.. _clicmd_src_vnet_ipsec:

===============================================================
Ipsec cli reference
===============================================================

clear ipsec counters
-------------------------------------------------------------------------

.. code-block:: console

    clear ipsec counters


Declaration: ``clear_ipsec_counters_command`` `src/vnet/ipsec/ipsec_cli.c line 818 <https://github.com/FDio/vpp/blob/master//src/vnet/ipsec/ipsec_cli.c#L818>`_

Implementation: ``clear_ipsec_counters_command_fn``


clear ipsec sa
-------------------------------------------------------------------------

.. code-block:: console

    clear ipsec sa [index]


Declaration: ``clear_ipsec_sa_command`` `src/vnet/ipsec/ipsec_cli.c line 621 <https://github.com/FDio/vpp/blob/master//src/vnet/ipsec/ipsec_cli.c#L621>`_

Implementation: ``clear_ipsec_sa_command_fn``


ipsec itf create
-------------------------------------------------------------------------

.. code-block:: console

    ipsec itf create [instance <instance>] [p2mp]



Create a IPSec interface.

The following two command syntaxes are equivalent:


.. code-block:: console

    ipsec itf create [instance <instance>] [p2mp]


Example of how to create a ipsec interface:


.. code-block:: console

    ipsec itf create



Declaration: ``ipsec_itf_create_command`` `src/vnet/ipsec/ipsec_itf.c line 435 <https://github.com/FDio/vpp/blob/master//src/vnet/ipsec/ipsec_itf.c#L435>`_

Implementation: ``ipsec_itf_create_cli``


ipsec itf delete
-------------------------------------------------------------------------

.. code-block:: console

    ipsec itf delete <interface>



Delete a IPSEC_ITF interface.

The following two command syntaxes are equivalent:


.. code-block:: console

    ipsec itf delete <interface>


Example of how to create a ipsec_itf interface:


.. code-block:: console

    ipsec itf delete ipsec0



Declaration: ``ipsec_itf_delete_command`` `src/vnet/ipsec/ipsec_itf.c line 484 <https://github.com/FDio/vpp/blob/master//src/vnet/ipsec/ipsec_itf.c#L484>`_

Implementation: ``ipsec_itf_delete_cli``


ipsec policy
-------------------------------------------------------------------------

.. code-block:: console

    ipsec policy [add|del] spd <id> priority <n> 


Declaration: ``ipsec_policy_add_del_command`` `src/vnet/ipsec/ipsec_cli.c line 464 <https://github.com/FDio/vpp/blob/master//src/vnet/ipsec/ipsec_cli.c#L464>`_

Implementation: ``ipsec_policy_add_del_command_fn``


ipsec sa
-------------------------------------------------------------------------

.. code-block:: console

    ipsec sa [add|del]


Declaration: ``ipsec_sa_add_del_command`` `src/vnet/ipsec/ipsec_cli.c line 209 <https://github.com/FDio/vpp/blob/master//src/vnet/ipsec/ipsec_cli.c#L209>`_

Implementation: ``ipsec_sa_add_del_command_fn``


ipsec sa bind
-------------------------------------------------------------------------

.. code-block:: console

    ipsec sa [unbind] <sa-id> <worker>


Declaration: ``ipsec_sa_bind_cmd`` `src/vnet/ipsec/ipsec_cli.c line 275 <https://github.com/FDio/vpp/blob/master//src/vnet/ipsec/ipsec_cli.c#L275>`_

Implementation: ``ipsec_sa_bind_cli``


ipsec select backend
-------------------------------------------------------------------------

.. code-block:: console

    ipsec select backend <ah|esp> <backend index>


Declaration: ``ipsec_select_backend_command`` `src/vnet/ipsec/ipsec_cli.c line 798 <https://github.com/FDio/vpp/blob/master//src/vnet/ipsec/ipsec_cli.c#L798>`_

Implementation: ``ipsec_select_backend_command_fn``


ipsec spd
-------------------------------------------------------------------------

.. code-block:: console

    ipsec spd [add|del] <id>


Declaration: ``ipsec_spd_add_del_command`` `src/vnet/ipsec/ipsec_cli.c line 324 <https://github.com/FDio/vpp/blob/master//src/vnet/ipsec/ipsec_cli.c#L324>`_

Implementation: ``ipsec_spd_add_del_command_fn``


ipsec tunnel protect
-------------------------------------------------------------------------

