From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from NAM02-BL2-obe.outbound.protection.outlook.com (mail-bl2nam02on0070.outbound.protection.outlook.com [104.47.38.70]) by dpdk.org (Postfix) with ESMTP id 7A34E1B75B for ; Tue, 3 Apr 2018 16:29:09 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=CAVIUMNETWORKS.onmicrosoft.com; s=selector1-cavium-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=jztUzZ1auLZPgtJwxW8UElWJUzFSIPcEXsh3i3zZmTE=; b=WYmoyfPoR3FQG/NhaV33eoSi+aU6DjLdiK/8LqTSSfxw0Q0tc2MZ+v/sP3QxLz+X/YVtRjxyBKmWkIp8iswRMj5l4348S48MAYovWEz+r+48+4YYlZSnIvZxwcge+a+msdyJbCNvPtDvh50+3ULUG61T/C46GBUjr98cozXBUPg= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Anoob.Joseph@cavium.com; Received: from hyd1ajoseph-dt.caveonetworks.com (115.113.156.2) by CO2PR0701MB1061.namprd07.prod.outlook.com (2a01:111:e400:1439::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.631.10; Tue, 3 Apr 2018 14:29:02 +0000 To: Akhil Goyal , Declan Doherty , Radu Nicolau Cc: Jerin Jacob , Narayana Prasad , Nelio Laranjeiro , dev@dpdk.org, Thomas Monjalon , Wenzhuo Lu , Jingjing Wu References: <1519896103-32479-1-git-send-email-anoob.joseph@caviumnetworks.com> <1521630685-5179-1-git-send-email-anoob.joseph@caviumnetworks.com> <1521630685-5179-5-git-send-email-anoob.joseph@caviumnetworks.com> From: Anoob Joseph Message-ID: <2180f978-44a7-1263-02cf-8634b063e3f3@caviumnetworks.com> Date: Tue, 3 Apr 2018 19:58:40 +0530 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0 MIME-Version: 1.0 In-Reply-To: <1521630685-5179-5-git-send-email-anoob.joseph@caviumnetworks.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Content-Language: en-US X-Originating-IP: [115.113.156.2] X-ClientProxiedBy: BMXPR01CA0004.INDPRD01.PROD.OUTLOOK.COM (2603:1096:b00:d::14) To CO2PR0701MB1061.namprd07.prod.outlook.com (2a01:111:e400:1439::12) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 6aa4578e-cb94-4aec-7d5b-08d5996f40f9 X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(5600026)(4604075)(4534165)(7168020)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(7193020); SRVR:CO2PR0701MB1061; X-Microsoft-Exchange-Diagnostics: 1; CO2PR0701MB1061; 3:iX4rPEhsaS5/wHF3ALrMUI1+0UD49nrvkSmzrv8aDjAZn8yNlqVNbEGWnDXP6aSy394c4YR0NBjxe6hCSR7ilS55/3nb5RXus9kkvKB6ZmrI9OwOJR+aFYRYSNA6NuRwCr14BNOci01GyvvbhpQJsFSmSqUh1A5U2q0sI8o/IN1KkUNOnkPyMB8FW9CYSjuAYnHHXNh9c/ml6CPn+l6LUONU45MaoD6coc+Lylj7ysPsC4cTOidEl2ADORT8HpAg; 