From patchwork Wed Nov 6 15:48:14 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Lukas Bartosik [C]" X-Patchwork-Id: 62568 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id 29A62A04AB; Wed, 6 Nov 2019 16:48:23 +0100 (CET) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 6ED051C2A9; Wed, 6 Nov 2019 16:48:22 +0100 (CET) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by dpdk.org (Postfix) with ESMTP id C34C41C2A4 for ; Wed, 6 Nov 2019 16:48:21 +0100 (CET) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id xA6FjYSA003748; Wed, 6 Nov 2019 07:48:20 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : mime-version : content-type; s=pfpt0818; bh=fUG/XCoHdC4Ek5siR1IDtiwzr3wSJDG2x0T1ZSOeTFU=; b=GJVUwAo138d+YoS+DAyiMVSWIQR1CfUwD9TyNjgCZwbxyX8oa+UrKxDrPGmCSJEqV5rz RnjvEzOP5HVaBaYdRIQjkOno1m+gYg6iqxKYUUGo6Z2wpIhnZH+dUjxu9G4z+IlQwwdq oqxv0vzdXl2Jf6NtFHl5I/n/PhBc/fvv4Idp9VvdUtfDxtgNZS4JH01AAo7LRtsaaruP FnMcz8CN/HEPzaXFehPSmhKCP3+Xi5In3YI2j8fSeU/Y5TfZsjsoTLh5EIPKd7vYIQqB dx4Oe5cSBZXw8lNvkh6uvsrL3+53yMFqw2gtbG1YxeVBeXHgTDDbqKlh2j+6yyPNCOl2 zA== Received: from sc-exch03.marvell.com ([199.233.58.183]) by mx0b-0016f401.pphosted.com with ESMTP id 2w19an0gn9-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Wed, 06 Nov 2019 07:48:20 -0800 Received: from SC-EXCH01.marvell.com (10.93.176.81) by SC-EXCH03.marvell.com (10.93.176.83) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Wed, 6 Nov 2019 07:48:19 -0800 Received: from maili.marvell.com (10.93.176.43) by SC-EXCH01.marvell.com (10.93.176.81) with Microsoft SMTP Server id 15.0.1367.3 via Frontend Transport; Wed, 6 Nov 2019 07:48:18 -0800 Received: from luke.marvell.com (unknown [10.95.130.18]) by maili.marvell.com (Postfix) with ESMTP id 3DED43F703F; Wed, 6 Nov 2019 07:48:17 -0800 (PST) From: Lukasz Bartosik To: , , CC: , , Lukasz Bartosik Date: Wed, 6 Nov 2019 16:48:14 +0100 Message-ID: <1573055294-32502-1-git-send-email-lbartosik@marvell.com> X-Mailer: git-send-email 2.7.4 MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.95,18.0.572 definitions=2019-11-06_05:2019-11-06,2019-11-06 signatures=0 Subject: [dpdk-dev] [PATCH] examples/ipsec-secgw: update default configuration X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" Update default configuration of ipsec-secgw: 1.In ep0.cfg change SPI value used by two inbound IPv6 security policies from 15 to 115 and 16 to 116 to point to existing inbound SAs. There are no inbound SAs with SPI value 15, 16. - In ep1.cfg change SPI value used by two outbound IPv6 security policies from 15 to 115 and 16 to 116 to point to existing outbound SAs. There are no outbound SAs with SPI value 15, 16. Add missing priority parameter in two inbound IPv4 security policies. Signed-off-by: Lukasz Bartosik Acked-by: Anoob Joseph Acked-by: Akhil Goyal --- examples/ipsec-secgw/ep0.cfg | 8 ++++---- examples/ipsec-secgw/ep1.cfg | 12 ++++++------ 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/examples/ipsec-secgw/ep0.cfg b/examples/ipsec-secgw/ep0.cfg index 299aa9e..dfd4aca 100644 --- a/examples/ipsec-secgw/ep0.cfg +++ b/examples/ipsec-secgw/ep0.cfg @@ -49,14 +49,14 @@ sport 0:65535 dport 0:65535 sp ipv6 out esp protect 26 pri 1 dst 0000:0000:0000:0000:bbbb:bbbb:0000:0000/96 \ sport 0:65535 dport 0:65535 -sp ipv6 in esp protect 15 pri 1 dst ffff:0000:0000:0000:5555:5555:0000:0000/96 \ -sport 0:65535 dport 0:65535 -sp ipv6 in esp protect 16 pri 1 dst ffff:0000:0000:0000:6666:6666:0000:0000/96 \ -sport 0:65535 dport 0:65535 sp ipv6 in esp protect 110 pri 1 dst ffff:0000:1111:1111:0000:0000:0000:0000/96 \ sport 0:65535 dport 0:65535 sp ipv6 in esp protect 111 pri 1 dst ffff:0000:1111:1111:1111:1111:0000:0000/96 \ sport 0:65535 dport 0:65535 +sp ipv6 in esp protect 115 pri 1 dst ffff:0000:0000:0000:5555:5555:0000:0000/96 \ +sport 0:65535 dport 0:65535 +sp ipv6 in esp protect 116 pri 1 dst ffff:0000:0000:0000:6666:6666:0000:0000/96 \ +sport 0:65535 dport 0:65535 sp ipv6 in esp protect 125 pri 1 dst ffff:0000:0000:0000:aaaa:aaaa:0000:0000/96 \ sport 0:65535 dport 0:65535 sp ipv6 in esp protect 126 pri 1 dst ffff:0000:0000:0000:bbbb:bbbb:0000:0000/96 \ diff --git a/examples/ipsec-secgw/ep1.cfg b/examples/ipsec-secgw/ep1.cfg index 3f6ff81..19bdc68 100644 --- a/examples/ipsec-secgw/ep1.cfg +++ b/examples/ipsec-secgw/ep1.cfg @@ -19,8 +19,8 @@ sp ipv4 in esp protect 15 pri 1 dst 192.168.200.0/24 sport 0:65535 dport 0:65535 sp ipv4 in esp protect 16 pri 1 dst 192.168.201.0/24 sport 0:65535 dport 0:65535 sp ipv4 in esp protect 25 pri 1 dst 192.168.55.0/24 sport 0:65535 dport 0:65535 sp ipv4 in esp protect 26 pri 1 dst 192.168.56.0/24 sport 0:65535 dport 0:65535 -sp ipv4 in esp bypass dst 192.168.240.0/24 sport 0:65535 dport 0:65535 -sp ipv4 in esp bypass dst 192.168.241.0/24 sport 0:65535 dport 0:65535 +sp ipv4 in esp bypass pri 1 dst 192.168.240.0/24 sport 0:65535 dport 0:65535 +sp ipv4 in esp bypass pri 1 dst 192.168.241.0/24 sport 0:65535 dport 0:65535 sp ipv4 out esp protect 105 pri 1 dst 192.168.115.0/24 sport 0:65535 dport 0:65535 sp ipv4 out esp protect 106 pri 1 dst 192.168.116.0/24 sport 0:65535 dport 0:65535 @@ -49,14 +49,14 @@ sport 0:65535 dport 0:65535 sp ipv6 in esp protect 26 pri 1 dst 0000:0000:0000:0000:bbbb:bbbb:0000:0000/96 \ sport 0:65535 dport 0:65535 -sp ipv6 out esp protect 15 pri 1 dst ffff:0000:0000:0000:5555:5555:0000:0000/96 \ -sport 0:65535 dport 0:65535 -sp ipv6 out esp protect 16 pri 1 dst ffff:0000:0000:0000:6666:6666:0000:0000/96 \ -sport 0:65535 dport 0:65535 sp ipv6 out esp protect 110 pri 1 dst ffff:0000:1111:1111:0000:0000:0000:0000/96 \ sport 0:65535 dport 0:65535 sp ipv6 out esp protect 111 pri 1 dst ffff:0000:1111:1111:1111:1111:0000:0000/96 \ sport 0:65535 dport 0:65535 +sp ipv6 out esp protect 115 pri 1 dst ffff:0000:0000:0000:5555:5555:0000:0000/96 \ +sport 0:65535 dport 0:65535 +sp ipv6 out esp protect 116 pri 1 dst ffff:0000:0000:0000:6666:6666:0000:0000/96 \ +sport 0:65535 dport 0:65535 sp ipv6 out esp protect 125 pri 1 dst ffff:0000:0000:0000:aaaa:aaaa:0000:0000/96 \ sport 0:65535 dport 0:65535 sp ipv6 out esp protect 126 pri 1 dst ffff:0000:0000:0000:bbbb:bbbb:0000:0000/96 \