summaryrefslogtreecommitdiffstats
path: root/src/vnet/ipsec
diff options
context:
space:
mode:
authorNeale Ranns <nranns@cisco.com>2019-03-27 13:40:35 +0000
committerNeale Ranns <nranns@cisco.com>2019-03-28 12:53:37 +0000
commit987aea8ec122065ab781242de24877f7cb377a5c (patch)
treefb26c83f92576493a797875a09c352738024b18f /src/vnet/ipsec
parent45d8f85daa2dfdc482beb5a8190fdfaecfeac089 (diff)
IPSEC: 4o6 and 6o4 for tunnel interfaces
Change-Id: I4d3ba18ab5205317219989de55b6e50d3b1d8a79 Signed-off-by: Neale Ranns <nranns@cisco.com>
Diffstat (limited to 'src/vnet/ipsec')
-rw-r--r--src/vnet/ipsec/esp_encrypt.c6
1 files changed, 4 insertions, 2 deletions
diff --git a/src/vnet/ipsec/esp_encrypt.c b/src/vnet/ipsec/esp_encrypt.c
index ebcf0ed8e08..c08ea7f6c10 100644
--- a/src/vnet/ipsec/esp_encrypt.c
+++ b/src/vnet/ipsec/esp_encrypt.c
@@ -330,7 +330,8 @@ esp_encrypt_inline (vlib_main_t * vm, vlib_node_runtime_t * node,
hdr_len += len;
ip6 = (ip6_header_t *) (payload - hdr_len);
clib_memcpy_fast (ip6, &sa0->ip6_hdr, len);
- *next_hdr_ptr = IP_PROTOCOL_IPV6;
+ *next_hdr_ptr = (is_ip6 ?
+ IP_PROTOCOL_IPV6 : IP_PROTOCOL_IP_IN_IP);
len = payload_len + hdr_len - len;
ip6->payload_length = clib_net_to_host_u16 (len);
}
@@ -341,7 +342,8 @@ esp_encrypt_inline (vlib_main_t * vm, vlib_node_runtime_t * node,
hdr_len += len;
ip4 = (ip4_header_t *) (payload - hdr_len);
clib_memcpy_fast (ip4, &sa0->ip4_hdr, len);
- *next_hdr_ptr = IP_PROTOCOL_IP_IN_IP;
+ *next_hdr_ptr = (is_ip6 ?
+ IP_PROTOCOL_IPV6 : IP_PROTOCOL_IP_IN_IP);
len = payload_len + hdr_len;
esp_update_ip4_hdr (ip4, len, /* is_transport */ 0, 0);
}