IPsec: Add/delete Security Association Database entry. More...

Data Fields
u32	client_index

u32	context

u8	is_add

u32	sad_id

u32	spi

u8	protocol

u8	crypto_algorithm

u8	crypto_key_length

u8	crypto_key [128]

u8	integrity_algorithm

u8	integrity_key_length

u8	integrity_key [128]

u8	use_extended_sequence_number

u8	is_tunnel

u8	is_tunnel_ipv6

u8	tunnel_src_address [16]

u8	tunnel_dst_address [16]

Detailed Description

IPsec: Add/delete Security Association Database entry.

Template Parameters

client_index	- opaque cookie to identify the sender
context	- sender context, to match reply w/ request
is_add	- add SAD entry if non-zero, else delete
sad_id	- sad id
spi	- security parameter index
protocol	- 0 = AH, 1 = ESP
crypto_algorithm	- 0 = Null, 1 = AES-CBC-128, 2 = AES-CBC-192, 3 = AES-CBC-256, 4 = 3DES-CBC
crypto_key_length	- length of crypto_key in bytes
crypto_key	- crypto keying material
integrity_algorithm	- 0 = None, 1 = MD5-96, 2 = SHA1-96, 3 = SHA-256, 4 = SHA-384, 5=SHA-512
integrity_key_length	- length of integrity_key in bytes
integrity_key	- integrity keying material
use_extended_sequence_number	- use ESN when non-zero
is_tunnel	- IPsec tunnel mode if non-zero, else transport mode
is_tunnel_ipv6	- IPsec tunnel mode is IPv6 if non-zero, else IPv4 tunnel only valid if is_tunnel is non-zero
tunnel_src_address	- IPsec tunnel source address IPv6 if is_tunnel_ipv6 is non-zero, else IPv4. Only valid if is_tunnel is non-zero
tunnel_dst_address	- IPsec tunnel destination address IPv6 if is_tunnel_ipv6 is non-zero, else IPv4. Only valid if is_tunnel is non-zero

To be added: Anti-replay IPsec tunnel address copy mode (to support GDOI)

Definition at line 3354 of file vpe.api.

Field Documentation

u32 vl_api_ipsec_sad_add_del_entry_t::client_index

Definition at line 3356 of file vpe.api.

u32 vl_api_ipsec_sad_add_del_entry_t::context

Definition at line 3357 of file vpe.api.

u8 vl_api_ipsec_sad_add_del_entry_t::crypto_algorithm

Definition at line 3366 of file vpe.api.

u8 vl_api_ipsec_sad_add_del_entry_t::crypto_key[128]

Definition at line 3368 of file vpe.api.

u8 vl_api_ipsec_sad_add_del_entry_t::crypto_key_length

Definition at line 3367 of file vpe.api.

u8 vl_api_ipsec_sad_add_del_entry_t::integrity_algorithm

Definition at line 3370 of file vpe.api.

u8 vl_api_ipsec_sad_add_del_entry_t::integrity_key[128]

Definition at line 3372 of file vpe.api.

u8 vl_api_ipsec_sad_add_del_entry_t::integrity_key_length

Definition at line 3371 of file vpe.api.

u8 vl_api_ipsec_sad_add_del_entry_t::is_add

Definition at line 3358 of file vpe.api.

u8 vl_api_ipsec_sad_add_del_entry_t::is_tunnel

Definition at line 3376 of file vpe.api.

u8 vl_api_ipsec_sad_add_del_entry_t::is_tunnel_ipv6

Definition at line 3377 of file vpe.api.

u8 vl_api_ipsec_sad_add_del_entry_t::protocol

Definition at line 3364 of file vpe.api.

u32 vl_api_ipsec_sad_add_del_entry_t::sad_id

Definition at line 3360 of file vpe.api.

u32 vl_api_ipsec_sad_add_del_entry_t::spi

Definition at line 3362 of file vpe.api.

u8 vl_api_ipsec_sad_add_del_entry_t::tunnel_dst_address[16]

Definition at line 3379 of file vpe.api.

u8 vl_api_ipsec_sad_add_del_entry_t::tunnel_src_address[16]

Definition at line 3378 of file vpe.api.

u8 vl_api_ipsec_sad_add_del_entry_t::use_extended_sequence_number

Definition at line 3374 of file vpe.api.

The documentation for this struct was generated from the following file: