X-Git-Url: https://gerrit.fd.io/r/gitweb?a=blobdiff_plain;f=vpp%2Fvpp-api%2Fvpe.api;h=52254cd3b3e19b7c8c652f10216149c69dfd7783;hb=56f32cc3a77d2c7d82e3ee57779abb30e1dd7586;hp=7a43090011d0d6bbce5101bdc9668a500ce10cfe;hpb=1099b0db45a7a0bb597c4deb5b9387f5b6ae280f;p=vpp.git diff --git a/vpp/vpp-api/vpe.api b/vpp/vpp-api/vpe.api index 7a43090011d..52254cd3b3e 100644 --- a/vpp/vpp-api/vpe.api +++ b/vpp/vpp-api/vpe.api @@ -31,6 +31,10 @@ * VHOST-USER APIs: see .../vnet/devices/virtio/{vhost_user.api, vhost_user_api.c} * VXLAN GPE APIs: see .../vnet/vnet/vxlan-gpe/{vxlan_gpe.api, vxlan_gpe_api.c} * GRE APIs: see .../vnet/vnet/gre/{gre.api, gre_api.c} + * L2TP APIs: see .../vnet/vnet/l2tp/{l2tp.api, l2tp_api.c} + * BFD APIs: see .../vnet/vnet/bfd/{bfd.api, bfd_api.c} + * IPSEC APIs: see .../vnet/vnet/ipsec/{ipsec.api, ipsec_api.c} + * IPSEC-GRE APIs: see .../vnet/vnet/ipsec-gre/{ipsec_gre.api, ipsec_gre_api.c} */ /** \brief Create a new subinterface with the given vlan id @@ -1328,84 +1332,6 @@ define dhcp_proxy_config_2_reply i32 retval; }; -/** \brief l2tpv3 tunnel interface create request - @param client_index - opaque cookie to identify the sender - @param context - sender context, to match reply w/ request - @param client_address - remote client tunnel ip address - @param client_address - local tunnel ip address - @param is_ipv6 - ipv6 if non-zero, else ipv4 - @param local_session_id - local tunnel session id - @param remote_session_id - remote tunnel session id - @param local_cookie - local tunnel cookie - @param l2_sublayer_present - l2 sublayer is present in packets if non-zero - @param encap_vrf_id - fib identifier used for outgoing encapsulated packets -*/ -define l2tpv3_create_tunnel -{ - u32 client_index; - u32 context; - u8 client_address[16]; - u8 our_address[16]; - u8 is_ipv6; - u32 local_session_id; - u32 remote_session_id; - u64 local_cookie; - u64 remote_cookie; - u8 l2_sublayer_present; - u32 encap_vrf_id; -}; - -/** \brief l2tpv3 tunnel interface create response - @param context - sender context, to match reply w/ request - @param retval - return code for the request - @param sw_if_index - index of the new tunnel interface -*/ -define l2tpv3_create_tunnel_reply -{ - u32 context; - i32 retval; - u32 sw_if_index; -}; - -define l2tpv3_set_tunnel_cookies -{ - u32 client_index; - u32 context; - u32 sw_if_index; - u64 new_local_cookie; - u64 new_remote_cookie; -}; - -/** \brief L2TP tunnel set cookies response - @param context - sender context, to match reply w/ request - @param retval - return code for the request -*/ -define l2tpv3_set_tunnel_cookies_reply -{ - u32 context; - i32 retval; -}; - -define sw_if_l2tpv3_tunnel_details -{ - u32 context; - u32 sw_if_index; - u8 interface_name[64]; - u8 client_address[16]; - u8 our_address[16]; - u32 local_session_id; - u32 remote_session_id; - u64 local_cookie[2]; - u64 remote_cookie; - u8 l2_sublayer_present; -}; - -define sw_if_l2tpv3_tunnel_dump -{ - u32 client_index; - u32 context; -}; - /** \brief L2 fib clear table request, clear all mac entries in the l2 fib @param client_index - opaque cookie to identify the sender @param context - sender context, to match reply w/ request @@ -1450,34 +1376,6 @@ define l2_interface_efp_filter_reply i32 retval; }; -define l2tpv3_interface_enable_disable -{ - u32 client_index; - u32 context; - u8 enable_disable; - u32 sw_if_index; -}; - -define l2tpv3_interface_enable_disable_reply -{ - u32 context; - i32 retval; -}; - -define l2tpv3_set_lookup_key -{ - u32 client_index; - u32 context; - /* 0 = ip6 src_address, 1 = ip6 dst_address, 2 = session_id */ - u8 key; -}; - -define l2tpv3_set_lookup_key_reply -{ - u32 context; - i32 retval; -}; - /** \brief L2 interface vlan tag rewrite configure request @param client_index - opaque cookie to identify the sender @param context - sender context, to match reply w/ request @@ -2783,387 +2681,6 @@ define input_acl_set_interface_reply i32 retval; }; -/** \brief IPsec: Add/delete Security Policy Database - @param client_index - opaque cookie to identify the sender - @param context - sender context, to match reply w/ request - @param is_add - add SPD if non-zero, else delete - @param spd_id - SPD instance id (control plane allocated) -*/ - -define ipsec_spd_add_del -{ - u32 client_index; - u32 context; - u8 is_add; - u32 spd_id; -}; - -/** \brief Reply for IPsec: Add/delete Security Policy Database entry - @param context - returned sender context, to match reply w/ request - @param retval - return code -*/ - -define ipsec_spd_add_del_reply -{ - u32 context; - i32 retval; -}; - -/** \brief IPsec: Add/delete SPD from interface - - @param client_index - opaque cookie to identify the sender - @param context - sender context, to match reply w/ request - @param is_add - add security mode if non-zero, else delete - @param sw_if_index - index of the interface - @param spd_id - SPD instance id to use for lookups -*/ - - -define ipsec_interface_add_del_spd -{ - u32 client_index; - u32 context; - - u8 is_add; - u32 sw_if_index; - u32 spd_id; -}; - -/** \brief Reply for IPsec: Add/delete SPD from interface - @param context - returned sender context, to match reply w/ request - @param retval - return code -*/ - -define ipsec_interface_add_del_spd_reply -{ - u32 context; - i32 retval; -}; - -/** \brief IPsec: Add/delete Security Policy Database entry - - See RFC 4301, 4.4.1.1 on how to match packet to selectors - - @param client_index - opaque cookie to identify the sender - @param context - sender context, to match reply w/ request - @param is_add - add SPD if non-zero, else delete - @param spd_id - SPD instance id (control plane allocated) - @param priority - priority of SPD entry (non-unique value). Used to order SPD matching - higher priorities match before lower - @param is_outbound - entry applies to outbound traffic if non-zero, otherwise applies to inbound traffic - @param is_ipv6 - remote/local address are IPv6 if non-zero, else IPv4 - @param remote_address_start - start of remote address range to match - @param remote_address_stop - end of remote address range to match - @param local_address_start - start of local address range to match - @param local_address_stop - end of local address range to match - @param protocol - protocol type to match [0 means any] - @param remote_port_start - start of remote port range to match ... - @param remote_port_stop - end of remote port range to match [0 to 65535 means ANY, 65535 to 0 means OPAQUE] - @param local_port_start - start of local port range to match ... - @param local_port_stop - end of remote port range to match [0 to 65535 means ANY, 65535 to 0 means OPAQUE] - @param policy - 0 = bypass (no IPsec processing), 1 = discard (discard packet with ICMP processing), 2 = resolve (send request to control plane for SA resolving, and discard without ICMP processing), 3 = protect (apply IPsec policy using following parameters) - @param sa_id - SAD instance id (control plane allocated) - -*/ - -define ipsec_spd_add_del_entry -{ - u32 client_index; - u32 context; - u8 is_add; - - u32 spd_id; - i32 priority; - u8 is_outbound; - - // Selector - u8 is_ipv6; - u8 is_ip_any; - u8 remote_address_start[16]; - u8 remote_address_stop[16]; - u8 local_address_start[16]; - u8 local_address_stop[16]; - - u8 protocol; - - u16 remote_port_start; - u16 remote_port_stop; - u16 local_port_start; - u16 local_port_stop; - - // Policy - u8 policy; - u32 sa_id; -}; - -/** \brief Reply for IPsec: Add/delete Security Policy Database entry - @param context - returned sender context, to match reply w/ request - @param retval - return code -*/ - -define ipsec_spd_add_del_entry_reply -{ - u32 context; - i32 retval; -}; - -/** \brief IPsec: Add/delete Security Association Database entry - @param client_index - opaque cookie to identify the sender - @param context - sender context, to match reply w/ request - @param is_add - add SAD entry if non-zero, else delete - - @param sad_id - sad id - - @param spi - security parameter