From: Alexander Kozyrev <akozyrev@nvidia.com>
To: Nithin Dabilpuram <nithind1988@gmail.com>
Cc: "dev@dpdk.org" <dev@dpdk.org>,
"mb@smartsharesystems.com" <mb@smartsharesystems.com>,
Ori Kam <orika@nvidia.com>,
"olivier.matz@6wind.com" <olivier.matz@6wind.com>,
Matan Azrad <matan@nvidia.com>,
"NBU-Contact-Thomas Monjalon (EXTERNAL)" <thomas@monjalon.net>,
Jerin Jacob <jerinj@marvell.com>,
"rbhansali@marvell.com" <rbhansali@marvell.com>
Subject: RE: [PATCH v3] mbuf: add ESP packet type
Date: Wed, 18 Oct 2023 11:06:06 +0000 [thread overview]
Message-ID: <DM5PR12MB240509E36FA5D345DC6A9760AFD5A@DM5PR12MB2405.namprd12.prod.outlook.com> (raw)
In-Reply-To: <CAMuDWKSaQV=WfSBhY8o=tetx42cbEt4FV_kcxpp5Zg4_wi0OmQ@mail.gmail.com>
> As per IPSEC ESP RFC 4303, for both tunnel mode or transport mode,
> next proto 50, so we cannot identify a packet is for tunnel mode or
> transport mode by just packet parsing.
> Am I missing something ?
You are absolutely correct, the only way to tell the difference is
to parse the next_proto field in the ESP header itself.
But this field is encrypted, according to RFC, and not really available for parsing.
> Currently there is already a PTYPE `RTE_PTYPE_TUNNEL_ESP` being used
> by all drivers / ipsec-secgw to indicate ESP packet. So why is this
> needed ?
The idea was to add the possibility to distinguish packets in these two modes.
But you are right, it doesn't seem achievable without decrypting the packet first.
> There is also a documentation issue with `RTE_PTYPE_TUNNEL_ESP` where
> it indicates next-proto of 51 but it should have been 50.
> next-proto of 51 is for IPSEC AH.
Yes, documentation is incorrect there.
Thanks for bringing this up, Nithin, I think we can live with RTE_PTYPE_TUNNEL_ESP.
next prev parent reply other threads:[~2023-10-18 11:06 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-10 15:54 [PATCH] " Alexander Kozyrev
2023-08-10 16:14 ` Morten Brørup
2023-08-25 23:26 ` Alexander Kozyrev
2023-08-25 23:34 ` [PATCH v2] " Alexander Kozyrev
2023-08-26 8:28 ` Morten Brørup
2023-08-28 18:22 ` [PATCH v3] " Alexander Kozyrev
2023-08-31 10:29 ` Ori Kam
2023-09-20 10:00 ` Nithin Dabilpuram
2023-10-18 11:06 ` Alexander Kozyrev [this message]
2023-10-24 17:51 ` [PATCH v3 0/7] ptype matching support in mlx5 Alexander Kozyrev
2023-10-24 17:51 ` [PATCH v3 1/7] ethdev: fix ESP packet type description Alexander Kozyrev
2023-10-24 17:51 ` [PATCH v3 2/7] net/mlx5: add support for ptype match in hardware steering Alexander Kozyrev
2023-10-24 17:51 ` [PATCH v3 3/7] net/mlx5/hws: add support for fragmented ptype match Alexander Kozyrev
2023-10-24 17:51 ` [PATCH v3 4/7] doc: add PMD ptype item limitations Alexander Kozyrev
2023-10-24 17:51 ` [PATCH v3 5/7] doc: add packet type matching item to release notes Alexander Kozyrev
2023-10-24 17:51 ` [PATCH v3 6/7] net/mlx5/hws: remove csum check from L3 ok check Alexander Kozyrev
2023-10-24 17:51 ` [PATCH v3 7/7] net/mlx5/hws: fix integrity bits level Alexander Kozyrev
2023-10-25 20:51 ` [PATCH v4 0/4] ptype matching support in mlx5 Alexander Kozyrev
2023-10-25 20:51 ` [PATCH v4 1/4] net/mlx5: add support for ptype match in hardware steering Alexander Kozyrev
2023-10-29 13:10 ` Ori Kam
2023-10-25 20:51 ` [PATCH v4 2/4] net/mlx5/hws: add support for fragmented ptype match Alexander Kozyrev
2023-10-29 13:12 ` Ori Kam
2023-10-25 20:51 ` [PATCH v4 3/4] doc: add PMD ptype item limitations Alexander Kozyrev
2023-10-29 13:13 ` Ori Kam
2023-10-25 20:51 ` [PATCH v4 4/4] doc: add packet type matching item to release notes Alexander Kozyrev
2023-10-29 13:14 ` Ori Kam
2023-10-29 17:27 ` [PATCH v4 0/4] ptype matching support in mlx5 Raslan Darawsheh
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=DM5PR12MB240509E36FA5D345DC6A9760AFD5A@DM5PR12MB2405.namprd12.prod.outlook.com \
--to=akozyrev@nvidia.com \
--cc=dev@dpdk.org \
--cc=jerinj@marvell.com \
--cc=matan@nvidia.com \
--cc=mb@smartsharesystems.com \
--cc=nithind1988@gmail.com \
--cc=olivier.matz@6wind.com \
--cc=orika@nvidia.com \
--cc=rbhansali@marvell.com \
--cc=thomas@monjalon.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).