Networking processors decrease cost, increase integration
By Robert Cravotta -- EDN, February 2, 2006
Cavium Networks' Octeon CN31XX and CN30XX processors integrate a custom MIPS64 processor core with hardware-acceleration options for layers 3 to 7 data, content processing, and security services at a price as low as $19 (50,000). The hardware accelerators offload the processing requirements from the MIPS core and enable lower system clock rates to achieve gigabit line rates. The new devices offer single- and dual-core devices and are fully software-compatible with the Octeon CN38XX family of multicore processors.
The cnMIPS core implements the MIPS64 Release 2 instruction set with a five-stage, dual-issue, superscalar architecture with a 256-kbyte L2 cache. I/O interfaces include as many as three Gigabit Ethernet interfaces, 32/100 PCI-X, 64-bit DDR2, USB 2.0 host with MAC (media-access-control) and PHY (physical) layers, and TDM/PCM (time-division multiplexing/pulse-code modulation) for voice applications. The CN31XX and CN30XX processors are available as communication processors or secure-communication processors, and the CN31XX processor offers an additional network-services-processor version. The communication-processor version includes hardware acceleration for packet processing, TCP (Transfer Control Protocol), queuing/scheduling, and QOS (quality of service). The secure-communication-processor version adds acceleration for IPsec (Internet Protocol security)/SSL (Secure Sockets Layer), SRTP (Secure Real-Time Transport Protocol), and WLAN (wireless-LAN) security. The network-services-processor version further adds acceleration for deep packet inspection and compression/decompression.
The packet-processing hardware accelerators support L2-L4 packet processing and buffer management for IPv4 (Internet Protocol Version 4) and IPv6 (Version 6) packets. The TCP hardware acceleration includes checks, tag generation, checksums, and timer and buffer management. The queuing/scheduling and QOS hardware implement packet-input queuing/scheduling based on differential services, QOS/TOS (type of service), input ports, or a combination of these features. Cavium based the output-packet queuing and scheduling on a fixed prioritization, weighted fair queuing, or both. The security-hardware acceleration includes full offload for IPsec, SSL, SRTP, and WLAN 802.11i security; it supports DES (Data Encryption Standard)/3DES, AES (Advanced Encryption Standard) as large as 256 bits, AES-GCM (Galois Counter Mode), AES-XCBC (extensions to cipher-block chaining), ARC (Address Resolution Client) 4, MD (Message Digest) 5, SHA (Secure Hash Algorithm)-1, SHA-2 through SHA-512, RSA (Rivest/Shamir/Adleman) to 4096 bits, and Diffie-Hellman. It also includes a true hardware-random-number generator. The compression/decompression hardware acceleration implements GZIP Gnu Zip), PKZIP, and variant protocols. The deep-packet-inspection hardware uses eight pattern-matching engines that perform pattern analysis for intrusion detection, antivirus and content-based switching, routing, and filtering applications.
The CN31XX devices will become available for sampling in the first quarter of 2006 with prices ranging from $49 to $125 (10,000). The CN30XX devices will become available for sampling in the second quarter of 2006 with prices ranging from $19 to $39 (50,000). These devices are available in 525- and 868-pin BGA packages, and they feature power consumption of 4 to 7W. Operating-system support includes Linux, MontaVista Linux, and Wind River ( www.windriver.com) VxWorks. A Cavium Networks software-development kit comes with Linux, software examples, a Gnu tool chain, the GDB (Gnu-debugger) development environment, and tool kits for IPsec, SSL, and TCP stacks.
Cavium Networks, www.caviumnetworks.com.