25:UOCcPXgnWKx39g9zcviZ4pRTjfRvpsGArHeVjuCR1j8UzTX8tSs2h/S/Za2Y8PTEjA7hEb8eG4LNM1xL1JwpnEkFjkhCmhEc1xcu44ddqHASs4E4c0QGIrMEQPSPE7YULeRdvPSyVThIUpHgP6zuyBVjjCjdscNQEHCXMvl4ax7Y1fAQn5Azjv24pVvN2nuZP++ZW7fPf1mj3V8kYHyJ6zn+B1l7q1qIfwGwT6BQ7PdeAVSb5/h/3wNoFx6zIq6fhmPPrjie0WjqUe5obJzkvZUJ2K9W5tYtspE6c4Kkym087nfLZu03ve+XTB0MY6JZEEidwPVKevwAFF6E9yo3Tg==; 31:v1THDBu2vParuLehjEKlR3Z7gu2JhqrDjUxfNYJPFwqIxHdFJSb8osmzcMkL4ELgyz+lvCIHfFM3jEobzUfYomO4yDbMzwn72yYIlGPPtwoMYwCUm474XAXYKTAuKEECQ0/pteX6oGKx1vZNzIT8s/U8P6/GlaFQUueMiAxia8SmF17Ij+nRc1arx/Mutzor/3LHwRyZfd5UA+DsR55pkYTTfhKU6UCSr/Pno94+3pc= X-MS-TrafficTypeDiagnostic: CO2PR0701MB1061: X-Microsoft-Exchange-Diagnostics: 1; CO2PR0701MB1061; 20:xD52VK/uR8adt5amIAAy3HVXTQl7HMUkP1RV3Xpnl3xHrnZuXVoEix0JEv5C2tqCzU/JUvytbneYF9OnRapEnKNUqHhqXSZ1NWgpeZOntvpZmauFHVNrHkcrpJ/nHpoGnR5NFovtT0ZdacdpvX4i7k01zr8P+PlVswF/WRV0qPyg9xOb8LWswYOUl/kzKLd0A9qOV33XWWHWQoUUc+aIX/XE+4n3qvNWWE1EPxZ3f80JGSo0M3F3C6C5URYYRc/5hVOPM4r5OnAJUinv1g9koKkpHjWDY1NiUFx2Ny6MC5CgMvqx9fNEHVEe9jAHXXB2PcmoqIYlTZG+rUl6bSFLMFIo/Q9LLiX82UUUl82zkyQllm1ScfIgykJh2GlCHfTG1rpP3vk9Dd1ndrY77n0Opbjr6mO76zwi3T2rSpJ0tBUOgVTZyDW1VWWTGpzx6mRCeTtlP966lofc90D9wlFaFalFJ2coEEEbmpCJkq7v0lo4UUz9W20WA+lYQcSYZRUDUAWNFQF4pnERdTwjoEOeUg4b0zzq5gT/WViJf8x7xgtViAYoiGQl/NsGyZdKWXfLJJMVqrF1IeJP9DqS0ve/VrDrOLwtW6kDhwKpVCIVFM0=; 4:aPrE0lW4FZyYOGhXmzBx8L6syQ6F/h6Hp9tN3FsHQjZFSJnbDr8iuKny0/gv+a66Zzb6nrH1zgdPW+Hsj7s6T9Avw7pqk7fgHhbeH9oAU6+JR9+CrSR/ORTFMpcYG0twcDS2AfW5ONAE2CSQYcoK0GCKfOCkX6HxOc4fmvFtx/Ry1ypEfNthrwSLBIWlBiLcB06vrV8wtYcj8Lb8G7nJx2urHsJtc19uASg7LiEPlTyhbjGyBITdvp7FttGeC5HdqB/3safTqALDWpgrf/s4pFybJRc5WdMvaSf0fHpRVQ/hRiKweEuBD1YXluTVKD4a X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(192374486261705); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(5005006)(8121501046)(93006095)(3231221)(944501327)(52105095)(10201501046)(3002001)(6041310)(20161123560045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123564045)(20161123558120)(20161123562045)(6072148)(201708071742011); SRVR:CO2PR0701MB1061; BCL:0; PCL:0; RULEID:; SRVR:CO2PR0701MB1061; X-Forefront-PRVS: 0631F0BC3D