[dpdk-users] IPSEC-SECGW sample application

[Gowda, Sandesh]

Hi Avi,

 The application classifies the ports as Protected and Unprotected. Thus, traffic received on an Unprotected or Protected port is consider Inbound or Outbound respectively.
( Refer : http://dpdk.org/doc/guides/sample_app_ug/ipsec_secgw.html  )

 The Packets sent on a  Unprotected network requires Encryption whereas packets on Protected Network can be plain text.
 This is the expected behavior.

 Regards,
 Sandesh


 

-----Original Message-----
From: users [mailto:users-bounces at dpdk.org] On Behalf Of Avi Cohen (A)
Sent: Sunday, January 07, 2018 9:12 PM
To: users at dpdk.org
Subject: [dpdk-users] IPSEC-SECGW sample application


Hello
I'm using the DPDK17.11 and running the sample app. Ipsec_secgw.
I have 2 ports port 0 is protected and port 1 is unprotected Traffic is received in the unprotected and should be sent to the protected  port  for encryption But the traffic processing for the traffic received in the unprotected port is going through the **process_pkts_inbound ** .
I expect that the traffic should be directed to the  **process_pkts_outbound**  [where ESP headers are added etc.] Can someone help ?


This is the config file:

#SP rules
sp ipv4 in esp protect 5 src 1.1.1.2/32 dst 1.1.2.10/32 
#SA rules
sa in 5 cipher_algo aes-128-cbc cipher_key 0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0 \
auth_algo sha1-hmac auth_key 0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0 \
mode ipv4-tunnel src 172.16.1.5 dst 172.16.2.5 \
type inline-protocol-offload port_id 0
#Routing rules
rt ipv4 dst 172.16.2.5/32 port 0
rt ipv4 dst 1.1.2.0/24 port 0
rt ipv4 dst 1.1.1.0/24 port 0


and this is the command line to run the applic:

./ipsec-secgw -l 1 -n 2 -- -p 0x3 -P -u 0x2 --config="(0,0,1),(1,0,1)" -f ../ep1.cfg


Best Regards
Avi