ipsec: new api for sa ips and ports updates Useful to update the tunnel paramaters and udp ports (NAT-T) of an SA without having to rekey. Could be done by deleting and re-adding the SA but it would not preserve the anti-replay window if there is one. Use case: a nat update/reboot between the 2 endpoints of the tunnel. Type: feature Change-Id: Icf5c0aac218603e8aa9a008ed6f614e4a6db59a0 Signed-off-by: Arthur de Kerhor <arthurdekerhor@gmail.com>

commit: 4117b24acb4241d7f2ef38248bc254f6a4a7b422 [log] [tgz]
author: Arthur de Kerhor <arthurdekerhor@gmail.com> Wed Aug 31 19:13:03 2022 +0200
committer: Beno�t Ganne <bganne@cisco.com> Fri Dec 16 10:13:24 2022 +0000
tree: 982eb58cbe8cfd0d43e2a09e129d129c1a8a5511
parent: 863d1c8711018ded9bd4db5f27851a0b8ac45836 [diff] [blame]
diff --git a/src/vnet/ipsec/ipsec_test.c b/src/vnet/ipsec/ipsec_test.c
index f143619..16d8642 100644
--- a/src/vnet/ipsec/ipsec_test.c
+++ b/src/vnet/ipsec/ipsec_test.c

@@ -307,6 +307,12 @@
 }
 
 static int
+api_ipsec_sad_entry_update (vat_main_t *vat)
+{
+  return -1;
+}
+
+static int
 api_ipsec_tunnel_protect_update (vat_main_t *vat)
 {
   return -1;
commit	4117b24acb4241d7f2ef38248bc254f6a4a7b422	[log] [tgz]
author	Arthur de Kerhor <arthurdekerhor@gmail.com>	Wed Aug 31 19:13:03 2022 +0200
committer	Beno�t Ganne <bganne@cisco.com>	Fri Dec 16 10:13:24 2022 +0000
tree	982eb58cbe8cfd0d43e2a09e129d129c1a8a5511
parent	863d1c8711018ded9bd4db5f27851a0b8ac45836 [diff] [blame]