MACsec Intel® FPGA IP Release Notes

Download PDF
ID 722031
Date 7/08/2024
Public
Document Table of Contents
Document Table of Contents x
1. MACsec Intel® FPGA IP Release Notes
1. MACsec Intel® FPGA IP Release Notes x
1.1. MACsec Intel® FPGA IP v2.5.0 1.2. MACsec Intel® FPGA IP v2.3.0 1.3. MACsec Intel® FPGA IP v2.2.0 1.4. MACsec Intel® FPGA IP v2.1.0 1.5. MACsec Intel® FPGA IP v2.0.0 1.6. MACsec Intel® FPGA IP v1.4.0 1.7. MACsec Intel FPGA IP v1.3.0 1.8. MACsec Intel FPGA IP v1.2.0 1.9. MACsec Intel FPGA IP v1.1.0 1.10. MACsec Intel FPGA IP v1.0.0 1.11. MACsec Intel FPGA IP User Guide Archives
1. MACsec Intel® FPGA IP Release Notes

1.7. MACsec Intel FPGA IP v1.3.0

Table 7.  v1.3.0 2022.12.19
Intel Quartus Prime Version Description Impact
22.4 Single port back pressure is implemented.

IP can support flow control by back pressuring incoming traffic. Supported configurations are 1 port for all rates—25G, 50G, 100G, 200G.

Single port backpressure implementation helps throttle the line rate and user input rate by implementing a ready-valid handshake. However, on the HSSI Subsystem there is no ready-valid interface for the RX side, which needs an additional fix in the MACsec IP to remove back pressure on the decrypt side.

Max crypto channel distribution is implemented. User can select number of channel required on the RX side. Default channel value is 8 per port, but can be assigned up to 512.
Runtime STFD/Cut-through mode is enabled through Port Mux AXI-Lite management interfaces. This enables the user to select a perticular port to operate in STFD or Cut- through mode. This can be changed to run time to operate different traffic and enable different MACSec services.
Multi port back pressure is not supported. Multiport configuration needs the user to control the incoming data rate to meet the line rate at output. That is, for 25G data rate, the incoming rate should account for the encryption overhead added by the MACSec IP.
pp_usermetadata pass through is not supported. pp_usermetadata bus is terminated inside the MACsec IP. This only impacts PTP usecase where the user needs to pass data through the MACSec IP without processing. If the user's PTP application requires PTP information to be passed through the MACsec IP via the pp_usermetadata bus, then that application is not supported.
Byte counter value mismatch when CONFID >= pkt length. The user needs to adjust the byte counter value if confidentiality offset is configured to be more than packet length. The byte counter accounts for every byte encrypted and bypassed or bypassed.
Run time Rekeying limitation. On transmit side operation, upon rekeying it is required to pause or flush the traffic before initiating rekeying. There is a window of uncertainty if the rekey is done while traffic is live.
Removed the following (3) registers from the register map:
  • Parser Global Status (offset: 0x718)
  • Parser Status (offset: 0x720)
  • RX_KEEP_TAG (offset: 0x400000 + 0x29418 + 0x40000*i)
Level Two Title