Dmitry Eremin-Solenikov(lumag) replied on github web page:
include/odp/api/spec/ipsec.h
line 4
@@ -1207,6 +1207,7 @@ typedef struct odp_ipsec_status_t {
*
* Each input packet must have a valid value for these metadata (other metadata
* is ignored):
+ * - IPv4 or IPv6 flag: Set packet flag according to packet contents.
Comment:
@psavol ... or if the packet is not stored in main memory. Should we still
consider this case?
Back to your example. Performance difference would be less in a case when IP
header is in main memory. However it is just easier to check for a flag in
implementation code, rather than refetching again IP header again and checking
first byte.
As a side question, I was thinking about several `odp_packet_*_ptr()` functions
that return pointer to packet data without returning segment length. It is easy
to misuse them with segmented packets. We should consider rethinking them after
TigerMoth.
I'm not quite sure about pktout. pktout hardware receives explicit IP version
in L2 header (unline IPsec, for which there is no L2 header) and we do not
support generating checksums in software, so there is no point in adding
requirement for IP flags to pktout. Well, unless there will be support for
hardware which does automatic L2 header generation.
> Petri Savolainen(psavol) wrote:
> There would be significant performance difference of using this flag vs
> reading the version from packet data, if any SW (application or
> implementation) would not need otherwise to read/write the IP header at all.
> If SW reads/writes it for any other reason during packet processing/output -
> e.g. application reads/writes IP addresses, implementation insert pseudo
> header checksum to L4 (as Intel NICs require), etc ... the benefit would
> diminish as the data is already in CPU cache.
>
> I'd expect that in common case an IPSEC application reads/writes the IP
> header, instead of blindly forwarding the packet.
>
> Also, IPSEC and pktout (chksum offload, etc) spec should have the same
> requirements for the same functionality. So, if IP flag would be added here,
> it would be needed to be added to pktout as well.
>> Dmitry Eremin-Solenikov(lumag) wrote:
>> @psavol @JannePeltonen @muvarov @NikhilA-Linaro
>> In most cases application will already have knowledge about payload
>> protocol. So it is easier to provide such knowledge to IPsec machinery. So
>> this is basically a question to @NikhilA-Linaro, If I got it right from SEC
>> manual, your hardware also requires providing IP version, does it not?
>>> Dmitry Eremin-Solenikov(lumag) wrote:
>>> @psavol @JannePeltonen @muvarov @NikhilA-Linaro
>>> In most cases such flag will be set by inbound packet parser (or known by
>>> the application). Otherwise such packet will not be received by inbound
>>> API. Well, unless an application submits all inbound packets to IPsec,
>>> which seems quite strange to me.
https://github.com/Linaro/odp/pull/328#discussion_r156324598
updated_at 2017-12-12 10:23:39
