From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 2EE7EA0548; Fri, 24 Sep 2021 11:11:54 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 1C890412E8; Fri, 24 Sep 2021 11:11:54 +0200 (CEST) Received: from EUR04-VI1-obe.outbound.protection.outlook.com (mail-eopbgr80047.outbound.protection.outlook.com [40.107.8.47]) by mails.dpdk.org (Postfix) with ESMTP id 7287D40142 for ; Fri, 24 Sep 2021 11:11:52 +0200 (CEST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=obUmK2lNj1G6aAiuv8dRyElGOrpbjPw4tBAYJw4xndUx/CzRmbzjreVjEBf4zAMydNChVWTNrQdo9xCofsOLoMAMMD3gnj6NfURGU4KzTHi32W8qXHn6Bq3A1YO5Bo29YdoqrYbvtSA8TtI2pNEYKn17GR0mGnx8jEYqs8hACM+QMbXpeBwWMEip0ask7kp1BNTI5XNQyL+1DmhtokK9EIHEGg8xsDWlNZ1Qr0w27pjT/fSSv0OYkXaP5KeIU6yEKbtf6/XBGeEH0KVUSq5IZQgF6IGWHN2pVuug1nlVC5OmEfcYg6S1TBFvZfaR7IZ1I2K2wS2uDeBCfDyhJJvh6w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=o+KXEQZ4zPctrFxTzIOyXNRiIWIyNEE3ZYtAMhRaxtY=; b=Q7y7NARvsfvwyfm7A2E7hZpeDJ509IN/p5UANETrfQgLGNlDzCcbsDSCBi1O04jfvjp4toHRhKo2/j5QjH33DOyfHBV9PAWi2wAfCxu9yCAogVp+TCmZ7C4MLU4IcNi+dB+3J+eS1cVA9WkVLLi9SSlT+wDx+PM70K7MUV9Ax0dqh//ZFCOYFIwCQSZDULiI+T/LAdjzljma/hq88ljcdGNCA9KsAy41H8jXnweAZ703CbukskfQgESy2F7sXklJON9Zc9y7s1qz1AwTmLtOp0Qv6OS28Wqx9hmms+7xTK0q0n2NvizA3WYuhA7yESLGJTAuHjzdZxVa6JDQovBEug== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=oss.nxp.com; dmarc=pass action=none header.from=oss.nxp.com; dkim=pass header.d=oss.nxp.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=NXP1.onmicrosoft.com; s=selector2-NXP1-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=o+KXEQZ4zPctrFxTzIOyXNRiIWIyNEE3ZYtAMhRaxtY=; b=i11xQ/2hFzbu8AY3h2aWs69WoQqQFS/P9tTg0REr72EFb1pboVskrBfFFoo4gyuhTdc2Ux8dSgPrTI51zrgo3D783aQLMjPZAMJF4a8wkpALsYh0anZFBgd2nuuroNDHX3J3LB3prXV3NOSuz8KUWB6XBcf3pFjeBvUQsCUZ8sw= Authentication-Results: nvidia.com; dkim=none (message not signed) header.d=none;nvidia.com; dmarc=none action=none header.from=oss.nxp.com; Received: from DU2PR04MB8630.eurprd04.prod.outlook.com (2603:10a6:10:2dd::15) by DU2PR04MB8981.eurprd04.prod.outlook.com (2603:10a6:10:2e0::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4544.15; Fri, 24 Sep 2021 09:11:51 +0000 Received: from DU2PR04MB8630.eurprd04.prod.outlook.com ([fe80::945d:e362:712d:1b80]) by DU2PR04MB8630.eurprd04.prod.outlook.com ([fe80::945d:e362:712d:1b80%3]) with mapi id 15.20.4544.018; Fri, 24 Sep 2021 09:11:51 +0000 To: "Nicolau, Radu" , Akhil Goyal , Declan Doherty Cc: "dev@dpdk.org" , "mdr@ashroe.eu" , "konstantin.ananyev@intel.com" , "vladimir.medvedkin@intel.com" , "bruce.richardson@intel.com" , "roy.fan.zhang@intel.com" , "hemant.agrawal@nxp.com" , Anoob