Hello VPP folks! I'm using VPP 20.01 stable release. Regarding IKEv2 plugin, I've got some questions about its design and applications( in present and in future). The first thing i've noticed, is the API. There are no dumps nor status of profiles/ SAs. I issue a ikev2_initiate_sa_init, and it always returns success. But if the responder is not available in that time, the tunnel is not established. The second thing, is in fact the ikev2_initiate_sa_init itself( it's somehow the first question). I believed on failure, it will retransmit the packets on regular basis until the tunnel is established. After looking the code, I realized it's a one-shot thing. I've seen a routine-checking approach is used for SA rekeying( and in the recent version, for DPD). Is there a chance that the same thing can happen for ikev2_initiate_sa_init? Or it's a design choice? I'll be really glad to hear the IKEv2 plugin's design and goals so i can make my plannings. There are some minor problems i've encountered which, based on changes in 20.05 release, seems will get fixed in the future releases( like the one that Initiator always requests and Responder always respond. which make SA removing from responder a problem).
IKEv2 is a great plugin and it's improving each day passing. So i just want a little clarification about its roadmap. And of course its API. Because current API in 20.01( and as i've looked in 20.05) is not very usable for clients. I'd be glad if I could make contributions to improve functionality of this plugin.
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#16584): https://lists.fd.io/g/vpp-dev/message/16584 Mute This Topic: https://lists.fd.io/mt/74577612/21656 Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
