Network security platform manufacturers often need to use a special technology, which is Bypass. So what is Bypass and how is the Bypass card implemented?  Let me briefly introduce and explain Bypass technology.

What is Bypass
As we all know, network security equipment is generally applied between two or more networks, such as the internal network and the external network. The application program in the network security equipment will analyze the network packets passing through it to determine whether there is any threat. After processing, the packets will be forwarded according to certain routing rules. However, if this network security equipment fails, such as power failure or crash, then the network segments connected to this equipment will lose contact with each other. At this time, if each network needs to be connected to each other, Bypass is necessary.

Bypass, as its name implies, is a bypass function, which means that two networks can be directly physically connected without passing through the system of network security devices through a specific trigger state (power failure or crash).  Therefore, with Bypass, when the network security equipment fails, the networks connected to the equipment can be connected to each other. Of course, this network equipment will no longer process packets in the network at this time.

Product overview
F1002E-BP is a PCI Express dual-port 10 Gigabit Ethernet BYPASS server network card independently developed by Beijing Guangruntong Technology Development Co., Ltd. based on Intel 82599ES Ethernet controller.  The Gigabit Ethernet BYPASS server adapter supports normal, disconnect and bypass modes.

In normal mode, the ports are independent interfaces.  In bypass mode, all packets received from one port are transmitted to the adjacent port.  In disconnect mode, the NIC analog switch/router cable is disconnected.

In bypass mode, Ethernet ports are disconnected from the system and switched to other ports to form a cross-connect loop between Ethernet ports.  Therefore, in bypass mode, all packets received from one port are sent to the adjacent port and vice versa.  This function can avoid the failed system and provide the longest network running time.

In disconnect mode, the adapter simulates switch/router cable disconnection.  In disconnect mode, the switch/router does not detect the connected NIC.

The F1002E-BP 10 gigabit dual port BYPASS server network card includes a WDT (watch dog timer) controller.  The adapter's software driver or software application can write commands to the WDT controller on the card.  It is an ideal solution to realize multiple network segments, critical tasks and high-performance network applications on high-performance servers.

F1002E-BP Bypass card function:

1. Bypass/disconnect Ethernet port when power failure, system hang or software application hang

2. Software Programmable Bypass. Disconnect or Normal Mode

3. On-board (WDT) controller

4. Software programmable timeout interval

3.276.800 mSec (3.276.8 Sec)

Minimum 100 mSec (0.1 Sec)

WDT calculation formula = (2 wdt _ interval _ parameter) * (0.1) sec.

Wdt_interval_parameter: {legal value range: 0-15}

5. Software Programmable WDT Enable/Disable Counter

6. Software Programmable Bypass Function Enabled/Disabled

7. Software Programmable Disconnect Function Enable/Disable

8. Software programmable mode at power-up (bypass, normal or off mode)

9. Software programmable mode when power is off (bypass. normal mode)

10. Independent bypass operation for every two ports

11. Standard NIC functions can be simulated

F1002E-BP Bypass card performance：

1. IPV4 and IPV6 support IP/TCP and IP/UDP receive checksum offload

2. Segmented UDP checksum offload for packet reassembly

3. CPU utilization-82599 supports reducing CPU utilization, mainly by supporting receiver consolidation (RSC)

4. Each port supports 16 virtual machine device queues (VMDq)

5. Support direct cache access (DCA)

6. Advanced memory architecture reduces latency before TSO packets.  TSO packets may be interleaved with other packets destined for the line

7. use MSI and MSI-X to minimize device I/O interrupts

8. Uninstall TCP/IP/UDP checksum calculation and TCP segmentation

9. Large capacity on-chip receive packet buffer (512 KB)

10. send packet buffer on large area (160 KB)

11. Support VPD (Important Product Data) function defined in PCI Specification Version 3.0

12. Time Synchronization-IEEE1588- Precise Time Protocol (PTP)

13. Besides EEDC function, BCN (Backward Congestion Notification) protocol is also supported

Host interface：
PCI Express X8
Support PCI Express Base Specification 2.0（5GT / s）

Other major features：

IEEE 802.x flow control support

IEEE 802.q VLAN tagging support

Supports a mode in which all packets received and sent have at least one VLAN tag except the regular tag.

IEEE 802.1p layer 2 priority coding

Jumbo frames (16KB max)

Link Aggregation and Load Balancing

RFC2819 RMON MIB Statistics

TCP segment offload up to 256KB

Ipv6 supports IP/TCP receive checksum offload

DDP offload

LED Indicator for Link/Active/Bypass/Disconnect Mode Status

Hot plug is not supported.  Can be supported by assembly changes

Low power

Lc connector

Operating system support：
Linux
Windows 
FreeBSD
VMware

GRT Bypass Card can be widely applied to various gateway devices, such as DPI devices, firewalls, IPS, UTM, IDP, spam gateways, anti-virus gateways, dedicated DDos devices, dedicated logic isolation devices in various fields, etc., providing you with ultra-long trouble-free hardware protection.