Clarify that for Outbound Inline IPsec processing, L2 header needs to be up to date with ether type which will be applicable post IPsec processing as the IPsec offload only touches L3 and above.
Signed-off-by: Nithin Dabilpuram <ndabilpu...@marvell.com> --- doc/guides/prog_guide/rte_security.rst | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/doc/guides/prog_guide/rte_security.rst b/doc/guides/prog_guide/rte_security.rst index 72ca0bd..be158f6 100644 --- a/doc/guides/prog_guide/rte_security.rst +++ b/doc/guides/prog_guide/rte_security.rst @@ -146,7 +146,9 @@ adding the relevant protocol headers and encrypting the data before sending the packet out. The software should make sure that the buffer has required head room and tail room for any protocol header addition. The software may also do early fragmentation if the resultant packet is expected -to cross the MTU size. +to cross the MTU size. The software should also make sure that L2 header contents +are updated with the final L2 header which is expected post IPsec processing as +the IPsec offload will only update L3 and above in egress path. .. note:: -- 2.8.4
