FD.io VPP  v21.06-3-gbb25fbf28
Vector Packet Processing
ikev2.api
Go to the documentation of this file.
1 /* Hey Emacs use -*- mode: C -*- */
2 /*
3  * Copyright (c) 2015-2020 Cisco and/or its affiliates.
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at:
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 option version = "1.0.1";
18 
19 import "plugins/ikev2/ikev2_types.api";
20 import "vnet/ip/ip_types.api";
21 import "vnet/interface_types.api";
22 
23 /** \brief Get the plugin version
24  @param client_index - opaque cookie to identify the sender
25  @param context - sender context, to match reply w/ request
26 */
27 define ikev2_plugin_get_version
28 {
31 };
32 
33 /** \brief Reply to get the plugin version
34  @param context - returned sender context, to match reply w/ request
35  @param major - Incremented every time a known breaking behavior change is introduced
36  @param minor - Incremented with small changes, may be used to avoid buggy versions
37 */
38 define ikev2_plugin_get_version_reply
39 {
43 };
44 
45 /** \brief Dump all profiles
46  @param client_index - opaque cookie to identify the sender
47  @param context - sender context, to match reply w/ request
48 */
49 define ikev2_profile_dump
50 {
53  option status="in_progress";
54 };
55 
56 /** \brief Details about all profiles
57  @param context - returned sender context, to match reply w/ request
58  @param profile - profile element with encapsulated attributes
59 */
60 define ikev2_profile_details
61 {
63  vl_api_ikev2_profile_t profile;
64  option status="in_progress";
65 };
66 
67 /** \brief Dump all SAs
68  @param client_index - opaque cookie to identify the sender
69  @param context - sender context, to match reply w/ request
70 */
71 define ikev2_sa_dump
72 {
75 
76  option status = "in_progress";
77 };
78 
79 /** \brief Details about IKE SA
80  @param context - sender context, to match reply w/ request
81  @param retval - return code
82  @param sa - SA data
83 */
84 define ikev2_sa_details
85 {
88 
89  vl_api_ikev2_sa_t sa;
90  option status = "in_progress";
91 };
92 
93 /** \brief Dump child SA of specific SA
94  @param client_index - opaque cookie to identify the sender
95  @param context - sender context, to match reply w/ request
96  @param sa_index - index of specific sa
97 */
98 define ikev2_child_sa_dump
99 {
102 
104  option vat_help = "sa_index <index>";
105  option status = "in_progress";
106 };
107 
108 /** \brief Child SA details
109  @param context - sender context, to match reply w/ request
110  @param retval - return code
111  @param child_sa - child SA data
112 */
113 define ikev2_child_sa_details
114 {
117 
118  vl_api_ikev2_child_sa_t child_sa;
119  option status = "in_progress";
120 };
121 
122 /** \brief get specific nonce
123  @param client_index - opaque cookie to identify the sender
124  @param context - sender context, to match reply w/ request
125  @param is_initiator - specify type initiator|responder of nonce
126  @param sa_index - index of specific sa
127 */
128 define ikev2_nonce_get
129 {
132 
135  option vat_help = "initiator|responder sa_index <index>";
136  option status = "in_progress";
137 };
138 
139 /** \brief reply on specific nonce
140  @param context - sender context, to match reply w/ request
141  @param retval - return code
142  @param data_len - nonce length
143  @param nonce - nonce data
144 */
145 
146 define ikev2_nonce_get_reply
147 {
150 
152  u8 nonce[data_len];
153  option status = "in_progress";
154 };
155 
156 /** \brief dump traffic selectors
157  @param client_index - opaque cookie to identify the sender
158  @param context - sender context, to match reply w/ request
159  @param is_initiator - specify type initiator|responder of nonce
160  @param sa_index - index of specific sa
161  @param child_sa_index - index of specific sa child of specific sa
162 */
163 
164 define ikev2_traffic_selector_dump
165 {
168 
172  option vat_help = "initiator|responder sa_index <index> child_sa_index <index>";
173  option status = "in_progress";
174 };
175 
176 /** \brief details on specific traffic selector
177  @param context - sender context, to match reply w/ request
178  @param retval - return code
179  @param ts - traffic selector data
180 */
181 
182 define ikev2_traffic_selector_details
183 {
186 
187  vl_api_ikev2_ts_t ts;
188  option status = "in_progress";
189 };
190 
191 /** \brief IKEv2: Add/delete profile
192  @param client_index - opaque cookie to identify the sender
193  @param context - sender context, to match reply w/ request
194  @param name - IKEv2 profile name
195  @param is_add - Add IKEv2 profile if non-zero, else delete
196 */
197 autoreply define ikev2_profile_add_del
198 {
201 
202  string name[64];
203  bool is_add;
204  option vat_help = "name <profile_name> [del]";
205  option status="in_progress";
206 };
207 
208 /** \brief IKEv2: Set IKEv2 profile authentication method
209  @param client_index - opaque cookie to identify the sender
210  @param context - sender context, to match reply w/ request
