ligang/vpp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

IPSEC: SPD counters in the stats sgement

Browse Source 
- return the stats_index of each SPD in the create API call
- no ip_any in the API as this creates 2 SPD entries. client must add both v4 and v6 explicitly
- only one pool of SPD entries (rhter than one per-SPD) to support this
- no packets/bytes in the dump API. Polling the stats segment is much more efficient
  (if the SA lifetime is based on packet/bytes)
- emit the policy index in the packet trace and CLI commands.

Change-Id: I7eaf52c9d0495fa24450facf55229941279b8569
Signed-off-by: Neale Ranns <nranns@cisco.com>
This commit is contained in:
Neale Ranns
2019-02-04 01:10:30 -08:00
committed by Dave Barach
parent 3117ad8aa5
commit a09c1ff5b6
17 changed files with 448 additions and 525 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
test/template_ipsec.py
View File

@ -380,6 +380,11 @@ class IpsecTun4Tests(object):
self.logger.info(self.vapi.ppcli("show error"))
self.logger.info(self.vapi.ppcli("show ipsec"))
if (hasattr(p, "spd_policy_in_any")):
pkts = p.spd_policy_in_any.get_stats()['packets']
self.assertEqual(pkts, count,
"incorrect SPD any policy: expected %d != %d" %
(count, pkts))
self.assert_packet_counter_equal(self.tun4_encrypt_node_name, count)
self.assert_packet_counter_equal(self.tun4_decrypt_node_name, count)