From 4362baa33c00b93d07f6648c87c064c96900f4df Mon Sep 17 00:00:00 2001
From: Filip Tehlar <ftehlar@cisco.com>
Date: Thu, 2 Apr 2020 13:13:39 +0000
Subject: ikev2: add support for NAT traversal

Type: feature

* initiator behind NAT supported
* tested with static NAT mappings
* works only with pre-configured tunnels

The pre-configured tunnel has to be defined as follows:

initiator (i) side: src=ip(i) dst=ip(r)
responder (r) side: src=ip(r) dst=ip(nat)

Change-Id: Ia9f79ddbbcc3f7dc8fde6bbeca2a433e3b784e94
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
---
 src/plugins/ikev2/ikev2.h | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'src/plugins/ikev2/ikev2.h')

diff --git a/src/plugins/ikev2/ikev2.h b/src/plugins/ikev2/ikev2.h
index c701e301ce1..26df41d8595 100644
--- a/src/plugins/ikev2/ikev2.h
+++ b/src/plugins/ikev2/ikev2.h
@@ -21,7 +21,8 @@
 #include <vppinfra/error.h>
 
 #define IKEV2_NONCE_SIZE  32
-
+#define IKEV2_PORT        500
+#define IKEV2_PORT_NATT   4500
 #define IKEV2_KEY_PAD "Key Pad for IKEv2"
 
 typedef u8 v8;
@@ -91,6 +92,8 @@ typedef CLIB_PACKED (struct {
 #define IKEV2_PAYLOAD_FLAG_CRITICAL      (1<<7)
 
 #define IKEV2_PAYLOAD_NONE      0
+#define IKEV2_PAYLOAD_NAT_D     20
+#define IKEV2_PAYLOAD_NAT_OA    21
 #define IKEV2_PAYLOAD_SA        33
 #define IKEV2_PAYLOAD_KE        34
 #define IKEV2_PAYLOAD_IDI       35
-- 
cgit 1.2.3-korg