.. _clicmd_src_vnet_ipsec:

===============================================================
Ipsec cli reference
===============================================================

clear ipsec counters
-------------------------------------------------------------------------

.. code-block:: console

    clear ipsec counters


Declaration: ``clear_ipsec_counters_command`` `src/vnet/ipsec/ipsec_cli.c line 817 <https://github.com/FDio/vpp/blob/master//src/vnet/ipsec/ipsec_cli.c#L817>`_

Implementation: ``clear_ipsec_counters_command_fn``


clear ipsec sa
-------------------------------------------------------------------------

.. code-block:: console

    clear ipsec sa [index]


Declaration: ``clear_ipsec_sa_command`` `src/vnet/ipsec/ipsec_cli.c line 620 <https://github.com/FDio/vpp/blob/master//src/vnet/ipsec/ipsec_cli.c#L620>`_

Implementation: ``clear_ipsec_sa_command_fn``


ipsec itf create
-------------------------------------------------------------------------

.. code-block:: console

    ipsec itf create [instance <instance>] [p2mp]



Create a IPSec interface.

The following two command syntaxes are equivalent:


.. code-block:: console

    ipsec itf create [instance <instance>] [p2mp]


Example of how to create a ipsec interface:


.. code-block:: console

    ipsec itf create



Declaration: ``ipsec_itf_create_command`` `src/vnet/ipsec/ipsec_itf.c line 435 <https://github.com/FDio/vpp/blob/master//src/vnet/ipsec/ipsec_itf.c#L435>`_

Implementation: ``ipsec_itf_create_cli``


ipsec itf delete
-------------------------------------------------------------------------

.. code-block:: console

    ipsec itf delete <interface>



Delete a IPSEC_ITF interface.

The following two command syntaxes are equivalent:


.. code-block:: console

    ipsec itf delete <interface>


Example of how to create a ipsec_itf interface:


.. code-block:: console

    ipsec itf delete ipsec0



Declaration: ``ipsec_itf_delete_command`` `src/vnet/ipsec/ipsec_itf.c line 484 <https://github.com/FDio/vpp/blob/master//src/vnet/ipsec/ipsec_itf.c#L484>`_

Implementation: ``ipsec_itf_delete_cli``


ipsec policy
-------------------------------------------------------------------------

.. code-block:: console

    ipsec policy [add|del] spd <id> priority <n> 


Declaration: ``ipsec_policy_add_del_command`` `src/vnet/ipsec/ipsec_cli.c line 464 <https://github.com/FDio/vpp/blob/master//src/vnet/ipsec/ipsec_cli.c#L464>`_

Implementation: ``ipsec_policy_add_del_command_fn``


ipsec sa
-------------------------------------------------------------------------

.. code-block:: console

    ipsec sa [add|del]


Declaration: ``ipsec_sa_add_del_command`` `src/vnet/ipsec/ipsec_cli.c line 209 <https://github.com/FDio/vpp/blob/master//src/vnet/ipsec/ipsec_cli.c#L209>`_

Implementation: ``ipsec_sa_add_del_command_fn``


ipsec sa bind
-------------------------------------------------------------------------

.. code-block:: console

    ipsec sa [unbind] <sa-id> <worker>


Declaration: ``ipsec_sa_bind_cmd`` `src/vnet/ipsec/ipsec_cli.c line 275 <https://github.com/FDio/vpp/blob/master//src/vnet/ipsec/ipsec_cli.c#L275>`_

Implementation: ``ipsec_sa_bind_cli``


ipsec select backend
-------------------------------------------------------------------------

.. code-block:: console

    ipsec select backend <ah|esp> <backend index>


Declaration: ``ipsec_select_backend_command`` `src/vnet/ipsec/ipsec_cli.c line 797 <https://github.com/FDio/vpp/blob/master//src/vnet/ipsec/ipsec_cli.c#L797>`_

Implementation: ``ipsec_select_backend_command_fn``


ipsec spd
-------------------------------------------------------------------------

.. code-block:: console

    ipsec spd [add|del] <id>


Declaration: ``ipsec_spd_add_del_command`` `src/vnet/ipsec/ipsec_cli.c line 324 <https://github.com/FDio/vpp/blob/master//src/vnet/ipsec/ipsec_cli.c#L324>`_

Implementation: ``ipsec_spd_add_del_command_fn``


ipsec tunnel protect
-------------------------------------------------------------------------