211  @param name - IKEv2 profile name
212  @param auth_method - IKEv2 authentication method (shared-key-mic/rsa-sig)
213  @param is_hex - Authentication data in hex format if non-zero, else string
214  @param data_len - Authentication data length
215  @param data - Authentication data (for rsa-sig cert file path)
216 */
217 autoreply define ikev2_profile_set_auth
218 {
221 
222  string name[64];
224  bool is_hex;
227  option vat_help = "name <profile_name> auth_method <method> (auth_data 0x<data> | auth_data <data>)";
228  option status="in_progress";
229 };
230 
231 /** \brief IKEv2: Set IKEv2 profile local/remote identification
232  @param client_index - opaque cookie to identify the sender
233  @param context - sender context, to match reply w/ request
234  @param name - IKEv2 profile name
235  @param is_local - Identification is local if non-zero, else remote
236  @param id_type - Identification type
237  @param data_len - Identification data length
238  @param data - Identification data
239 */
240 autoreply define ikev2_profile_set_id
241 {
244 
245  string name[64];
246  bool is_local;
250  option vat_help = "name <profile_name> id_type <type> (id_data 0x<data> | id_data <data>) (local|remote)";
251  option status="in_progress";
252 };
253 
254 /** \brief IKEv2: Disable NAT traversal
255  @param client_index - opaque cookie to identify the sender
256  @param context - sender context, to match reply w/ request
257  @param name - IKEv2 profile name
258 */
259 autoreply define ikev2_profile_disable_natt
260 {
263 
264  string name[64];
265  option status="in_progress";
266 };
267 
268 /** \brief IKEv2: Set IKEv2 profile traffic selector parameters
269  @param client_index - opaque cookie to identify the sender
270  @param context - sender context, to match reply w/ request
271  @param name - IKEv2 profile name
272  @param ts - traffic selector data
273 */
274 autoreply define ikev2_profile_set_ts
275 {
278 
279  string name[64];
280  vl_api_ikev2_ts_t ts;
281  option vat_help = "name <profile_name> protocol <proto> start_port <port> end_port <port> start_addr <ip> end_addr <ip> (local|remote)";
282  option status="in_progress";
283 };
284 
285 /** \brief IKEv2: Set IKEv2 local RSA private key
286  @param client_index - opaque cookie to identify the sender
287  @param context - sender context, to match reply w/ request
288  @param key_file - Key file absolute path
289 */
290 autoreply define ikev2_set_local_key
291 {
294 
295  string key_file[256];
296  option vat_help = "file <absolute_file_path>";
297  option status="in_progress";
298 };
299 
300 /** \brief IKEv2: Set the tunnel interface which will be protected by IKE
301  If this API is not called, a new tunnel will be created
302  @param client_index - opaque cookie to identify the sender
303  @param context - sender context, to match reply w/ request
304  @param name - IKEv2 profile name
305  @param sw_if_index - Of an existing tunnel
306 */
307 autoreply define ikev2_set_tunnel_interface
308 {
311  string name[64];
312 
313  vl_api_interface_index_t sw_if_index;
314  option status="in_progress";
315 };
316 
317 /** \brief IKEv2: Set IKEv2 responder interface and IP address
318  @param client_index - opaque cookie to identify the sender
319  @param context - sender context, to match reply w/ request
320  @param name - IKEv2 profile name
321  @param responder - responder data
322 */
323 autoreply define ikev2_set_responder
324 {
327 
328  string name[64];
329  vl_api_ikev2_responder_t responder;
330  option vat_help = "<profile_name> interface <interface> address <addr>";
331  option status="in_progress";
332 };
333 
334 autoreply define ikev2_set_responder_hostname
335 {
338 
339  string name[64];
340  string hostname[64];
341  vl_api_interface_index_t sw_if_index;
342  option status="in_progress";
343 };
344 
345 /** \brief IKEv2: Set IKEv2 IKE transforms in SA_INIT proposal (RFC 7296)
346  @param client_index - opaque cookie to identify the sender
347  @param context - sender context, to match reply w/ request
348  @param name - IKEv2 profile name
349  @param tr - IKE transforms
350 */
351 autoreply define ikev2_set_ike_transforms
352 {
355 
356  string name[64];
357  vl_api_ikev2_ike_transforms_t tr;
358  option vat_help = "<profile_name> <crypto alg> <key size> <integrity alg> <DH group>";
359  option status="in_progress";
360 };
361 
362 /** \brief IKEv2: Set IKEv2 ESP transforms in SA_INIT proposal (RFC 7296)
363  @param client_index - opaque cookie to identify the sender
364  @param context - sender context, to match reply w/ request
365  @param name - IKEv2 profile name
366  @param tr - ESP transforms
367 */
368 autoreply define ikev2_set_esp_transforms
369 {
372 
373  string name[64];
374  vl_api_ikev2_esp_transforms_t tr;
375  option vat_help = "<profile_name> <crypto alg> <key size> <integrity alg>";
376  option status="in_progress";
377 };
378 
379 /** \brief IKEv2: Set Child SA lifetime, limited by time and/or data
380  @param client_index - opaque cookie to identify the sender
