Hi Neale,
There was an issue in my code (we use a different IKE stack with VPP
IPSEC). While copying keys recvd from the IKE process, I was using strncpy
instead of memcpy. As the encr and auth keys can have a '0' byte, the
strncpy gets terminated before copying all the n bytes. This caused
decry
Thanks neale,
What is the easiest way to enable learning on an interface while other
functionality , including passing the ping and arp packets , work normally?
I want l2_learn_process run for that interface so that I can write a
function to do something like put a limiting on maximum connected de
Hi Experts,
We have our application reading packets through memif and does consume them.
We are adding rules in the VPP to reach particualr memif based on dst IP.
"ip route add 172.172.0.0/24 via 192.168.1.3 memif1/0"
However we have a requirement, where the Destination NETWORK can overlap with
Hi Subrata,
Please see my comments inline.
> 1. I configured with /64 SID instead of /32
>
> vppctl sr policy add bsid fcf0:12::104 next fcf0:12::100 next fcf0:12::101
> next fcf0:12::102 next fcf0:12::103
> vppctl sr policy add bsid fcf0:12::109 behavior t.m.gtp4.d fcf0:12::104/64
> v6src_pre
Hi Neale,
Thanks for your suggestion and time.
However I tried following things
"
set interface l2 xconnect memif1/0 memif2/0
set interface l2 xconnect memif2/0 memif1/0 " and forwarding to memif1/0 from
some routing. the memif1/0 is getting received the packets. But memif2/0 is not
getting recei
HI Moshen,
From: vpp-dev@lists.fd.io on behalf of Mohsen Meamarian
via lists.fd.io
Date: Monday, 2 August 2021 at 18:45
To: vpp-dev@lists.fd.io
Subject: [vpp-dev] MAC Learning in vpp
Hi friends,
I want to implement port security in vpp. I assume that the l2learn_process
function in l2_learn.
Hi Experts,
We have our application reading packets through memif and does consume them.
We are adding rules in the VPP to reach particualr memif based on dst IP.
"ip route add 172.172.0.0/24 via 192.168.1.3 memif1/0"
However we have a requirement, where the Destination NETWORK can overlap with
Hi friends,
I want to implement port security in vpp. I assume that the l2learn_process
function in l2_learn.c runs periodically when vpp is active and When a
device is connected to my system , this function helps to learn it's mac.
Is this assumption true ?
because when I run the sh l2fib command
From: Vijay Kumar
Date: Monday, 2 August 2021 at 11:33
To: Neale Ranns
Cc: vpp-dev
Subject: Re: [vpp-dev] Regarding IPsec errors "Integrity failure" and
"Unsupported payload"
Hi Neale,
My IPSEC rekey is set to high (2 hr). So the issue is not during rekey.
I don’t understand why the former
Hi Neale,
My IPSEC rekey is set to high (2 hr). So the issue is not during rekey.
According to code, during decrypt the esp_process_ops() is called. In this
function, I had added the below print. Whenever I get integrity check
failure, I see that print in my application logs.
Once I land into thi
Hi Vijay,
No I don’t see random failures. Do they occur during a rekeying event?
/neale
From: vpp-dev@lists.fd.io on behalf of Vijay Kumar via
lists.fd.io
Date: Monday, 2 August 2021 at 08:43
To: vpp-dev
Subject: Re: [vpp-dev] Regarding IPsec errors "Integrity failure" and
"Unsupported pay
11 matches
Mail list logo
