-
Notifications
You must be signed in to change notification settings - Fork 0
Home
Juan Carlos Villén Molina edited this page Sep 5, 2024
·
3 revisions
The CCIPS goes beyond the classical point-to-point IPsec setup and provides a centralized architectural solution to control multiple IPsec endpoints or gateways. The CCIPS is composed by a controller and two or more agents, deployed where the IPsec tunnel is established. In this IKE-less case, the RFC specifies a procedure on the re-keying process that is handled by the controller, when requested by the nodes.
On one side, the CCIPS controller architecture relies on a REST API as the central component to provide the NBI and establish sessions with the agents using the NETCONF protocol.
- SPIRS CCIPS Controller migration from existing standalone python script to an App in ONOS controller.
- SBI interface YANG using RFC9061 with IPsec agents.
- NBI for controlling from external system.