X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(396003)(39860400002)(376002)(366004)(346002)(39380400002)(199004)(189003)(54906003)(6486002)(2906002)(305945005)(6512007)(7736002)(65806001)(229853002)(65956001)(66066001)(42882007)(53936002)(6666003)(50466002)(186003)(6246003)(64126003)(316002)(58126008)(110136005)(97736004)(4326008)(68736007)(65826007)(5660300001)(47776003)(16526019)(26005)(52116002)(53416004)(478600001)(31686004)(105586002)(72206003)(8676002)(36756003)(81156014)(25786009)(8936002)(106356001)(81166006)(2616005)(8656006)(69596002)(486005)(6506007)(2486003)(59450400001)(52146003)(230700001)(31696002)(76176011)(386003)(67846002)(53546011)(11346002)(486005)(476003)(956004)(3846002)(6116002)(446003)(23676004)(55236004); DIR:OUT; SFP:1101; SCL:1; SRVR:CO2PR0701MB1061; H:hyd1ajoseph-dt.caveonetworks.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; Received-SPF: None (protection.outlook.com: cavium.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtDTzJQUjA3MDFNQjEwNjE7MjM6L0U5T01Ld1hMTWthK08rRzVncXRZSHlU?= =?utf-8?B?UHJxVUFwWHZoZ25xZXlJTWljbUNyWTlObDBCU0J0TFFFTG5jei9NU1BsbmJQ?= =?utf-8?B?RXhCM2xvRWRpYmFTRDUzU1ZNbVpnVEdDWE5BRVdDdTlzNUtnRm1WYlVHMmVm?= =?utf-8?B?dUtBVXBDRkxZK29sYWIybk9lN0wxSzBORmFQaytpZk02bk4xTGZSMDk2Y1lR?= =?utf-8?B?TkE1cFgvL3ZqcEVBM3VNbTZuWWhnTms4WFlXNHFRSDFMTXpQajJaVkorek5J?= =?utf-8?B?cGUxN1BVeVRWRFVNWjRkSG1kNnpvRGNIVXg1ZWtlVThPeXZwS1l2SzN1LzlJ?= =?utf-8?B?RG5YaXZzdnlYbWNWWFFxZzFTT0Z2M25zaFpsS1pmWXYzNndYcmNVYzNURmdL?= =?utf-8?B?cXFiVGhtNjc1czRKUHB0WmZUTG1NNi9iYnpFZEV0cXRsN05YTXVhUG9wZWtk?= =?utf-8?B?OThqZFV6QVBITG9nUzR3ajZ0MHZZWldDaWNScU5HYk5vVHdqL3g5MFkvRXNu?= =?utf-8?B?R1o3L1BuampZZDRqWDBacTR2M0h2aUFyaFk1bUsxaWROcW85K0VLTVZ4TXQw?= =?utf-8?B?R1dzb0Jhd2lVWUo4U2tzUENQRFVQUEJrN3dFTnlkV3ErZmpFOUg4SzVFTGNH?= =?utf-8?B?ZmZYSVl6QitoaXQwN2hTVU5oUmVVa2xLZSszMnVCMkZ1Q2J3VjUzZFYwa2VL?= =?utf-8?B?OURYNDNpWFcwdlJWRzRLbTdtdCs0STVPMTZ4NFdFcXdHWmFyWHkvT2ZXb1BB?= =?utf-8?B?aUxuWW5JQzRTa29SM004MExpdWJOMHAwN0tsazUyS29UTVBCZGJxNWZ1NWw0?= =?utf-8?B?d0Eyd1h0L3lzZWlOUlpxZnVqUTQzbGRhakJOQ1BVNVlOSEU0c2dhaFBOQXhE?= =?utf-8?B?cmJ4YjRYUWNnU1NiZ2Nua1o4S0RKTjM5YVE1QVVLbWV0Sm9DQTR4TDdHNmRv?= =?utf-8?B?bSt6S2JNUytLMG41NDVJd0pma2VuMXhBa2NtNG5HUm5tNjE3Z3RNZVE5WmUv?= =?utf-8?B?MG1wWGphOXJOV0p0aE9aSXQzR0NDVldnQmovdzBCN2J0OG1RWjR3Y05Mc1l1?= =?utf-8?B?RldyUElzWXUyTGNrVFcvR0R0eTVDWTlXNmsyc1JaWHh5NmFqRUE5eFhEZCtJ?= =?utf-8?B?cjFpMlNTTFQrM3BNWTdjamU3UmNrQmpiQnZpQ1RtT3JxaklJNmU1MG5SRjFp?= =?utf-8?B?eTEva0ZaK2R5Q1p5eHBOWVdQWjExckJWMmprejdmS0tWaGxNUFozYjE5QXps?= =?utf-8?B?byt2aytJcVpUSGhoWEhEdHoxQ3lLWGE2WmxHU2JVQ3pXelR3L3lQMHgvWE5B?= =?utf-8?B?N0VFdHZZdFRUMGg1WHBVeXpNTTJ3UlQrN1hPYStEWUpPLzFSb05mNXFRZFY0?= =?utf-8?B?UWV3TEdSdFRJQktXbnMyZ3ZDNEFmNnBxZldvQWtsZ3dnNklnNDR5K2lSTXI3?= =?utf-8?B?NGhEeTBqa2szUlFNQjY5b1RlamVkenA1U2V4RUduMWlPKzBqZjBNZnlhbW9o?