Joseph , "abhijit.sinha@intel.com" , "daniel.m.buckley@intel.com" , Archana Muniganti , Tejasree Kondoj , "matan@nvidia.com" References: <20210713133542.3550525-1-radu.nicolau@intel.com> <20210903112626.304692-1-radu.nicolau@intel.com> <20210903112626.304692-3-radu.nicolau@intel.com> From: Hemant Agrawal Message-ID: <9a96d2b8-522e-94d9-86fa-278b908fd872@oss.nxp.com> Date: Fri, 24 Sep 2021 14:41:39 +0530 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.14.0 In-Reply-To: Content-Language: en-US X-ClientProxiedBy: SG2PR02CA0102.apcprd02.prod.outlook.com (2603:1096:4:92::18) To DU2PR04MB8630.eurprd04.prod.outlook.com (2603:10a6:10:2dd::15) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from [192.168.1.2] (122.161.66.32) by SG2PR02CA0102.apcprd02.prod.outlook.com (2603:1096:4:92::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4544.13 via Frontend Transport; Fri, 24 Sep 2021 09:11:45 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 4a690c1d-564e-4acc-49fe-08d97f3b5809 X-MS-TrafficTypeDiagnostic: DU2PR04MB8981: X-MS-Exchange-SharedMailbox-RoutingAgent-Processed: True X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:8882; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: QkHE7k+nmU4kWBdXO+5zAbNjPJ2XUWSTPPgMAklk9hZv601lZ/tpuhya9kHqBrIKjZrAQUktjtq8pXm8bWrSkcw7GD9WMmuCBtQXNZPbCz13KS1C7Luy9PzHBrJFtdQgwnFzGTnsN7SKn1O5N25ONc9ugWgmU86xt7gvYCz82kiQ7lbR1Jrh88UsDq3geP9fUPX9orsb/aVRETdGNwMOWBolG76OwR+mxxPcESwwGkAc+XdaeqrFHx0a5FPK1cUdbZ5BiVVp0xLrzNvDOjcLHRL452kuEgjvyuWKmb955hnumNf3WggI8aJ4Vwg0traWmt2GcFu+EO+SqRQWnfnOrPZku9dxs+l1MT1gm0BMAVK52+JkE/cpV+u8+BRWkpJxCeFt8O3AtksGw5fVY98taH8FCoM4rItbZq+MhBUTQjdBzzn9PIrXjGeveoIzfhjxGgb8gpZxTNNf8Jg7UOtgMPIC3uvEHP1z32AuhMgvwCzjEe53ThswzZ6HoDSgjG99q+cpqS4Ja1zXOZDmKlH01uWCqDaruPRR4v4px/XWntCNNTi9VRr95O72XzrQ0QtFS82ipzTAZoaUaZ7pZRZ+0H9dt6Z08hklq40FmoXLyVl4m0RRAGHhdVHxdjlsZr2BCYCBw2w6koDH/BFzinsoyFl44v/e2dX9lzdgTp3wEnHQ/Z8oZ9HZmw7YAqJT9B5YDMKuOdk/hT/ax8UWD/0CJwxqA0LfalesJx40h4Dy8buS7ey2KyOmccBSeFf81EbatCQY2WU0ye4+JQwgmPwZuhuCxAWxxgCfy10EHWHsx0SB4nlhdJ89ukFtN1y2K6YNiIoyU6y7JszH3GdN3sxgPjKIAqMHrYZ7IO9qzX1/8nk= X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DU2PR04MB8630.eurprd04.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(15650500001)(38350700002)(8676002)(53546011)(66476007)(66556008)(166002)(6486002)(6666004)(83380400001)(66946007)(7416002)(4326008)(2906002)(186003)(38100700002)(55236004)(508600001)(8936002)(31686004)(316002)(26005)(956004)(31696002)(966005)(44832011)(16576012)(52116002)(33964004)(110136005)(86362001)(2616005)(54906003)(5660300002)(45980500001)(43740500002); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?TTA2Y3ZDS1F0MythNXYxRFVxdjVucG42SkFqeUVoemhvVnp5TWRiMm9Pc0V0?