aboutsummaryrefslogtreecommitdiffstats
path: root/src/vat
diff options
context:
space:
mode:
authorMatthew Smith <mgsmith@netgate.com>2018-04-12 07:32:56 -0500
committerDamjan Marion <dmarion.lists@gmail.com>2018-04-19 10:35:25 +0000
commit8e1039a8231cd1d817a24256c421b9fc512f45fa (patch)
tree656a6902ae128794b76e879c74a8dad895c52294 /src/vat
parent1e5c07d379a092f4829e7081aa962d013b31fdfc (diff)
Allow an IPsec tunnel interface to be renumbered
When creating an IPsec tunnel interface, allow a numeric identifier to be set for use in the interface's name in place of the dev instance. Default to using the dev instance if no value is explicitly set. When an IPsec tunnel is deleted, the interface is deleted now instead of being kept in a pool of available hw interfaces. Otherwise there was the possibility of conflicting tx node names between deleted tunnels and newly created ones. Change-Id: Ic525466622a0dec38a845fa5871c084f6d9da380 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Diffstat (limited to 'src/vat')
-rw-r--r--src/vat/api_format.c13
1 files changed, 12 insertions, 1 deletions
diff --git a/src/vat/api_format.c b/src/vat/api_format.c
index ceb074ccfe2..8c2fb13ecfe 100644
--- a/src/vat/api_format.c
+++ b/src/vat/api_format.c
@@ -15285,6 +15285,8 @@ api_ipsec_tunnel_if_add_del (vat_main_t * vam)
u8 is_add = 1;
u8 esn = 0;
u8 anti_replay = 0;
+ u8 renumber = 0;
+ u32 instance = ~0;
int ret;
while (unformat_check_input (i) != UNFORMAT_END_OF_INPUT)
@@ -15336,6 +15338,8 @@ api_ipsec_tunnel_if_add_del (vat_main_t * vam)
return -99;
}
}
+ else if (unformat (i, "instance %u", &instance))
+ renumber = 1;
else
{
errmsg ("parse error '%U'\n", format_unformat_error, i);
@@ -15394,6 +15398,12 @@ api_ipsec_tunnel_if_add_del (vat_main_t * vam)
clib_memcpy (mp->remote_integ_key, rik, mp->remote_integ_key_len);
}
+ if (renumber)
+ {
+ mp->renumber = renumber;
+ mp->show_instance = ntohl (instance);
+ }
+
S (mp);
W (ret);
return ret;
@@ -23477,7 +23487,8 @@ _(ipsec_sa_set_key, "sa_id <n> crypto_key <hex> integ_key <hex>") \
_(ipsec_tunnel_if_add_del, "local_spi <n> remote_spi <n>\n" \
" crypto_alg <alg> local_crypto_key <hex> remote_crypto_key <hex>\n" \
" integ_alg <alg> local_integ_key <hex> remote_integ_key <hex>\n" \
- " local_ip <addr> remote_ip <addr> [esn] [anti_replay] [del]\n") \
+ " local_ip <addr> remote_ip <addr> [esn] [anti_replay] [del]\n" \
+ " [instance <n>]") \
_(ipsec_sa_dump, "[sa_id <n>]") \
_(ipsec_tunnel_if_set_key, "<intfc> <local|remote> <crypto|integ>\n" \
" <alg> <hex>\n") \