- Forums
- Product Forums
- General Purpose MicrocontrollersGeneral Purpose Microcontrollers
- i.MX Forumsi.MX Forums
- QorIQ Processing PlatformsQorIQ Processing Platforms
- Identification and SecurityIdentification and Security
- Power ManagementPower Management
- Wireless ConnectivityWireless Connectivity
- RFID / NFCRFID / NFC
- MCX Microcontrollers
- S32G
- S32K
- S32V
- MPC5xxx
- Other NXP Products
- S12 / MagniV Microcontrollers
- Powertrain and Electrification Analog Drivers
- Sensors
- Vybrid Processors
- Digital Signal Controllers
- 8-bit Microcontrollers
- ColdFire/68K Microcontrollers and Processors
- PowerQUICC Processors
- OSBDM and TBDML
- S32M
-
- Solution Forums
- Software Forums
- MCUXpresso Software and ToolsMCUXpresso Software and Tools
- CodeWarriorCodeWarrior
- MQX Software SolutionsMQX Software Solutions
- Model-Based Design Toolbox (MBDT)Model-Based Design Toolbox (MBDT)
- FreeMASTER
- eIQ Machine Learning Software
- Embedded Software and Tools Clinic
- S32 SDK
- S32 Design Studio
- GUI Guider
- Zephyr Project
- Voice Technology
- Application Software Packs
- Secure Provisioning SDK (SPSDK)
- Processor Expert Software
-
- Topics
- Mobile Robotics - Drones and RoversMobile Robotics - Drones and Rovers
- NXP Training ContentNXP Training Content
- University ProgramsUniversity Programs
- Rapid IoT
- NXP Designs
- SafeAssure-Community
- OSS Security & Maintenance
- Using Our Community
-
- Cloud Lab Forums
-
- Knowledge Bases
- ARM Microcontrollers
- i.MX Processors
- Identification and Security
- Model-Based Design Toolbox (MBDT)
- QorIQ Processing Platforms
- S32 Automotive Processing Platform
- Wireless Connectivity
- CodeWarrior
- MCUXpresso Suite of Software and Tools
- MQX Software Solutions
- RFID / NFC
-
- Home
- :
- QorIQ Processing Platforms
- :
- Layerscape
- :
- Re: VPP IPSEC implementation using LSDK 21.08 on ls1046ardb eval board
VPP IPSEC implementation using LSDK 21.08 on ls1046ardb eval board
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
VPP IPSEC implementation using LSDK 21.08 on ls1046ardb eval board
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
I am trying to implement VPP IPSEC on ls1046ardb eval board. I followed the below steps.
In host machine,
tar xf flexbuild_lsdk2108_github.tgz
cd flexbuild_lsdk2108_github
CONFIG_APP_VPP=y in configs/sdk.yml
in flexbuild_lsdk2108_github : $ source setup.env
flex-builder -c openssl -a arm64
flex-builder -c linux -a arm64
flex-builder -c dpdk -a arm64
flex-builder -i mkrfs -a arm64
flex-builder -c vpp -a arm64
flex-builder -i merge-component -a arm64
flex-builder -i packrfs
Debian Images found in
/home/ubuntu/flexbuild_lsdk2108_github/build/apps/components_arm64_ubuntu_main/usr/local/vpp/
cd build/rfs/rootfs_lsdk2108_ubuntu_main_arm64/usr/local/vpp/
//Loaded firmware to SD card
flex-installer -i pf -d /dev/sdc
flex-installer -b boot_LS_arm64_lts_5.10_202412091034.tgz -r rootfs_lsdk2108_ubuntu_main_arm64_202412141056.tgz -f firmware_ls1046ardb_sdboot.img -d /dev/sdb
In target board, (NXP Eval Board ls1046ardb)
cd /usr/local/vpp
dpkg --unpack *.deb
export LD_LIBRARY_PATH=/usr/lib64/:/usr/lib/x86_64-linux-gnu/:$LD_LIBRARY_PATH
mkdir /mnt/hugepages
mount -t hugetlbfs none /mnt/hugepages
echo 256 > /proc/sys/vm/nr_hugepages
fmc -x
export DPAA_NUM_RX_QUEUES=1
cd /usr/local/dpdk/dpaa
fmc -c usdpaa_config_ls1046.xml -p usdpaa_policy_hash_ipv4_1queue.xml -a
cd --
vpp -c /etc/vpp/startup.conf.dpkg-new &
Problem is if run #vppctl show int
on target board then only local0 interface is displayed for which ip address cannot be set. Basically unable to set IP address as no interface is shown. I want to execute below commands but unable to do so. I have connected two eval boards back to back. Please help me to resolve the problem.
INT0=`vppctl show int |grep -oE ".*Ethernet0"`
INT1=`vppctl show int |grep -oE ".*Ethernet1"`
vppctl set interface ip address $INT0 1.1.1.2/24
vppctl set interface ip address $INT1 192.168.100.2/24
vppctl set interface state $INT0 up
vppctl set interface state $INT1 up
vppctl ipsec sa add 10 spi 1001 esp crypto-alg aes-cbc-128 crypto-key
4a506a794f574265564551694d653768 integ-alg sha1-96 integ-key
4339314b55523947594d6d3547666b45764e6a58 tunnel-src 192.168.100.2 tunnel-dst
192.168.100.3
vppctl ipsec sa add 11 spi 1002 esp crypto-alg aes-cbc-128 crypto-key
4a506a794f574265564551694d653768 integ-alg sha1-96 integ-key
4339314b55523947594d6d3547666b45764e6a58 tunnel-src 192.168.100.3 tunnel-dst
192.168.100.2
vppctl ipsec spd add 1
vppctl set interface ipsec spd $INT1 1
vppctl set interface promiscuous on $INT1
vppctl ipsec policy add spd 1 priority 10 outbound action protect sa 10 local-ip-
range 1.1.1.3 - 1.1.1.3 remote-ip-range 2.1.1.3 - 2.1.1.3
vppctl ipsec policy add spd 1 priority 10 inbound action protect sa 11 local-ip-
range 1.1.1.3 - 1.1.1.3 remote-ip-range 2.1.1.3 - 2.1.1.3
vppctl ip route add count 1 2.1.1.3/32 via 192.168.100.3 $INT1
vppctl set ip arp static $INT1 192.168.100.3 00:22:22:22:22:23
vppctl set ip arp static $INT0 1.1.1.3 00:22:22:22:22:28
vppctl ipsec policy add spd 1 priority 100 inbound action bypass protocol 50
vppctl ipsec policy add spd 1 priority 100 outbound action bypass protocol 50
vppctl show ip arp
vppctl show hardware-int
yipingwang
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Please boot up the target board with dtb for DPDK.
Please boot up to Linux OS.
~# mount /dev/mmcblk0p2 /mnt
~# cd /mnt
~# mv fsl-ls1046a-rdb-sdk.dtb fsl-ls1046a-rdb-sdk.dtb_bak
~# cp fsl-ls1046a-rdb-usdpaa.dtb fsl-ls1046a-rdb-sdk.dtb
Then reboot the target board.
