[dpdk-dev] some question about rte_security_ipsec_sa_options

Ananyev, Konstantin konstantin.ananyev at intel.com
Mon Jan 28 16:34:07 CET 2019

Previous message: [dpdk-dev] [PATCH] net/mlx5: fix compilation issue for some architectures
Next message: [dpdk-dev] [PATCH 0/1] Add 128-bit compare and set
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi everyone,

For 19.05 we plan to extend librte_ipsec with proper support
of construction/updating inner/outer ipv4/ipv6 fields as described
in https://tools.ietf.org/html/rfc4301#section-5.1.2.
So few questions regarding struct rte_security_ipsec_sa_options fields.
1. dec_ttl - as I can see there is no PMD that supports this option
    right now. I wonder are there any plans to add support for it?
    If yes, what is expected HW/PMD behavior when TTL reaches zero?
    Would the packet will be silently dropped by HW/PMD, or would
    some sort of error returned to the user (via mbuf->ol_flags)?
   From SW point of view - it probably much easier/cleaner to remove
   that option and let upper layer to decrement TTL if needed
   (as it is inner IP header only).
2. It seems there is no fields to configure ECN construction/update
    settings. Hopefully there would be no generic objections to add
    some new field(s) here for ECN?

Thanks
Konstantin

Previous message: [dpdk-dev] [PATCH] net/mlx5: fix compilation issue for some architectures
Next message: [dpdk-dev] [PATCH 0/1] Add 128-bit compare and set
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list