= =?utf-8?B?VXQ5WGkwRysvLzE1RXpOTnRVY0diNjFiUUNWSWhubWtqYVpvUHlvcUlkOTkw?= =?utf-8?B?ZTlvTlhpL3lNVEJuUENDdmtlcHM5WjhEMDhqejZrNHJJNXYwSVdTcTBVSnZ4?= =?utf-8?B?RFVpYXp3bFJ1eU9uTFUxMHJhclpROHY3dllNZEF5Q2hoYTFjUGNadHVUSWpr?= =?utf-8?B?UmpDYWJPWTNEUEZHMWtGZ1d2Umg3S0Z5QlFjcWk2OGsxbVZScDlmRUZEMGxT?= =?utf-8?B?d0FoYlpYN1RCSU9tRWpMQTJqK2xObEp5QjJoRGtGTVFWQmhydnBDZnE0QVB1?= =?utf-8?B?WTV3NWNENWNBbVl5cFNacFpXWEVmUHU0UmpHQXlIYnQ3eGJFTmdveGhsc0x1?= =?utf-8?B?VGhLTllGZkRuQlkzdkJQYjlnMW1QcmlZQldneWVsWnRHb0cvYkE2bVJMVTk5?= =?utf-8?B?T3ppcnZGemVlZEJyNklBRkR1ZGdZUmFrcGZIVHZBRjkwMGc4dGRBSC9UNUUx?= =?utf-8?B?b05GY044SThERmFHK2xoVU8yTGtTR3ZTWWtaR0xJbmVHR3RSS01sTjRMUHpt?= =?utf-8?B?eTYxQnpiZTRZaStSeDZTQXVEMTlVNlYwakJtb2tCampkSWVTTUs0TjVncDBK?= =?utf-8?Q?E7TNqabEofUm4750J6UQVcuHTh0QZG1XyALoE7J2e1MZFr?= X-Microsoft-Antispam-Message-Info: LZ3gv+Jmo077Mtm8zdfo+MiEG7gYr67BYq689XqJdKouWL5SLzq6SCY1xEwF+Cp1F2vND8TCsmas7K9YLWdGUwpr8ih5BTruR+VvmcGUBrKrK1H+rejvTO4i3p7YWMX0oznWoXojpoZR93oFssVtsqtnAT82nRbDmD9154G+0jXHWo8JkRPWQ4m9XJad3qkJ X-Microsoft-Exchange-Diagnostics: 1; CO2PR0701MB1061; 6:tjeUJQ+kVxzqUfdci72PVLX/LBaS/iSFyXASQu+2WSQKOJNv4Xk0hLVfnaMdG6pzeolK1QNKL53FQsqrodmjY9S4MT9Opvz784CTB/NLkGOaEj96TJ5MZKM4p5vvOuOo9bXlaAdzMn75pKdrIVy8wS2c3SzWFK7Q5NSnMjfL/ub23IfKnHBkKdDBDrBYHWp2xkJBqKKinActKoC5vOIzgYDRk4ZeKyoE7UC0lGAdKE+y9hjEDeWXkW75191ZUO+YXanApkPqvhTGXg8WZ+TxRpdsXfrQ1NYyMKfn5VTEVMt5D/XrMYThQDcjc2yfx16nD72C7dmBnYN9Lsvkmk8bifacFlDbAzSthtN3e8nZcDW6bZxUW9Daup7Hgi3wwKoTI+obtsZzs8VQvZrDVXgsS1BUCtw1B+Os5Avq453eeNdRljhRYlvNREKgcOSl2JYechLLfBGWeN07W7dING4XPg==; 5:G34hYhR90bTyVewVA2gF62YzCc5tCzxtEtgDyg76WqCpE9eSkp1TqmWe0yM/eQG/qaafTbFkfMUeVfuNK/UiesUVUeq3y9SPEo0DddxmoiJvYxfyaOWtgg1bI1OrlhpmLIvz0RfTlPkq8fsqPJVXRqgw1FKgcToK1ZnwNAeAEvI=; 24:DRXEAh9yqexFhp7TNlY55u2ZBpW6zjMfD3D09AQRJ+QHygbMSRYoCDwGEkzU7h4hM6o5Wv5bLKk34s1EI9GSH9V6PovjyGpvnajfi39bYJk= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; CO2PR0701MB1061; 7:jKv2IaS1Xkp51KsMOyOpDqMVHzMd4LCtzAVut+6C5u41wQJDGmscKkv2aWGYWwClmWKeg4BLPq1HfT4evMty59DLSc8Tel+hIclmlXtk720zv1LK1+INj1sXkIa0HGJtvexW8FCu0L26X+jw0S+XSFlSsUqo+CjY8Knl8Peochbw0BraXN9spSGKjqF4jgqLQacq4H14FL8OXkXRZMEUc6H9BLzfTKZ4jMEypOcgxh/Sw2IWRNRmVXS1o4LQ2o8T X-OriginatorOrg: caviumnetworks.