Hi

 

I am interested to do ipsec encoding and decoding in my dpdk application

From my readings, i understand ipsec can be done one time in the nic (inline ipsec) or with multiple calls (rte_cryptodev_enqueue_burst, rte_cryptodev_dequeue_burst....)

 

1. If ipsec is done by nic I only need to call rte_ipsec_pkt_process(...) without other functions?

I use  rte_eth_rx_burst to read from nic.

2. Where do I see list of nic that support nic inline ipsec? I believe not all dpdk nic support it.
3. How much does it impact performance ? is there a table of performance per nic?
4. My application is multi process, I can see in documentation :

“Currently, the security library does not support the case of multi-process. It will be updated in the future releases.” From https://doc.dpdk.org/guides/prog_guide/rte_security.html

So ipsec also is not supported for multi process application?

Even if done inline by the nic?

And what about non inline ipsec for multi process applications?

 

5. Is ip sec also supported in multi queue with rte flow in the inline ipsec ?