back to article Nokia, ARM, Enea craft new TCP/IP stack for the cloud

A group of major vendors has put forward an open source TCP/IP stack they say is designed to reinvigorate the ancient and rather crusty protocol. Nokia, ARM, and Enea are offering up both code and tutorials here for their OpenFastPath user-space TCP/IP implementation. As The Register has previously noted, user-space …

  1. bazza Silver badge

    TCP Offload?

    I'm wondering how a TCP offload NIC fits into such a scheme. Having user space code accessing the NIC for this purpose sounds fiddly.

    And wouldn't it increase the attack surface of the NIC too? Or has TCP offload gone out of fashion anyway?

    1. Mark Honman

      Re: TCP Offload?

      Despite the cloudwashing, from the partner list this looks to be an embedded systems thing - so not much that can be offloaded.

      It is probably more cost-effective to add another cheap processor core than integrate a high-performance NIC that can't do anything useful if there isn't TCP offload work going.

      From embedded-land it is certainly interesting - the heavyweight TCP/IP processing in the Linux kernel was too much for one of our projects, and we had to use bare-metal software (and lwIP) to get full performance from the SoC's gigabit connection.

      1. bazza Silver badge

        Re: TCP Offload?

        Hmm, as the article relates there's plenty of problems in the land of video streaming that this kind of stack helps solve.

        I've never had a chance to benchmark VxWorks' IP stack. Given how light a touch the whole OS has it stands a chance of be pretty quick. INTEGRITY runs a stack in user space too. In fact, apart from Linux (and Windows?), what OSes run the stack in the kernel?

        If they are quick then it's an interesting balance to judge; expensive but fast embedded OS that saves us from writing code, or bare metal coding that involves a lot more effort but much cheaper / free licensing. Well done for getting max performance!

    2. Will Godfrey Silver badge

      Re: TCP Offload?

      @bazza, surely rather than increasing the attack surface, it takes it out of critical areas.

      1. Crazy Operations Guy Silver badge

        Re: TCP Offload?

        The problem being that NICs tend to have access to memory at a very low level. A single bug in the code could allow a user-space application to grab sensitive data out of the kernel since the lowest levels of the code have to run in kernel space anyway (IRQ handling, device initialization, IPSEC, authentication, etc).

        Really, the risk here is exposing sensitive interfaces to user-mode applications.

  2. gryff

    Based on Nokia IPSO? From the Firewall business?

    The references to "fastpath" and Freebsd remind me of the implementations of firewall flows and fastpath as done in the former Nokia IPSO software used on the Firewall router business (1998-2007 ish, then sold to Check Point)

    If yes then the offloading of the kernel and port to ARM is well rooted in that heritage. The code base was tried and tested in high load and critical infrastructure situations for many years and achieved at one point 40% market share in Check Point customer base, I guess Nokia retained the IPR when the business was disposed of. Nokia Networks also used that code at one point for mobile network backbone infrastructure.

    Perhaps we`ll also see the return of Network Alchemy's patented high resilience VPN cluster technology that Nokia launched and pulled from the market before it could really get established.

    ahh...old dreams...old wars...

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020