FD.io VPP  v17.01-9-ge7dcee4
Vector Packet Processing
vl_api_ipsec_sad_add_del_entry_t Struct Reference

IPsec: Add/delete Security Association Database entry. More...

Data Fields

u32 client_index
 
u32 context
 
u8 is_add
 
u32 sad_id
 
u32 spi
 
u8 protocol
 
u8 crypto_algorithm
 
u8 crypto_key_length
 
u8 crypto_key [128]
 
u8 integrity_algorithm
 
u8 integrity_key_length
 
u8 integrity_key [128]
 
u8 use_extended_sequence_number
 
u8 is_tunnel
 
u8 is_tunnel_ipv6
 
u8 tunnel_src_address [16]
 
u8 tunnel_dst_address [16]
 

Detailed Description

IPsec: Add/delete Security Association Database entry.

Template Parameters
client_index- opaque cookie to identify the sender
context- sender context, to match reply w/ request
is_add- add SAD entry if non-zero, else delete
sad_id- sad id
spi- security parameter index
protocol- 0 = AH, 1 = ESP
crypto_algorithm- 0 = Null, 1 = AES-CBC-128, 2 = AES-CBC-192, 3 = AES-CBC-256, 4 = 3DES-CBC
crypto_key_length- length of crypto_key in bytes
crypto_key- crypto keying material
integrity_algorithm- 0 = None, 1 = MD5-96, 2 = SHA1-96, 3 = SHA-256, 4 = SHA-384, 5=SHA-512
integrity_key_length- length of integrity_key in bytes
integrity_key- integrity keying material
use_extended_sequence_number- use ESN when non-zero
is_tunnel- IPsec tunnel mode if non-zero, else transport mode
is_tunnel_ipv6- IPsec tunnel mode is IPv6 if non-zero, else IPv4 tunnel only valid if is_tunnel is non-zero
tunnel_src_address- IPsec tunnel source address IPv6 if is_tunnel_ipv6 is non-zero, else IPv4. Only valid if is_tunnel is non-zero
tunnel_dst_address- IPsec tunnel destination address IPv6 if is_tunnel_ipv6 is non-zero, else IPv4. Only valid if is_tunnel is non-zero

To be added: Anti-replay IPsec tunnel address copy mode (to support GDOI)

Definition at line 3186 of file vpe.api.

Field Documentation

u32 vl_api_ipsec_sad_add_del_entry_t::client_index

Definition at line 3188 of file vpe.api.

u32 vl_api_ipsec_sad_add_del_entry_t::context

Definition at line 3189 of file vpe.api.

u8 vl_api_ipsec_sad_add_del_entry_t::crypto_algorithm

Definition at line 3198 of file vpe.api.

u8 vl_api_ipsec_sad_add_del_entry_t::crypto_key[128]

Definition at line 3200 of file vpe.api.

u8 vl_api_ipsec_sad_add_del_entry_t::crypto_key_length

Definition at line 3199 of file vpe.api.

u8 vl_api_ipsec_sad_add_del_entry_t::integrity_algorithm

Definition at line 3202 of file vpe.api.

u8 vl_api_ipsec_sad_add_del_entry_t::integrity_key[128]

Definition at line 3204 of file vpe.api.

u8 vl_api_ipsec_sad_add_del_entry_t::integrity_key_length

Definition at line 3203 of file vpe.api.

u8 vl_api_ipsec_sad_add_del_entry_t::is_add

Definition at line 3190 of file vpe.api.

u8 vl_api_ipsec_sad_add_del_entry_t::is_tunnel

Definition at line 3208 of file vpe.api.

u8 vl_api_ipsec_sad_add_del_entry_t::is_tunnel_ipv6

Definition at line 3209 of file vpe.api.

u8 vl_api_ipsec_sad_add_del_entry_t::protocol

Definition at line 3196 of file vpe.api.

u32 vl_api_ipsec_sad_add_del_entry_t::sad_id

Definition at line 3192 of file vpe.api.

u32 vl_api_ipsec_sad_add_del_entry_t::spi

Definition at line 3194 of file vpe.api.

u8 vl_api_ipsec_sad_add_del_entry_t::tunnel_dst_address[16]

Definition at line 3211 of file vpe.api.

u8 vl_api_ipsec_sad_add_del_entry_t::tunnel_src_address[16]

Definition at line 3210 of file vpe.api.

u8 vl_api_ipsec_sad_add_del_entry_t::use_extended_sequence_number

Definition at line 3206 of file vpe.api.


The documentation for this struct was generated from the following file: