On 16/09/2015 09:35, Thomas Monjalon wrote: > 2015-09-16 09:29, Gonzalez Monroy, Sergio: >> We are looking for feedback on the proposal to create a new sample >> application > [...] >> A set of generic APIs for the configuration of IPsec security policies and >> associations will be provided, which will be independent of the > How can you have some API in a sample application? > It looks like an IPsec library, not an application. The intention of those APIs was just to provide flexibility to the users and allow them to easily setup different Security Policies (SP) and Security Associations (SA) for testing of different environments if they are looking to base something off this example app. > Are we going to add a library for each protocol in DPDK like it is done > in the Linux kernel stack (including OVS)? Probably no. You are probably right in that sense and we probably shouldn't have a sample app for every protocol, but we feel that to really put the new cryptodev API under test we need a good example, and showing how the cryptodev API could be use to do IPsec would certainly fill the bill. A more trivial application would not necessarily reveal any gaps in the API that would prevent cryptodev being used for an IPSec implementation. By creating a sample app incorporating much of an IPsec implementation, we get greater confidence in the usefulness of our APIs - and the performance of the cryptodev - in a realistic setting, while also providing sample code that may well be of use to a wider audience.
Sergio
