From: Fan Zhang <roy.fan.zhang@intel.com>
To: dev@dpdk.org
Cc: sergio.gonzalez.monroy@intel.com
Subject: [dpdk-dev] [PATCH v7 2/2] examples/ipsec-secgw: add sample configuration files
Date: Tue, 20 Sep 2016 12:13:05 +0100 [thread overview]
Message-ID: <1474369985-55073-3-git-send-email-roy.fan.zhang@intel.com> (raw)
In-Reply-To: <1474369985-55073-1-git-send-email-roy.fan.zhang@intel.com>
This patch adds two sample configuration files to ipsec-secgw sample
application. The sample configuration files shows how to set-up systems
back-to-back that would forward traffic through an IPsec tunnel.
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
---
examples/ipsec-secgw/ep0.cfg | 160 +++++++++++++++++++++++++++++++++++++++++++
examples/ipsec-secgw/ep1.cfg | 160 +++++++++++++++++++++++++++++++++++++++++++
2 files changed, 320 insertions(+)
create mode 100644 examples/ipsec-secgw/ep0.cfg
create mode 100644 examples/ipsec-secgw/ep1.cfg
diff --git a/examples/ipsec-secgw/ep0.cfg b/examples/ipsec-secgw/ep0.cfg
new file mode 100644
index 0000000..299aa9e
--- /dev/null
+++ b/examples/ipsec-secgw/ep0.cfg
@@ -0,0 +1,160 @@
+###########################################################################
+# IPSEC-SECGW Endpoint sample configuration
+#
+# The main purpose of this file is to show how to configure two systems
+# back-to-back that would forward traffic through an IPsec tunnel. This
+# file is the Endpoint 0 configuration. To use this configuration file,
+# add the following command-line option:
+#
+# -f ./ep0.cfg
+#
+###########################################################################
+
+#SP IPv4 rules
+sp ipv4 out esp protect 5 pri 1 dst 192.168.105.0/24 sport 0:65535 dport 0:65535
+sp ipv4 out esp protect 6 pri 1 dst 192.168.106.0/24 sport 0:65535 dport 0:65535
+sp ipv4 out esp protect 10 pri 1 dst 192.168.175.0/24 sport 0:65535 dport 0:65535
+sp ipv4 out esp protect 11 pri 1 dst 192.168.176.0/24 sport 0:65535 dport 0:65535
+sp ipv4 out esp protect 15 pri 1 dst 192.168.200.0/24 sport 0:65535 dport 0:65535
+sp ipv4 out esp protect 16 pri 1 dst 192.168.201.0/24 sport 0:65535 dport 0:65535
+sp ipv4 out esp protect 25 pri 1 dst 192.168.55.0/24 sport 0:65535 dport 0:65535
+sp ipv4 out esp protect 26 pri 1 dst 192.168.56.0/24 sport 0:65535 dport 0:65535
+sp ipv4 out esp bypass pri 1 dst 192.168.240.0/24 sport 0:65535 dport 0:65535
+sp ipv4 out esp bypass pri 1 dst 192.168.241.0/24 sport 0:65535 dport 0:65535
+
+sp ipv4 in esp protect 105 pri 1 dst 192.168.115.0/24 sport 0:65535 dport 0:65535
+sp ipv4 in esp protect 106 pri 1 dst 192.168.116.0/24 sport 0:65535 dport 0:65535
