The security association database (SAD) is initialized on power up, and typically maintained
by the optional on-chip IKE firmware. For applications using host-based IKE, the host may
directly inspect and modify both inbound and outbound SAD entries via the Hifn
FlowThrough API. Refer to Hifn's FlowThrough Application Programming Interface
Programmer’s Guide, UG-0147, for more information on APIs.
5.5 Exception Handling
In the 4450, exceptions fall into three categories:
1. Packet Exceptions in the PPCI protocol (i.e. bad IP header, no SA for inbound
packet, authentication failure)
2. Management Communications Exceptions in the PPCI protocol (i.e. No ACK
received, out-of-sequence packet)
3. Chip Operation Exceptions (i.e. RAM parity error, bad Flash image, bad RNG etc.)
Generally, the Packet Exceptions are captured and processed by the IKE software. If IKE is
running on-chip, then these exceptions are internally routed to the eSC processor and dealt
with there. If IKE is running on the host system, then Packet Exceptions are encapsulated
in a special Ethernet frame and forwarded to the host.
Management communications between the host system and the 4450 are carried over a
proprietary protocol called PPCI (Packet Processing Command Interface). This protocol uses
Ethernet frames with a Hifn Ethertype of 0x814F. Any exceptions that occur within this
protocol are handled within the Hifn API code and PPCI handler through re-sends or higher-
level software interaction.
Chip Operation Exceptions may be fatal (such as a memory parity error) where the chip is
reset, or they may be recoverable with software intervention (such as a bad Flash image).
Additional information on exception handling and the PPCI protocol is available in the 44x0/
84x0 User's Manual.
5.6 System Boot
The 4450's internal processors use a small pre-boot ROM image that is resident on the
chip. These primitive instructions put the system into a state that searches for a boot
source (either a local Flash device or host interface) based on two configuration input pins.
If no external Flash is found, then the 4450 boot firmware enters a listening state, waiting
for the boot message protocol over the host-side Gigabit Ethernet port 0 or the RMII port.
The boot message protocol facilitates the rest of the boot code image downloading.
The boot code image can be located on the host, in an external Flash device, or on another
4450 device. Note that even if the device is configured to boot from Flash, a mechanism is
still provided to boot from the host in order to allow initial Flash programming or to recover
from a corrupted Flash. After the full image is downloaded, a complete system initialization
is performed and the 4450 is ready to process data.
4450 – Data Sheet, DS-0131-06
Page29
Hifn Confidential