Changes and New Feature History
Enables the users to collect more information from NP to RP for PCC algorithm. To achieve this, the NP ingress bytes information was added to the RTT response packet sent from the NP side.
HPCC: Support per-IP and per-QP methods
Enables the user to configure the PCC algorithm shaper coalescing mode using nvconfig to select CC algorithm shaper coalescing for IB and ROCE.
Enabled GET_MEASUREMENTS to be called before CHALLENGE is called in SPDM Attestation flow according to the SPDM protocol.
See Bug Fixes in this Firmware Version section.
Added support for copy modify header steering action to/from the UDP field.
Range based Lookup
Added support for range based lookup. This new capability is available using the following new PRM command:
GENERATE WQE which receives GTA WQE, the command supports "match on range" and num_hash_definer=[1,2] and num_match_ste=[1,2].
For further information, refer to section "RTC Object Format" in the PRM.
RoCE based VM Migration
Added support for RoCE based VM migration.
Added the following resource dump segments:
Striding WQE - Headroom and Tail-room
As the software requires additional space before and after a packet is scattered for its processing for stridden RQ, the hardware will allocate the required room while scattering packets to spare a copy.
Connections per Second (CPS)
Improved security offload's Connections per Second (CPS) rate using the general object DEK (PSP TLS etc).
VF Migration Flow
Added support for pre-copy commands in VF migration flow in order to reduce the migration downtime.
VF Migration Flow
Optimized performance to support full VF migration flow.
VirtIO vDPA Performance Virtualization
Increased the VirtIO hardware offload message rate to 20/20 MPPS for 256 virtual devices by optimizing the datapath application code.
PTP: Accuracy Scheduling
Added support for all PTP/accuracy scheduling.
RoCE: Adaptive Timer
Enabled ADP timer to allow the user to configure RC or DC qp_timeout values lower than 16.
QoS Priority Trust Default State
QoS priority trust default state can now be changed using the new nvconfig below:
The values that can be used to set the default state are:
See Bug Fixessection.
See Bug Fixessection.
MACsec Full Offload
Enabled MACsec full offload for NIC tables (aware mode). UnTil now full offload was available only for FDB tables.
LLDP Properties Implementation on RDE
Added LLDPEnable, LLDPTransmit and LLDPReceive properties to the RDE Port schema implementation.
Programmable CC, PPCC, MAD, IBCC
Added support for PPCC register with bulk operations, MAD for algorithm configuration and tunable parameters.
Programmable Congestion Control (PCC)
Optimized both of the DPA's infrastructure and algorithm to be Programmable CC based.
Added support for programmable counters for PCC via PPCC register and MAD.
See Bug Fixessection.
Firmware Based Attestation Flow
Attestation is a cryptographic reporting of the security configuration of a device, used by a platform to establish trust in the device. The device’s security configuration includes (but is not limited to) its identity, the code it is running and the states of security related mechanisms and assets.
This new capability enables BMC to attest the device over SPDM protocol. The feature works for secure NICs with production certificates installed. SPDM protocol is defined in DMTF DSP0274 v1.1.0.
Currently the following SPDM commands are supported:
Since CHALLENGE and GET_MEASUREMENTS are not functional yet, when they are called, the NIC will respond with RESPONSE_NOT_READY.
Added support for 100G & 200G optical cables (InfiniBand & Ethernet).
Please note this support comes with a limitation when connecting ConnectX-7 to a ConnectX-6 Dx or an NVIDIA Spectrum-3 as described in Known Issues 3070409.
See Bug Fixessection.
This is the initial firmware release of NVIDIA® ConnectX®-7 adapter cards.
ConnectX-7 has the same feature set as ConnectX-6 adapter card.For the list of the ConnectX-6 firmware features, please see ConnectX-6 Firmware Release Notes.
The features described here are new features in addition to the ConnectX-6 set.
200Gb/s Throughput on Crypto Capable Devices
Enabled 200Gb/s out-of-the-box throughput on crypto capable devices.