+sp ipv4 in esp protect 110 pri 1 dst 192.168.185.0/24 sport 0:65535 dport 0:65535
+sp ipv4 in esp protect 111 pri 1 dst 192.168.186.0/24 sport 0:65535 dport 0:65535
+sp ipv4 in esp protect 115 pri 1 dst 192.168.210.0/24 sport 0:65535 dport 0:65535
+sp ipv4 in esp protect 116 pri 1 dst 192.168.211.0/24 sport 0:65535 dport 0:65535
+sp ipv4 in esp protect 115 pri 1 dst 192.168.210.0/24 sport 0:65535 dport 0:65535
+sp ipv4 in esp protect 125 pri 1 dst 192.168.65.0/24 sport 0:65535 dport 0:65535
+sp ipv4 in esp protect 125 pri 1 dst 192.168.65.0/24 sport 0:65535 dport 0:65535
+sp ipv4 in esp protect 126 pri 1 dst 192.168.66.0/24 sport 0:65535 dport 0:65535
+sp ipv4 in esp bypass pri 1 dst 192.168.245.0/24 sport 0:65535 dport 0:65535
+sp ipv4 in esp bypass pri 1 dst 192.168.246.0/24 sport 0:65535 dport 0:65535
+
+#SP IPv6 rules
+sp ipv6 out esp protect 5 pri 1 dst 0000:0000:0000:0000:5555:5555:0000:0000/96 \
+sport 0:65535 dport 0:65535
+sp ipv6 out esp protect 6 pri 1 dst 0000:0000:0000:0000:6666:6666:0000:0000/96 \
+sport 0:65535 dport 0:65535
+sp ipv6 out esp protect 10 pri 1 dst 0000:0000:1111:1111:0000:0000:0000:0000/96 \
+sport 0:65535 dport 0:65535
+sp ipv6 out esp protect 11 pri 1 dst 0000:0000:1111:1111:1111:1111:0000:0000/96 \
+sport 0:65535 dport 0:65535
+sp ipv6 out esp protect 25 pri 1 dst 0000:0000:0000:0000:aaaa:aaaa:0000:0000/96 \
+sport 0:65535 dport 0:65535
+sp ipv6 out esp protect 26 pri 1 dst 0000:0000:0000:0000:bbbb:bbbb:0000:0000/96 \
+sport 0:65535 dport 0:65535
+
+sp ipv6 in esp protect 15 pri 1 dst ffff:0000:0000:0000:5555:5555:0000:0000/96 \
+sport 0:65535 dport 0:65535
+sp ipv6 in esp protect 16 pri 1 dst ffff:0000:0000:0000:6666:6666:0000:0000/96 \
+sport 0:65535 dport 0:65535
+sp ipv6 in esp protect 110 pri 1 dst ffff:0000:1111:1111:0000:0000:0000:0000/96 \
+sport 0:65535 dport 0:65535
+sp ipv6 in esp protect 111 pri 1 dst ffff:0000:1111:1111:1111:1111:0000:0000/96 \
+sport 0:65535 dport 0:65535
+sp ipv6 in esp protect 125 pri 1 dst ffff:0000:0000:0000:aaaa:aaaa:0000:0000/96 \
+sport 0:65535 dport 0:65535
+sp ipv6 in esp protect 126 pri 1 dst ffff:0000:0000:0000:bbbb:bbbb:0000:0000/96 \
+sport 0:65535 dport 0:65535
+
+#SA rules
+sa out 5 cipher_algo aes-128-cbc cipher_key 0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0 \
+auth_algo sha1-hmac auth_key 0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0 \
+mode ipv4-tunnel src 172.16.1.5 dst 172.16.2.5
+
+sa out 6 cipher_algo aes-128-cbc cipher_key a0:a0:a0:a0:a0:a0:a0:a0:a0:a0:a0:\
+a0:a0:a0:a0:a0 auth_algo sha1-hmac auth_key a0:a0:a0:a0:a0:a0:a0:a0:a0:a0:a0:\
+a0:a0:a0:a0:a0:a0:a0:a0:a0 mode ipv4-tunnel src 172.16.1.6 dst 172.16.2.6
+
+sa out 10 cipher_algo aes-128-cbc cipher_key a1:a1:a1:a1:a1:a1:a1:a1:a1:a1:a1:\
+a1:a1:a1:a1:a1 auth_algo sha1-hmac auth_key a1:a1:a1:a1:a1:a1:a1:a1:a1:a1:a1:\
+a1:a1:a1:a1:a1:a1:a1:a1:a1 mode transport
+
+sa out 11 cipher_algo aes-128-cbc cipher_key b2:b2:b2:b2:b2:b2:b2:b2:b2:b2:b2:\
+b2:b2:b2:b2:b2 auth_algo sha1-hmac auth_key b2:b2:b2:b2:b2:b2:b2:b2:b2:b2:b2:\
+b2:b2:b2:b2:b2:b2:b2:b2:b2 mode transport
+
+sa out 15 cipher_algo null auth_algo null mode ipv4-tunnel src 172.16.1.5 \
+dst 172.16.2.5
+
+sa out 16 cipher_algo null auth_algo null mode ipv4-tunnel src 172.16.1.6 \
+dst 172.16.2.6
+
+sa out 25 cipher_algo aes-128-cbc cipher_key c3:c3:c3:c3:c3:c3:c3:c3:c3:c3:c3:\
+c3:c3:c3:c3:c3 auth_algo sha1-hmac auth_key c3:c3:c3:c3:c3:c3:c3:c3:c3:c3:c3:\
+c3:c3:c3:c3:c3:c3:c3:c3:c3 mode ipv6-tunnel \
+src 1111:1111:1111:1111:1111:1111:1111:5555 \
+dst 2222:2222:2222:2222:2222:2222:2222:5555
+
+sa out 26 cipher_algo aes-128-cbc cipher_key 4d:4d:4d:4d:4d:4d:4d:4d:4d:4d:4d:\
+4d:4d:4d:4d:4d auth_algo sha1-hmac auth_key 4d:4d:4d:4d:4d:4d:4d:4d:4d:4d:4d:\
+4d:4d:4d:4d:4d:4d:4d:4d:4d mode ipv6-tunnel \
+src 1111:1111:1111:1111:1111:1111:1111:6666 \
+dst 2222:2222:2222:2222:2222:2222:2222:6666
+
+sa in 105 cipher_algo aes-128-cbc cipher_key 0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0 \
+auth_algo sha1-hmac auth_key 0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0 \
+mode ipv4-tunnel src 172.16.2.5 dst 172.16.1.5
+
+sa in 106 cipher_algo aes-128-cbc cipher_key a0:a0:a0:a0:a0:a0:a0:a0:a0:a0:a0:\
+a0:a0:a0:a0:a0 auth_algo sha1-hmac auth_key a0:a0:a0:a0:a0:a0:a0:a0:a0:a0:a0:\
+a0:a0:a0:a0:a0:a0:a0:a0:a0 mode ipv4-tunnel src 172.16.2.6 dst 172.16.1.6
+
+sa in 110 cipher_algo aes-128-cbc cipher_key a1:a1:a1:a1:a1:a1:a1:a1:a1:a1:a1:\
+a1:a1:a1:a1:a1 auth_algo sha1-hmac auth_key a1:a1:a1:a1:a1:a1:a1:a1:a1:a1:a1:\
+a1:a1:a1:a1:a1:a1:a1:a1:a1 mode transport
+
+sa in 111 cipher_algo aes-128-cbc cipher_key b2:b2:b2:b2:b2:b2:b2:b2:b2:b2:b2:\
+b2:b2:b2:b2:b2 auth_algo sha1-hmac auth_key b2:b2:b2:b2:b2:b2:b2:b2:b2:b2:b2:\
+b2:b2:b2:b2:b2:b2:b2:b2:b2 mode transport
+
+sa in 115 cipher_algo null auth_algo null mode ipv4-tunnel src 172.16.2.5 \
+dst 172.16.1.5
+
+sa in 116 cipher_algo null auth_algo null mode ipv4-tunnel src 172.16.2.6 dst 172.16.1.6
+
+sa in 125 cipher_algo aes-128-cbc cipher_key c3:c3:c3:c3:c3:c3:c3:c3:c3:c3:c3:\
+c3:c3:c3:c3:c3 auth_algo sha1-hmac auth_key c3:c3:c3:c3:c3:c3:c3:c3:c3:c3:c3:\
+c3:c3:c3:c3:c3:c3:c3:c3:c3 mode ipv6-tunnel \
