From mboxrd@z Thu Jan  1 00:00:00 1970
From: Jerin Jacob <jerin.jacob@caviumnetworks.com>
Subject: Re: [PATCH] example/ipsec-secgw: ipsec security gateway
Date: Thu, 10 Mar 2016 09:11:41 +0530
Message-ID: <20160310034140.GA3491@localhost.localdomain>
References: <1454099352-29040-1-git-send-email-sergio.gonzalez.monroy@intel.com>
 <20160131143918.GA12763@localhost.localdomain>
 <56AF3CDC.5090105@intel.com>
 <20160201112646.GA10490@localhost.localdomain>
 <56E0B7CA.8010204@intel.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Cc: dev@dpdk.org
To: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
Return-path: <dev-bounces@dpdk.org>
Received: from na01-bn1-obe.outbound.protection.outlook.com
 (mail-bn1bon0081.outbound.protection.outlook.com [157.56.111.81])
 by dpdk.org (Postfix) with ESMTP id 79D5F2BA9
 for <dev@dpdk.org>; Thu, 10 Mar 2016 04:42:12 +0100 (CET)
Content-Disposition: inline
In-Reply-To: <56E0B7CA.8010204@intel.com>
List-Id: patches and discussions about DPDK <dev.dpdk.org>
List-Unsubscribe: <http://dpdk.org/ml/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://dpdk.org/ml/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <http://dpdk.org/ml/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

On Wed, Mar 09, 2016 at 11:54:50PM +0000, Sergio Gonzalez Monroy wrote:
> On 01/02/2016 11:26, Jerin Jacob wrote:
> >On Mon, Feb 01, 2016 at 11:09:16AM +0000, Sergio Gonzalez Monroy wrote:
> >>On 31/01/2016 14:39, Jerin Jacob wrote:
> >>>On Fri, Jan 29, 2016 at 08:29:12PM +0000, Sergio Gonzalez Monroy wrote:
> >>>
> 
> >>>IMO, an option for single SA based outbound processing would be useful
> >>>measuring performance bottlenecks with SA lookup.
> >>>
> >>Hi Jerin,
> >>
> >>Are you suggesting to have an option so we basically encrypt all traffic
> >>using
> >>a single SA bypassing the SP/ACL ?
> >Yes. Basicaly an option to bypass  "rte_acl_classify" if its for single
> >SA use case.
> >
> >
> 
> Hi Jerin,
> 
> After re-reading your comment regarding the single SA I just want to double
> check
> that I understood correctly what you were suggesting.
> 
> Basically an option that we can provide a single SA to use for outbound,
> skipping rte_acl_classify in outbound path.
> That same option would also skip rte_acl_classify in inbound path without
> checking
> that we accept specific traffic for an SA.
> 
> Is that correct?

Yes

> 
> Sergio