index - - @param protocol - 0 = AH, 1 = ESP - - @param crypto_algorithm - 0 = Null, 1 = AES-CBC-128, 2 = AES-CBC-192, 3 = AES-CBC-256, 4 = 3DES-CBC - @param crypto_key_length - length of crypto_key in bytes - @param crypto_key - crypto keying material - - @param integrity_algorithm - 0 = None, 1 = MD5-96, 2 = SHA1-96, 3 = SHA-256, 4 = SHA-384, 5=SHA-512 - @param integrity_key_length - length of integrity_key in bytes - @param integrity_key - integrity keying material - - @param use_extended_sequence_number - use ESN when non-zero - - @param is_tunnel - IPsec tunnel mode if non-zero, else transport mode - @param is_tunnel_ipv6 - IPsec tunnel mode is IPv6 if non-zero, else IPv4 tunnel only valid if is_tunnel is non-zero - @param tunnel_src_address - IPsec tunnel source address IPv6 if is_tunnel_ipv6 is non-zero, else IPv4. Only valid if is_tunnel is non-zero - @param tunnel_dst_address - IPsec tunnel destination address IPv6 if is_tunnel_ipv6 is non-zero, else IPv4. Only valid if is_tunnel is non-zero - - To be added: - Anti-replay - IPsec tunnel address copy mode (to support GDOI) - */ - -define ipsec_sad_add_del_entry -{ - u32 client_index; - u32 context; - u8 is_add; - - u32 sad_id; - - u32 spi; - - u8 protocol; - - u8 crypto_algorithm; - u8 crypto_key_length; - u8 crypto_key[128]; - - u8 integrity_algorithm; - u8 integrity_key_length; - u8 integrity_key[128]; - - u8 use_extended_sequence_number; - - u8 is_tunnel; - u8 is_tunnel_ipv6; - u8 tunnel_src_address[16]; - u8 tunnel_dst_address[16]; -}; - -/** \brief Reply for IPsec: Add/delete Security Association Database entry - @param context - returned sender context, to match reply w/ request - @param retval - return code -*/ - -define ipsec_sad_add_del_entry_reply -{ - u32 context; - i32 retval; -}; - -/** \brief IPsec: Update Security Association keys - @param client_index - opaque cookie to identify the sender - @param context - sender context, to match reply w/ request - - @param sa_id - sa id - - @param crypto_key_length - length of crypto_key in bytes - @param crypto_key - crypto keying material - - @param integrity_key_length - length of integrity_key in bytes - @param integrity_key - integrity keying material -*/ - -define ipsec_sa_set_key -{ - u32 client_index; - u32 context; - - u32 sa_id; - - u8 crypto_key_length; - u8 crypto_key[128]; - - u8 integrity_key_length; - u8 integrity_key[128]; -}; - -/** \brief Reply for IPsec: Update Security Association keys - @param context - returned sender context, to match reply w/ request - @param retval - return code -*/ - -define ipsec_sa_set_key_reply -{ - u32 context; - i32 retval; -}; - -/** \brief IKEv2: Add/delete profile - @param client_index - opaque cookie to identify the sender - @param context - sender context, to match reply w/ request - - @param name - IKEv2 profile name - @param is_add - Add IKEv2 profile if non-zero, else delete -*/ -define ikev2_profile_add_del -{ - u32 client_index; - u32 context; - - u8 name[64]; - u8 is_add; -}; - -/** \brief Reply for IKEv2: Add/delete profile - @param context - returned sender context, to match reply w/ request - @param retval - return code -*/ -define ikev2_profile_add_del_reply -{ - u32 context; - i32 retval; -}; - -/** \brief IKEv2: Set IKEv2 profile authentication method - @param client_index - opaque cookie to identify the sender - @param context - sender context, to match reply w/ request - - @param name - IKEv2 profile name - @param auth_method - IKEv2 authentication method (shared-key-mic/rsa-sig) - @param is_hex - Authentication data in hex format if non-zero, else string - @param data_len - Authentication data length - @param data - Authentication data (for rsa-sig cert file path) -*/ -define ikev2_profile_set_auth -{ - u32 client_index; - u32 context; - - u8 name[64]; - u8 auth_method; - u8 is_hex; - u32 data_len; - u8 data[0]; -}; - -/** \brief Reply for IKEv2: Set IKEv2 profile authentication method - @param context - returned sender context, to match reply w/ request - @param retval - return code -*/ -define ikev2_profile_set_auth_reply -{ - u32 context; - i32 retval; -}; - -/** \brief IKEv2: Set IKEv2 profile local/remote identification - @param client_index - opaque cookie to identify the sender - @param context - sender context, to match reply w/ request - - @param name - IKEv2 profile name - @param is_local - Identification is local if non-zero, else remote - @param id_type - Identification type - @param data_len - Identification data length - @param data - Identification data -*/ -define ikev2_profile_set_id -{ - u32 client_index; - u32 context; - - u8 name[64]; - u8 is_local; - u8 id_type; - u32 data_len; - u8 data[0]; -}; - -/** \brief Reply for IKEv2: - @param context - returned sender context, to match reply w/ request - @param retval - return code -*/ -define ikev2_profile_set_id_reply -{ - u32 context; - i32 retval; -}; - -/** \brief IKEv2: Set IKEv2 profile traffic selector parameters - @param client_index - opaque cookie to identify the sender - @param context - sender context, to match reply w/ request - - @param name - IKEv2 profile name - @param is_local - Traffic selector is local if non-zero, else remote - @param proto - Traffic selector IP protocol (if zero not relevant) - @param start_port - The smallest port number allowed by traffic selector - @param end_port - The largest port number allowed by traffic selector - @param start_addr - The smallest address included in traffic selector - @param end_addr - The largest address included in traffic selector -*/ -define ikev2_profile_set_ts -{ - u32 client_index; - u32 context; - - u8 name[64]; - u8 is_local; - u8 proto; - u16 start_port; - u16 end_port; - u32 start_addr; - u32 end_addr; -}; - -/** \brief Reply for IKEv2: Set IKEv2 profile traffic selector parameters - @param context - returned sender context, to match reply w/ request - @param retval - return code -*/ -define ikev2_profile_set_ts_reply -{ - u32 context; - i32 retval; -}; - -/** \brief IKEv2: Set IKEv2 local RSA private key - @param client_index - opaque cookie to identify the sender - @param context - sender context, to match reply w/ request - - @param key_file - Key file absolute path -*/ -define ikev2_set_local_key -{ - u32 client_index; - u32 context; - - u8 key_file[256]; -}; - -/** \brief Reply for IKEv2: Set IKEv2 local key - @param context - returned sender context, to match reply w/ request - @param retval - return code -*/ -define ikev2_set_local_key_reply -{ - u32 context; - i32 retval; -}; - /** \brief Tell client about a DHCP completion event @param client_index - opaque cookie to identify the sender @param pid - client pid registered to receive notification @@ -4003,64 +3520,6 @@ define ip_source_and_port_range_check_interface_add_del_reply i32 retval; }; -/** \brief Add / del ipsec gre tunnel request - @param client_index - opaque cookie to identify the sender - @param context - sender context, to match reply w/ request - @param local_sa_id - local SA id - @param remote_sa_id - remote SA id - @param is_add - 1 if adding the tunnel, 0 if deleting - @param src_address - tunnel source address - @param dst_address - tunnel destination address -*/ -define ipsec_gre_add_del_tunnel { - u32 client_index; - u32 context; - u32 local_sa_id; - u32 remote_sa_id; - u8 is_add; - u8 src_address[4]; - u8 dst_address[4]; -}; - -/** \brief Reply for add / del ipsec gre tunnel request - @param context - returned sender context, to match reply w/ request - @param retval - return code - @param sw_if_index - software index of the new ipsec gre tunnel -*/ -define ipsec_gre_add_del_tunnel_reply { - u32 context; - i32 retval; - u32 sw_if_index; -}; - -/** \brief Dump ipsec gre tunnel table - @param client_index - opaque cookie to identify the sender - @param context - sender context, to match reply w/ request - @param tunnel_index - gre tunnel identifier or -1 in case of all tunnels -*/ -define ipsec_gre_tunnel_dump { - u32 client_index; - u32 context; - u32 