+src 2222:2222:2222:2222:2222:2222:2222:5555 \
+dst 1111:1111:1111:1111:1111:1111:1111:5555
+
+sa in 126 cipher_algo aes-128-cbc cipher_key 4d:4d:4d:4d:4d:4d:4d:4d:4d:4d:4d:\
+4d:4d:4d:4d:4d auth_algo sha1-hmac auth_key 4d:4d:4d:4d:4d:4d:4d:4d:4d:4d:4d:\
+4d:4d:4d:4d:4d:4d:4d:4d:4d mode ipv6-tunnel \
+src 2222:2222:2222:2222:2222:2222:2222:6666 \
+dst 1111:1111:1111:1111:1111:1111:1111:6666
+
+#Routing rules
+rt ipv4 dst 172.16.2.5/32 port 0
+rt ipv4 dst 172.16.2.6/32 port 1
+rt ipv4 dst 192.168.175.0/24 port 0
+rt ipv4 dst 192.168.176.0/24 port 1
+rt ipv4 dst 192.168.240.0/24 port 0
+rt ipv4 dst 192.168.241.0/24 port 1
+rt ipv4 dst 192.168.115.0/24 port 2
+rt ipv4 dst 192.168.116.0/24 port 3
+rt ipv4 dst 192.168.65.0/24 port 2
+rt ipv4 dst 192.168.66.0/24 port 3
+rt ipv4 dst 192.168.185.0/24 port 2
+rt ipv4 dst 192.168.186.0/24 port 3
+rt ipv4 dst 192.168.210.0/24 port 2
+rt ipv4 dst 192.168.211.0/24 port 3
+rt ipv4 dst 192.168.245.0/24 port 2
+rt ipv4 dst 192.168.246.0/24 port 3
+
+rt ipv6 dst 2222:2222:2222:2222:2222:2222:2222:5555/116 port 0
+rt ipv6 dst 2222:2222:2222:2222:2222:2222:2222:6666/116 port 1
+rt ipv6 dst 0000:0000:1111:1111:0000:0000:0000:0000/116 port 0
+rt ipv6 dst 0000:0000:1111:1111:1111:1111:0000:0000/116 port 1
+rt ipv6 dst ffff:0000:0000:0000:aaaa:aaaa:0000:0000/116 port 2
+rt ipv6 dst ffff:0000:0000:0000:bbbb:bbbb:0000:0000/116 port 3
+rt ipv6 dst ffff:0000:0000:0000:5555:5555:0000:0000/116 port 2
+rt ipv6 dst ffff:0000:0000:0000:6666:6666:0000:0000/116 port 3
+rt ipv6 dst ffff:0000:1111:1111:0000:0000:0000:0000/116 port 2
+rt ipv6 dst ffff:0000:1111:1111:1111:1111:0000:0000/116 port 3
diff --git a/examples/ipsec-secgw/ep1.cfg b/examples/ipsec-secgw/ep1.cfg
new file mode 100644
index 0000000..3f6ff81
--- /dev/null
+++ b/examples/ipsec-secgw/ep1.cfg
@@ -0,0 +1,160 @@
+###########################################################################
+# IPSEC-SECGW Endpoint1 sample configuration
+#
+# The main purpose of this file is to show how to configure two systems
+# back-to-back that would forward traffic through an IPsec tunnel. This
+# file is the Endpoint1 configuration. To use this configuration file,
+# add the following command-line option:
+#
+# -f ./ep1.cfg
+#
+###########################################################################
+
+#SP IPv4 rules
+sp ipv4 in esp protect 5 pri 1 dst 192.168.105.0/24 sport 0:65535 dport 0:65535
+sp ipv4 in esp protect 6 pri 1 dst 192.168.106.0/24 sport 0:65535 dport 0:65535
+sp ipv4 in esp protect 10 pri 1 dst 192.168.175.0/24 sport 0:65535 dport 0:65535
+sp ipv4 in esp protect 11 pri 1 dst 192.168.176.0/24 sport 0:65535 dport 0:65535
