Security Hardening Enhancements: This release contains important reliability improvements and security hardening enhancements. NVIDIA recommends upgrading your devices firmware to this release to improve the devices’ firmware security and reliability.
SR-IOV - Virtual Functions (VF) per Port - The maximum Virtual Functions (VF) per port is 127. For further information, see RoCE Limitations.
It is recommended to enable the “above 4G decoding” BIOS setting for features that require large amount of PCIe resources.
Such features are: SR-IOV with numerous VFs, PCIe Emulated Switch, and Large BAR Requests.
Feature/Change | Description |
26.32.1010 | |
OpenSNAPI Communication Channel | The communication channel is used to enable communication between processes on different vHCAs regardless of their network connectivity state. |
QP Resources | Added a new NvConfig parameter LOG_MAX_QUEUE to set the maximum number of work queue resources (QP, RQ, SQ...) that can be created per function. The default value is 2^17. |
Congestion Control Key | Added a Congestion Control Key to all Congestion Control MADs to authenticate that they are originated from a trusted source. |
SMP Firewall | Added an SMP firewall to block the option of sending SMPs (MADS sent on QP0 from the Subnet Manager) from unauthorized hosts to prevent fake SMPs from being recognized as the SM. |
Vendor Specific MADs: Class 0x9 | Vendor Specific MADs Class 0x9 is no longer supported by the firmware. If case the firmware detects such MAD, the firmware will return a “NOT SUPPORTED” error to the user. |
Match Definer Object | Added support for a new steering match definer format (format 33). |
TLS/XTS/Signature Padding | Blocked the VF’s ability to use both padding and signature in order to prevent the NIC from hanging. |
Asserts’ Severity Level | Added 3 new assert filters (Health buffer, NVlog, FW trace). The assert will be exposed now if its severity level is equal to or above the new filter. The filters are configurable by the ini file. The “Health buffer” filter is also configurable by new access register. |
Steering LAG Mode (Hash LAG) | [Beta] The new LAG mode (PORT_SELECT_FT LAG (hash LAG)) distributes the packets to ports according to the hash on the packet headers, instead of distributing the packets according to the QP (queue affinity – legacy LAG) to avoid cases where the slow/fast path packets are transmitted from different ports. Identifying the right port is done by using destination type UPLINK with destination_eswitch_owner_vhca_id_valid set and destination_eswitch_owner_vhca_id indicating the PF associated with the port. The below are the Queue Affinity and Steering LAG (hash) limitations:
Note: Due to changes in this feature, transmission timestamp in CQE is temporarily unsupported with multi eSwitch. |
QSHR Access Register | Added support for QSHR access register to enable Set and Query rate limit per-host per-port. |
Asymmetrical VFs per PF | Added support for asymmetrical VFs per PF. To enable it: |
mlxlink Support to read/write Access Registers by LID | Added 2 new MAD access registers to enable mlxlink to read/write access registers by LID (to the whole subnet). |