Note: If any crypto offloads is in use, 200Gb/s throughput can be achieved only after the next firmware reset
Added support for VF migration. The hypervisor can now suspend its VF, meaning from that point the VF cannot perform action such as send/receive traffic or run any command. In this firmware version only the suspend resume mode is supported (on the same VM).
Added a new MAD of class SMP that has the attributes hierarchy_Info as defined in the IB Specification and is used to query the hierarchy information stored on the node and the physical port.
Added support for VF migration.
[Beta] A single DCI can be connected to only one target at the time and cannot start new connection until the previous work request is completed. To avoid delays that occur when the initiator process needs to transfer data to multiple targets at the same time, a new offload process (DCS) is introduced to handle and spread the work request on many DCIs according to destinations.
Note: In this firmware version, the following actions are not supported:
Added support for large strided KLM (KLM is an MKEY asses mode which allows MKEYs usage with different window size).
NV Configurations via the Relevant Reset Flow
Added pci_rescan_needed field to the MFRL access register to indicate whether a PCI rescan is needed based on the NV configurations issued by the software.
Added a new register (vhca_icm_ctrl access_reg) to enable querying and limiting the ICM pages in use.
Enables the user to burn firmware via MTUSB when in livefish mode.
Media Access Control Security Offload
Media Access Control Security Offload allows the NIC to accelerate Macsec operation. Macsec offload handles packets inline - as they go through the NIC.
For inbound packets, the host receives plaintext packets (for instance MAC|ETH|IP|TCP) while on the network these packets are encrypted + authenticated and encapsulated within an SecTag header and vice versa for outbound packets.
NetworkPort Schema Replacement
Replaced the deprecated NetworkPort schema with Port schema in NIC RDE implementation.
Added support for creating a steering definer with a dword selector using create_match_definer_object and the "SELECT" format.
XRQ QP Errors Enhancements
Enhanced the XRQ QP error information provided to the user in case QP goes into an error state. In such case, QUERY_QP will provide information on the syndrome type and which side caused
HW Steering: WQE Insertion Rules
[Beta] Added HW Steering support for the following:
Updated the ibstat status reported when the phy link is down. Now QUERY_VPORT_STATE.max_tx_speed of UPLINK will not be reported as 0 anymore.
Enabled APU based programmable congestion control capability with multiple algorithm.
Added support for advanced ZTR_RTTCC algorithm based on the Programmable CC platform to achieve better congestion control without dependency on the switch ECN marking.
Disabled the option to send SMPs from unauthorized hosts.
SW Steering Cache
Modified the TX or RX cache invalidation behavior. TX or RX cache invalidation now does not occur automatically but only when the software performs the sync operation using the using sync_steering command.
Mega Allocations in Bulk Allocator Mechanism
Modified the maximum bulk size per single allocation from "log_table_size - log_num_unisizes", to allocate any range size, to remove limitations that HWS objects such as counters and modify arguments might encounter.
Added support for SNAPI (comm-channel) connection while running on raw ETH link.
Changing all the Crypto Features to Wrapped or Cleartext
Crypto features can be in either wrapped or unwrapped mode. Meaning, the key can be wrapped or in plaintext when running the CREATE_DEK PRM command. To comply with the requirements specified in FIPS publication, all the created DEKs must be wrapped.
This feature adds new NV_CONFIG per device to control this mode, and enables the user to change all the crypto features to wrapped or cleartext.
ICM Direct Access by the Software to write/modify the DEK Objects
[Beta] This new capability enables the software to directly access ICM and write/modify the DEK objects. Such change improves the DEK object update rate by re-using DEK object instead of creating a new one.
In addition, added the following:
Page Tracking During VM Migration
To allow page tracking during VM migration, this new capability enables the user to mark all the modified pages and report them to the software, in order to copy the memory without stopping the VM, and only copy a small amount of pages (the ones that were modified in the last iteration) after stopping the VM.