From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <sergio.gonzalez.monroy@intel.com>
Received: from mga14.intel.com (mga14.intel.com [192.55.52.115])
 by dpdk.org (Postfix) with ESMTP id 3A8FB2A61
 for <dev@dpdk.org>; Wed, 16 Sep 2015 18:45:29 +0200 (CEST)
Received: from orsmga003.jf.intel.com ([10.7.209.27])
 by fmsmga103.fm.intel.com with ESMTP; 16 Sep 2015 09:45:28 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.17,540,1437462000"; d="scan'208";a="646078880"
Received: from smonroyx-mobl.ger.corp.intel.com (HELO [10.237.220.110])
 ([10.237.220.110])
 by orsmga003.jf.intel.com with ESMTP; 16 Sep 2015 09:45:28 -0700
References: <55F92863.2040902@intel.com> <2390869.VPa9rt1CFQ@xps13>
From: "Gonzalez Monroy, Sergio" <sergio.gonzalez.monroy@intel.com>
To: Thomas Monjalon <thomas.monjalon@6wind.com>, "dev@dpdk.org" <dev@dpdk.org>
Message-ID: <55F99CA7.6090907@intel.com>
Date: Wed, 16 Sep 2015 17:45:27 +0100
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:38.0) Gecko/20100101
 Thunderbird/38.2.0
MIME-Version: 1.0
In-Reply-To: <2390869.VPa9rt1CFQ@xps13>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [dpdk-dev] RFC - IPsec Sample App
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: patches and discussions about DPDK <dev.dpdk.org>
List-Unsubscribe: <http://dpdk.org/ml/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://dpdk.org/ml/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <http://dpdk.org/ml/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Sep 2015 16:45:30 -0000

On 16/09/2015 09:35, Thomas Monjalon wrote:
> 2015-09-16 09:29, Gonzalez Monroy, Sergio:
>> We are looking for feedback on the proposal to create a new sample
>> application
> [...]
>> A set of generic APIs for the configuration of IPsec security policies and
>> associations will be provided, which will be independent of the
> How can you have some API in a sample application?
> It looks like an IPsec library, not an application.
The intention of those APIs was just to provide flexibility to the users 
and allow them
to easily setup different Security Policies (SP) and Security 
Associations (SA) for testing
of different environments if they are looking to base something off this 
example app.
> Are we going to add a library for each protocol in DPDK like it is done
> in the Linux kernel stack (including OVS)? Probably no.
You are probably right in that sense and we probably shouldn't have a 
sample app
for every protocol, but we feel that to really put the new cryptodev API 
under
test we need a good example, and showing how the cryptodev API could be 
use to
do IPsec would certainly fill the bill. A more trivial application would not
necessarily reveal any gaps in the API that would prevent cryptodev 
being used
for an IPSec implementation. By creating a sample app incorporating much 
of an
IPsec implementation, we get greater confidence in the usefulness of our 
APIs
- and the performance of the cryptodev - in a realistic setting, while also
providing sample code that may well be of use to a wider audience.

Sergio