Neale Ranns | fd06084 | 2019-03-04 13:44:42 +0000 | [diff] [blame] | 1 | |
| 2 | create packet-generator interface pg0 |
| 3 | create packet-generator interface pg1 |
| 4 | |
| 5 | pipe create |
| 6 | |
| 7 | ip table add 1 |
| 8 | set int ip table pg1 1 |
| 9 | set int ip table pipe0.1 1 |
| 10 | |
| 11 | set int ip address pg0 192.168.0.1/24 |
| 12 | set int ip address pg1 192.168.1.1/24 |
| 13 | |
| 14 | set int ip address pipe0.0 10.0.0.1/24 |
| 15 | set int ip address pipe0.1 10.0.0.2/24 |
| 16 | |
| 17 | set int state pg0 up |
| 18 | set int state pg1 up |
| 19 | set int state pipe0 up |
| 20 | |
Benoît Ganne | be95444 | 2019-04-29 16:05:46 +0200 | [diff] [blame] | 21 | create ipsec tunnel local-ip 10.0.0.1 remote-ip 10.0.0.2 local-spi 100 remote-spi 101 local-crypto-key 6541686776336961656264656f6f6579 remote-crypto-key 6541686776336961656264656f6f6579 crypto-alg aes-cbc-128 |
Neale Ranns | fd06084 | 2019-03-04 13:44:42 +0000 | [diff] [blame] | 22 | |
| 23 | set int state ipsec0 up |
| 24 | set int unnum ipsec0 use pg0 |
| 25 | |
Benoît Ganne | be95444 | 2019-04-29 16:05:46 +0200 | [diff] [blame] | 26 | create ipsec tunnel local-ip 10.0.0.2 remote-ip 10.0.0.1 local-spi 101 remote-spi 100 tx-table 1 local-crypto-key 6541686776336961656264656f6f6579 remote-crypto-key 6541686776336961656264656f6f6579 crypto-alg aes-cbc-128 |
Neale Ranns | fd06084 | 2019-03-04 13:44:42 +0000 | [diff] [blame] | 27 | |
| 28 | set int state ipsec1 up |
| 29 | set int ip table ipsec1 1 |
| 30 | set int unnum ipsec1 use pg1 |
| 31 | |
| 32 | ip route add 192.168.1.0/24 via ipsec0 |
| 33 | set ip arp pg1 192.168.1.2 00:11:22:33:44:55 |
| 34 | ip route add table 1 192.168.0.0/24 via ipsec1 |
| 35 | set ip arp pg0 192.168.0.2 00:11:22:33:44:66 |
| 36 | |
| 37 | trace add pg-input 100 |
| 38 | |
| 39 | packet-generator new { |
| 40 | name ipsec1 |
| 41 | limit 1 |
| 42 | rate 1e4 |
| 43 | node ip4-input |
| 44 | interface pg0 |
| 45 | size 100-100 |
| 46 | data { |
| 47 | UDP: 192.168.0.2 -> 192.168.1.2 |
| 48 | UDP: 4321 -> 1234 |
| 49 | length 72 |
| 50 | incrementing 100 |
| 51 | } |
| 52 | } |
| 53 | packet-generator new { |
| 54 | name ipsec2 |
| 55 | limit 1 |
| 56 | rate 1e4 |
| 57 | node ip4-input |
| 58 | interface pg1 |
| 59 | size 100-100 |
| 60 | data { |
| 61 | UDP: 192.168.1.2 -> 192.168.0.2 |
| 62 | UDP: 4321 -> 1234 |
| 63 | length 72 |
| 64 | incrementing 100 |
| 65 | } |
| 66 | } |