+sp ipv4 in esp protect 15 pri 1 dst 192.168.200.0/24 sport 0:65535 dport 0:65535
+sp ipv4 in esp protect 16 pri 1 dst 192.168.201.0/24 sport 0:65535 dport 0:65535
+sp ipv4 in esp protect 25 pri 1 dst 192.168.55.0/24 sport 0:65535 dport 0:65535
+sp ipv4 in esp protect 26 pri 1 dst 192.168.56.0/24 sport 0:65535 dport 0:65535
+sp ipv4 in esp bypass dst 192.168.240.0/24 sport 0:65535 dport 0:65535
+sp ipv4 in esp bypass dst 192.168.241.0/24 sport 0:65535 dport 0:65535
+
+sp ipv4 out esp protect 105 pri 1 dst 192.168.115.0/24 sport 0:65535 dport 0:65535
+sp ipv4 out esp protect 106 pri 1 dst 192.168.116.0/24 sport 0:65535 dport 0:65535
+sp ipv4 out esp protect 110 pri 1 dst 192.168.185.0/24 sport 0:65535 dport 0:65535
+sp ipv4 out esp protect 111 pri 1 dst 192.168.186.0/24 sport 0:65535 dport 0:65535
+sp ipv4 out esp protect 115 pri 1 dst 192.168.210.0/24 sport 0:65535 dport 0:65535
+sp ipv4 out esp protect 116 pri 1 dst 192.168.211.0/24 sport 0:65535 dport 0:65535
+sp ipv4 out esp protect 115 pri 1 dst 192.168.210.0/24 sport 0:65535 dport 0:65535
+sp ipv4 out esp protect 125 pri 1 dst 192.168.65.0/24 sport 0:65535 dport 0:65535
+sp ipv4 out esp protect 125 pri 1 dst 192.168.65.0/24 sport 0:65535 dport 0:65535
+sp ipv4 out esp protect 126 pri 1 dst 192.168.66.0/24 sport 0:65535 dport 0:65535
+sp ipv4 out esp bypass pri 1 dst 192.168.245.0/24 sport 0:65535 dport 0:65535
+sp ipv4 out esp bypass pri 1 dst 192.168.246.0/24 sport 0:65535 dport 0:65535
+
+#SP IPv6 rules
+sp ipv6 in esp protect 5 pri 1 dst 0000:0000:0000:0000:5555:5555:0000:0000/96 \
+sport 0:65535 dport 0:65535
+sp ipv6 in esp protect 6 pri 1 dst 0000:0000:0000:0000:6666:6666:0000:0000/96 \
+sport 0:65535 dport 0:65535
+sp ipv6 in esp protect 10 pri 1 dst 0000:0000:1111:1111:0000:0000:0000:0000/96 \
+sport 0:65535 dport 0:65535
+sp ipv6 in esp protect 11 pri 1 dst 0000:0000:1111:1111:1111:1111:0000:0000/96 \
+sport 0:65535 dport 0:65535
+sp ipv6 in esp protect 25 pri 1 dst 0000:0000:0000:0000:aaaa:aaaa:0000:0000/96 \
+sport 0:65535 dport 0:65535
+sp ipv6 in esp protect 26 pri 1 dst 0000:0000:0000:0000:bbbb:bbbb:0000:0000/96 \
+sport 0:65535 dport 0:65535
+
+sp ipv6 out esp protect 15 pri 1 dst ffff:0000:0000:0000:5555:5555:0000:0000/96 \
+sport 0:65535 dport 0:65535
+sp ipv6 out esp protect 16 pri 1 dst ffff:0000:0000:0000:6666:6666:0000:0000/96 \
+sport 0:65535 dport 0:65535
+sp ipv6 out esp protect 110 pri 1 dst ffff:0000:1111:1111:0000:0000:0000:0000/96 \
+sport 0:65535 dport 0:65535
+sp ipv6 out esp protect 111 pri 1 dst ffff:0000:1111:1111:1111:1111:0000:0000/96 \
