diff options
| author |   Neale Ranns <nranns@cisco.com> | 2019-02-04 01:10:30 -0800 |
|---|---|---|
| committer |   Dave Barach <openvpp@barachs.net> | 2019-02-05 14:59:44 +0000 |
| commit | a09c1ff5b6ae535932b4fc9477ffc4e39748ca62 (patch) | |
| tree | e7162669c6224358f28e5614c782e2ba73a08e6c /src/vnet/ipsec/ipsec.h | |
| parent | 3117ad8aa50afba68b2fa2c7f2b6f91eeb5a555e (diff) | |
IPSEC: SPD counters in the stats sgement
- return the stats_index of each SPD in the create API call
- no ip_any in the API as this creates 2 SPD entries. client must add both v4 and v6 explicitly
- only one pool of SPD entries (rhter than one per-SPD) to support this
- no packets/bytes in the dump API. Polling the stats segment is much more efficient
(if the SA lifetime is based on packet/bytes)
- emit the policy index in the packet trace and CLI commands.
Change-Id: I7eaf52c9d0495fa24450facf55229941279b8569
Signed-off-by: Neale Ranns <nranns@cisco.com>
Diffstat (limited to 'src/vnet/ipsec/ipsec.h')
| -rw-r--r-- | src/vnet/ipsec/ipsec.h | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/vnet/ipsec/ipsec.h b/src/vnet/ipsec/ipsec.h index fd709675b8e..ed14a5bcbe1 100644 --- a/src/vnet/ipsec/ipsec.h +++ b/src/vnet/ipsec/ipsec.h @@ -119,7 +119,10 @@ typedef struct { /* pool of tunnel instances */ ipsec_spd_t *spds; + /* Pool of security associations */ ipsec_sa_t *sad; + /* pool of policies */ + ipsec_policy_t *policies; /* pool of tunnel interfaces */ ipsec_tunnel_if_t *tunnel_interfaces; @@ -175,9 +178,6 @@ typedef struct u32 ah_default_backend; /* index of default esp backend */ u32 esp_default_backend; - - /* helper for sort function */ - ipsec_spd_t *spd_to_sort; } ipsec_main_t; extern ipsec_main_t ipsec_main; |