[dpdk-users] IPSEC-SECGW sample application
Gowda, Sandesh
sandesh.gowda at intel.com
Mon Jan 8 09:47:07 CET 2018
Hi Avi,
The application classifies the ports as Protected and Unprotected. Thus, traffic received on an Unprotected or Protected port is consider Inbound or Outbound respectively.
( Refer : http://dpdk.org/doc/guides/sample_app_ug/ipsec_secgw.html )
The Packets sent on a Unprotected network requires Encryption whereas packets on Protected Network can be plain text.
This is the expected behavior.
Regards,
Sandesh
-----Original Message-----
From: users [mailto:users-bounces at dpdk.org] On Behalf Of Avi Cohen (A)
Sent: Sunday, January 07, 2018 9:12 PM
To: users at dpdk.org
Subject: [dpdk-users] IPSEC-SECGW sample application
Hello
I'm using the DPDK17.11 and running the sample app. Ipsec_secgw.
I have 2 ports port 0 is protected and port 1 is unprotected Traffic is received in the unprotected and should be sent to the protected port for encryption But the traffic processing for the traffic received in the unprotected port is going through the **process_pkts_inbound ** .
I expect that the traffic should be directed to the **process_pkts_outbound** [where ESP headers are added etc.] Can someone help ?
This is the config file:
#SP rules
sp ipv4 in esp protect 5 src 1.1.1.2/32 dst 1.1.2.10/32
#SA rules
sa in 5 cipher_algo aes-128-cbc cipher_key 0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0 \
auth_algo sha1-hmac auth_key 0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0 \
mode ipv4-tunnel src 172.16.1.5 dst 172.16.2.5 \
type inline-protocol-offload port_id 0
#Routing rules
rt ipv4 dst 172.16.2.5/32 port 0
rt ipv4 dst 1.1.2.0/24 port 0
rt ipv4 dst 1.1.1.0/24 port 0
and this is the command line to run the applic:
./ipsec-secgw -l 1 -n 2 -- -p 0x3 -P -u 0x2 --config="(0,0,1),(1,0,1)" -f ../ep1.cfg
Best Regards
Avi
More information about the users
mailing list