You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
VPP 20.01 is deprecating the old IPSec API, in favor of IPIP tunnels with IPSec tunnel protection. This PR adds support for those, which as well fixes the issue with resync of IPSec tunnels on VPP 20.01 which always ended up in a broken state.
The old IPSec tunnel type is marked as deprecated in Ligato API, but still works (but the tunnels are always (correctly) re-programmed during resync).
This PR introduces a type change in the existing IPSec NB API (IPsec SA and SPD indexes), where numeric types were modeled as strings. Since that API was rarely used up till now (there was no need for them when using the old IPSec tunnel type), but will be needed going forward, it is the best time to clean that up now.
proto/ligato/vpp/ipsec/ipsec.proto:36:5:Field "1" on message "SecurityPolicyDatabase" changed type from "string" to "uint32".
proto/ligato/vpp/ipsec/ipsec.proto:44:9:Field "1" on message "PolicyEntry" changed type from "string" to "uint32".
proto/ligato/vpp/ipsec/ipsec.proto:74:5:Field "1" on message "SecurityAssociation" changed type from "string" to "uint32".
proto/ligato/vpp/ipsec/ipsec.proto:36:5:Field "1" on message "SecurityPolicyDatabase" changed type from "string" to "uint32".
proto/ligato/vpp/ipsec/ipsec.proto:44:9:Field "1" on message "PolicyEntry" changed type from "string" to "uint32".
proto/ligato/vpp/ipsec/ipsec.proto:74:5:Field "1" on message "SecurityAssociation" changed type from "string" to "uint32".
This PR introduces a type change in the existing IPSec NB API (IPsec SA and SPD indexes), where numeric types were modeled as strings. Since that API was rarely used up till now (there was no need for them when using the old IPSec tunnel type), but will be needed going forward, it is the best time to clean that up now.
Those APIs were not used anyhow up till now (at least I don't know about any of their use-case - there was no way to wire SAs to an interface). They will be used going forward. The question is, do we want to keep backward compatibility of unused APIs, or make them cleaner now, when we actually start using them?
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
VPP 20.01 is deprecating the old IPSec API, in favor of IPIP tunnels with IPSec tunnel protection. This PR adds support for those, which as well fixes the issue with resync of IPSec tunnels on VPP 20.01 which always ended up in a broken state.
The old IPSec tunnel type is marked as deprecated in Ligato API, but still works (but the tunnels are always (correctly) re-programmed during resync).
This PR introduces a type change in the existing IPSec NB API (IPsec SA and SPD indexes), where numeric types were modeled as strings. Since that API was rarely used up till now (there was no need for them when using the old IPSec tunnel type), but will be needed going forward, it is the best time to clean that up now.