FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

Encrypted udp packet drop in LS1046arbd kit

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Encrypted udp packet drop in LS1046arbd kit

‎03-03-2021 09:44 PM
591 Views
rashmikj
Contributor III

I am trying establish end to end secure communication between two PCs and two LS1046ardb kit between PCs with AES encryption for IP data using dpdk . Please find attached setup diagram.

The encrypted packet comes out of one Kit where am unable to see in the rx queue of the other kit.

As IP data is encrypted, UDP ports and length is also encrypted hence length might be out of range of standard length .

Does FMC drop packets based on UDP data length?

If so how do i change it?

I am using following files for fmc.

export DPAA_FMC_MODE=1

fmc -c /usr/local/dpdk/dpaa/usdpaa_config_ls1046.xml -p /usr/local/dpdk/dpaa/usdpaa_policy_hash_ipv4_1queue.xml -a

Preview file
30 KB
0 Kudos
Reply
1 Reply

‎03-26-2021 06:11 PM
574 Views
bpe
NXP Employee
NXP Employee

If you encrypt everything past the IP header, the the first check that will
fail is UDP checksum.  You received explanations
in this thread. More details on the checks performed over L4 headers can be
found in LS1046ADPAARM, Section 5.9.4.7.15. For valid methods to
handle cryptographically protected traffic, study l2fwd-crypto and ipsec-secgw
DPDK applications described in LSDK User Guide, Section 9.2.4.

Best Regards,
Platon

 

0 Kudos
Reply