+sport 0:65535 dport 0:65535
+sp ipv6 out esp protect 125 pri 1 dst ffff:0000:0000:0000:aaaa:aaaa:0000:0000/96 \
+sport 0:65535 dport 0:65535
+sp ipv6 out esp protect 126 pri 1 dst ffff:0000:0000:0000:bbbb:bbbb:0000:0000/96 \
+sport 0:65535 dport 0:65535
+
+#SA rules
+sa in 5 cipher_algo aes-128-cbc cipher_key 0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0 \
+auth_algo sha1-hmac auth_key 0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0 \
+mode ipv4-tunnel src 172.16.1.5 dst 172.16.2.5
+
+sa in 6 cipher_algo aes-128-cbc cipher_key a0:a0:a0:a0:a0:a0:a0:a0:a0:a0:a0:\
+a0:a0:a0:a0:a0 auth_algo sha1-hmac auth_key a0:a0:a0:a0:a0:a0:a0:a0:a0:a0:a0:\
+a0:a0:a0:a0:a0:a0:a0:a0:a0 mode ipv4-tunnel src 172.16.1.6 dst 172.16.2.6
+
+sa in 10 cipher_algo aes-128-cbc cipher_key a1:a1:a1:a1:a1:a1:a1:a1:a1:a1:a1:\
+a1:a1:a1:a1:a1 auth_algo sha1-hmac auth_key a1:a1:a1:a1:a1:a1:a1:a1:a1:a1:a1:\
+a1:a1:a1:a1:a1:a1:a1:a1:a1 mode transport
+
+sa in 11 cipher_algo aes-128-cbc cipher_key b2:b2:b2:b2:b2:b2:b2:b2:b2:b2:b2:\
+b2:b2:b2:b2:b2 auth_algo sha1-hmac auth_key b2:b2:b2:b2:b2:b2:b2:b2:b2:b2:b2:\
+b2:b2:b2:b2:b2:b2:b2:b2:b2 mode transport
+
+sa in 15 cipher_algo null auth_algo null mode ipv4-tunnel src 172.16.1.5 \
+dst 172.16.2.5
+
+sa in 16 cipher_algo null auth_algo null mode ipv4-tunnel src 172.16.1.6 \
+dst 172.16.2.6
+
+sa in 25 cipher_algo aes-128-cbc cipher_key c3:c3:c3:c3:c3:c3:c3:c3:c3:c3:c3:\
+c3:c3:c3:c3:c3 auth_algo sha1-hmac auth_key c3:c3:c3:c3:c3:c3:c3:c3:c3:c3:c3:\
+c3:c3:c3:c3:c3:c3:c3:c3:c3 mode ipv6-tunnel \
+src 1111:1111:1111:1111:1111:1111:1111:5555 \
+dst 2222:2222:2222:2222:2222:2222:2222:5555
+
+sa in 26 cipher_algo aes-128-cbc cipher_key 4d:4d:4d:4d:4d:4d:4d:4d:4d:4d:4d:\
+4d:4d:4d:4d:4d auth_algo sha1-hmac auth_key 4d:4d:4d:4d:4d:4d:4d:4d:4d:4d:4d:\
+4d:4d:4d:4d:4d:4d:4d:4d:4d mode ipv6-tunnel \
+src 1111:1111:1111:1111:1111:1111:1111:6666 \
+dst 2222:2222:2222:2222:2222:2222:2222:6666
+
+sa out 105 cipher_algo aes-128-cbc cipher_key 0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0 \
+auth_algo sha1-hmac auth_key 0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0 \
+mode ipv4-tunnel src 172.16.2.5 dst 172.16.1.5
+
+sa out 106 cipher_algo aes-128-cbc cipher_key a0:a0:a0:a0:a0:a0:a0:a0:a0:a0:a0:\
+a0:a0:a0:a0:a0 auth_algo sha1-hmac auth_key a0:a0:a0:a0:a0:a0:a0:a0:a0:a0:a0:\
+a0:a0:a0:a0:a0:a0:a0:a0:a0 mode ipv4-tunnel src 172.16.2.6 dst 172.16.1.6
+
+sa out 110 cipher_algo aes-128-cbc cipher_key a1:a1:a1:a1:a1:a1:a1:a1:a1:a1:a1:\
+a1:a1:a1:a1:a1 auth_algo sha1-hmac auth_key a1:a1:a1:a1:a1:a1:a1:a1:a1:a1:a1:\
