From mboxrd@z Thu Jan 1 00:00:00 1970 From: David Miller Subject: Re: [PATCH RFC ipsec-next 0/3] Virtual xfrm interfaces Date: Mon, 04 Jun 2018 08:58:22 -0400 (EDT) Message-ID: <20180604.085822.1374283424905473397.davem@davemloft.net> References: <20180604060910.13896-1-steffen.klassert@secunet.com> Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Cc: netdev@vger.kernel.org, eyal.birger@gmail.com, antony@phenome.org, benedictwong@google.com, lorenzo@google.com, shannon.nelson@oracle.com To: steffen.klassert@secunet.com Return-path: Received: from shards.monkeyblade.net ([184.105.139.130]:46046 "EHLO shards.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753149AbeFDM6Z (ORCPT ); Mon, 4 Jun 2018 08:58:25 -0400 In-Reply-To: <20180604060910.13896-1-steffen.klassert@secunet.com> Sender: netdev-owner@vger.kernel.org List-ID: From: Steffen Klassert Date: Mon, 4 Jun 2018 08:09:07 +0200 > This patchset introduces new virtual xfrm interfaces. > The design of virtual xfrm interfaces interfaces was > discussed at the Linux IPsec workshop 2018. This patchset > implements these interfaces as the IPsec userspace and > kernel developers agreed. The purpose of these interfaces > is to overcome the design limitations that the existing > VTI devices have. > > We had two presentations about xfrm interfaces at > the workshop. Slides with further informations > can be found at the workshop homepage: > > https://workshop.linux-ipsec.org/2018/ First off, you will have to describe in detail what the VTI limitations are and how these new devices overcome them in this commit message. You can't just say "we discussed this over there, go take a look". The place people "take a look" is your text here. Second, since you didn't explain things, I have to ask. Why is a new special ID even necessary? It makes the flowi bigger, and adds all of this new logic. All netdevs have an ifindex and you should be able to find a way to use the ifindex of these new devices in the key somehow. Thanks.