381  @param context - sender context, to match reply w/ request
382  @param name - IKEv2 profile name
383  @param lifetime - SA maximum life time in seconds (0 to disable)
384  @param lifetime_jitter - Jitter added to prevent simultaneous rekeying
385  @param handover - Hand over time
386  @param lifetime_maxdata - SA maximum life time in bytes (0 to disable)
387 */
388 autoreply define ikev2_set_sa_lifetime
389 {
392 
393  string name[64];
398  option vat_help = "<profile_name> <seconds> <jitter> <handover> <max bytes>";
399  option status="in_progress";
400 };
401 
402 /** \brief IKEv2: Initiate the SA_INIT exchange
403  @param client_index - opaque cookie to identify the sender
404  @param context - sender context, to match reply w/ request
405  @param name - IKEv2 profile name
406 */
407 autoreply define ikev2_initiate_sa_init
408 {
411 
412  string name[64];
413  option vat_help = "<profile_name>";
414  option status="in_progress";
415 };
416 
417 /** \brief IKEv2: Initiate the delete IKE SA exchange
418  @param client_index - opaque cookie to identify the sender
419  @param context - sender context, to match reply w/ request
420  @param ispi - IKE SA initiator SPI
421 */
422 autoreply define ikev2_initiate_del_ike_sa
423 {
426 
428  option vat_help = "<ispi>";
429  option status="in_progress";
430 };
431 
432 /** \brief IKEv2: Initiate the delete Child SA exchange
433  @param client_index - opaque cookie to identify the sender
434  @param context - sender context, to match reply w/ request
435  @param ispi - Child SA initiator SPI
436 */
437 autoreply define ikev2_initiate_del_child_sa
438 {
441 
443  option vat_help = "<ispi>";
444  option status="in_progress";
445 };
446 
447 /** \brief IKEv2: Initiate the rekey Child SA exchange
448  @param client_index - opaque cookie to identify the sender
449  @param context - sender context, to match reply w/ request
450  @param ispi - Child SA initiator SPI
451 */
453 {
456 
458  option vat_help = "<ispi>";
459  option status="in_progress";
460 };
461 
462 /** \brief IKEv2: Set UDP encapsulation
463  @param client_index - opaque cookie to identify the sender
464  @param context - sender context, to match reply w/ request
465  @param name - IKEv2 profile name
466 */
467 autoreply define ikev2_profile_set_udp_encap
468 {
471 
472  string name[64];
473  option status="in_progress";
474 };
475 
476 /** \brief IKEv2: Set/unset custom ipsec-over-udp port
477  @param client_index - opaque cookie to identify the sender
478  @param context - sender context, to match reply w/ request
479  @param is_set - whether set or unset custom port
480  @param port - port number
481  @param name - IKEv2 profile name
482 */
483 autoreply define ikev2_profile_set_ipsec_udp_port
484 {
487 
490  string name[64];
491  option status="in_progress";
492 };
493 
494 /** \brief IKEv2: Set liveness parameters
495  @param client_index - opaque cookie to identify the sender
496  @param context - sender context, to match reply w/ request
497  @param period - how often is liveness check performed
498  @param max_retries - max retries for liveness check
499 */
500 autoreply define ikev2_profile_set_liveness
501 {
504 
507  option status="in_progress";
508 };
509 
510 counters ikev2 {
511  processed {
512  severity info;
513  type counter64;
514  units "packets";
515  description "packets processed";
516  };
518  severity info;
520  units "packets";
521  description "IKE SA INIT retransmit";
522  };
524  severity error;
525  type counter64;
526  units "packets";
527  description "IKE_SA_INIT ignore (IKE SA already auth)";
528  };
530  severity error;
531  type counter64;
532  units "packets";
533  description "IKE request retransmit";
534  };
536  severity error;
537  type counter64;
538  units "packets";
539  description "IKE request ignore (old msgid)";
540  };
542  severity error;
543  type counter64;
544  units "packets";
545  description "Non IKEv2 packets received";
546  };
548  severity error;
549  type counter64;
550  units "packets";
551  description "Bad packet length";
552  };
554  severity error;
555  type counter64;
556  units "packets";
557  description "Malformed packet";
558  };
560  severity error;
561  type counter64;
562  units "packets";
563  description "No buffer space";
564  };
566  severity info;
567  type counter64;
568  units "packets";
569  description "IKE keepalive messages received";
570  };
572  severity info;
573  type counter64;
574  units "packets";
575  description "IKE rekey requests received";
576  };
578  severity info;
579  type counter64;
580  units "packets";
581  description "IKE EXCHANGE SA requests received";
582  };
584  severity info;
585  type counter64;
586  units "packets";
587  description "IKE AUTH SA requests received";
588  };
589 };
591  "/err/ikev2-ip4" "ike";
592  "/err/ikev2-ip6" "ike";
593  "/err/ikev2-ip4-natt" "ike";
594 };
595 
596 /*
597  * Local Variables:
598  * eval: (c-set-style "gnu")
599  * End:
600  */
vl_api_ikev2_initiate_rekey_child_sa_t
IKEv2: Initiate the rekey Child SA exchange.
