netdev-vport: Warn on IPsec tunnels when ovs-monitor-ipsec not running.

[sliver-openvswitch.git] / lib / netdev-vport.c

diff --git a/lib/netdev-vport.c b/lib/netdev-vport.c
index c6d4db8..875bf71 100644 (file)
--- a/lib/netdev-vport.c
+++ b/lib/netdev-vport.c
@@ -26,6 +26,8 @@
 #include <sys/ioctl.h>
 
 #include "byte-order.h"
+#include "daemon.h"
+#include "dirs.h"
 #include "dpif-linux.h"
 #include "hash.h"
 #include "hmap.h"
@@ -706,8 +708,8 @@ parse_tunnel_config(const char *name, const char *type,
                     || !strcmp(node->name, "private_key")
                     || !strcmp(node->name, "use_ssl_cert"))) {
             /* Ignore options not used by the netdev. */
-        } else if (is_gre && (!strcmp(node->name, "key") &&
-                              !strcmp(node->name, "in_key") &&
+        } else if (is_gre && (!strcmp(node->name, "key") ||
+                              !strcmp(node->name, "in_key") ||
                               !strcmp(node->name, "out_key"))) {
             /* Handled separately below. */
         } else {
@@ -716,6 +718,14 @@ parse_tunnel_config(const char *name, const char *type,
     }
 
     if (is_ipsec) {
+        char *file_name = xasprintf("%s/%s", ovs_rundir(),
+                "ovs-monitor-ipsec.pid");
+        if (read_pidfile(file_name) < 0) {
+            VLOG_WARN("%s: ovs-monitor-ipsec doesn't appear to be running, "
+                    "traffic may not pass", name);
+        }
+        free(file_name);
+
         if (shash_find(args, "peer_cert") && shash_find(args, "psk")) {
             VLOG_WARN("%s: cannot define both 'peer_cert' and 'psk'", name);
             return EINVAL;