.. code-block:: console

    ipsec tunnel protect <interface> input-sa <SA> output-sa <SA> [add|del]


Declaration: ``ipsec_tun_protect_cmd_node`` `src/vnet/ipsec/ipsec_cli.c line 872 <https://github.com/FDio/vpp/blob/master//src/vnet/ipsec/ipsec_cli.c#L872>`_

Implementation: ``ipsec_tun_protect_cmd``


set interface ipsec spd
-------------------------------------------------------------------------

.. code-block:: console

    set interface ipsec spd <int> <id>


Declaration: ``set_interface_spd_command`` `src/vnet/ipsec/ipsec_cli.c line 74 <https://github.com/FDio/vpp/blob/master//src/vnet/ipsec/ipsec_cli.c#L74>`_

Implementation: ``set_interface_spd_command_fn``


set ipsec async mode
-------------------------------------------------------------------------

.. code-block:: console

    set ipsec async mode on|off


Declaration: ``set_async_mode_command`` `src/vnet/ipsec/ipsec_cli.c line 989 <https://github.com/FDio/vpp/blob/master//src/vnet/ipsec/ipsec_cli.c#L989>`_

Implementation: ``set_async_mode_command_fn``


show ipsec all
-------------------------------------------------------------------------

.. code-block:: console

    show ipsec all


Declaration: ``show_ipsec_command`` `src/vnet/ipsec/ipsec_cli.c line 549 <https://github.com/FDio/vpp/blob/master//src/vnet/ipsec/ipsec_cli.c#L549>`_

Implementation: ``show_ipsec_command_fn``


show ipsec backends
-------------------------------------------------------------------------

.. code-block:: console

    show ipsec backends


Declaration: ``ipsec_show_backends_command`` `src/vnet/ipsec/ipsec_cli.c line 732 <https://github.com/FDio/vpp/blob/master//src/vnet/ipsec/ipsec_cli.c#L732>`_

Implementation: ``ipsec_show_backends_command_fn``


show ipsec interface
-------------------------------------------------------------------------

.. code-block:: console

    show ipsec interface


Declaration: ``ipsec_interface_show_node`` `src/vnet/ipsec/ipsec_itf.c line 507 <https://github.com/FDio/vpp/blob/master//src/vnet/ipsec/ipsec_itf.c#L507>`_

Implementation: ``ipsec_interface_show``


show ipsec protect
-------------------------------------------------------------------------

.. code-block:: console

    show ipsec protect


Declaration: ``ipsec_tun_protect_show_node`` `src/vnet/ipsec/ipsec_cli.c line 893 <https://github.com/FDio/vpp/blob/master//src/vnet/ipsec/ipsec_cli.c#L893>`_

Implementation: ``ipsec_tun_protect_show``


show ipsec protect-hash
-------------------------------------------------------------------------

.. code-block:: console

    show ipsec protect-hash


Declaration: ``ipsec_tun_protect_hash_show_node`` `src/vnet/ipsec/ipsec_cli.c line 947 <https://github.com/FDio/vpp/blob/master//src/vnet/ipsec/ipsec_cli.c#L947>`_

Implementation: ``ipsec_tun_protect_hash_show``


show ipsec sa
-------------------------------------------------------------------------

.. code-block:: console

    show ipsec sa [index]


Declaration: ``show_ipsec_sa_command`` `src/vnet/ipsec/ipsec_cli.c line 615 <https://github.com/FDio/vpp/blob/master//src/vnet/ipsec/ipsec_cli.c#L615>`_

Implementation: ``show_ipsec_sa_command_fn``


show ipsec spd
-------------------------------------------------------------------------

.. code-block:: console

    show ipsec spd [index]


Declaration: ``show_ipsec_spd_command`` `src/vnet/ipsec/ipsec_cli.c line 655 <https://github.com/FDio/vpp/blob/master//src/vnet/ipsec/ipsec_cli.c#L655>`_

Implementation: ``show_ipsec_spd_command_fn``


show ipsec tunnel
-------------------------------------------------------------------------

.. code-block:: console

    show ipsec tunnel


Declaration: ``show_ipsec_tunnel_command`` `src/vnet/ipsec/ipsec_cli.c line 671 <https://github.com/FDio/vpp/blob/master//src/vnet/ipsec/ipsec_cli.c#L671>`_

Implementation: ``show_ipsec_tunnel_command_fn``