.. code-block:: console

    ipsec tunnel protect <interface> input-sa <SA> output-sa <SA> [add|del]


Declaration: ``ipsec_tun_protect_cmd_node`` `src/vnet/ipsec/ipsec_cli.c line 871 <https://github.com/FDio/vpp/blob/master//src/vnet/ipsec/ipsec_cli.c#L871>`_

Implementation: ``ipsec_tun_protect_cmd``


set interface ipsec spd
-------------------------------------------------------------------------

.. code-block:: console

    set interface ipsec spd <int> <id>


Declaration: ``set_interface_spd_command`` `src/vnet/ipsec/ipsec_cli.c line 74 <https://github.com/FDio/vpp/blob/master//src/vnet/ipsec/ipsec_cli.c#L74>`_

Implementation: ``set_interface_spd_command_fn``


set ipsec async mode
-------------------------------------------------------------------------

.. code-block:: console

    set ipsec async mode on|off


Declaration: ``set_async_mode_command`` `src/vnet/ipsec/ipsec_cli.c line 988 <https://github.com/FDio/vpp/blob/master//src/vnet/ipsec/ipsec_cli.c#L988>`_

Implementation: ``set_async_mode_command_fn``


show ipsec all
-------------------------------------------------------------------------

.. code-block:: console

    show ipsec all


Declaration: ``show_ipsec_command`` `src/vnet/ipsec/ipsec_cli.c line 549 <https://github.com/FDio/vpp/blob/master//src/vnet/ipsec/ipsec_cli.c#L549>`_

Implementation: ``show_ipsec_command_fn``


show ipsec backends
-------------------------------------------------------------------------

.. code-block:: console

    show ipsec backends


Declaration: ``ipsec_show_backends_command`` `src/vnet/ipsec/ipsec_cli.c line 731 <https://github.com/FDio/vpp/blob/master//src/vnet/ipsec/ipsec_cli.c#L731>`_

Implementation: ``ipsec_show_backends_command_fn``


show ipsec interface
-------------------------------------------------------------------------

.. code-block:: console

    show ipsec interface


Declaration: ``ipsec_interface_show_node`` `src/vnet/ipsec/ipsec_itf.c line 507 <https://github.com/FDio/vpp/blob/master//src/vnet/ipsec/ipsec_itf.c#L507>`_

Implementation: ``ipsec_interface_show``


show ipsec protect
-------------------------------------------------------------------------

.. code-block:: console

    show ipsec protect


Declaration: ``ipsec_tun_protect_show_node`` `src/vnet/ipsec/ipsec_cli.c line 892 <https://github.com/FDio/vpp/blob/master//src/vnet/ipsec/ipsec_cli.c#L892>`_

Implementation: ``ipsec_tun_protect_show``


show ipsec protect-hash
-------------------------------------------------------------------------

.. code-block:: console

    show ipsec protect-hash


Declaration: ``ipsec_tun_protect_hash_show_node`` `src/vnet/ipsec/ipsec_cli.c line 946 <https://github.com/FDio/vpp/blob/master//src/vnet/ipsec/ipsec_cli.c#L946>`_

Implementation: ``ipsec_tun_protect_hash_show``


show ipsec sa
-------------------------------------------------------------------------

.. code-block:: console

    show ipsec sa [index]


Declaration: ``show_ipsec_sa_command`` `src/vnet/ipsec/ipsec_cli.c line 614 <https://github.com/FDio/vpp/blob/master//src/vnet/ipsec/ipsec_cli.c#L614>`_

Implementation: ``show_ipsec_sa_command_fn``


show ipsec spd
-------------------------------------------------------------------------

.. code-block:: console

    show ipsec spd [index]


Declaration: ``show_ipsec_spd_command`` `src/vnet/ipsec/ipsec_cli.c line 654 <https://github.com/FDio/vpp/blob/master//src/vnet/ipsec/ipsec_cli.c#L654>`_

Implementation: ``show_ipsec_spd_command_fn``


show ipsec tunnel
-------------------------------------------------------------------------

.. code-block:: console

    show ipsec tunnel


Declaration: ``show_ipsec_tunnel_command`` `src/vnet/ipsec/ipsec_cli.c line 670 <https://github.com/FDio/vpp/blob/master//src/vnet/ipsec/ipsec_cli.c#L670>`_

Implementation: ``show_ipsec_tunnel_command_fn``