+a1:a1:a1:a1:a1:a1:a1:a1:a1 mode transport
+
+sa out 111 cipher_algo aes-128-cbc cipher_key b2:b2:b2:b2:b2:b2:b2:b2:b2:b2:b2:\
+b2:b2:b2:b2:b2 auth_algo sha1-hmac auth_key b2:b2:b2:b2:b2:b2:b2:b2:b2:b2:b2:\
+b2:b2:b2:b2:b2:b2:b2:b2:b2 mode transport
+
+sa out 115 cipher_algo null auth_algo null mode ipv4-tunnel src 172.16.2.5 \
+dst 172.16.1.5
+
+sa out 116 cipher_algo null auth_algo null mode ipv4-tunnel src 172.16.2.6 dst 172.16.1.6
+
+sa out 125 cipher_algo aes-128-cbc cipher_key c3:c3:c3:c3:c3:c3:c3:c3:c3:c3:c3:\
+c3:c3:c3:c3:c3 auth_algo sha1-hmac auth_key c3:c3:c3:c3:c3:c3:c3:c3:c3:c3:c3:\
+c3:c3:c3:c3:c3:c3:c3:c3:c3 mode ipv6-tunnel \
+src 2222:2222:2222:2222:2222:2222:2222:5555 \
+dst 1111:1111:1111:1111:1111:1111:1111:5555
+
+sa out 126 cipher_algo aes-128-cbc cipher_key 4d:4d:4d:4d:4d:4d:4d:4d:4d:4d:4d:\
+4d:4d:4d:4d:4d auth_algo sha1-hmac auth_key 4d:4d:4d:4d:4d:4d:4d:4d:4d:4d:4d:\
+4d:4d:4d:4d:4d:4d:4d:4d:4d mode ipv6-tunnel \
+src 2222:2222:2222:2222:2222:2222:2222:6666 \
+dst 1111:1111:1111:1111:1111:1111:1111:6666
+
+#Routing rules
+rt ipv4 dst 172.16.1.5/32 port 0
+rt ipv4 dst 172.16.1.6/32 port 1
+rt ipv4 dst 192.168.185.0/24 port 0
+rt ipv4 dst 192.168.186.0/24 port 1
+rt ipv4 dst 192.168.245.0/24 port 0
+rt ipv4 dst 192.168.246.0/24 port 1
+rt ipv4 dst 192.168.105.0/24 port 2
+rt ipv4 dst 192.168.106.0/24 port 3
+rt ipv4 dst 192.168.55.0/24 port 2
+rt ipv4 dst 192.168.56.0/24 port 3
+rt ipv4 dst 192.168.175.0/24 port 2
+rt ipv4 dst 192.168.176.0/24 port 3
+rt ipv4 dst 192.168.200.0/24 port 2
+rt ipv4 dst 192.168.201.0/24 port 3
+rt ipv4 dst 192.168.240.0/24 port 2
+rt ipv4 dst 192.168.241.0/24 port 3
+
+rt ipv6 dst 1111:1111:1111:1111:1111:1111:1111:5555/116 port 0
+rt ipv6 dst 1111:1111:1111:1111:1111:1111:1111:6666/116 port 1
+rt ipv6 dst ffff:0000:1111:1111:0000:0000:0000:0000/116 port 0
+rt ipv6 dst ffff:0000:1111:1111:1111:1111:0000:0000/116 port 1
+rt ipv6 dst 0000:0000:0000:0000:aaaa:aaaa:0000:0000/116 port 2
+rt ipv6 dst 0000:0000:0000:0000:bbbb:bbbb:0000:0000/116 port 3
+rt ipv6 dst 0000:0000:0000:0000:5555:5555:0000:0000/116 port 2
+rt ipv6 dst 0000:0000:0000:0000:6666:6666:0000:0000/116 port 3
+rt ipv6 dst 0000:0000:1111:1111:0000:0000:0000:0000/116 port 2
+rt ipv6 dst 0000:0000:1111:1111:1111:1111:0000:0000/116 port 3
--
2.5.5
next prev parent reply other threads:[~2016-09-20 11:13 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-07-07 11:31 [dpdk-dev] [PATCH 0/2] examples/ipsec_secgw: add configuration file support Fan Zhang
2016-07-07 11:31 ` [dpdk-dev] [PATCH 1/2] " Fan Zhang
