[Swan-dev] [PATCH libreswan] Add support for IPSec HW-offload on the NIC
Antony Antony
antony at phenome.org
Tue Jun 27 16:18:32 UTC 2017
I guess this is could be applied. However, please hold on, lets update
xfrm.h first.
I plan to update linux26/xfrm.h with history from kernel commits.
It should happen before this patch. Otherwise it hard to know how upto date
xfrm.h is.
Another comment. It would be nice to add whack option?
How would XFRM_MSG_GETSA work? I am guessing you have a running system.
Could you share output of
ipsec whack --trafficstatus
regards,
-antony
On Tue, Jun 27, 2017 at 06:48:26PM +0300, ilant at mellanox.com wrote:
> From: Ilan Tayari <ilant at mellanox.com>
>
> Add per-connection configuration flag to enable HW offload.
>
> For kernel_netlink, if flag is set and connection is oriented,
> attempt to offload on the interface's device by adding the new
> XFRMA_OFFLOAD_DEV netlink attribute.
>
> Signed-off-by: Ilan Tayari <ilant at mellanox.com>
> ---
More information about the Swan-dev
mailing list