= =?utf-8?B?Wk1Qc0VMa01wK0FSUkdrNTBEMTc3QzFzNmJqNDFtKzZoZFc4d3F0R3VkOGY0?= =?utf-8?B?LzlNZmJTNkhPSHJBMzI2WXAvL1dpTDhZM04xQW1VYmdleWx6dUY2Q0haQmlI?= =?utf-8?B?bjh6aEU0ZCtzVFFFU1lEQ3VtKzEyRVNvZmRUZnRHaGhVQ0ttVHZQRTNFeFll?= =?utf-8?B?Z2lJSWpEUVhUTmY3RStIWTVXclNIUms0UjdRZktCZWR0bThxay9tK3VCdEla?= =?utf-8?B?VTBFODFWdHU4S2lFMC90MVRVR3BnSmZsRHZ5b0VJL0ZGLzRIY3dzVzl1aG5k?= =?utf-8?B?aTJLdzNQeFlCNnJ4aVlyWVFJdHFXV3R1RGMrVTRvazRQYUtnZk54NjFQWm1I?= =?utf-8?B?MWxDYnpwNDlUTzBwcjI4WmFVd1RqSnVRb3RRcndrenlzTmZWTGR0WndyL2RI?= =?utf-8?B?OHlKUWRFRkI5RWVXSFh6UE5YbkxOcXhXZnRMTWZMUi9EMmhiUWw5S0RORGlO?= =?utf-8?B?NnpTcmxISFlhSjFsbVZZWUFrM3IvSFVDMTRrU2Zmdmhjd3lzL2JUcXNlazNi?= =?utf-8?B?WDA0TlB1ZCsrWTdsZ3JQd1RMZXN1OVBqK1RoSk1ycm9RQjZudzV4ck1HVWRa?= =?utf-8?B?RG9UOG85MzA3MU5HaGdYM1h1ZzMxQ21WeVcyZTVMN2tmQ3hXbWEzdmROMmhs?= =?utf-8?B?dTB6Um12dGtKdG1UcXhOMHpkWVYyMDhlVXFYb21WUlBoRmhwb2RyUjBjb1lP?= =?utf-8?B?K1NhRytZQ3ord1FaVVZWRVlRbDg4Qk9GVHFyYlN0a1JES1FkNFZ0TmhPdHVi?= =?utf-8?B?OExybms5Y0ZEbHNZNEF1TzBKL01oU3BCdk0rRys4SHE3cUdEbzFHVi9VNERl?= =?utf-8?B?NitIZFRzamZieDROZDFLMTUrTllUQmFWWDd5TzkwZzhIVC9MSXpXTHcyWGkw?= =?utf-8?B?Um1yWjNpUmZ6WklvRVdKWHhzZVZNUEZqU0psRTdESDhYVjI2WGp0bndxekxx?= =?utf-8?B?UWFmVUtsbTBmREw1YkZEbENhYkRSSUVIOFp3WEh4U2E3c0FsbURXbEc0KzJv?= =?utf-8?B?V013d2pSMGxISXBBaHhjWHEwNkNNclI4WFhYRmpDL1N4QVpRUWdWVm9ncnBK?= =?utf-8?B?NnBRc1RUZ2pNaUY4emhiRnliSWVmOG1UcmxpSFVXQXhXTnJQeVcycUxPcjRC?= =?utf-8?B?bEppNUdmc1JhRWZSTWU5c1hHMlhRdnQyQmZLWHZFTkQ5b2xUbXVMN3QrVjEy?= =?utf-8?B?QTNON2hQTFFRcmVjQVNacHBaY241dkJ4SVZXLzhoZnR5R29vTHpnZGdreGRO?= =?utf-8?B?bnc4U2NrRm13WDVwMW8vMHhjWkovemVucFphOFlNR2lvRVNqK0o5UDZoSlpM?= =?utf-8?B?UmxZdnNGNnBBVkJVOFhkSys0eGgwMnVrc01wbUYvZ2pERjhoM3k0NCtJS1E0?= =?utf-8?B?U3ZwTFNiSitocXk0eVRUSkZCcWNGamRrc3VjSUd5d1hlaEZ3dERnZ2wzQTdl?= =?utf-8?B?Z0dDZDJmc29MTUllNWRGUG1tcW1zckZQWTVFN0xKV2VLWHJjSXhsRUgrQnNu?= =?utf-8?B?Y0FhTHhEVUpWbXpYZjIrVlFYVzhyOHBHTmRFZWhXWFM4YmsrejlSSEhMdm50?= =?utf-8?B?RHFxZmtDRzdZSVpXNzA1bnJBT2RpTms0b0VvYWRFWitCeGNMQnJoMGZkMVZV?= =?utf-8?B?ODVMOXg5UkkyeGRFcTRmVXAxMUNwZTVKSFVZc3FBaWh4M0ZtT04zZk04R3dr?= =?utf-8?B?TmpqL2hFbzJRWjd0V281aFd3cDVhWlJiYnc3YkJHYU5MVnpvcmVSNkVHeSsw?= =?utf-8?B?MnBuQUtBR2lDVUw2UTNVZz09?