Soft expiry is not a mandatory IPsec feature. It is verified separately
with IPsec unit tests. So configuration of the same is not required.
Also, soft expiry tracking can cause perf degradation with some PMDs.
Since a separate UT is available and the same setting in ipsec-secgw is
not verifying the functionality, remove the same by clearing life
configuration.
Signed-off-by: Anoob Joseph <ano...@marvell.com>
---
examples/ipsec-secgw/ipsec.c | 5 ++++-
examples/ipsec-secgw/ipsec.h | 2 --
2 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/examples/ipsec-secgw/ipsec.c b/examples/ipsec-secgw/ipsec.c
index 4868294..7f936c7 100644
--- a/examples/ipsec-secgw/ipsec.c
+++ b/examples/ipsec-secgw/ipsec.c
@@ -49,7 +49,10 @@ set_ipsec_conf(struct ipsec_sa *sa, struct
rte_security_ipsec_xform *ipsec)
}
/* TODO support for Transport */
}
- ipsec->life.packets_soft_limit = IPSEC_OFFLOAD_PKTS_SOFTLIMIT;
+ ipsec->life.packets_soft_limit = 0;
+ ipsec->life.packets_hard_limit = 0;
+ ipsec->life.bytes_soft_limit = 0;
+ ipsec->life.bytes_hard_limit = 0;
ipsec->replay_win_sz = app_sa_prm.window_size;
ipsec->options.esn = app_sa_prm.enable_esn;
ipsec->options.udp_encap = sa->udp_encap;
diff --git a/examples/ipsec-secgw/ipsec.h b/examples/ipsec-secgw/ipsec.h
index 90c81c1..8405c48 100644
--- a/examples/ipsec-secgw/ipsec.h
+++ b/examples/ipsec-secgw/ipsec.h
@@ -23,8 +23,6 @@
#define MAX_DIGEST_SIZE 32 /* Bytes -- 256 bits */
-#define IPSEC_OFFLOAD_PKTS_SOFTLIMIT 0xffffff00
-
#define IV_OFFSET (sizeof(struct rte_crypto_op) + \
sizeof(struct rte_crypto_sym_op))
--
2.7.4
