crypt_algo_vpp_id,
crypt_key,
self.vpp_esp_protocol,
- self.tun_if.local_addr[addr_type],
self.tun_if.remote_addr[addr_type],
+ self.tun_if.local_addr[addr_type],
tun_flags=tun_flags,
dscp=params.dscp,
flags=flags,
crypt_algo_vpp_id,
crypt_key,
self.vpp_esp_protocol,
- self.tun_if.remote_addr[addr_type],
self.tun_if.local_addr[addr_type],
+ self.tun_if.remote_addr[addr_type],
tun_flags=tun_flags,
dscp=params.dscp,
flags=flags,
VppIpsecSpdEntry(
self,
self.tun_spd,
- vpp_tun_sa_id,
+ scapy_tun_sa_id,
remote_tun_if_host,
remote_tun_if_host,
self.pg1.remote_addr[addr_type],
VppIpsecSpdEntry(
self,
self.tun_spd,
- scapy_tun_sa_id,
+ vpp_tun_sa_id,
self.pg1.remote_addr[addr_type],
self.pg1.remote_addr[addr_type],
remote_tun_if_host,
VppIpsecSpdEntry(
self,
self.tun_spd,
- vpp_tun_sa_id,
+ scapy_tun_sa_id,
remote_tun_if_host,
remote_tun_if_host,
self.pg0.local_addr[addr_type],
VppIpsecSpdEntry(
self,
self.tun_spd,
- scapy_tun_sa_id,
+ vpp_tun_sa_id,
self.pg0.local_addr[addr_type],
self.pg0.local_addr[addr_type],
remote_tun_if_host,
VppIpsecSpdEntry(
self,
self.tra_spd,
- vpp_tra_sa_id,
+ scapy_tra_sa_id,
self.tra_if.local_addr[addr_type],
self.tra_if.local_addr[addr_type],
self.tra_if.remote_addr[addr_type],
VppIpsecSpdEntry(
self,
self.tra_spd,
- scapy_tra_sa_id,
+ vpp_tra_sa_id,
self.tra_if.local_addr[addr_type],
self.tra_if.local_addr[addr_type],
self.tra_if.remote_addr[addr_type],
VppIpsecSpdEntry(
self,
self.tun_spd,
- p6.scapy_tun_sa_id,
+ p6.vpp_tun_sa_id,
self.pg1.remote_addr[p4.addr_type],
self.pg1.remote_addr[p4.addr_type],
p6.remote_tun_if_host4,
VppIpsecSpdEntry(
self,
self.tun_spd,
- p4.scapy_tun_sa_id,
+ p4.vpp_tun_sa_id,
self.pg1.remote_addr[p6.addr_type],
self.pg1.remote_addr[p6.addr_type],
p4.remote_tun_if_host6,
self.assertEqual(len(rxs), len(pkts))
for rx in rxs:
- if rx[ESP].spi == p.scapy_tun_spi:
+ if rx[ESP].spi == p.vpp_tun_spi:
decrypted = p.vpp_tun_sa.decrypt(rx[IP])
elif rx[ESP].spi == self.p_sync.vpp_tun_spi:
- decrypted = self.p_sync.scapy_tun_sa.decrypt(rx[IP])
+ decrypted = self.p_sync.vpp_tun_sa.decrypt(rx[IP])
else:
rx.show()
self.assertTrue(False)
self.assertEqual(len(rxs), len(pkts))
for rx in rxs:
- if rx[ESP].spi == p.scapy_tun_spi:
+ if rx[ESP].spi == p.vpp_tun_spi:
decrypted = p.vpp_tun_sa.decrypt(rx[IP])
elif rx[ESP].spi == self.p_sync.vpp_tun_spi:
- decrypted = self.p_sync.scapy_tun_sa.decrypt(rx[IP])
+ decrypted = self.p_sync.vpp_tun_sa.decrypt(rx[IP])
elif rx[ESP].spi == self.p_async.vpp_tun_spi:
- decrypted = self.p_async.scapy_tun_sa.decrypt(rx[IP])
+ decrypted = self.p_async.vpp_tun_sa.decrypt(rx[IP])
else:
rx.show()
self.assertTrue(False)
self.p_async.spd.remove_vpp_config()
self.p_async.sa.remove_vpp_config()
- # async mode should have been disabled now that there are
- # no async SAs. there's no API for this, so a reluctant
- # screen scrape.
- self.assertTrue("DISABLED" in self.vapi.cli("sh crypto async status"))
-
class TestIpsecEspHandoff(
TemplateIpsecEsp, IpsecTun6HandoffTests, IpsecTun4HandoffTests