Definition: ikev2.api:452
vl_api_ikev2_set_sa_lifetime_t::vat_help
option vat_help
Definition: ikev2.api:398
vl_api_ikev2_set_local_key_t::status
option status
Definition: ikev2.api:297
vl_api_ikev2_child_sa_dump_t::status
option status
Definition: ikev2.api:105
vl_api_ikev2_profile_set_auth_t::context
u32 context
Definition: ikev2.api:220
vl_api_ikev2_set_tunnel_interface_t::name
string name[64]
Definition: ikev2.api:311
vl_api_ikev2_initiate_del_child_sa_t::client_index
u32 client_index
Definition: ikev2.api:439
vl_api_ikev2_set_local_key_t
IKEv2: Set IKEv2 local RSA private key.
Definition: ikev2.api:290
vl_api_ikev2_set_ike_transforms_t::tr
vl_api_ikev2_ike_transforms_t tr
Definition: ikev2.api:357
ikev2_initiate_rekey_child_sa
clib_error_t * ikev2_initiate_rekey_child_sa(vlib_main_t *vm, u32 ispi)
Definition: ikev2.c:4636
vl_api_ikev2_set_responder_hostname_t::hostname
string hostname[64]
Definition: ikev2.api:340
vl_api_ikev2_nonce_get_reply_t::status
option status
Definition: ikev2.api:153
vl_api_ikev2_nonce_get_reply_t::context
u32 context
Definition: ikev2.api:148
vl_api_ikev2_profile_set_liveness_t::max_retries
u32 max_retries
Definition: ikev2.api:506
vl_api_ikev2_set_tunnel_interface_t::context
u32 context
Definition: ikev2.api:310
vl_api_ikev2_nonce_get_t::is_initiator
bool is_initiator
Definition: ikev2.api:133
vl_api_ikev2_profile_set_ipsec_udp_port_t::is_set
u8 is_set
Definition: ikev2.api:488
vl_api_ikev2_child_sa_dump_t::context
u32 context
Definition: ikev2.api:101
vl_api_ikev2_set_ike_transforms_t::client_index
u32 client_index
Definition: ikev2.api:353
vl_api_ikev2_child_sa_details_t::retval
i32 retval
Definition: ikev2.api:116
vl_api_ikev2_initiate_del_ike_sa_t::ispi
u64 ispi
Definition: ikev2.api:427
vl_api_ikev2_child_sa_dump_t::vat_help
option vat_help
Definition: ikev2.api:104
vl_api_ikev2_child_sa_dump_t::client_index
u32 client_index
Definition: ikev2.api:100
name
string name[64]
Definition: fib.api:25
vl_api_ikev2_set_sa_lifetime_t::handover
u32 handover
Definition: ikev2.api:396
vl_api_ikev2_traffic_selector_details_t::status
option status
Definition: ikev2.api:188
vl_api_ikev2_traffic_selector_details_t::context
u32 context
Definition: ikev2.api:184
paths
paths
Definition: ikev2.api:590
vl_api_ikev2_profile_set_ipsec_udp_port_t::port
u16 port
Definition: ikev2.api:489
vl_api_ikev2_set_ike_transforms_t
IKEv2: Set IKEv2 IKE transforms in SA_INIT proposal (RFC 7296)
Definition: ikev2.api:351
vl_api_ikev2_set_sa_lifetime_t
IKEv2: Set Child SA lifetime, limited by time and/or data.
Definition: ikev2.api:388
vl_api_ikev2_initiate_del_ike_sa_t::client_index
u32 client_index
Definition: ikev2.api:424
bad_length
bad_length
Definition: ikev2.api:547
vl_api_ikev2_traffic_selector_dump_t
dump traffic selectors
Definition: ikev2.api:164
vl_api_ikev2_sa_details_t
Details about IKE SA.
Definition: ikev2.api:84
vl_api_ikev2_set_local_key_t::context
u32 context
Definition: ikev2.api:293
vl_api_ikev2_profile_set_liveness_t::client_index
u32 client_index
Definition: ikev2.api:502
vl_api_ikev2_profile_set_udp_encap_t::context
u32 context
Definition: ikev2.api:470
vl_api_ikev2_profile_set_id_t
IKEv2: Set IKEv2 profile local/remote identification.
