d/numam-dpdk
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

security: clarify L2 header requirement for inline IPsec

Browse Source 
Clarify that for Outbound Inline IPsec processing, L2 header
needs to be up to date with ether type which will be applicable
post IPsec processing as the IPsec offload only touches L3 and above.

Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
This commit is contained in:
Nithin Dabilpuram 2022-08-22 20:08:09 +05:30 committed by Akhil Goyal
parent 338eb15178
commit dcee1520f3
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
doc/guides/prog_guide/rte_security.rst
View File

@ -146,7 +146,9 @@ adding the relevant protocol headers and encrypting the data before sending
the packet out. The software should make sure that the buffer
has required head room and tail room for any protocol header addition. The
software may also do early fragmentation if the resultant packet is expected
to cross the MTU size.
to cross the MTU size. The software should also make sure that L2 header contents
are updated with the final L2 header which is expected post IPsec processing as
the IPsec offload will only update L3 and above in egress path.
.. note::