1 if [ -f ~/.vpp_sswan ]; then
6 SSWAN_CFG_DIR=/tmp/sswan
10 cli-listen /tmp/vpp_sswan.sock \
12 api-segment { prefix vpp } \
13 plugins { plugin dpdk_plugin.so { disable } }
17 sudo $VPPCTL -s /tmp/vpp_sswan.sock $@
21 sudo rm -r $SSWAN_CFG_DIR
22 sudo mkdir -p $SSWAN_CFG_DIR
23 sudo cp configs/$TC_DIR/ipsec.conf $SSWAN_CFG_DIR/ipsec.conf
24 sudo cp configs/$TC_DIR/ipsec.secrets $SSWAN_CFG_DIR/ipsec.secrets
25 sudo cp configs/strongswan.conf $SSWAN_CFG_DIR/strongswan.conf
29 (sudo ip link add vpp type veth peer name swanif
30 sudo ip link set dev vpp up
33 sudo ip link add veth_priv type veth peer name priv
34 sudo ip link set dev priv up
35 sudo ip link set dev veth_priv up netns ns
37 sudo ip netns exec ns \
40 ip addr add 192.168.3.2/24 dev veth_priv
41 ip addr add fec3::2/16 dev veth_priv
42 ip route add 192.168.5.0/24 via 192.168.3.1
43 ip route add fec5::0/16 via fec3::1
47 (docker run --name sswan -d --privileged --rm --net=none \
48 -v $SSWAN_CFG_DIR:/conf -v $SSWAN_CFG_DIR:/etc/ipsec.d philplckthun/strongswan)
50 pid=$(docker inspect --format "{{.State.Pid}}" sswan)
51 sudo ip link set netns $pid dev swanif
53 sudo nsenter -t $pid -n ip addr add 192.168.10.1/24 dev swanif
54 sudo nsenter -t $pid -n ip link set dev swanif up
56 sudo nsenter -t $pid -n ip addr add 192.168.5.2/32 dev lo
57 sudo nsenter -t $pid -n ip link set dev lo up
63 echo "exec $STARTUP_DIR/configs/$TC_DIR/vpp.conf"
64 vppctl exec $STARTUP_DIR/configs/$TC_DIR/vpp.conf
68 initiate_from_sswan () {
69 echo "start initiation.."
70 sudo docker exec sswan ipsec up initiator
75 sudo ip netns exec ns ping -c 1 192.168.5.2
77 if [ $rc -ne 0 ] ; then
86 docker stop sswan &> /dev/null
88 sudo ip netns delete ns
92 initiate_from_vpp () {
93 vppctl ikev2 initiate sa-init pr1
98 run_responder_test() {
107 # vpp as an initiator
108 run_initiator_test() {