Hi steffen,
On 1/17/2020 12:34 PM, Steffen Klassert wrote:
On Fri, Jan 17, 2020 at 12:13:07PM +0530, Ayush Sawal wrote:
Hi Herbert,
On 1/17/2020 11:53 AM, Herbert Xu wrote:
On Thu, Jan 16, 2020 at 01:27:24PM +0530, Ayush Sawal wrote:
The max data limit is 15 sgs where each sg contains data of mtu size .
we are running a netperf udp stream test over ipsec tunnel .The ipsec tunnel
is established between two hosts which are directly connected
Are you actually getting 15-element SG lists from IPsec? What is
generating an skb with 15-element SG lists?
we have established the ipsec tunnel in transport mode using ip xfrm.
and running traffic using netserver and netperf.
In server side we are running
netserver -4
In client side we are running
"netperf -H <serverip> -p <port> -t UDP_STREAM -Cc -- -m 21k"
where the packet size is 21k ,which is then fragmented into 15 ip fragments
each of mtu size.
I'm lacking a bit of context here, but this should generate 15 IP
packets that are encrypted one by one.
This is what i observed ,please correct me if i am wrong.
The packet when reaches esp_output(),is in socket buffer and based on
the number of frags ,sg is initialized using
sg_init_table(sg,frags),where frags are 15 in our case.
The socket buffer data is then copied to this sg and then struct
aead_request members are filled.
After this crypto aead request which contains all data in its sg list
goes to hw crypto driver for encryption in a single request.
In the crypto driver we are receiving a single aead-request with all 15
sgs in that request.
Thanks,
Ayush