diff options
author | Maxime Peim <mpeim@cisco.com> | 2022-12-22 11:26:57 +0000 |
---|---|---|
committer | Beno�t Ganne <bganne@cisco.com> | 2023-10-30 15:23:13 +0000 |
commit | 0e2f188f7c9872d7c946c14d785c6dc7c7c68847 (patch) | |
tree | 1adc39db5e2e0e243811c8ce001d0bd056c0402e /src/vnet/ipsec/ipsec.api | |
parent | 21922cec7339f48989f230248de36a98816c4b1b (diff) |
ipsec: huge anti-replay window support
Type: improvement
Since RFC4303 does not specify the anti-replay window size, VPP should
support multiple window size. It is done through a clib_bitmap.
Signed-off-by: Maxime Peim <mpeim@cisco.com>
Change-Id: I3dfe30efd20018e345418bef298ec7cec19b1cfc
Diffstat (limited to 'src/vnet/ipsec/ipsec.api')
-rw-r--r-- | src/vnet/ipsec/ipsec.api | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/src/vnet/ipsec/ipsec.api b/src/vnet/ipsec/ipsec.api index ad1d21618e6..68efe8f50f7 100644 --- a/src/vnet/ipsec/ipsec.api +++ b/src/vnet/ipsec/ipsec.api @@ -191,12 +191,21 @@ define ipsec_sad_entry_add_del_v3 bool is_add; vl_api_ipsec_sad_entry_v3_t entry; }; + define ipsec_sad_entry_add { u32 client_index; u32 context; vl_api_ipsec_sad_entry_v3_t entry; }; + +define ipsec_sad_entry_add_v2 +{ + u32 client_index; + u32 context; + vl_api_ipsec_sad_entry_v4_t entry; +}; + autoreply define ipsec_sad_entry_del { u32 client_index; @@ -273,6 +282,7 @@ define ipsec_sad_entry_add_del_v3_reply i32 retval; u32 stat_index; }; + define ipsec_sad_entry_add_reply { u32 context; @@ -280,6 +290,13 @@ define ipsec_sad_entry_add_reply u32 stat_index; }; +define ipsec_sad_entry_add_v2_reply +{ + u32 context; + i32 retval; + u32 stat_index; +}; + /** \brief Add or Update Protection for a tunnel with IPSEC Tunnel protection directly associates an SA with all packets @@ -468,6 +485,12 @@ define ipsec_sa_v4_dump u32 context; u32 sa_id; }; +define ipsec_sa_v5_dump +{ + u32 client_index; + u32 context; + u32 sa_id; +}; /** \brief IPsec security association database response @param context - sender context which was passed in the request @@ -528,7 +551,17 @@ define ipsec_sa_v4_details { u64 seq_outbound; u64 last_seq_inbound; u64 replay_window; + u32 thread_index; + u32 stat_index; +}; +define ipsec_sa_v5_details { + u32 context; + vl_api_ipsec_sad_entry_v4_t entry; + vl_api_interface_index_t sw_if_index; + u64 seq_outbound; + u64 last_seq_inbound; + u64 replay_window; u32 thread_index; u32 stat_index; }; |