= X-OriginatorOrg: oss.nxp.com X-MS-Exchange-CrossTenant-Network-Message-Id: 4a690c1d-564e-4acc-49fe-08d97f3b5809 X-MS-Exchange-CrossTenant-AuthSource: DU2PR04MB8630.eurprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 24 Sep 2021 09:11:50.9852 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 686ea1d3-bc2b-4c6f-a92c-d99c5c301635 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: KBf0ZV0XBAxh3UOEN2wm/SZymuz1m5z7qLJGngpzPEv4wgjYIRbslHMI3cEBiNS+Ors6yNi/G7npcE+YefHjcw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DU2PR04MB8981 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit X-Content-Filtered-By: Mailman/MimeDel 2.1.29 Subject: Re: [dpdk-dev] [EXT] [PATCH v4 02/10] security: add UDP params for IPsec NAT-T X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: hemant.agrawal@nxp.com Errors-To: dev-bounces@dpdk.org Sender: "dev" On 9/6/2021 4:39 PM, Nicolau, Radu wrote: > > On 9/5/2021 3:19 PM, Akhil Goyal wrote: >> Hi Radu, >> >>> Add support for specifying UDP port params for UDP encapsulation >>> option. >>> >>> Signed-off-by: Declan Doherty >>> Signed-off-by: Radu Nicolau >>> Signed-off-by: Abhijit Sinha >>> Signed-off-by: Daniel Martin Buckley >> Do we really need to specify the port numbers for NAT-T? >> I suppose they are fixed as 4500. >> Could you please specify what the user need to set here for session >> creation? > > From what I'm seeing here > https://datatracker.ietf.org/doc/html/rfc3948#section-2.1 there is no > requirement in general for UDP encapsulation so I think it's better to > make the API flexible as to allow any port to be used. This section states that : o the Source Port and Destination Port MUST be the same as that used by IKE traffic, IKE usages port 4500 am I missing something? > > >> >>> --- >>>   lib/security/rte_security.h | 8 ++++++++ >>>   1 file changed, 8 insertions(+) >>> >>> diff --git a/lib/security/rte_security.h b/lib/security/rte_security.h >>> index 45896a77d0..03572b10ab 100644 >>> --- a/lib/security/rte_security.h >>> +++ b/lib/security/rte_security.h >>> @@ -112,6 +112,12 @@ struct rte_security_ipsec_tunnel_param { >>>       }; >>>   }; >>> >>> +struct rte_security_ipsec_udp_param { >>> + >>> +    uint16_t sport; >>> +    uint16_t dport; >>> +}; >>> + >>>   /** >>>    * IPsec Security Association option flags >>>    */ >>> @@ -224,6 +230,8 @@ struct rte_security_ipsec_xform { >>>       /**< IPsec SA Mode - transport/tunnel */ >>>       struct rte_security_ipsec_tunnel_param tunnel; >>>       /**< Tunnel parameters, NULL for transport mode */ >>> +    struct rte_security_ipsec_udp_param udp; >>> +    /**< UDP parameters, ignored when udp_encap option not specified >>> */ >>>       uint64_t esn_soft_limit; >>>       /**< ESN for which the overflow event need to be raised */ >>>       uint32_t replay_win_sz; >>> -- >>> 2.25.1