From 1d4190c1ee165ab012ecb9882217151b09d3a85d Mon Sep 17 00:00:00 2001
From: Mark Gray <mark.d.gray@redhat.com>
Date: Thu, 24 Dec 2020 07:57:01 -0500
Subject: ovs-monitor-ipsec: Add support for tunnel 'local_ip'.

In the libreswan case, 'ovs-monitor-ipsec' sets
'left' to '%defaultroute' which will use the local address
of the default route interface as the source IP address. In
multihomed environments, this may not be correct if the user
wants to specify what the source IP address is. In OVS, this
can be set for tunnel ports using the 'local_ip' option. This
patch also uses that option to populate the 'ipsec.conf'
configuration. If the 'local_ip' option is not present, it
will default to the previous behaviour of using '%defaultroute'

Reported-at: https://bugzilla.redhat.com/show_bug.cgi?id=1906280
Signed-off-by: Mark Gray <mark.d.gray@redhat.com>
Acked-by: Eelco Chaudron <echaudro@redhat.com>
Acked-by: Flavio Leitner <fbl@sysclose.org>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
---
 Documentation/tutorials/ipsec.rst | 1 +
 1 file changed, 1 insertion(+)

(limited to 'Documentation/tutorials')

diff --git a/Documentation/tutorials/ipsec.rst b/Documentation/tutorials/ipsec.rst
index ebc0ae429..3b3e42c59 100644
--- a/Documentation/tutorials/ipsec.rst
+++ b/Documentation/tutorials/ipsec.rst
@@ -300,6 +300,7 @@ For example::
                                              Otherwise, error message will
                                              be provided
    Tunnel Type:    gre
+   Local IP:       %defaultroute
    Remote IP:      2.2.2.2
    SKB mark:       None
    Local cert:     None
-- 
cgit v1.2.1