prevent CloudStack from removing the VPN connection If connecting the VPN takes some time, for example because the other end is not (yet) up, CloudStack will delete the VPN because the ipsectunnel.sh does not return in time. The VPN connection then enters the Error state.
This change makes sure ipsectunnel.sh returns in time, and lets ipsec connect in the background. If it all fails, the connection enters Disconnected. (cherry picked from commit 7f33f7c3969d3b217ad6977f01bb487ebeee665d) Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/85ba1f76 Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/85ba1f76 Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/85ba1f76 Branch: refs/heads/4.5 Commit: 85ba1f76a441e36e9998a0a5d40943889d5d8290 Parents: cbc4fa2 Author: Remi Bergsma <rberg...@schubergphilis.com> Authored: Mon Dec 8 19:00:59 2014 +0100 Committer: Daan Hoogland <d...@onecht.net> Committed: Tue Dec 9 11:19:30 2014 +0100 ---------------------------------------------------------------------- systemvm/patches/debian/config/opt/cloud/bin/ipsectunnel.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cloudstack/blob/85ba1f76/systemvm/patches/debian/config/opt/cloud/bin/ipsectunnel.sh ---------------------------------------------------------------------- diff --git a/systemvm/patches/debian/config/opt/cloud/bin/ipsectunnel.sh b/systemvm/patches/debian/config/opt/cloud/bin/ipsectunnel.sh index 809cb4d..a95c65e 100755 --- a/systemvm/patches/debian/config/opt/cloud/bin/ipsectunnel.sh +++ b/systemvm/patches/debian/config/opt/cloud/bin/ipsectunnel.sh @@ -173,7 +173,7 @@ ipsec_tunnel_add() { if [ $passive -eq 0 ] then - sudo ipsec auto --up vpn-$rightpeer + sudo ipsec auto --up vpn-$rightpeer & fi if [ $checkup -eq 1 ] then
