[dpdk-dev] [PATCH] example/ipsec-secgw: ipsec security gateway

Sergio Gonzalez Monroy sergio.gonzalez.monroy at intel.com
Thu Mar 10 00:54:50 CET 2016

Previous message: [dpdk-dev] [PATCH] i40e: remove redundant compiler warning disablers
Next message: [dpdk-dev] [PATCH] example/ipsec-secgw: ipsec security gateway
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 01/02/2016 11:26, Jerin Jacob wrote:
> On Mon, Feb 01, 2016 at 11:09:16AM +0000, Sergio Gonzalez Monroy wrote:
>> On 31/01/2016 14:39, Jerin Jacob wrote:
>>> On Fri, Jan 29, 2016 at 08:29:12PM +0000, Sergio Gonzalez Monroy wrote:
>>>

>>> IMO, an option for single SA based outbound processing would be useful
>>> measuring performance bottlenecks with SA lookup.
>>>
>> Hi Jerin,
>>
>> Are you suggesting to have an option so we basically encrypt all traffic
>> using
>> a single SA bypassing the SP/ACL ?
> Yes. Basicaly an option to bypass  "rte_acl_classify" if its for single
> SA use case.
>
>

Hi Jerin,

After re-reading your comment regarding the single SA I just want to 
double check
that I understood correctly what you were suggesting.

Basically an option that we can provide a single SA to use for outbound,
skipping rte_acl_classify in outbound path.
That same option would also skip rte_acl_classify in inbound path 
without checking
that we accept specific traffic for an SA.

Is that correct?

Sergio

Previous message: [dpdk-dev] [PATCH] i40e: remove redundant compiler warning disablers
Next message: [dpdk-dev] [PATCH] example/ipsec-secgw: ipsec security gateway
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list