Definition: ikev2.api:240
vl_api_ikev2_initiate_rekey_child_sa_t::vat_help
option vat_help
Definition: ikev2.api:458
vl_api_ikev2_child_sa_dump_t
Dump child SA of specific SA.
Definition: ikev2.api:98
vl_api_ikev2_initiate_del_child_sa_t::context
u32 context
Definition: ikev2.api:440
u16
unsigned short u16
Definition: types.h:57
vl_api_ikev2_profile_set_auth_t::data
u8 data[data_len]
Definition: ikev2.api:226
vl_api_ikev2_nonce_get_reply_t::retval
i32 retval
Definition: ikev2.api:149
vl_api_ikev2_sa_dump_t::context
u32 context
Definition: ikev2.api:74
vl_api_ikev2_profile_add_del_t::status
option status
Definition: ikev2.api:205
vl_api_ikev2_initiate_del_ike_sa_t
IKEv2: Initiate the delete IKE SA exchange.
Definition: ikev2.api:422
vl_api_ikev2_profile_set_auth_t::status
option status
Definition: ikev2.api:228
vl_api_ikev2_set_responder_hostname_t::context
u32 context
Definition: ikev2.api:337
vl_api_ikev2_profile_set_ts_t::vat_help
option vat_help
Definition: ikev2.api:281
vl_api_ikev2_profile_dump_t::status
option status
Definition: ikev2.api:53
ikev2_set_local_key
clib_error_t * ikev2_set_local_key(vlib_main_t *vm, u8 *file)
Definition: ikev2.c:3711
vl_api_ikev2_initiate_rekey_child_sa_t::status
option status
Definition: ikev2.api:459
vl_api_ikev2_profile_set_ts_t::ts
vl_api_ikev2_ts_t ts
Definition: ikev2.api:280
vl_api_ikev2_profile_set_auth_t::auth_method
u8 auth_method
Definition: ikev2.api:223
vl_api_ikev2_profile_set_auth_t::is_hex
bool is_hex
Definition: ikev2.api:224
error
Definition: cJSON.c:88
vl_api_ikev2_profile_add_del_t::name
string name[64]
Definition: ikev2.api:202
vl_api_ikev2_set_sa_lifetime_t::client_index
u32 client_index
Definition: ikev2.api:390
vl_api_ikev2_sa_dump_t::status
option status
Definition: ikev2.api:76
vl_api_ikev2_initiate_sa_init_t::status
option status
Definition: ikev2.api:414
vl_api_ikev2_initiate_del_child_sa_t
IKEv2: Initiate the delete Child SA exchange.
Definition: ikev2.api:437
ike_req_ignore
ike_req_ignore
Definition: ikev2.api:535
i32
signed int i32
Definition: types.h:77
vl_api_ikev2_set_responder_t::client_index
u32 client_index
Definition: ikev2.api:325
vl_api_ikev2_profile_set_ts_t::name
string name[64]
Definition: ikev2.api:279
vl_api_ikev2_child_sa_details_t::context
u32 context
Definition: ikev2.api:115
vl_api_ikev2_profile_set_ts_t::status
option status
Definition: ikev2.api:282
vl_api_ikev2_set_responder_t::responder
vl_api_ikev2_responder_t responder
Definition: ikev2.api:329
vl_api_ikev2_sa_details_t::context
u32 context
Definition: ikev2.api:86
vl_api_ikev2_traffic_selector_dump_t::context
u32 context
Definition: ikev2.api:167
vl_api_ikev2_set_responder_t::name
string name[64]
Definition: ikev2.api:328
vl_api_ikev2_initiate_rekey_child_sa_t::ispi
u32 ispi
Definition: ikev2.api:457
vl_api_ikev2_traffic_selector_dump_t::is_initiator
bool is_initiator
Definition: ikev2.api:169
vl_api_ikev2_nonce_get_t::vat_help
option vat_help
Definition: ikev2.api:135
vl_api_ikev2_set_esp_transforms_t::vat_help
option vat_help
Definition: ikev2.api:375
vl_api_ikev2_profile_set_id_t::name
string name[64]
Definition: ikev2.api:245
hostname
string hostname[64]
Definition: dhcp.api:159
vl_api_ikev2_child_sa_dump_t::sa_index
u32 sa_index
Definition: ikev2.api:103
keepalive
keepalive
Definition: ikev2.api:565
vl_api_ikev2_profile_set_auth_t::vat_help
option vat_help
Definition: ikev2.api:227
vl_api_ikev2_initiate_del_child_sa_t::status
option status
Definition: ikev2.api:444
vl_api_ikev2_child_sa_details_t::status
option status
Definition: ikev2.api:119
vl_api_ikev2_initiate_sa_init_t::client_index
u32 client_index
Definition: ikev2.api:409
vl_api_ikev2_traffic_selector_dump_t::client_index
u32 client_index
Definition: ikev2.api:166
vl_api_ikev2_initiate_del_ike_sa_t::status
option status
Definition: ikev2.api:429
vl_api_ikev2_set_local_key_t::key_file
string key_file[256]
Definition: ikev2.api:295
vl_api_ikev2_profile_add_del_t::context
u32 context
Definition: ikev2.api:200
vl_api_ikev2_profile_details_t::profile
vl_api_ikev2_profile_t profile
Definition: ikev2.api:63
not_ikev2
not_ikev2
Definition: ikev2.api:541
vl_api_ikev2_sa_details_t::status
option status
Definition: ikev2.api:90
vl_api_ikev2_child_sa_details_t::child_sa
vl_api_ikev2_child_sa_t child_sa
Definition: ikev2.api:118
vl_api_ikev2_plugin_get_version_t
Get the plugin version.
