which vpp version are you heading? If you r using 19.05 or less, you can create ipsec tunnel, and route your packet to ipsec0 interface,
create ipsec tunnel local-ip <x.x.x.x> local-spi 1111 remote-ip <y.y.y.y> remote-spi 2222 set interface ipsec key ipsec0 local crypto aes-gcm-128 2b7e151628aed2a6abf7158809cf4f3d set interface ipsec key ipsec0 remote crypto aes-gcm-128 2b7e151628aed2a6abf7158809cf4f3d set interface state ipsec0 up set interface unnumbered ipsec0 use <interface_name: src tunnel interface> ip route add 192.168.200.10/24 via ipsec0 if your are using >= 19.08, best practice, you can create policy based tunnel. ipsec policy add spd 1 priority 100 inbound action bypass protocol 50 ipsec policy add spd 1 priority 100 outbound action bypass protocol 50 ipsec policy add spd 1 outbound action bypass local-ip-range 10.168.4.0-10.168.4.255 remote-ip-range 10.168.2.0-10.168.2.255 ipsec sa add 10 spi 3391172682 esp crypto-alg aes-gcm-256 crypto-key 523a88fa4ad8c0325d75c933d9e567c23879ea701355207551bc2cf7d963c3dac8dcdca2 tunnel-src 10.168.2.4 tunnel-dst 10.168.4.11 ipsec sa add 20 spi 3443809241 esp crypto-alg aes-gcm-256 crypto-key 6062e3e9a9d578f58527242e9fbd48aeef7a0f8b4adc4569e7a84cda19c14ae21aa0a2b4 tunnel-src 10.168.4.11 tunnel-dst 10.168.2.4 ipsec policy add spd 1 priority 10 inbound action protect sa 10 local-ip-range 10.168.3.11 - 10.168.3.11 remote-ip-range 10.168.2.4 - 10.168.2.4 ipsec policy add spd 1 priority 10 outbound action protect sa 20 local-ip-range 10.168.3.11 - 10.168.3.11 remote-ip-range 10.168.2.4 - 10.168.2.4 cheers! enjoy //MJ *Regards*, Mrityunjay Kumar. Mobile: +91 - 9731528504 On Sat, May 9, 2020 at 12:16 PM <comeon...@outlook.com> wrote: > Hi VPP hackers, > My program and vpp communicate through the memif interface. > I want to make vpp match specific packets(such as ospf packet), and then > redirect to the outbound direction of the memif interface. > > I don't know how to match a specific packet to the outbound direction of a > specified interface. > > Can someone provide an example of configuration. > Thanks in advance! > >
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#16290): https://lists.fd.io/g/vpp-dev/message/16290 Mute This Topic: https://lists.fd.io/mt/74091305/21656 Mute #vpp: https://lists.fd.io/mk?hashtag=vpp&subid=1480452 Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-