Dmitry Eremin-Solenikov(lumag) replied on github web page: include/odp/api/spec/ipsec.h line 4 @@ -1207,6 +1207,7 @@ typedef struct odp_ipsec_status_t { * * Each input packet must have a valid value for these metadata (other metadata * is ignored): + * - IPv4 or IPv6 flag: Set packet flag according to packet contents.
Comment: @psavol ... or if the packet is not stored in main memory. Should we still consider this case? Back to your example. Performance difference would be less in a case when IP header is in main memory. However it is just easier to check for a flag in implementation code, rather than refetching again IP header again and checking first byte. As a side question, I was thinking about several `odp_packet_*_ptr()` functions that return pointer to packet data without returning segment length. It is easy to misuse them with segmented packets. We should consider rethinking them after TigerMoth. I'm not quite sure about pktout. pktout hardware receives explicit IP version in L2 header (unline IPsec, for which there is no L2 header) and we do not support generating checksums in software, so there is no point in adding requirement for IP flags to pktout. Well, unless there will be support for hardware which does automatic L2 header generation. > Petri Savolainen(psavol) wrote: > There would be significant performance difference of using this flag vs > reading the version from packet data, if any SW (application or > implementation) would not need otherwise to read/write the IP header at all. > If SW reads/writes it for any other reason during packet processing/output - > e.g. application reads/writes IP addresses, implementation insert pseudo > header checksum to L4 (as Intel NICs require), etc ... the benefit would > diminish as the data is already in CPU cache. > > I'd expect that in common case an IPSEC application reads/writes the IP > header, instead of blindly forwarding the packet. > > Also, IPSEC and pktout (chksum offload, etc) spec should have the same > requirements for the same functionality. So, if IP flag would be added here, > it would be needed to be added to pktout as well. >> Dmitry Eremin-Solenikov(lumag) wrote: >> @psavol @JannePeltonen @muvarov @NikhilA-Linaro >> In most cases application will already have knowledge about payload >> protocol. So it is easier to provide such knowledge to IPsec machinery. So >> this is basically a question to @NikhilA-Linaro, If I got it right from SEC >> manual, your hardware also requires providing IP version, does it not? >>> Dmitry Eremin-Solenikov(lumag) wrote: >>> @psavol @JannePeltonen @muvarov @NikhilA-Linaro >>> In most cases such flag will be set by inbound packet parser (or known by >>> the application). Otherwise such packet will not be received by inbound >>> API. Well, unless an application submits all inbound packets to IPsec, >>> which seems quite strange to me. https://github.com/Linaro/odp/pull/328#discussion_r156324598 updated_at 2017-12-12 10:23:39