Definition: ikev2.api:27
ikev2
counters ikev2
Definition: ikev2.api:510
vl_api_ikev2_set_esp_transforms_t::tr
vl_api_ikev2_esp_transforms_t tr
Definition: ikev2.api:374
vl_api_ikev2_profile_set_ipsec_udp_port_t::status
option status
Definition: ikev2.api:491
vl_api_ikev2_profile_add_del_t::vat_help
option vat_help
Definition: ikev2.api:204
vl_api_ikev2_traffic_selector_details_t::retval
i32 retval
Definition: ikev2.api:185
vl_api_ikev2_profile_set_id_t::status
option status
Definition: ikev2.api:251
vl_api_ikev2_plugin_get_version_t::client_index
u32 client_index
Definition: ikev2.api:29
vl_api_ikev2_profile_set_liveness_t::context
u32 context
Definition: ikev2.api:503
vl_api_ikev2_profile_set_udp_encap_t::status
option status
Definition: ikev2.api:473
vl_api_ikev2_profile_disable_natt_t
IKEv2: Disable NAT traversal.
Definition: ikev2.api:259
vl_api_ikev2_profile_details_t::status
option status
Definition: ikev2.api:64
vl_api_ikev2_profile_set_id_t::is_local
bool is_local
Definition: ikev2.api:246
vl_api_ikev2_initiate_rekey_child_sa_t::context
u32 context
Definition: ikev2.api:455
vl_api_ikev2_profile_set_ipsec_udp_port_t::client_index
u32 client_index
Definition: ikev2.api:485
vl_api_ikev2_profile_disable_natt_t::client_index
u32 client_index
Definition: ikev2.api:261
vl_api_ikev2_profile_details_t
Details about all profiles.
Definition: ikev2.api:60
vl_api_ikev2_set_esp_transforms_t::context
u32 context
Definition: ikev2.api:371
vl_api_ikev2_initiate_del_ike_sa_t::vat_help
option vat_help
Definition: ikev2.api:428
vl_api_ikev2_set_sa_lifetime_t::lifetime_jitter
u32 lifetime_jitter
Definition: ikev2.api:395
version
option version
Definition: ikev2.api:17
vl_api_ikev2_set_local_key_t::vat_help
option vat_help
Definition: ikev2.api:296
vl_api_ikev2_set_esp_transforms_t::status
option status
Definition: ikev2.api:376
vl_api_ikev2_set_responder_hostname_t::sw_if_index
vl_api_interface_index_t sw_if_index
Definition: ikev2.api:341
vl_api_ikev2_profile_set_auth_t::client_index
u32 client_index
Definition: ikev2.api:219
vl_api_ikev2_plugin_get_version_reply_t::minor
u32 minor
Definition: ikev2.api:42
vl_api_ikev2_traffic_selector_dump_t::sa_index
u32 sa_index
Definition: ikev2.api:170
vl_api_ikev2_set_sa_lifetime_t::lifetime_maxdata
u64 lifetime_maxdata
Definition: ikev2.api:397
ikev2_initiate_sa_init
clib_error_t * ikev2_initiate_sa_init(vlib_main_t *vm, u8 *name)
Definition: ikev2.c:4286
vl_api_ikev2_plugin_get_version_t::context
u32 context
Definition: ikev2.api:30
no_buff_space
no_buff_space
Definition: ikev2.api:559
vl_api_ikev2_profile_dump_t
Dump all profiles.
Definition: ikev2.api:49
vl_api_ikev2_profile_set_liveness_t
IKEv2: Set liveness parameters.
Definition: ikev2.api:500
vl_api_ikev2_set_tunnel_interface_t
IKEv2: Set the tunnel interface which will be protected by IKE If this API is not called,...
Definition: ikev2.api:307
vl_api_ikev2_profile_disable_natt_t::name
string name[64]
Definition: ikev2.api:264
data
u8 data[128]
Definition: ipsec_types.api:92
vl_api_ikev2_nonce_get_t::status
option status
Definition: ikev2.api:136
vl_api_ikev2_profile_add_del_t
IKEv2: Add/delete profile.
