Age | Commit message (Collapse) | Author | Files | Lines |
|
Change-Id: I229128ccd88c1cf608e20507ca26752b9c0495f5
Signed-off-by: Szymon Sliwa <szs@semihalf.com>
|
|
By default ipsec picks asynchronuous crypto. After the operation it may
turn out that the operation was performed synchronously anyways, in such
case the packet is send further by the esp_* node because there will be
no notification event sent about the crypto completion.
To use asynchronous mode put async in the odp section
of the startup.conf file,
like this:
odp {
async
}
Falls back to synchronous mode.
Change-Id: I5301df5f1c93a5ccd53a9c0ed2c4cacb9ca5fdd4
Signed-off-by: Szymon Sliwa <szs@semihalf.com>
|
|
Change-Id: I8be5f8aa63da8fdf4b2043ba9cd048f2269e4e99
Signed-off-by: Szymon Sliwa <szs@semihalf.com>
|
|
Change-Id: I5d71505e221e837c7569963fda674e970e5ee31d
Signed-off-by: Szymon Sliwa <szs@semihalf.com>
|
|
Based heavily on the src/vnet/ipsec.
Reuses the pure software VPP IPsec implementation
CLI command. To use enable-odp-crypto needs to be
present in the odp section of startup configuration,
like this:
odp {
enable-odp-crypto
}
Currenlty only IPv4 is supported, and only in transport
mode.
Authentication headers are not supported, this limitation
is inherited from VPP.
Supported crypto algorithms are
aes-cbc-128 for encryption, and
sha-512-256, sha-256-128, sha1-96 for authentication
Change-Id: I08c66f96a73d8cb4ef1095f181ddf47506abc39a
Signed-off-by: Szymon Sliwa <szs@semihalf.com>
|