[vpp-dev] ONE topology not working #vnet #vpp
Hi, I am trying ONE project to have understanding how LISP works. But when I check the lisp eid table configuration in VPP instances, table didn't get updated. Then I tried to run below command manually via vpp cli. DBGvpp# lisp eid-table add eid 6.0.2.0/24 locator-set ls1 I get below error: lisp: expected enable | disable After running this experiment, I want to have an understanding how LISP can be configured for Multi-tenancy. Thanks, Saurabh -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#9815): https://lists.fd.io/g/vpp-dev/message/9815 Mute This Topic: https://lists.fd.io/mt/23208761/21656 Mute #vnet: https://lists.fd.io/mk?hashtag=vnet=1480452 Mute #vpp: https://lists.fd.io/mk?hashtag=vpp=1480452 Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [vpp-dev] IKEv2 VPN tunnel working in one direction
Hi, Any help here would be appreciable. Please help with configurations. Thanks, Saurabh Jain
[vpp-dev] IKEv2 VPN tunnel working in one direction
Hi, I had configured VPP with IKEv2 & the other end is Strongswan. VPN tunnel is established successfully. When I start ping from Strongswan I can see encapsulated packet towards VPP & VPP is able to successfilly decap it & give it to host. But ICMP reply from host is by passed through VPP. When I checked FIB entry, there is default route to Gateway. Is there any configuration I am missing? Looking forward for the reply. VPP IKev2 Configuration: vpp# show ikev2 profile profile pr1 auth-method shared-key-mic auth data Vpp123 local id-type fqdn data vpp.home remote id-type fqdn data roadwarrior.vpn.example.com local traffic-selector addr 172.16.124.0 - 172.16.124.255 port 0 - 65535 protocol 0 remote traffic-selector addr 172.16.4.0 - 172.16.4.255 port 0 - 65535 protocol 0 vpp# show ikev2 sa iip 147.75.91.166 ispi 6079d8558bccd119 rip 147.75.201.30 rspi a2620372c871ac92 encr:aes-cbc-256 prf:hmac-sha1 integ:sha1-96 dh-group:modp-1024 nonce i:c71dcee5b089e058ab7614dee2638711e113827ce4109e4e21a276fb4b40980d r:95f1a2d36da6f64122a5c887bf84f5f35f2424344a4543c3e1dd1e1e2fde8cd2 SK_d 4d4b5affe49fcbb38c2bff3e0e9aac74c8a93320 SK_a i:0b3784270c25203a811b78965f5f5f2ee5fe2ea0 r:4d035d81c68b40c5bcd8b69f35ee650a9b423aa5 SK_e i:1db2b5cbf1204b38834abb0b557f4df4b1e8db70cff48e96133fae5ea970ef3e r:8a4093c2ce61e8e26ace85ccd897c6c0a187a9e1be8cdd6f48c7e38c5af2a96f SK_p i:4baa1726ffed5116952aebe9ac8a31b1eb9e5968 r:710ab0d9d64c7ad34c8ef8e5f2919214e7ef4687 identifier (i) fqdn roadwarrior.vpn.example.com identifier (r) fqdn vpp.home child sa 0: encr:aes-cbc-192 integ:sha1-96 esn:no spi(i) c6a49aef spi(r) d7541012 SK_e i:26b9ff196e7afd401799eeddb720f924bf185983797afa55 r:56e12e9f1dc8cee609d8405786e4a61a1d57f5c6ebdee909 SK_a i:a1de061de25c82295f3c7f1f12eeb32e4048d28b r:e22af26875ab79698b260b832993c63bacce6a59 traffic selectors (i): 0 type 7 protocol_id 0 addr 172.16.4.0 - 172.16.4.255 port 0 - 65535 traffic selectors (r): 0 type 7 protocol_id 0 addr 172.16.124.0 - 172.16.124.255 port 0 - 65535 iip 147.75.91.166 ispi 6079d8558bccd119 rip 147.75.201.30 rspi a2620372c871ac92 Thanks, Saurabh
