ligang/vpp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

IPSEC: SPD counters in the stats sgement

Browse Source 
- return the stats_index of each SPD in the create API call
- no ip_any in the API as this creates 2 SPD entries. client must add both v4 and v6 explicitly
- only one pool of SPD entries (rhter than one per-SPD) to support this
- no packets/bytes in the dump API. Polling the stats segment is much more efficient
  (if the SA lifetime is based on packet/bytes)
- emit the policy index in the packet trace and CLI commands.

Change-Id: I7eaf52c9d0495fa24450facf55229941279b8569
Signed-off-by: Neale Ranns <nranns@cisco.com>
This commit is contained in:
Neale Ranns
2019-02-04 01:10:30 -08:00
committed by Dave Barach
parent 3117ad8aa5
commit a09c1ff5b6
17 changed files with 448 additions and 525 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
test/test_ipsec_ah.py
View File

@ -99,15 +99,19 @@ class TemplateIpsecAh(TemplateIpsec):
self.tun_if.remote_addr[addr_type],
self.tun_if.local_addr[addr_type]).add_vpp_config()
VppIpsecSpdEntry(self, self.tun_spd, vpp_tun_sa_id,
addr_any, addr_bcast,
addr_any, addr_bcast,
socket.IPPROTO_AH).add_vpp_config()
VppIpsecSpdEntry(self, self.tun_spd, vpp_tun_sa_id,
addr_any, addr_bcast,
addr_any, addr_bcast,
socket.IPPROTO_AH,
is_outbound=0).add_vpp_config()
params.spd_policy_in_any = VppIpsecSpdEntry(self, self.tun_spd,
vpp_tun_sa_id,
addr_any, addr_bcast,
addr_any, addr_bcast,
socket.IPPROTO_AH)
params.spd_policy_in_any.add_vpp_config()
params.spd_policy_out_any = VppIpsecSpdEntry(self, self.tun_spd,
vpp_tun_sa_id,
addr_any, addr_bcast,
addr_any, addr_bcast,
socket.IPPROTO_AH,
is_outbound=0)
params.spd_policy_out_any.add_vpp_config()
VppIpsecSpdEntry(self, self.tun_spd, vpp_tun_sa_id,
remote_tun_if_host,