Web and Network Communications
GHNet TCP/IP Stack

The foundation for all networking protocols for the Green Hills family of operating systems is the GHNet TCP/IP stack. It's a full featured and high performance dual mode IPv4/IPv6 stack for embedded systems with options for advanced routing, and an extensive suite of security protocols. GHNet is an ultra compact IPv4/IPv6 stack, designed for minimum footprint and maximum performance, and is integrated and validated with the INTEGRITY, INTEGRITY-178 tuMP, and
µ-velOSity. real-time operating systems (RTOS).

GHNet is suited for use in products ranging from small foot print consumer devices to advanced core network equipment. It has broad RFC support and has been through extensive protocol conformance and interoperability testing. It is also integrated with a broad range of networking applications, management, and security protocols. See the complete list of supported protocols below.

GHNet is a true dual mode IPv4/IPv6 stack and can be configured for IPv4 only, IPv6 only, or to support both protocols simultaneously. This is an important feature since the transition from IPv4 to IPv6 is expected to take several years. Furthermore, the IPv6 functionality has been approved by the industry standard IPv6 READY Program, which guarantees IPv6 interoperability.

Modular Design and Scalability

The GHNet protocol suite has a modular design and is highly configurable providing maximum size and feature scalability. When a module is not utilized, it is not just deactivated, it is removed entirely to save valuable storage memory space in the often limited capacity of an embedded device. This results in footprint sizes as small as 25 kilobytes for a UDP only configured stack and 41 kilobytes for a TCP enabled stack.

True zero copy

To optimize processing speed and packet throughput, GHNet offers a zero copy API that provides the option for true zero copy for raw sockets, UDP, and TCP from the application to the driver, including the TCP layer when the stack is running in kernel mode.

GHNet uses INTEGRITY's secure separation technology by running in a separate partition from the kernel. This not only allows for greater separation and even restarting of the TCP/IP stack, but also allows for multiple sepration instances of GHNet that can safely execute at multiple independent levels of security.

Extensive Routing support

GHNet can be configured to support host-only stack features with minimal footprint, or enabled with advanced routing features. The built-in virtual routing and forwarding support enables a single stack to assume the responsibility of multiple TCP/IP stacks. This enables far more efficient use of existing hardware and software capabilities than previously possible. Furthermore GHNet can also work with advanced third party routing solutions like OSPF, BGP, RIP, IS-IS, PIM-SIM, and DVMRP.

Written by US citizens

GHNet is a clean room design, written by US citizens from the ground up. It was not derived from publicly available Unix stacks or open source software. The design achieves Berkeley 4.4 and Netlink socket compatibility, small size, and high performance for both IP and UDP traffic.

The GHNet TCP/IP stack can run in either the INTEGRITY kernel's address space or in a separate protected address space, providing maximum flexibility.

• Dual mode stack (IPv4 / IPv6) with the compile-time option to disable either IPv6 or IPv4, resulting in reduced code size
• Plug-and-play auto-configuration, including:
  • auto-discovery of default routers
  • auto-recovery when a default router becomes unreachable
  • auto-discovery of network parameters such as hop limit (TTL) and link MTU
  • prefix discovery and stateless address autoconfiguration
• Generic IPv6 Tunnels
• Built-in support for IPv6 multicast
• IPv6-over-IPv4 tunneling support:
  • automatic and configured tunnels
  • bi-directional configured tunnels
  • default configured gateway tunnel
• Supports Ethernet, PPP, and custom link-layers
• Backwards-compatible IPv6 4.4BSD socket API extensions
• Full integration with IPsec
• IPv6 Address Resolution independent of link type
• IPv6 Host and Router functionality
• Built-in support for IPv6 private address spaces
• Compile-time macros for disabling specific IPv6 functionality, resulting in reduced code size:
  • Duplicate Address Detection
  • Prefix Discovery with Stateless Address Auto-Configuration
  • Multicast Listener Discovery
  • Neighbor Unreachability Detection