diff options
| author |   Matus Fabian <matfabia@cisco.com> | 2016-08-10 01:55:36 -0700 |
|---|---|---|
| committer |   Keith Burns <alagalah@gmail.com> | 2016-08-17 23:21:46 +0000 |
| commit | 694265d4f10dc86bd27bfd29a2b7c49440aeb6b5 (patch) | |
| tree | 48dac360be791a6de945b4eaf1eca495ef08ef0a /vnet/vnet/ipsec/ipsec.h | |
| parent | 0c25d1f2a872e693d22b81f1d9cd48cc46b10cc1 (diff) | |
VPP-202: L2-GRE over IPSecv16.12-rc0
GRE encapsulate layer 2 traffic and IPSec encrypt what is encapsulated by GRE.
The whole point of L2-GRE over IPSec is to tunnel layer 2 over GRE and IPSec by
bridging the physical interface with IPSec-GRE tunnel interface.
Change-Id: Ia4cf9ed407bf663770e0d8905c0ad44ce73bd23b
Signed-off-by: Matus Fabian <matfabia@cisco.com>
Diffstat (limited to 'vnet/vnet/ipsec/ipsec.h')
| -rw-r--r-- | vnet/vnet/ipsec/ipsec.h | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/vnet/vnet/ipsec/ipsec.h b/vnet/vnet/ipsec/ipsec.h index 5b88c8278fb..fd3e8a361d1 100644 --- a/vnet/vnet/ipsec/ipsec.h +++ b/vnet/vnet/ipsec/ipsec.h @@ -16,6 +16,8 @@ #include <vnet/devices/dpdk/dpdk.h> #endif +#define IPSEC_FLAG_IPSEC_GRE_TUNNEL (1 << 0) + #define foreach_ipsec_policy_action \ _(0, BYPASS, "bypass") \ _(1, DISCARD, "discard") \ @@ -127,6 +129,15 @@ typedef struct u8 remote_integ_key[128]; } ipsec_add_del_tunnel_args_t; +typedef struct +{ + u8 is_add; + u32 local_sa_id; + u32 remote_sa_id; + ip4_address_t local_ip; + ip4_address_t remote_ip; +} ipsec_add_del_ipsec_gre_tunnel_args_t; + typedef enum { IPSEC_IF_SET_KEY_TYPE_NONE, @@ -243,6 +254,7 @@ int ipsec_add_del_policy (vlib_main_t * vm, ipsec_policy_t * policy, int ipsec_add_del_sa (vlib_main_t * vm, ipsec_sa_t * new_sa, int is_add); int ipsec_set_sa_key (vlib_main_t * vm, ipsec_sa_t * sa_update); +u32 ipsec_get_sa_index_by_sa_id (u32 sa_id); u8 *format_ipsec_if_output_trace (u8 * s, va_list * args); u8 *format_ipsec_policy_action (u8 * s, va_list * args); u8 *format_ipsec_crypto_alg (u8 * s, va_list * args); @@ -254,6 +266,9 @@ uword unformat_ipsec_integ_alg (unformat_input_t * input, va_list * args); /*u32 ipsec_add_del_tunnel_if (vnet_main_t * vnm, ipsec_add_del_tunnel_args_t * args); */ int ipsec_add_del_tunnel_if (ipsec_add_del_tunnel_args_t * args); +int ipsec_add_del_ipsec_gre_tunnel (vnet_main_t * vnm, + ipsec_add_del_ipsec_gre_tunnel_args_t * + args); int ipsec_set_interface_key (vnet_main_t * vnm, u32 hw_if_index, ipsec_if_set_key_type_t type, u8 alg, u8 * key); |