6WINDGate™ - Architecture Overview - NE 6W-08-188 ... - Wind River
6WINDGate™ - Architecture Overview - NE 6W-08-188 ... - Wind River
6WINDGate™ - Architecture Overview - NE 6W-08-188 ... - Wind River
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
<strong>6W</strong>INDGate - <strong>Architecture</strong> <strong>Overview</strong> <strong>NE</strong> <strong>6W</strong>-<strong>08</strong>-<strong>188</strong> v1.0<br />
5 <strong>6W</strong>INDGATE API<br />
Model v1.1<br />
Page 30<br />
To interconnect <strong>6W</strong>INDGate building blocks and modules, <strong>6W</strong>INDGate relies on a certain number of<br />
API that are described in this section. These API can also be used to extend <strong>6W</strong>INDGate feature set<br />
(refer section 7).<br />
This section also describes two key components of Fast Path-based <strong>6W</strong>INDGate architecture: Cache<br />
Manager and Fast Path Manager.<br />
5.1 API LIST AND OVERVIEW<br />
The following table identifies the different APIs between <strong>6W</strong>INDGate modules for Fast Path less then<br />
Fast Path-based architectures.<br />
5.1.1 API for <strong>6W</strong>INDGate ADS<br />
API Between Purpose<br />
Control Plane / Linux Networking Stack API<br />
Netlink <strong>6W</strong>INDGate Linux<br />
Networking Stack and Control<br />
Plane<br />
PF_KEY <strong>6W</strong>INDGate Linux<br />
Networking Stack and Control<br />
Plane (security protocols)<br />
Crypto API<br />
OCF<br />
Open<br />
Cryptographic<br />
Framework<br />
Management API<br />
XIPC<br />
eXtended Inter<br />
Process<br />
Communication<br />
<strong>6W</strong>INDGate Linux<br />
Networking Stack and Control<br />
Plane interface for cryptoengines<br />
Netlink Linux API is used to exchange information<br />
between userland and kernel space. It is used for:<br />
o Interface Management<br />
o Route management<br />
o Asynchronous monitoring of kernel events<br />
PF_KEY interface is used by IKE & IKEv2 to<br />
configure Security Policy Database and Security<br />
Association Database and receive notifications from<br />
Linux stack.<br />
OCF is an asynchronous API that provides Linux<br />
Networking Stack and Control Plane with a uniform<br />
access to one or more crypto devices. Detailed<br />
information about OCF can be found here:<br />
http://www.openbsd.org/papers/ocf.pdf.<br />
XMS and XMS clients XIPC is used for sending configuration and<br />
monitoring XML messages to <strong>6W</strong>INDGate XMS.<br />
It is implemented by <strong>6W</strong>INDGate XMS clients,<br />
including CLI, WEBGate or available for third-party<br />
clients.<br />
_________________________________________________________________________________________________________________<br />
<strong>6W</strong>IND Confidential. <strong>6W</strong>IND copyright 20<strong>08</strong>. All rights reserved. This document cannot be reproduced without <strong>6W</strong>IND written consent.