erich@uruk.org wrote: > By way of introduction, I work for Network Elements, Inc, and we're > working on a highly accelerated NIC architecture for which our first > drivers will be in Linux. It is supposted to have 4 gigabit ports and > implement complete TCP offloading. > > Personally, I'm only mildly for "complete" TCP offloading, but that > is the path I've been ordered down. Unfortunately I don't see anyone ever being interested in even working with companies on this. TCP offloading limits users in a large number of ways. * Any time a TCP security issue arises, it cannot be fixed. The offload logic is either downloaded from firmware or direct-coded into hardware, neither of which is fixable by the Linux vendor, not analyze-able by security experts. * A large number of Linux kernel net stack features are not present. iptables is a big one, but there are many smaller missing features as well. You seem to recognize this with your "murky" references. * There are hardware limits which are not present in software. One common scenario that stumps offload-all-TCP vendors is slow connections: many Web sites are saddled with _thousands_ of users simultaneously connected via slow links (modem users). This scenario and similar Real World(tm) scenarios like it hit socket or RAM limits on offload-all-TCP cards very quickly. * At 1Gb/10Gb speeds, you must overcome problems like PCI bus throughput. This problem exists completely independent of where the TCP stack is. To sum, it's a dumb idea :) Now, to be more productive, there are several things vendors can offload onto cards for acceleration: * Rx/Tx checksumming * TCP segmentation offloading, for Tx * SMP-friendly packet buffering and reassembly, for Rx * other stuff "offload everything" is just the easy thing marketing departments come up with. You need real engineers with intimate knowledge of TCP to come up with good solutions for offloading specific portions of the TCP and UDP work into hardware, while still retaining the flexibility offered by the features present in the Linux TCP stack. Jeff - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
