diff --git a/demos/security/marvell/README.md b/demos/security/marvell/README.md index 5502a072..7c81d388 100644 --- a/demos/security/marvell/README.md +++ b/demos/security/marvell/README.md @@ -29,3 +29,28 @@ configuration. ## Video Recording see + +--------------------------------------------------------------------- + +# Strongswan integration into Marvell DPU using opi-strongswan-bridge + +This demo shows strongswan configuration on Marvell DPU using +opi-strongswan-bridge. opi-strongswan-bridge is a secure server and allows +IPSec off-chip configuration using gRPC based OPI security APIs. It will write +this configuration to Strongswan via vici socket interface. Strongswan in Linux +control plane handles IKE negotiation. IKE packets received in data path by VPP +are transferred to Linux control plane using lcp plugin in VPP. After IKE +negotiation, VPP imports the ip xfrm config from Linux and encrypts traffic. + +### remote client + +- Run ipsec-config.py from opi-poc on external server + +### dpu applications + +- Run opi-strongswan-bridge +- Run VPP +- Run Strongswan + +## Demo Link +see