From abc5660c61698fa29252dc202358002a97f2608c Mon Sep 17 00:00:00 2001 From: Neale Ranns Date: Wed, 1 Apr 2020 09:45:23 +0000 Subject: ipsec: User can choose the UDP source port Type: feature thus allowing NAT traversal, Signed-off-by: Neale Ranns Change-Id: Ie8650ceeb5074f98c68d2d90f6adc2f18afeba08 Signed-off-by: Paul Vinciguerra --- src/vnet/ipsec/ipsec_types.api | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'src/vnet/ipsec/ipsec_types.api') diff --git a/src/vnet/ipsec/ipsec_types.api b/src/vnet/ipsec/ipsec_types.api index f393fc879b9..715f3de0e12 100644 --- a/src/vnet/ipsec/ipsec_types.api +++ b/src/vnet/ipsec/ipsec_types.api @@ -104,6 +104,10 @@ typedef key @param tunnel_dst_address - IPsec tunnel destination address IPv6 if is_tunnel_ipv6 is non-zero, else IPv4. Only valid if is_tunnel is non-zero @param tx_table_id - the FIB id used for encapsulated packets @param salt - for use with counter mode ciphers + @param udp_src_port - If using UDP Encapsulation, use this source port for + TX. It is ignored for RX. + @param udp_dst_port - If using UDP Encapsulation, use this destination port + for TX. Expect traffic on this port for RX. */ typedef ipsec_sad_entry { @@ -125,6 +129,8 @@ typedef ipsec_sad_entry vl_api_address_t tunnel_dst; u32 tx_table_id; u32 salt; + u16 udp_src_port [default=4500]; + u16 udp_dst_port [default=4500]; }; /* -- cgit 1.2.3-korg