in the above website.

The lower than or equal to 1536 (0x0600) are not considered as part of Ethernet II Frame so they will not be applicable to this invention.

Most Ethernet II Adapters are able to do TCP checksum offload, which means the adapters themselves have processing capacity to process the whole Ethernet Frame without consuming the host CPU.

After confirming the frame's destination, based on the MAC Address and deciding that particular Ethernet Frame II has this machine as destination, it will check the EtherType and decide either to DISCARD or PROCESS to the next step.

Additionally, this will also send a notification to a Ethernet II Capable Network Switch in order to inform it that this particular MAC Address is not interested in those Ethernet II Frames with this specific EtherType.

By notifying the Ethernet II Capable Network Switch, it reduces latency caused by...