sw_if_index; -}; - -/** \brief mpls gre tunnel operational state response - @param context - returned sender context, to match reply w/ request - @param sw_if_index - software index of the ipsec gre tunnel - @param local_sa_id - local SA id - @param remote_sa_id - remote SA id - @param src_address - tunnel source address - @param dst_address - tunnel destination address -*/ -define ipsec_gre_tunnel_details { - u32 context; - u32 sw_if_index; - u32 local_sa_id; - u32 remote_sa_id; - u8 src_address[4]; - u8 dst_address[4]; -}; - /** \brief Delete sub interface request @param client_index - opaque cookie to identify the sender @param context - sender context, to match reply w/ request @@ -4225,61 +3684,6 @@ define punt_reply i32 retval; }; -/** \brief Dump ipsec policy database data - @param client_index - opaque cookie to identify the sender - @param context - sender context, to match reply w/ request - @param spd_id - SPD instance id - @param sa_id - SA id, optional, set to ~0 to see all policies in SPD -*/ -define ipsec_spd_dump { - u32 client_index; - u32 context; - u32 spd_id; - u32 sa_id; -}; - -/** \brief IPsec policy database response - @param context - sender context which was passed in the request - @param spd_id - SPD instance id - @param priority - numeric value to control policy evaluation order - @param is_outbound - [1|0] to indicate if direction is [out|in]bound - @param is_ipv6 - [1|0] to indicate if address family is ipv[6|4] - @param local_start_addr - first address in local traffic selector range - @param local_stop_addr - last address in local traffic selector range - @param local_start_port - first port in local traffic selector range - @param local_stop_port - last port in local traffic selector range - @param remote_start_addr - first address in remote traffic selector range - @param remote_stop_addr - last address in remote traffic selector range - @param remote_start_port - first port in remote traffic selector range - @param remote_stop_port - last port in remote traffic selector range - @param protocol - traffic selector protocol - @param policy - policy action - @param sa_id - SA id - @param bytes - byte count of packets matching this policy - @param packets - count of packets matching this policy -*/ - -define ipsec_spd_details { - u32 context; - u32 spd_id; - i32 priority; - u8 is_outbound; - u8 is_ipv6; - u8 local_start_addr[16]; - u8 local_stop_addr[16]; - u16 local_start_port; - u16 local_stop_port; - u8 remote_start_addr[16]; - u8 remote_stop_addr[16]; - u16 remote_start_port; - u16 remote_stop_port; - u8 protocol; - u8 policy; - u32 sa_id; - u64 bytes; - u64 packets; -}; - /** \brief Feature path enable/disable request @param client_index - opaque cookie to identify the sender @param context - sender context, to match reply w/ request @@ -4305,191 +3709,6 @@ define feature_enable_disable_reply i32 retval; }; -/** \brief Configure BFD feature - @param client_index - opaque cookie to identify the sender - @param context - sender context, to match reply w/ request - @param slow_timer - slow timer (seconds) - @param min_tx - desired min tx interval - @param min_rx - desired min rx interval - @param detect_mult - desired detection multiplier -*/ -define bfd_set_config { - u32 client_index; - u32 context; - u32 slow_timer; - u32 min_tx; - u32 min_rx; - u8 detect_mult; -}; - -/** \brief Configure BFD feature response - @param context - sender context, to match reply w/ request - @param retval - return code for the request -*/ -define bfd_set_config_reply { - u32 context; - i32 retval; -}; - -/** \brief Get BFD configuration -*/ -define bfd_get_config { - u32 client_index; - u32 context; -}; - -/** \brief Get BFD configuration response - @param context - sender context, to match reply w/ request - @param retval - return code for the request - @param slow_timer - slow timer (seconds) - @param min_tx - desired min tx interval - @param min_rx - desired min rx interval - @param detect_mult - desired detection