Hi, I want host traffic to be always seen by the VPP IP stack for ACL/NAT/IPsec. But in L2 (tap) mode, linux-cp-x-ip4 bypasses VPP IP stack/FIB.
Is there a way (config) linux-cp-x-ip4 to forward the host packet to VPP ip4-lookup? For instance there could be a SPD/SA on the VPP egress ethernet interface which is an internal interface for pipelining/service-chaining. Should I create the lcp interface in l3 (tun) mode? I am afraid that in L3 mode, some of the Linux control plane functionality will not be available. Appreciate if some could provide some guidance in this regard. BR, - PK Das
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#26823): https://lists.fd.io/g/vpp-dev/message/26823 Mute This Topic: https://lists.fd.io/mt/117881329/21656 Group Owner: [email protected] Unsubscribe: https://lists.fd.io/g/vpp-dev/leave/14379924/21656/631435203/xyzzy [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
