Key Match

SmartNIC Filtering with Link-Capture™ Software

Platform
Napatech SmartNIC
Content Type
User Guide
Capture Software Version
Link™ Capture Software 12.11

The key match functionality is designed to filter frames using a large list of values.

Filtering frames with a group of IP addresses

For example, it is possible to filter frames with a group of IP addresses and forward them to a specific stream. See the following NTPL example.
// Macros for KeySet identifiers.
Define WhiteList = Macro("3")
Define BlackList = Macro("4")

// IPv4 protocol filter.
Define isIPv4 = Filter(Layer3Protocol==IPv4)

// Source and destination IPv4 fields.
Define IPv4SrcField = Field(Layer3Header[12]/32)
Define Ipv4DstField = Field(Layer3Header[16]/32)

// Specify fields of a frame for key match.
KeyType[Name=KT_IPv4; Access=Full] = {32}
KeyDef[Name=IPv4Src; KeyType=KT_IPv4] = (IPv4SrcField)
KeyDef[Name=IPv4Dst; KeyType=KT_IPv4] = (IPv4DstField)

// Deliver frames with white list IP addresses to stream 0.
Assign[StreamId=0] = isIPv4 AND Key(IPv4Src)==WhiteList OR Key(IPv4Dst)==WhiteList

// Drop frames with black list IP addresses.
Assign[StreamId=Drop] = isIPv4 AND Key(IPv4Src)==BlackList OR Key(IPv4Dst)==BlackList

// White list IP addresses.
KeyList[KeySet=WhiteList; KeyType=KT_IPv4] = ( [192.168.0.2] ), \\
( [192.168.0.3] ), ( [192.168.0.4] )

// Balck list IP addresses.
KeyList[KeySet=BlackList; KeyType=KT_IPv4] = ( [10.168.1.20] ), \\
( [10.168.1.21] ), ( [10.168.1.24] ), ({[ff.ff.ff.00]:[10.168.2.2]})
This example configures the SmartNIC to filter frames with IP addresses from the white list and deliver them to stream 0. The SmartNIC is configured to drop frames containing any IP addresses from the black list.
Note: Data filters can be used for the same purpose, but only 32 IPv4 addresses can be configured due to the limited resources.
With key match, a maximum of 36,000 IPv4-address-size entries are available for an exact search (a value without masks). In addition, a maximum of 864 IPv4-address-size entries are available for a wild card search (a value with masks).