LGTM Regards _Sugesh
> -----Original Message----- > From: [email protected] [mailto:ovs-dev- > [email protected]] On Behalf Of Ian Stokes > Sent: Thursday, May 18, 2017 10:16 AM > To: [email protected] > Subject: [ovs-dev] [RFC PATCH v1 3/3] Docs: Update releases with IPsec > feature support info. > > This commit adds details to the releases doc regarding the support provided > for IPsec functionality. It is not intended to be upstreamed, simply to > solicit > feedback regarding the basic IPsec functionality required to secure vxlan > traffic as described in the cover letter usecase for the patch series. > > The modifications include the addition of IPsec to the OVS feature support > table, supported algorithms for encryption/authentication, supported > protocols and modes for ESP as well as support for SW/HW encryption. > > Signed-off-by: Ian Stokes <[email protected]> > --- > Documentation/faq/releases.rst | 51 > ++++++++++++++++++++++++++++++++++++++++ > 1 files changed, 51 insertions(+), 0 deletions(-) > > diff --git a/Documentation/faq/releases.rst > b/Documentation/faq/releases.rst index c85eff8..1bad2b0 100644 > --- a/Documentation/faq/releases.rst > +++ b/Documentation/faq/releases.rst > @@ -121,6 +121,7 @@ Q: Are all features available with all datapaths? > Set action YES YES YES PARTIAL > NIC Bonding YES YES YES YES > Multiple VTEPs YES YES YES YES > + IPsec NO NO PARTIAL No > ===================== ============== ============== > ========= ======= > > Do note, however: > @@ -163,6 +164,56 @@ Q: What DPDK version does each Open vSwitch > release work with? > 2.7.x 16.11.1 > ============ ======= > > +Q: What IPsec features are available in OVS Userspace? > + > + A: IPsec supports the following IPsec features in userspace. > + > + =============== ========= > + IPsec Protocols Supported > + =============== ========= > + ESP YES > + AH NO > + =============== ========= > + > + ========== ========= > + IPsec Mode Supported > + ========== ========= > + Transport YES > + Tunnel NO > + ========== ========= > + > + ========================= ========= > + ESP Encryption Algorithms Supported > + ========================= ========= > + NULL YES > + AES_CBC YES > + AES_GCM_16 YES > + ========================= ======== > + > + ============================= ========= > + ESP Authentication Algorithms Supported > + ============================= ========= > + NULL YES > + HMAC_SHA2_256_128 YES > + ============================= ========= > + > + ================= ========= > + SA Key generation Supported > + ================= ========= > + User generated YES > + IKEv2 NO > + ================= ========= > + > + The following is specific to the use of DPDK crypto devices for IPsec > + encryption/decryption operations. > + > + =============== ========= > + Crypto Dev Type Supported > + =============== ========= > + Virtual YES > + Hardware NO > + =============== ========= > + > Q: I get an error like this when I configure Open vSwitch: > > configure: error: Linux kernel in <dir> is version <x>, but > -- > 1.7.0.7 > > _______________________________________________ > dev mailing list > [email protected] > https://mail.openvswitch.org/mailman/listinfo/ovs-dev _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