Definition: ikev2.api:197
vl_api_ikev2_profile_set_auth_t::name
string name[64]
Definition: ikev2.api:222
vl_api_ikev2_nonce_get_t
get specific nonce
Definition: ikev2.api:128
vl_api_ikev2_set_esp_transforms_t::client_index
u32 client_index
Definition: ikev2.api:370
vl_api_ikev2_set_tunnel_interface_t::client_index
u32 client_index
Definition: ikev2.api:309
vl_api_ikev2_nonce_get_reply_t::nonce
u8 nonce[data_len]
Definition: ikev2.api:152
vl_api_ikev2_traffic_selector_details_t
details on specific traffic selector
Definition: ikev2.api:182
vl_api_ikev2_profile_set_liveness_t::status
option status
Definition: ikev2.api:507
vl_api_ikev2_initiate_rekey_child_sa_t::client_index
u32 client_index
Definition: ikev2.api:454
u64
unsigned long u64
Definition: types.h:89
vl_api_ikev2_nonce_get_reply_t::data_len
u32 data_len
Definition: ikev2.api:151
data_len
u8 data_len
Definition: ikev2_types.api:24
vl_api_ikev2_profile_set_udp_encap_t::name
string name[64]
Definition: ikev2.api:472
vl_api_ikev2_profile_set_auth_t
IKEv2: Set IKEv2 profile authentication method.
Definition: ikev2.api:217
vl_api_ikev2_profile_set_id_t::client_index
u32 client_index
Definition: ikev2.api:242
vl_api_ikev2_profile_add_del_t::client_index
u32 client_index
Definition: ikev2.api:199
u32
unsigned int u32
Definition: types.h:88
vl_api_ikev2_profile_set_auth_t::data_len
u32 data_len
Definition: ikev2.api:225
vl_api_ikev2_set_esp_transforms_t
IKEv2: Set IKEv2 ESP transforms in SA_INIT proposal (RFC 7296)
Definition: ikev2.api:368
vl_api_ikev2_profile_set_liveness_t::period
u32 period
Definition: ikev2.api:505
vl_api_ikev2_child_sa_details_t
Child SA details.
Definition: ikev2.api:113
vl_api_ikev2_plugin_get_version_reply_t::context
u32 context
Definition: ikev2.api:40
vl_api_ikev2_plugin_get_version_reply_t::major
u32 major
Definition: ikev2.api:41
malformed_packet
malformed_packet
Definition: ikev2.api:553
ike_auth_req
ike_auth_req
Definition: ikev2.api:583
vl_api_ikev2_profile_set_id_t::data
u8 data[data_len]
Definition: ikev2.api:249
vl_api_ikev2_sa_dump_t
Dump all SAs.
Definition: ikev2.api:71
vl_api_ikev2_profile_set_ipsec_udp_port_t::name
string name[64]
Definition: ikev2.api:490
vl_api_ikev2_set_ike_transforms_t::context
u32 context
Definition: ikev2.api:354
vl_api_ikev2_profile_disable_natt_t::status
option status
Definition: ikev2.api:265
vl_api_ikev2_initiate_del_ike_sa_t::context
u32 context
Definition: ikev2.api:425
vl_api_ikev2_nonce_get_t::client_index
u32 client_index
Definition: ikev2.api:130
vl_api_ikev2_profile_set_udp_encap_t
IKEv2: Set UDP encapsulation.
Definition: ikev2.api:467
vl_api_ikev2_set_responder_hostname_t::client_index
u32 client_index
Definition: ikev2.api:336
vl_api_ikev2_profile_set_id_t::id_type
u8 id_type
Definition: ikev2.api:247
vl_api_ikev2_set_responder_hostname_t
Definition: ikev2.api:334
vl_api_ikev2_set_ike_transforms_t::vat_help
option vat_help
Definition: ikev2.api:358
vl_api_ikev2_profile_set_ipsec_udp_port_t::context
u32 context
Definition: ikev2.api:486
vl_api_ikev2_nonce_get_reply_t
reply on specific nonce
Definition: ikev2.api:146
vl_api_ikev2_traffic_selector_dump_t::child_sa_index
u32 child_sa_index
Definition: ikev2.api:171
vl_api_ikev2_initiate_sa_init_t::name
string name[64]
Definition: ikev2.api:412
vl_api_ikev2_sa_dump_t::client_index
u32 client_index
Definition: ikev2.api:73
vl_api_ikev2_profile_set_id_t::context
u32 context
Definition: ikev2.api:243
vl_api_ikev2_set_tunnel_interface_t::status
option status
Definition: ikev2.api:314
vl_api_ikev2_traffic_selector_dump_t::status
option status
Definition: ikev2.api:173
vl_api_ikev2_nonce_get_t::sa_index
u32 sa_index
Definition: ikev2.api:134
vl_api_ikev2_profile_set_id_t::data_len
u32 data_len
Definition: ikev2.api:248
vl_api_ikev2_set_sa_lifetime_t::name
string name[64]
Definition: ikev2.api:393
vl_api_ikev2_set_responder_t
IKEv2: Set IKEv2 responder interface and IP address.
