kernel-pfroute: Make time that is waited for VIPs to appear configurable
authorTobias Brunner <tobias@strongswan.org>
Wed, 10 Jul 2013 09:31:56 +0000 (11:31 +0200)
committerTobias Brunner <tobias@strongswan.org>
Wed, 17 Jul 2013 15:45:17 +0000 (17:45 +0200)
One second might be too short for IPs to appear/disappear, especially on
virtualized hosts.

man/strongswan.conf.5.in
src/libhydra/plugins/kernel_pfroute/kernel_pfroute_net.c

index f86e9ea..4192bc9 100644 (file)
@@ -610,6 +610,9 @@ Set MTU of ipsecN device
 .BR charon.plugins.kernel-netlink.roam_events " [yes]"
 Whether to trigger roam events when interfaces, addresses or routes change
 .TP
 .BR charon.plugins.kernel-netlink.roam_events " [yes]"
 Whether to trigger roam events when interfaces, addresses or routes change
 .TP
+.BR charon.plugins.kernel-pfroute.vip_wait " [1000]"
+Time in ms to wait until virtual IP addresses appear/disappear before failing.
+.TP
 .BR charon.plugins.load-tester
 Section to configure the load-tester plugin, see LOAD TESTS
 .TP
 .BR charon.plugins.load-tester
 Section to configure the load-tester plugin, see LOAD TESTS
 .TP
index 2d0e252..011cc1b 100644 (file)
@@ -247,6 +247,11 @@ struct private_kernel_pfroute_net_t
         * time of last roam event
         */
        timeval_t last_roam;
         * time of last roam event
         */
        timeval_t last_roam;
+
+       /**
+        * Time in ms to wait for IP addresses to appear/disappear
+        */
+       int vip_wait;
 };
 
 /**
 };
 
 /**
@@ -852,7 +857,8 @@ METHOD(kernel_net_t, add_ip, status_t,
        this->mutex->lock(this->mutex);
        while (!timeout && !get_interface_name(this, vip, NULL))
        {
        this->mutex->lock(this->mutex);
        while (!timeout && !get_interface_name(this, vip, NULL))
        {
-               timeout = this->condvar->timed_wait(this->condvar, this->mutex, 1000);
+               timeout = this->condvar->timed_wait(this->condvar, this->mutex,
+                                                                                       this->vip_wait);
        }
        this->mutex->unlock(this->mutex);
        if (timeout)
        }
        this->mutex->unlock(this->mutex);
        if (timeout)
@@ -929,7 +935,8 @@ METHOD(kernel_net_t, del_ip, status_t,
                this->mutex->lock(this->mutex);
                while (!timeout && get_interface_name(this, vip, NULL))
                {
                this->mutex->lock(this->mutex);
                while (!timeout && get_interface_name(this, vip, NULL))
                {
-                       timeout = this->condvar->timed_wait(this->condvar, this->mutex, 1000);
+                       timeout = this->condvar->timed_wait(this->condvar, this->mutex,
+                                                                                               this->vip_wait);
                }
                this->mutex->unlock(this->mutex);
                if (timeout)
                }
                this->mutex->unlock(this->mutex);
                if (timeout)
@@ -1382,6 +1389,8 @@ kernel_pfroute_net_t *kernel_pfroute_net_create()
                .lock = rwlock_create(RWLOCK_TYPE_DEFAULT),
                .mutex = mutex_create(MUTEX_TYPE_DEFAULT),
                .condvar = condvar_create(CONDVAR_TYPE_DEFAULT),
                .lock = rwlock_create(RWLOCK_TYPE_DEFAULT),
                .mutex = mutex_create(MUTEX_TYPE_DEFAULT),
                .condvar = condvar_create(CONDVAR_TYPE_DEFAULT),
+               .vip_wait = lib->settings->get_int(lib->settings,
+                                       "%s.plugins.kernel-pfroute.vip_wait", 1000, hydra->daemon),
        );
 
        /* create a PF_ROUTE socket to communicate with the kernel */
        );
 
        /* create a PF_ROUTE socket to communicate with the kernel */