Hi Avi, The application classifies the ports as Protected and Unprotected. Thus, traffic received on an Unprotected or Protected port is consider Inbound or Outbound respectively. ( Refer : http://dpdk.org/doc/guides/sample_app_ug/ipsec_secgw.html )
The Packets sent on a Unprotected network requires Encryption whereas packets on Protected Network can be plain text. This is the expected behavior. Regards, Sandesh -----Original Message----- From: users [mailto:[email protected]] On Behalf Of Avi Cohen (A) Sent: Sunday, January 07, 2018 9:12 PM To: [email protected] Subject: [dpdk-users] IPSEC-SECGW sample application Hello I'm using the DPDK17.11 and running the sample app. Ipsec_secgw. I have 2 ports port 0 is protected and port 1 is unprotected Traffic is received in the unprotected and should be sent to the protected port for encryption But the traffic processing for the traffic received in the unprotected port is going through the **process_pkts_inbound ** . I expect that the traffic should be directed to the **process_pkts_outbound** [where ESP headers are added etc.] Can someone help ? This is the config file: #SP rules sp ipv4 in esp protect 5 src 1.1.1.2/32 dst 1.1.2.10/32 #SA rules sa in 5 cipher_algo aes-128-cbc cipher_key 0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0 \ auth_algo sha1-hmac auth_key 0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0 \ mode ipv4-tunnel src 172.16.1.5 dst 172.16.2.5 \ type inline-protocol-offload port_id 0 #Routing rules rt ipv4 dst 172.16.2.5/32 port 0 rt ipv4 dst 1.1.2.0/24 port 0 rt ipv4 dst 1.1.1.0/24 port 0 and this is the command line to run the applic: ./ipsec-secgw -l 1 -n 2 -- -p 0x3 -P -u 0x2 --config="(0,0,1),(1,0,1)" -f ../ep1.cfg Best Regards Avi