Definition: ikev2.api:323
vl_api_ikev2_initiate_del_child_sa_t::vat_help
option vat_help
Definition: ikev2.api:443
vl_api_ikev2_traffic_selector_dump_t::vat_help
option vat_help
Definition: ikev2.api:172
vl_api_ikev2_profile_set_udp_encap_t::client_index
u32 client_index
Definition: ikev2.api:469
rekey_req
rekey_req
Definition: ikev2.api:571
counter64
type counter64
Definition: ikev2.api:519
u8
unsigned char u8
Definition: types.h:56
vl_api_ikev2_sa_details_t::sa
vl_api_ikev2_sa_t sa
Definition: ikev2.api:89
vl_api_ikev2_nonce_get_t::context
u32 context
Definition: ikev2.api:131
vl_api_ikev2_set_ike_transforms_t::status
option status
Definition: ikev2.api:359
vl_api_ikev2_profile_details_t::context
u32 context
Definition: ikev2.api:62
vl_api_ikev2_initiate_sa_init_t::vat_help
option vat_help
Definition: ikev2.api:413
vl_api_ikev2_set_responder_hostname_t::name
string name[64]
Definition: ikev2.api:339
vl_api_ikev2_profile_set_ipsec_udp_port_t
IKEv2: Set/unset custom ipsec-over-udp port.
Definition: ikev2.api:483
vl_api_ikev2_set_sa_lifetime_t::lifetime
u64 lifetime
Definition: ikev2.api:394
ike_req_retransmit
ike_req_retransmit
Definition: ikev2.api:529
vl_api_ikev2_set_sa_lifetime_t::context
u32 context
Definition: ikev2.api:391
vl_api_ikev2_set_sa_lifetime_t::status
option status
Definition: ikev2.api:399
vl_api_ikev2_sa_details_t::retval
i32 retval
Definition: ikev2.api:87
vl_api_ikev2_profile_set_id_t::vat_help
option vat_help
Definition: ikev2.api:250
vl_api_ikev2_traffic_selector_details_t::ts
vl_api_ikev2_ts_t ts
Definition: ikev2.api:187
ike_sa_init_ignore
ike_sa_init_ignore
Definition: ikev2.api:523
vl_api_ikev2_profile_set_ts_t::client_index
u32 client_index
Definition: ikev2.api:276
vl_api_ikev2_set_responder_t::context
u32 context
Definition: ikev2.api:326
vl_api_ikev2_profile_set_ts_t
IKEv2: Set IKEv2 profile traffic selector parameters.
Definition: ikev2.api:274
vl_api_ikev2_profile_dump_t::client_index
u32 client_index
Definition: ikev2.api:51
ike_sa_init_retransmit
ike_sa_init_retransmit
Definition: ikev2.api:517
vl_api_ikev2_set_local_key_t::client_index
u32 client_index
Definition: ikev2.api:292
vl_api_ikev2_profile_disable_natt_t::context
u32 context
Definition: ikev2.api:262
vl_api_ikev2_set_responder_t::status
option status
Definition: ikev2.api:331
vl_api_ikev2_initiate_sa_init_t::context
u32 context
Definition: ikev2.api:410
vl_api_ikev2_profile_dump_t::context
u32 context
Definition: ikev2.api:52
vl_api_ikev2_set_tunnel_interface_t::sw_if_index
vl_api_interface_index_t sw_if_index
Definition: ikev2.api:313
type
vl_api_fib_path_type_t type
Definition: fib_types.api:123
vl_api_ikev2_profile_add_del_t::is_add
bool is_add
Definition: ikev2.api:203
vl_api_ikev2_profile_set_ts_t::context
u32 context
Definition: ikev2.api:277
vl_api_ikev2_plugin_get_version_reply_t
Reply to get the plugin version.
Definition: ikev2.api:38
vl_api_ikev2_set_esp_transforms_t::name
string name[64]
Definition: ikev2.api:373
vl_api_ikev2_set_ike_transforms_t::name
string name[64]
Definition: ikev2.api:356
vl_api_ikev2_set_responder_hostname_t::status
option status
Definition: ikev2.api:342
vl_api_ikev2_set_responder_t::vat_help
option vat_help
Definition: ikev2.api:330
vl_api_ikev2_initiate_sa_init_t
IKEv2: Initiate the SA_INIT exchange.
Definition: ikev2.api:407
init_sa_req
init_sa_req
Definition: ikev2.api:577
vl_api_ikev2_initiate_del_child_sa_t::ispi
u32 ispi
Definition: ikev2.api:442