Network-Services Processor Chip Solves Mounting Bottleneck Issues
As the Internet connections to local-area networks via edge devices have grown, the architecture of the overall system has become fragmented and difficult to manage. Other problems also have emerged, including duplicated functionality in equipment, layer 4 to 7 security and content-processing bottlenecks, and lack of scalability.
Layer 3 to 7 networking equipment typically requires a multitude of different chips, including control plane processors, data-plane processors, and coprocessors for Internet services and security. Addressing this niche, Cavium's Octeon chips combine all of these needs into one device, yielding at least a fivefold improvement in price, performance, and power over existing solutions.
At the heart of the Octeon chips lie multiple MIPS64 processors. Versions are available with two, four, eight, or 16 processors (see the figure). These core processors contain Release 2 enhancements and additional built-in hardware acceleration for content and security processing, along with on-chip coprocessor blocks for Internet services acceleration and multiple Gigabit Ethernet, SPI-4.2, and PCI-X interfaces.
Octeon chips will find homes in routers; switches; network edge appliances with firewall, virtual-private-network, IDS, and antivirus functionality; secure intelligent switches with Secure Socket Layer and content switching; XML switches; intelligent network interface cards; and storage and wireless network equipment.
The Cavium Networks (cn) version of the cores, the cnMIPS64, integrates hardware acceleration and runs at a 600-MHz clock rate. Each core features a 32-kbyte L1 instruction cache, an 8-kbyte L1 data cache, a 2-kbyte write buffer, and a full memory management unit for virtual memory support.
Hardware security acceleration comes from a wide range of cryptography algorithms, such as 3DES, AES, SHA-1, MD-4, RSA, and DH. The required external memory is 72/144 bits of ECC-protected (error-correction code) DDR1/DDR2 DRAM running up to 400 MHz. Maximum capacity, which is 16 Gbytes, derives from four dual-inline memory-module slots. There are also one or two 18-bit memory channels for ECC or parity-protected RLDRAM/FCRAM up to 1 Gbyte.
The on-chip coprocessor blocks offload the main cores to achieve high overall throughput. The packet I/O processors, which support IPv4 and IPv6 traffic up to 10 Gbits/s, perform L2-L4 parsing, error checks and tagging, queuing, and work scheduling to keep all of the cnMIPS cores running efficiently.
An included regular expression processor accelerates pattern and signature matching required for antivirus, IDS, and content processing up to rates as high as 4 Gbits/s. A TCP acceleration engine performs full packet synchronization, timer support, and buffer management to deliver 10-Gbit/s TCP termination. The compression/decompression processor is programmable for GZIP, PKZIP, and a wide range of variants with performance to 4 Gbits/s.
As for interfaces, the Octeon includes four to eight Gigabit Ethernet ports (RGMII) or dual SPI-4.2 interfaces. A 64-bit, 133-MHz PCI-X interface provides the link to either data or control interfaces. Among the auxiliary interfaces are GPIO, Flash, MDIO, dual UARTs, and a two-wire serial port. The chips run from 1.0 to 1.2 V and consume from 5 to 25 W, depending on the number of processors.
The Octeon chips use Linux or Vxworks along with an executive for data-plane applications. A complete GNU tool chain and popular third-party tools are available. Other C/C++ code is easily ported to the Octeon. Cavium provides application-programming-interface and reference software for key security applications.
The various Octeon models are priced from $125 for the two-core version to $750 for the 16-core version in 10,000-unit quantities. Sample quantities are expected in the first quarter of 2005.
Cavium Networks Inc.www.cavium.com