2 # SPDX-License-Identifier: BSD-3-Clause
5 if [[ -z "${ETH_DEV}" ]]; then
6 echo "ETH_DEV is invalid"
9 #check that REMOTE_HOST is reachable
10 ssh ${REMOTE_HOST} echo
12 if [[ $st -ne 0 ]]; then
13 echo "host ${REMOTE_HOST} is not reachable"
17 #get ether addr of REMOTE_HOST
18 REMOTE_MAC=`ssh ${REMOTE_HOST} ip addr show dev ${REMOTE_IFACE}`
20 REMOTE_MAC=`echo ${REMOTE_MAC} | sed -e 's/^.*ether //' -e 's/ brd.*$//'`
21 if [[ $st -ne 0 || -z "${REMOTE_MAC}" ]]; then
22 echo "coouldn't retrieve ether addr from ${REMOTE_IFACE}"
28 LOCAL_MAC="00:64:74:61:70:30"
30 REMOTE_IPV4=192.168.31.14
31 LOCAL_IPV4=192.168.31.92
33 REMOTE_IPV6=fd12:3456:789a:0031:0000:0000:0000:0014
34 LOCAL_IPV6=fd12:3456:789a:0031:0000:0000:0000:0092
36 DPDK_PATH=${RTE_SDK:-${PWD}}
37 DPDK_BUILD=${RTE_TARGET:-x86_64-native-linux-gcc}
39 # by default ipsec-secgw can't deal with multi-segment packets
40 # make sure our local/remote host wouldn't generate fragmented packets
41 # if reassmebly option is not enabled
45 #upsate operation mode based on env vars values
48 # select sync/async mode
49 if [[ -n "${CRYPTO_PRIM_TYPE}" && -n "${SGW_CMD_XPRM}" ]]; then
50 echo "${CRYPTO_PRIM_TYPE} is enabled"
51 SGW_CFG_XPRM="${SGW_CFG_XPRM} ${CRYPTO_PRIM_TYPE}"
54 # check if fallback type is needed
55 if [[ "${MODE}" == *fallback* ]]; then
56 if [[ -n "${CRYPTO_FLBK_TYPE}" ]]; then
57 echo "${CRYPTO_FLBK_TYPE} is enabled"
61 #make linux to generate fragmented packets
62 if [[ -n "${MULTI_SEG_TEST}" && -n "${SGW_CMD_XPRM}" ]]; then
63 echo "multi-segment test is enabled"
64 SGW_CMD_XPRM="${SGW_CMD_XPRM} ${MULTI_SEG_TEST}"
68 if [[ -z "${MULTI_SEG_TEST}" && "${MODE}" == *fallback* ]]; then
69 echo "MULTI_SEG_TEST environment variable needs to be \
73 PING_LEN=${DEF_PING_LEN}
74 MTU_LEN=${DEF_MTU_LEN}
78 #setup mtu on local iface
82 ifconfig ${LOCAL_IFACE} mtu ${mtu}
83 sysctl -w net.ipv6.conf.${LOCAL_IFACE}.mtu=${mtu}
86 # configure local host/ifaces
89 ifconfig ${LOCAL_IFACE} ${LOCAL_IPV4}/24 up
90 ifconfig ${LOCAL_IFACE}
92 ip neigh flush dev ${LOCAL_IFACE}
93 ip neigh add ${REMOTE_IPV4} dev ${LOCAL_IFACE} lladdr ${REMOTE_MAC}
94 ip neigh show dev ${LOCAL_IFACE}
101 sysctl -w net.ipv6.conf.${LOCAL_IFACE}.disable_ipv6=0
102 ip addr add ${LOCAL_IPV6}/64 dev ${LOCAL_IFACE}
104 ip -6 neigh add ${REMOTE_IPV6} dev ${LOCAL_IFACE} lladdr ${REMOTE_MAC}
105 ip neigh show dev ${LOCAL_IFACE}
108 #configure remote host/iface
109 config_remote_iface()
111 ssh ${REMOTE_HOST} ifconfig ${REMOTE_IFACE} down
112 ssh ${REMOTE_HOST} ifconfig ${REMOTE_IFACE} ${REMOTE_IPV4}/24 up
113 ssh ${REMOTE_HOST} ifconfig ${REMOTE_IFACE}
115 ssh ${REMOTE_HOST} ip neigh flush dev ${REMOTE_IFACE}
117 # by some reason following ip neigh doesn't work for me here properly:
118 #ssh ${REMOTE_HOST} ip neigh add ${LOCAL_IPV4} \
119 # dev ${REMOTE_IFACE} lladr ${LOCAL_MAC}
120 # so used arp instead.
121 ssh ${REMOTE_HOST} arp -i ${REMOTE_IFACE} -s ${LOCAL_IPV4} ${LOCAL_MAC}
122 ssh ${REMOTE_HOST} ip neigh show dev ${REMOTE_IFACE}
124 ssh ${REMOTE_HOST} iptables --flush
127 config6_remote_iface()
131 ssh ${REMOTE_HOST} sysctl -w \
132 net.ipv6.conf.${REMOTE_IFACE}.disable_ipv6=0
133 ssh ${REMOTE_HOST} ip addr add ${REMOTE_IPV6}/64 dev ${REMOTE_IFACE}
135 ssh ${REMOTE_HOST} ip -6 neigh add ${LOCAL_IPV6} \
136 dev ${REMOTE_IFACE} lladdr ${LOCAL_MAC}
137 ssh ${REMOTE_HOST} ip neigh show dev ${REMOTE_IFACE}
139 ssh ${REMOTE_HOST} ip6tables --flush
142 #configure remote and local host/iface
155 # secgw application parameters setup
156 SGW_PORT_CFG="--vdev=\"net_tap0,mac=fixed\" ${ETH_DEV}"
157 SGW_WAIT_DEV="${LOCAL_IFACE}"
158 . ${DIR}/common_defs_secgw.sh