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 03 Apr 2018 14:29:02.3773 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 6aa4578e-cb94-4aec-7d5b-08d5996f40f9 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 711e4ccf-2e9b-4bcf-a551-4094005b6194 X-MS-Exchange-Transport-CrossTenantHeadersStamped: CO2PR0701MB1061 Subject: Re: [dpdk-dev] [PATCH v3 4/5] examples/ipsec-secgw: handle ESN soft limit event X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Apr 2018 14:29:10 -0000 Adding maintainers of testpmd & lib/ethdev Thanks, Anoob On 21/03/18 16:41, Anoob Joseph wrote: > For inline protocol processing, the PMD/device is required to maintain > the ESN. But the application is required to monitor ESN overflow to > initiate SA expiry. > > For such cases, application would set the ESN soft limit. An IPsec event > would be raised by rte_eth_event framework, when ESN hits the soft limit > set by the application. > > Signed-off-by: Anoob Joseph > --- > v3: > * No change > > v2: > * No change > > examples/ipsec-secgw/ipsec-secgw.c | 56 ++++++++++++++++++++++++++++++++++++++ > examples/ipsec-secgw/ipsec.c | 10 +++++-- > examples/ipsec-secgw/ipsec.h | 2 ++ > 3 files changed, 65 insertions(+), 3 deletions(-) > > diff --git a/examples/ipsec-secgw/ipsec-secgw.c b/examples/ipsec-secgw/ipsec-secgw.c > index 3a8562e..5726fd3 100644 > --- a/examples/ipsec-secgw/ipsec-secgw.c > +++ b/examples/ipsec-secgw/ipsec-secgw.c > @@ -40,6 +40,7 @@ > #include > #include > #include > +#include > > #include "ipsec.h" > #include "parser.h" > @@ -1640,6 +1641,58 @@ pool_init(struct socket_ctx *ctx, int32_t socket_id, uint32_t nb_mbuf) > printf("Allocated mbuf pool on socket %d\n", socket_id); > } > > +static inline int > +inline_ipsec_event_esn_overflow(struct rte_security_ctx *ctx, uint64_t md) > +{ > + struct ipsec_sa *sa; > + > + /* For inline protocol processing, the metadata in the event will > + * uniquely identify the security session which raised the event. > + * Application would then need the userdata it had registered with the > + * security session to process the event. > + */ > + > + sa = (struct ipsec_sa *)rte_security_get_userdata(ctx, md); > + > + if (sa == NULL) { > + /* userdata could not be retrieved */ > + return -1; > + } > + > + /* Sequence number over flow. SA need to be re-established */ > + RTE_SET_USED(sa); > + return 0; > +} > + > +static int > +inline_ipsec_event_callback(uint16_t port_id, enum rte_eth_event_type type, > + void *param, void *ret_param) > +{ > + struct rte_eth_event_ipsec_desc *event_desc = NULL; > + struct rte_security_ctx *ctx = (struct rte_security_ctx *) > + rte_eth_dev_get_sec_ctx(port_id); > + > + RTE_SET_USED(param); > + > + if (type != RTE_ETH_EVENT_IPSEC) > + return -1; > + > + event_desc = ret_param; > + if (event_desc == NULL) { > + printf("Event descriptor not set\n"); > + return -1; > + } > + > + if (event_desc->stype == RTE_ETH_EVENT_IPSEC_ESN_OVERFLOW) > + return inline_ipsec_event_esn_overflow(ctx, event_desc->md); > + else if (event_desc->stype >= RTE_ETH_EVENT_IPSEC_MAX) { > + printf("Invalid IPsec event reported\n"); > + return -1; > + } > + > + return -1; > +} > + > int32_t > main(int32_t argc, char **argv) > { > @@ -1727,6 +1780,9 @@ main(int32_t argc, char **argv) > */ > if (promiscuous_on) > rte_eth_promiscuous_enable(portid); > + > + rte_eth_dev_callback_register(portid, > + RTE_ETH_EVENT_IPSEC, inline_ipsec_event_callback, NULL); > } > > check_all_ports_link_status(nb_ports, enabled_port_mask); > diff --git a/examples/ipsec-secgw/ipsec.c b/examples/ipsec-secgw/ipsec.c > index 5fb5bc1..acdd189 100644 > --- a/examples/ipsec-secgw/ipsec.c > +++ b/examples/ipsec-secgw/ipsec.c > @@ -36,6 +36,7 @@ set_ipsec_conf(struct ipsec_sa *sa, struct rte_security_ipsec_xform *ipsec) > } > /* TODO support for Transport and IPV6 tunnel */ > } > + ipsec->esn_soft_limit = IPSEC_OFFLOAD_ESN_SOFTLIMIT; > } > > static inline int > @@ -270,11 +271,14 @@ create_session(struct ipsec_ctx *ipsec_ctx, struct ipsec_sa *sa) > * the packet is received, this userdata will be > * retrieved using the metadata from the packet. > * > - * This is required only for inbound SAs. > + * The PMD is expected to set similar metadata for other > + * operations, like rte_eth_event, which are tied to > + * security session. In such cases, the userdata could > + * be obtained to uniquely identify the security > + * parameters denoted. > */ > > - if (sa->direction == RTE_SECURITY_IPSEC_SA_DIR_INGRESS) > - sess_conf.userdata = (void *) sa; > + sess_conf.userdata = (void *) sa; > > sa->sec_session = rte_security_session_create(ctx, > &sess_conf, ipsec_ctx->session_pool); > diff --git a/examples/ipsec-secgw/ipsec.h b/examples/ipsec-secgw/ipsec.h > index 6059f6c..c1450f6 100644 > --- a/examples/ipsec-secgw/ipsec.h > +++ b/examples/ipsec-secgw/ipsec.h > @@ -21,6 +21,8 @@ > > #define MAX_DIGEST_SIZE 32 /* Bytes -- 256 bits */ > > +#define IPSEC_OFFLOAD_ESN_SOFTLIMIT 0xffffff00 > + > #define IV_OFFSET (sizeof(struct rte_crypto_op) + \ > sizeof(struct rte_crypto_sym_op)) >