> > Soft expiry is not a mandatory IPsec feature. It is verified separately > with IPsec unit tests. So configuration of the same is not required. > Also, soft expiry tracking can cause perf degradation with some PMDs. > Since a separate UT is available and the same setting in ipsec-secgw is > not verifying the functionality, remove the same by clearing life > configuration. > > Signed-off-by: Anoob Joseph <ano...@marvell.com> > --- > examples/ipsec-secgw/ipsec.c | 5 ++++- > examples/ipsec-secgw/ipsec.h | 2 -- > 2 files changed, 4 insertions(+), 3 deletions(-) > > diff --git a/examples/ipsec-secgw/ipsec.c b/examples/ipsec-secgw/ipsec.c > index 4868294..7f936c7 100644 > --- a/examples/ipsec-secgw/ipsec.c > +++ b/examples/ipsec-secgw/ipsec.c > @@ -49,7 +49,10 @@ set_ipsec_conf(struct ipsec_sa *sa, struct > rte_security_ipsec_xform *ipsec) > } > /* TODO support for Transport */ > } > - ipsec->life.packets_soft_limit = IPSEC_OFFLOAD_PKTS_SOFTLIMIT; > + ipsec->life.packets_soft_limit = 0; > + ipsec->life.packets_hard_limit = 0; > + ipsec->life.bytes_soft_limit = 0; > + ipsec->life.bytes_hard_limit = 0; As a nit: as I can read the code it would be already zeroed at entrance to this function, so explicit zeroing is not really required. > ipsec->replay_win_sz = app_sa_prm.window_size; > ipsec->options.esn = app_sa_prm.enable_esn; > ipsec->options.udp_encap = sa->udp_encap; > diff --git a/examples/ipsec-secgw/ipsec.h b/examples/ipsec-secgw/ipsec.h > index 90c81c1..8405c48 100644 > --- a/examples/ipsec-secgw/ipsec.h > +++ b/examples/ipsec-secgw/ipsec.h > @@ -23,8 +23,6 @@ > > #define MAX_DIGEST_SIZE 32 /* Bytes -- 256 bits */ > > -#define IPSEC_OFFLOAD_PKTS_SOFTLIMIT 0xffffff00 > - > #define IV_OFFSET (sizeof(struct rte_crypto_op) + \ > sizeof(struct rte_crypto_sym_op)) > > -- > 2.7.4
