Fortinet, Inc.
TCP (transmission control protocol) fast open for classification acceleration of cache misses in a network processor

Abstract:

A packet parser generates a key from TCP metadata of a data packet for a specific session. A packet cache stores recent network policy identifiers associated with a plurality of network sessions, wherein the key is used as an index to search the packet cache. The packet cache responsive to a cache miss, checks a TFO cookie field for a rule ID stored by the client during a previous session as generated by the network processor. If there is no rule ID, a classification pipeline is activated. On the other hand, responsive to a cache hit, or responsive to identifying a rule ID for the session from the TFO cookie, the classification pipeline is bypassed for the data packets of the specific session.