2016-07-07 11:31 ` [dpdk-dev] [PATCH 2/2] examples/ipsec-secgw: add sample configuration files Fan Zhang
2016-07-11 14:43 ` [dpdk-dev] [PATCH v2 0/2] examples/ipsec_secgw: add configuration file support Fan Zhang
2016-07-11 14:43 ` [dpdk-dev] [PATCH v2 1/2] examples/ipsec-secgw: " Fan Zhang
2016-07-11 15:19 ` Thomas Monjalon
2016-07-11 14:43 ` [dpdk-dev] [PATCH v2 2/2] examples/ipsec-secgw: add sample configuration files Fan Zhang
2016-07-12 9:44 ` [dpdk-dev] [PATCH v3 0/2] examples/ipsec_secgw: add configuration file support Fan Zhang
2016-07-12 9:44 ` [dpdk-dev] [PATCH v3 1/2] examples/ipsec-secgw: " Fan Zhang
2016-07-19 8:19 ` Sergio Gonzalez Monroy
2016-07-12 9:44 ` [dpdk-dev] [PATCH v3 2/2] examples/ipsec-secgw: add sample configuration files Fan Zhang
2016-07-21 10:51 ` [dpdk-dev] [PATCH v4 0/2] examples/ipsec_secgw: add configuration file support Fan Zhang
2016-07-21 10:51 ` [dpdk-dev] [PATCH v4 1/2] examples/ipsec-secgw: " Fan Zhang
2016-07-21 10:51 ` [dpdk-dev] [PATCH v4 2/2] examples/ipsec-secgw: add sample configuration files Fan Zhang
2016-08-22 10:49 ` [dpdk-dev] [PATCH 0/2] examples/ipsec_secgw: add configuration file support Fan Zhang
2016-08-22 10:49 ` [dpdk-dev] [PATCH 1/2] examples/ipsec-secgw: " Fan Zhang
2016-08-22 10:49 ` [dpdk-dev] [PATCH 2/2] examples/ipsec-secgw: add sample configuration files Fan Zhang
2016-08-23 14:46 ` [dpdk-dev] [PATCH v6 0/2] [PATCH 0/2] examples/ipsec_secgw: add configuration file support Fan Zhang
2016-08-23 14:46 ` [dpdk-dev] [PATCH v6 1/2] examples/ipsec-secgw: " Fan Zhang
2016-09-07 18:13 ` De Lara Guarch, Pablo
2016-08-23 14:46 ` [dpdk-dev] [PATCH v6 2/2] examples/ipsec-secgw: add sample configuration files Fan Zhang
2016-09-20 11:13 ` [dpdk-dev] [PATCH v7 0/2] examples/ipsec_secgw: add configuration file support Fan Zhang
2016-09-20 11:13 ` [dpdk-dev] [PATCH v7 1/2] examples/ipsec-secgw: " Fan Zhang
2016-09-20 11:13 ` Fan Zhang [this message]
2016-09-21 12:05 ` [dpdk-dev] [PATCH v8 0/2] examples/ipsec_secgw: " Fan Zhang
2016-09-21 12:05 ` [dpdk-dev] [PATCH v8 1/2] examples/ipsec-secgw: " Fan Zhang
2016-09-23 7:52 ` Sergio Gonzalez Monroy
2016-09-23 22:51 ` De Lara Guarch, Pablo
2016-09-29 1:19 ` Chen, Zhaoyan
2016-09-21 12:05 ` [dpdk-dev] [PATCH v8 2/2] examples/ipsec-secgw: add sample configuration files Fan Zhang
2016-09-23 7:53 ` Sergio Gonzalez Monroy
2016-09-23 22:51 ` De Lara Guarch, Pablo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1474369985-55073-3-git-send-email-roy.fan.zhang@intel.com \
--to=roy.fan.zhang@intel.com \
--cc=dev@dpdk.org \
--cc=sergio.gonzalez.monroy@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).