On Wed, Mar 09, 2016 at 11:54:50PM +0000, Sergio Gonzalez Monroy wrote: > On 01/02/2016 11:26, Jerin Jacob wrote: > >On Mon, Feb 01, 2016 at 11:09:16AM +0000, Sergio Gonzalez Monroy wrote: > >>On 31/01/2016 14:39, Jerin Jacob wrote: > >>>On Fri, Jan 29, 2016 at 08:29:12PM +0000, Sergio Gonzalez Monroy wrote: > >>> > > >>>IMO, an option for single SA based outbound processing would be useful > >>>measuring performance bottlenecks with SA lookup. > >>> > >>Hi Jerin, > >> > >>Are you suggesting to have an option so we basically encrypt all traffic > >>using > >>a single SA bypassing the SP/ACL ? > >Yes. Basicaly an option to bypass "rte_acl_classify" if its for single > >SA use case. > > > > > > Hi Jerin, > > After re-reading your comment regarding the single SA I just want to double > check > that I understood correctly what you were suggesting. > > Basically an option that we can provide a single SA to use for outbound, > skipping rte_acl_classify in outbound path. > That same option would also skip rte_acl_classify in inbound path without > checking > that we accept specific traffic for an SA. > > Is that correct?
Yes > > Sergio