multiplier -*/ -define bfd_get_config_reply { - u32 client_index; - u32 context; - u32 slow_timer; - u32 min_tx; - u32 min_rx; - u8 detect_mult; -}; - -/** \brief Add UDP BFD session on interface - @param client_index - opaque cookie to identify the sender - @param context - sender context, to match reply w/ request - @param sw_if_index - sw index of the interface - @param desired_min_tx - desired min transmit interval (microseconds) - @param required_min_rx - required min receive interval (microseconds) - @param detect_mult - detect multiplier (# of packets missed between connection goes down) - @param local_addr - local address - @param peer_addr - peer address - @param is_ipv6 - local_addr, peer_addr are IPv6 if non-zero, otherwise IPv4 -*/ -define bfd_udp_add { - u32 client_index; - u32 context; - u32 sw_if_index; - u32 desired_min_tx; - u32 required_min_rx; - u8 local_addr[16]; - u8 peer_addr[16]; - u8 is_ipv6; - u8 detect_mult; -}; - -/** \brief Add UDP BFD session response - @param context - sender context, to match reply w/ request - @param retval - return code for the request - @param bs_index - index of the session created -*/ -define bfd_udp_add_reply { - u32 context; - i32 retval; - u32 bs_index; -}; - -/** \brief Delete UDP BFD session on interface - @param client_index - opaque cookie to identify the sender - @param context - sender context, to match reply w/ request - @param sw_if_index - sw index of the interface - @param local_addr - local address - @param peer_addr - peer address - @param is_ipv6 - local_addr, peer_addr are IPv6 if non-zero, otherwise IPv4 -*/ -define bfd_udp_del { - u32 client_index; - u32 context; - u32 sw_if_index; - u8 local_addr[16]; - u8 peer_addr[16]; - u8 is_ipv6; -}; - -/** \brief Delete UDP BFD session response - @param context - sender context, to match reply w/ request - @param retval - return code for the request -*/ -define bfd_udp_del_reply { - u32 context; - i32 retval; -}; - -/** \brief Get all BFD sessions - @param client_index - opaque cookie to identify the sender - @param context - sender context, to match reply w/ request -*/ -define bfd_udp_session_dump { - u32 client_index; - u32 context; -}; - -/** \brief BFD session details structure - @param context - sender context, to match reply w/ request - @param bs_index - index of the session - @param sw_if_index - sw index of the interface - @param local_addr - local address - @param peer_addr - peer address - @param is_ipv6 - local_addr, peer_addr are IPv6 if non-zero, otherwise IPv4 - @param state - session state -*/ -define bfd_udp_session_details { - u32 context; - u32 bs_index; - u32 sw_if_index; - u8 local_addr[16]; - u8 peer_addr[16]; - u8 is_ipv6; - u8 state; -}; - -/** \brief Set flags of BFD session - @param client_index - opaque cookie to identify the sender - @param context - sender context, to match reply w/ request - @param bs_index - index of the bfd session to set flags on - @param admin_up_down - set the admin state, 1 = up, 0 = down -*/ -define bfd_session_set_flags { - u32 client_index; - u32 context; - u32 bs_index; - u8 admin_up_down; -}; - -/** \brief Reply to bfd_session_set_flags - @param context - sender context which was passed in the request - @param retval - return code of the set flags request -*/ -define bfd_session_set_flags_reply -{ - u32 context; - i32 retval; -}; - -/** \brief Register for BFD events - @param client_index - opaque cookie to identify the sender - @param context - sender context, to match reply w/ request - @param enable_disable - 1 => register for events, 0 => cancel registration - @param pid - sender's pid -*/ -define want_bfd_events -{ - u32 client_index; - u32 context; - u32 enable_disable; - u32 pid; -}; - -/** \brief Reply for BFD events registration - @param context - returned sender context, to match reply w/ request - @param retval - return code -*/ -define want_bfd_events_reply -{ - u32 context; - i32 retval; -}; - /* * Local Variables: * eval: (c-set-style "gnu")