X-Git-Url: https://pintos-os.org/cgi-bin/gitweb.cgi?a=blobdiff_plain;f=lib%2Fnetdev-tunnel.c;h=079830e63372ee45f47bdbf13da4c603f08b252d;hb=d1984028446c334c33569127f6db98a423569f2d;hp=d0ecd98e204e7e603f6f392f570a282aebcf0292;hpb=a28716da6f6043ede3c1550906b9d8cd0f1d1b32;p=openvswitch diff --git a/lib/netdev-tunnel.c b/lib/netdev-tunnel.c index d0ecd98e..079830e6 100644 --- a/lib/netdev-tunnel.c +++ b/lib/netdev-tunnel.c @@ -62,10 +62,13 @@ parse_config(const char *name, const char *type, const struct shash *args, struct tnl_port_config *config) { struct shash_node *node; + bool ipsec_ip_set = false; + bool ipsec_mech_set = false; memset(config, 0, sizeof *config); config->flags |= TNL_F_PMTUD; + config->flags |= TNL_F_HDR_CACHE; SHASH_FOR_EACH (node, args) { if (!strcmp(node->name, "remote_ip")) { @@ -121,11 +124,28 @@ parse_config(const char *name, const char *type, const struct shash *args, if (!strcmp(node->data, "false")) { config->flags &= ~TNL_F_PMTUD; } + } else if (!strcmp(node->name, "header_cache")) { + if (!strcmp(node->data, "false")) { + config->flags &= ~TNL_F_HDR_CACHE; + } + } else if (!strcmp(node->name, "ipsec_local_ip")) { + ipsec_ip_set = true; + } else if (!strcmp(node->name, "ipsec_cert") + || !strcmp(node->name, "ipsec_psk")) { + ipsec_mech_set = true; } else { VLOG_WARN("%s: unknown %s argument '%s'", name, type, node->name); } } + /* IPsec doesn't work when header caching is enabled. Disable it if + * the IPsec local IP address and authentication mechanism have been + * defined. */ + if (ipsec_ip_set && ipsec_mech_set) { + VLOG_INFO("%s: header caching disabled due to use of IPsec", name); + config->flags &= ~TNL_F_HDR_CACHE; + } + if (!config->daddr) { VLOG_WARN("%s: %s type requires valid 'remote_ip' argument", name, type); return EINVAL;